export default "data:image/svg+xml;base64,PHN2ZyBhcmlhLWhpZGRlbj0idHJ1ZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2aWV3Qm94PSIwIDAgNjAgNzUiPjxkZWZzPjxzdHlsZT4uYXtmaWxsOiNmZmY7fTwvc3R5bGU+PC9kZWZzPjx0aXRsZT5UUlEtTEdPLVEtUkdCPC90aXRsZT48cGF0aCBjbGFzcz0iYSIgZD0iTTkuNzEsOS41NGEyOC44LDI4LjgsMCwwLDAsMCw0MC42NGwuMTMuMTJoMEwzMy43NCw3My44NlY1OC4yNWExOS43LDE5LjcsMCwwLDAsMi4zOS0uMzUsMjguMjksMjguMjksMCwwLDAsMTQuMTYtNy43MkEyOC43MiwyOC43MiwwLDAsMCw5LjcxLDkuNTRaTTQyLjQ0LDQyLjMyYTE3LjQ2LDE3LjQ2LDAsMCwxLTguNzcsNC43NVY1OFMxOC4wNSw0Mi44LDE3LjU2LDQyLjMxYTE3LjYsMTcuNiwwLDEsMSwyNC44OCwwWiIvPjwvc3ZnPg=="
Torque

Search Results for: security

Getting schooled in WordPress security at Sucuri

Filed Under

Community, Featured

Published

November 25, 2014

8 Comments

Like most of us, I consider myself pretty good at doing WordPress. I don’t develop themes or plugins, and I don’t know a lick of PHP — but I am a wizard in the WordPress dashboard! Don’t we all love setting up a brand new install? It never loses its magic: searching for the perfect theme, tweaking all the settings, and perfecting the permalinks. However, in all my years of working within the environment, nothing felt more pressing than the need to learn all about WordPress security.  So when I recently joined Sucuri to help them with their content, I […]

Small Security Vulnerability in Disqus WordPress Plugin

Filed Under

Community

Published

August 19, 2014

5 Comments

As some of you may have heard, a number of CSRF (Cross-site Request Forgery) vulnerabilities were discovered in the Disqus plugin for WordPress by Nik Cubrilovic not too long ago. The biggest of these issues was unfiltered, potentially harmful data being passed straight to the database without proper sanitization. Though this was being filtered on output, Disqus’s debug mode could potentially be used to extract this raw data and inject harmful code. There were also some issues with nonce checks on various POST requests and a vulnerability in the plugin’s upgrade script. Luckily, the Disqus team moved very quickly to […]

11 WordPress Security Tips to Keep Hackers Away

Filed Under

Featured, Security

Published

July 14, 2014

8 Comments

There is a good chance that your WordPress website is under constant attack from hackers even though you might not be aware. Unless you have a system in place that alerts you of the failed login attempts or other suspicious activity, the moment you actually find out your site has been breached is when it’s too late to do anything about it. It’s always in your best interest to proactively secure your site from spammers and hackers. The idea of setting up all of the right security settings may not be something that you joyously look forward to, but if you ask […]

Will 2014 Be Remembered as the Year of WordPress Security?

Avatar photo

Filed Under

Community, Events

Published

June 26, 2014

No Comments

Are you familiar with the hypothesis ‘there’s safety in numbers’? It’s the idea that by being part of a large group, an individual is less likely to be the victim of a bad event. Well, when it comes to internet security, the WordPress community has definitely proven this concept to be true. The robust community built around the open-source platform WordPress has cultivated a knowledgeable, caring, and secure environment. Wednesday at the WordPress San Francisco Meetup, Brennen Byrne (CEO and co-founder of Clef) addressed this idea head on, when he gave a presentation on how the WordPress community is building […]

WooThemes Continues to Investigate Security Breach

Avatar photo

Filed Under

News

Published

May 15, 2014

4 Comments

Last Friday, Mark Forrester released an important announcement indicating that WooThemes was investigating a series of fraudulent activities on their customers’ credit cards. Since then, WooThemes has been working to address the issue, and to determine the exact cause of the breach. Yesterday, in a follow-up announcement, Magnus Jepson shared some information about the incident: Fraudulent charges are believed to have begun around May 1. The hackers may have obtained the credit card details somewhere between checkout and their off-site credit card processor. Customers affected by the breach are suspected to be those who made purchases between November 27, 2013 and May 8, 2014. Jepson […]

How do you stay on top of your WordPress game?

A good way to start is to sign up for our weekly newsletter. We keep you up to date by bringing you the freshest WordPress content from the brightest minds in the industry.