Securing a WordPress site with an SSL certificate is highly recommended for all website owners. There are many benefits to adding an SSL certificate to your WordPress site, and it can be free to install!
Securing a WordPress site with an SSL certificate is highly recommended for all website owners. By installing an SSL certificate, you are protecting any information passed back and forth between your site visitors and your web server. There are many benefits to adding an SSL certificate to your WordPress site, and it can be free to install!
An SSL certificate protects/encrypts any data that gets passed back and forth between web browsers and the web server your WordPress site is hosted on. The term SSL stands for Secure Socket Layer. Each browser will display whether a site is secured with an SSL certificate or not by showing a padlock right before the domain name in the URL bar at the top left. Browsers will also display a Secure or Not Secure message, depending on if a certificate is installed or not.
WHAT DOES AN SSL CERTIFICATE DO?
SSL certificates provide protection for information a client sends back and forth from their web browser to your web server that your WordPress site is hosted on. Information that needs to be protected by encryption includes:
Credit Card Data
Email Addresses
Names
Login Details
Phone Numbers
Addresses
Any other personal information a client might provide
Malicious admin users get added to vulnerable WordPress sites often. This can happen in a variety of different ways, and sometimes the malware that creates these malicious users can hide in plain sight. Review this blog piece to read more about a fake WordPress admin creator.
Malicious admin users get added to vulnerable WordPress sites often. This can happen in a variety of different ways, and sometimes the malware that creates these malicious users can hide in plain sight. Injecting a malicious admin user into a WordPress site can allow attackers easy access back into a victims’ website after it has been cleaned. It is always recommended to review the WordPress administrators on your site often to best secure your site.
Important questions to ask when reviewing WordPress Admins
Some important questions to ask when determining whether a WordPress admin user is legitimate or not:
Do I recognize this WordPress admin?
Does the email address associated with the admin user appear safe?
When was this admin user created?
Does this admin user have any legitimate content attached to it?
Did I or someone from my team add this admin user?
An in depth look at tow pieces of malware that redirects victims to a spammy casino websites. The discovery of two distinct infections within a singular site constitutes a significant finding, underscoring the importance of vigilant maintenance of updates and their inherent value.
Vulnerabilities within WordPress can lead to compromise, and oftentimes known vulnerabilities are utilized to infect WordPress sites with more than one infection. It is common for out of date websites to be attacked by multiple threat actors or targeted by the same attacker using multiple different channels.
We recently came across a database injection that has two different pieces of malware accomplishing two unrelated goals. The first injection redirects users to a spammy sports website and the second injection boosts authority of a spammy casino website within search engines.
The discovery of two distinct infections within a singular site constitutes a significant finding, underscoring the importance of vigilant maintenance of updates and their inherent value.
The WordPress database is a vital piece of the puzzle that allows a WordPress site to load. Learn how to utilize two common tools to manage a WordPress database – PHPMyAdmin & Adminer.
The WordPress database is where unique data is stored pertaining to a WordPress site that houses custom information, ranging from WP admin users to unique posts and pages. Managing the database is an essential task when troubleshooting a WordPress site. This is where you can easily switch the theme and find your WordPress version. The two recommended pieces of software to manage a database are AdminerandPHPMyAdmin.
PHPMyAdmin
PHPMyAdmin is a common piece of software used to manage databases. You can view and download this software on their verified website. This software is often preinstalled on many hosting servers for easy access to manage databases.
Adminer
Admineris a piece of software used to manage a WordPress database. It is not as common as PHPMyAdmin, but is quite useful and easy to use as it is only one single PHP file. To utilize Adminer, all you need to do is upload the PHP file to your file structure and access it via a browser directly on your site.
An in depth look at a piece of malware that redirects victims to a fake malicious website by mimicking a popular domain. It was quite fun researching this fake domain and writing a blog piece on it that is featured on the Sucuri Blog.
A recent infection has been making its rounds across vulnerable WordPress sites, detected on over 160 websites so far at the time of writing. The infection is injected at the top of legitimate JavaScript files and executes a script from the following malicious domain: https://jquery0[.]com/JkrJYcvQ
At first glance, this domain appears to be legitimate. However, attackers have intentionally selected the domain name with the intention of deceiving webmasters. It’s nearly identical to https://jquery.com — a website belonging to the popular JavaScript library jQuery.
It was quite fun researching this fake domain and writing a blog piece on it that is featured on the Sucuri Blog.
A 500 Internal Server Error can occur on a WordPress site for many different reasons. This error can easily frustrate a website owner as it is very generic, yet also happens to be one of the most common errors a WordPress site experiences.
A 500 Internal Server Error can occur on a WordPress site for many different reasons. This error can easily frustrate a website owner as it is very generic, yet also happens to be one of the most common errors a WordPress site experiences. Below are useful tips to remember before troubleshooting a broken WordPress site:
Review each troubleshooting method to get a WordPress site working again. You may need to perform multiple steps to get a site functional again. (Disable plugins & your theme for example.)
When disabling a configuration file like an .htaccess file, check directories above your webroot and disable ones above too when troubleshooting.
Always backup your website before replacing any files.
Sometimes a restore is the best & fastest option!
What causes a 500 Internal Server Error?
Because a 500 Internal Server Error is a generic response, there are many different reasons a site may succumb to this error. WordPress is a powerful CMS where many plugins & themes can be added to make each site unique; this also creates more entry points and room for errors to occur. A 500 Internal Server Error can occur for the following reasons:
Plugin conflicts
Theme conflicts
.php.ini/.user.ini file issues
.htaccess/web.config file issues
Corrupted core files
PHP memory limit problems
Above are common examples as to what causes this error to occur on a WordPress site. Let’s move on to the next section to review how to troubleshoot this error to determine where this issue stems from.
Maui Sol Botanicals is a boutique body care website located in Maui. This site is built in WordPress and has the latest security measures in place to keep the site running strong.
Maui Sol Botanicals is a body care and aromatherapy product website for a business owner named Orius that lives on the island of Maui in Hawai’i. This natural boutique provides a variety of organic products such as skin care, sun care, perfume, and more. Read about each item more in depth below.
Skin Care
Skincare is nourishing to the skin and soul with all natural products offered by Maui Sol.
Perfume
Their perfumes are made with pure botanical ingredients for a long lasting aroma.
Hair Care
Maui Sol’s hair products help reduce frizz and lock in moisture.
This website was very fun to create as this is for my Uncle’s business that he holds near and dear to his heart. This website is built in WordPress and features each product with a stunning background of Maui’s landscape.
Artwork by Violet is a website showcasing Violet’s art throughout the years. This site is built in WordPress and has the latest security measures in place to keep the site running strong.
Artwork by Violet is a website dedicated to the art created by my daughter, Violet. We love to showcase her art and we found that the perfect method to do so is to create a website for her.
I immensely enjoyed building this website for her and she is very proud that the whole world can see her beautiful art creations. This website is built using WordPress to make it easy to update often with her new art.