Whether you’re launching a business site, an online store, or a hobby blog, WordPress offers flexibility, ease of use, and advanced functionality that will help make it a smashing success.
But before you’re ready to go live, spend a few minutes thinking about security. Protect your site as much as possible to keep it safe from hackers and working for fans and customers at all times.
Continue reading → WordPress Security for Beginners
During an internal audit of the WP Fastest Cache plugin, we uncovered an Authenticated SQL Injection vulnerability and a Stored XSS (Cross-Site Scripting) via Cross-Site Request Forgery (CSRF) issue.
If exploited, the SQL Injection bug could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords). It can only be exploited if the classic-editor plugin is also installed and activated on the site.
Successfully exploiting the CSRF & Stored XSS vulnerability could enable bad actors to perform any action the logged-in administrator they targeted is allowed to do on the targeted site.
We reported the vulnerabilities to this plugin’s author via email, and they recently released version 0.9.5 to address them. We strongly recommend that you update to the latest version of the plugin and have an established security solution on your site, such as Jetpack Security.
Continue reading → Multiple vulnerabilities in WP Fastest Cache plugin
When it comes to running a WooCommerce store, a secure checkout process is one of the most critical elements. While every step in the buyer’s journey is important, protecting your data and your customers’ personal details is absolutely essential. Keeping credit card numbers and other sensitive information shielded from hackers or other data breaches should be every store owner’s number one priority.
Here are ten ways to ensure a safe and secure WooCommerce checkout experience:
Continue reading → Ten Steps for a Secure WooCommerce Checkout Experience
Security is absolutely imperative whether you own a blog, small business site, or eCommerce store. After all, if your site is ever hacked, you risk damaging your reputation, losing your files and database, hurting your SEO rankings, and turning personal customer and visitor data over to hackers.
As with many things in life, prevention is much better than treatment. And, thankfully, WordPress makes it easy to secure your site and prevent a hack.
We’re going to take an in-depth look at 12 of the best WordPress security plugins, compare them in a variety of areas, and help you make the right decision for your particular site. Plus, we’ll answer some common WordPress security questions.
Continue reading → The Best WordPress Security Plugins
At Jetpack, we are continuously working to develop a better product for you and your website. This month, we bring the popular Story Block to the web editor, a feature previously exclusive to mobile. This release also includes a fix for a security vulnerability for the Carousel feature.
We consequently encourage you to update all sites that you administer as soon as possible.
Continue reading → Jetpack 9.8: Engage your audience with WordPress Stories
WordPress is the most popular CMS for a variety of reasons — it’s easy to use, flexible, powerful, and well-supported — but that popularity also makes it a target for hackers and malware. Thankfully, there’s a lot you can do to easily protect your website.
Here are eight types of WordPress security plugins that will substantially reduce your risk:
Continue reading → WordPress Security Plugins You Shouldn’t Go Without
At Jetpack, dealing with different types of web threats and attacks is part of our routine. Most of the time, it ranges from collecting a malicious file and finding the attack vector, to providing assistance on restoring a website from the latest backup. But sometimes we enter a different dimension of really creative attacks, a dimension of inexplicable reinfections — we enter … the twilight zone.
Okay, I’m probably being over-dramatic, but bear with me as I set the scene for this mystery tale. Ready? Please join me on this trip to the realm of ghosts, spam, and search engines.
Continue reading → Fighting Spam from the Twilight Zone
If you run a blog, then you may have chosen to allow comments on your website. This can be a good move for certain sites because it promotes engagement, encourages feedback, and helps you establish authority.
But hackers and bots often leave spam comments in order to link visitors back to their own websites. Their goal? Higher site rankings and an increase in traffic — for the spammers, of course.
Racking up lots of comments seems like a positive, but too much spam can decrease search engine rankings, expose your visitors to viruses and scams, and make it look like you don’t care for your website. And this is, well, bad for business.
The thing with comment spam is that not all of it is created equal. Most of the time, it looks shady. But, sometimes, it actually looks legitimate. So how do you spot it on your blog?
Continue reading → How to Recognize Comment Spam and Give it the Boot
WordPress comment spam seems inevitable. No matter what type of website you’re running, if you allow visitors to comment on your posts, you’ll find spam. The more popular your content is, the more you’ll get. These unwanted contributions interrupt the flow of the dialog in your comments section, annoy you and your community, reduce your site’s credibility, and decrease traffic. But why, exactly, do people leave spam comments and what can you do about them?
Continue reading → Why Spam Comments Exist (and How to Stop Them)
Your website is the heart of your online presence — a place to establish your brand, build trust with your customers, and convert new visitors to clients. As an essential part of your business model, it’s critical to protect that asset with a top-tier security plugin.
There are several WordPress plugins that provide various levels of security and offer different kinds of protection. Give yourself optimal peace of mind and keep your business running smoothly by choosing a well-designed, comprehensive, integrated security plugin for your WordPress website: Jetpack.
Continue reading → Should You Use Jetpack for WordPress Security?