WordPress is known for its ease of installation, generally taking five minutes or less. But there’s a considerable risk involved in manually installing it on a web host. Earlier this month, Vladimir Smitka, a security researcher from the Czech Republic, highlighted the risk in detail. Upon sharing the article on Twitter, I noticed quite a few people who exclaimed that they had no idea about this attack vector, myself included. Most web hosts create an SSL certificate when setting up an account and the certificates become public knowledge. Attackers can use the Certificate Transparency Log to detect new entries and … Continue reading Manually Installing WordPress, the Race Against Time