Post Category Archive A collection of posts we have categorized in WordPress Security

WordCamp Kyoto 2017

I had the honor of presenting this past weekend at WordCamp Kyoto. It wasn't my first time addressing WordCamp crowds on security topics, but it was my first time in Kyoto, Japan. I felt at home, as the attendees and organizers of…
Read The Story

PHP Object Injection and Insecure Unserialize

I wrote about an influx of PHP Object Injection attacks previously, warning about a trend of attacks targeting a known but somewhat under-reported PHP vulnerability. Looking back since that time, I get the odd feeling that object injection (or as they're sometimes…
Read The Story

3 Simple WordPress Security Tips

We've all been enjoying the benefits of WordPress's popularity. We're surrounded by beautiful themes, high-powered plugins, and helpful communities. But there's a dark side to that popularity - it makes WordPress sites an ideal target for hackers around the world. Before going…
Read The Story

Pagely Customers Spared Effects of Latest WP Vulnerability

Traditionally, we keep security patches and updates simple and quick in our security haiku series of posts. But sometimes 17 syllables doesn't cut it. This post will address some of the commotion regarding a vulnerability which was patched in WordPress 4.7.2. The…
Read The Story

Tracking WP PHP Object Injection Attackers in November

Over the past month or so I have been monitoring the activity of a series of attacks against our hosting customers which had one common vector: insecure WordPress plugins which exposed PHP objects to potential injection. Only a very small number of…
Read The Story

What is PressARMOR™?

The question "What is PressARMOR™?" comes up now and again here at Pagely, and this post aims to answer that question. PressARMOR™, in short, is a series of procedures we apply towards WordPress security on behalf of our customers. It is not,…
Read The Story

HTTPoxy and WordPress.

The vulnerability d'jour this week was named HTTPoxy, an applicable pun on pox and proxy. We have patched our servers for this already, and are here to take a few extra steps to help explain the vulnerability and hopefully spread a little…
Read The Story

The Wild West of Bots and Brute Forces

The key to success is starting with a solid foundation. When it comes to succeeding at security, passwords are part of the foundation. Failure to choose a good password will equate to failure in security eventually-- if not almost immediately. In the…
Read The Story

Latest Posts