Let me just say it: WordPress is awesome. Millions of people have flocked to the platform and use it in their daily business. However, there’s a dark side to the growing popularity of WordPress: Because it powers more and more websites, the number of hackers and other shady individuals who target WordPress is also steadily growing. As a consequence, security is an increasing concern for all WordPress users. Yet, at the same time, it is a much neglected topic, because, quite frankly, many find it boring. You know what else is boring? Health insurance. But just like WordPress security measures, you are glad […]
11 simple tips to boost your website’s security
When launching a new website it’s easy to get carried away with crafting the perfect design and adding great content. For many, including myself, security is merely an afterthought. However, every year attacks on WordPress websites are growing in-line with the platforms popularity. More worryingly, 70% of WordPress websites have vulnerabilities that hackers could exploit. With minimal protection, that means your precious website could be a hacker’s next play-thing – scary, right? Today I want to help you boost your WordPress website’s security with eleven simple tips you can implement right away. If you want to build a successful, sustainable […]
eCommerce Stores: Are You Ready for Black Friday?
Black Friday is finally upon us, and that can only mean one thing: millions of crazed shoppers fighting to grab the biggest bargains. Although it’s the brick-and-mortar stores that receive most of the media coverage, Black Friday is also an important time for eCommerce stores: with an ever-increasing number of online shoppers, there is serious money to be made! Today, I want to help you manage your eCommerce store’s Black Friday by giving you tips for handling traffic, creating promotions, and maximizing sales — I will also be introducing you to several WooCommerce plugins to help you add relevant Black […]
11 WordPress Security Tips to Keep Hackers Away
There is a good chance that your WordPress website is under constant attack from hackers even though you might not be aware. Unless you have a system in place that alerts you of the failed login attempts or other suspicious activity, the moment you actually find out your site has been breached is when it’s too late to do anything about it. It’s always in your best interest to proactively secure your site from spammers and hackers. The idea of setting up all of the right security settings may not be something that you joyously look forward to, but if you ask […]
All WordPress.com Subdomains Encrypted By End 2014
Last week, Automattic’s General Counsel Paul Sieminski announced that all *.wordpress.com subdomains will be served over SSL (Secure Sockets Layer) by the end of 2014. Sieminski wrote: In the face of intrusive surveillance, we believe that everyone in the tech community needs to stand up and do what they can, starting with their own sites and platforms. For us, that means working to secure the connection between users and our websites. We’ll be serving all *.wordpress.com subdomains only over SSL by the end of the year. It’s been a year since whistleblower Edward Snowden leaked files revealing the National Security […]
WordPress’s Zombie Problem: Why Automatic Updates Had to Happen Now
WordPress powers more than 20% of the web, or about 75 million sites, and is steadily becoming more pervasive. The massive WordPress community has helped secure the platform by quickly identifying and resolving bugs, glitches, and security flaws. But, as WordPress evolves so have the abilities of attackers. WordPress security is changing rapidly—here’s what you can do to decrease your vulnerability. Protecting Yourself Against Hackers The sheer size of WordPress has made it a huge target for hackers. So, it’s important that site owners practice safe security habits–like using strong passwords, and installing trusted plugins and themes. The largest, most established websites have always […]
SNI: Why SSLs Won’t Need Their Own IPs for Much Longer
Conventional wisdom states that in order to secure your website with an SSL certificate, you need a dedicated IP address. For a long time that’s been true; SSL (and its successor TLS) are low-level encryption protocols with no awareness of domains, or even HTTP. Because of this, there’s historically been no way to share IP addresses between websites that each have their own SSL certificates. This has always been very inefficient on IP addresses. Without SSL, shared hosting allows you to serve hundreds, or even thousands, of websites from a single IP, whereas an IP that’s used for providing SSL […]
3 Comments