Post Category Archive A collection of posts we have categorized in WordPress Security

Disaster Recovery Plan: Why Your Website Needs One to Survive

The word "disaster" is one you never want to hear in business. Even if it's a seemingly minor disaster, it usually means taking time away from business to investigate the root cause, clean up the mess, update processes, and sometimes even apologize…
Read The Story

An Extensive Plan of Action for WordPress Security

There's no nice way to put this, so I'm just going to come out and say it: WordPress websites are prime targets for hackers. It's not that WordPress itself is an inherently unsafe content management system. In fact, I would go so…
Read The Story

Pagely Security Updates

This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of risk to our clients, and keeping you updated here is part of…
Read The Story

The 6 Types Of Cyber Attacks To Protect Against In 2018

It's every system administrator's worst nightmare. Hackers gain access to your system, stealing mission-critical information, locking sensitive files, or leaking proprietary information to the public. Frankly, it can be hard for companies to recover from such an attack. The data breach at…
Read The Story

The Definitive Guide to SSL and WordPress

It's become commonplace for a majority of internet users to share personal information on the internet. With the disregard for protecting personal data becoming second nature, how do we protect ourselves and our users? That's where the power of SSL comes in.…
Read The Story

The PHP Object Injection Odyssey

The past few months we have noticed a trend of new and increasing PHP Object Injection attacks targeting WordPress sites. In a few cases in the last months our standard incident response process was identifying sites were had just cleaned were getting…
Read The Story

How to Address Object Injection Vulnerabilities in PHP

I have been discussing the risks related to PHP Object Injection or insecure usage of unserialize() and how this insecure coding practice is unfortunately very prevalent in the WordPress plugin ecosystem. This post is for plugin (and really any PHP) developers for…
Read The Story

WordCamp Kyoto 2017

I had the honor of presenting this past weekend at WordCamp Kyoto. It wasn't my first time addressing WordCamp crowds on security topics, but it was my first time in Kyoto, Japan. I felt at home, as the attendees and organizers of…
Read The Story

Latest Posts