This article was originally authored by Robert Abela of Melapress, a Patchstack partner specializing in WordPress security and user management solutions. Unauthorized WordPress access is more common than you might think. Learning how to detect and prevent WordPress unauthorized access can help you avoid security incidents. And if they do happen, you’ll be able to […]
These days, spinning up a new WordPress website is quick and easy, but securing it is not so straightforward. In this post, we will cover some of the most critical things that you need to consider when setting up security for your WordPress website. This guide is divided into three sections: Each section corresponds to […]
As a WordPress site owner, dealing with the aftermath of a redirect hack can be a daunting and frustrating experience. Malicious actors are constantly finding new ways to exploit vulnerabilities and hijack your website, redirecting your visitors to spammy or malicious destinations without your knowledge or consent. In this comprehensive guide, we’ll walk you through […]
If you manage a WordPress website, you may have heard of SQL injection (also known as SQLi), a type of cyberattack. If so, you’ll probably know how ludicrously simple they are – and how devastating. Whether you’re familiar with this type of attack or you need to learn more, in this article, we’ll cover exactly […]
When you visit any website on the internet, the server delivering the web page instructs your browser on how to process this information by passing meta-data called headers. In this post, we’ll explore the importance of the X-Frame-Options header in WordPress and how to configure it. Additionally, we will consider a modern replacement for X-Frame-Options, […]
Cross-site scripting (XSS) is an exploitation technique that allows hackers to run arbitrary code on a compromised website. Needless to say, it is a serious risk for any web application, and our experts at Patchstack regularly receive notifications about new XSS vulnerabilities being discovered. In this post, we will discuss what cross site scripting is […]
If you stay up to date with cyber security news, you might have heard of Google’s Threat Analysis Group discovering a financially motivated phishing campaign targeting YouTubers. Researchers found that attackers lured creators with fake collaboration opportunities (such as anti-virus software demos or VPN offers). Once the target agreed, they sent malware disguised as software […]
Did worse come to worst and you strongly suspect your WooCommerce store got hacked? We’ll check, going through the key signs, then fight the fire to get you back online (safely) ASAP and show you how to emerge stronger. Let’s get this solved! 10 signs your WooCommerce store was hacked Hacks aren’t always big red […]
Is your WordPress site secure? You might think so, but are you prepared for the unexpected? The whitehat researchers at Patchstack found that most WordPress vulnerabilities arise not from the core platform but from overlooked weaknesses and easily preventable mistakes. While the WordPress Core is secure, plugins, themes, and user practices can introduce vulnerabilities. Securing […]
When you get hacked, it’s too late to think about security. However, getting started with securing your WooCommerce store (or the stores you create as a developer) isn’t always easy. So in this checklist, I’ll give you actionable pointers for understanding security and moving through the actions to ensure you cover all the bases. Ready? […]