HTTP authentication adds a secondary layer of WordPress security that protects the admin dashboard — or wp-admin — by requiring the user to submit further authentication. After creating the .htaccess file for protecting the WordPress wp-admin folder, you should create a username and password database file…
Author Archives Acunetix
THE AUTHOR
Acunetix
Acunetix Web Vulnerability Scanner 8 Now BETA 2
As the BETA program for Acunetix Web Vulnerability Scanner 8 keeps gaining momentum, all the great feedback received from our BETA participants has helped us achieve the BETA 2 milestone. This brings a significant number of improvements to WVS 8, including new usability features, component…
Update Your Site to WordPress 3.3 ‘Sonny’
Hello WordPress 3.3! The legendary Content Management System (CMS) — or blogging platform for us mortals — has been given a slick update, code-named ‘Sonny’ after the late jazz saxophonist Sonny Stitt. WordPress 3.3 is now available us an automatic update through your WordPress dashboard,…
Quantifying the Website Security Problem
The research is out and I can hear the journalist and editorial proclamations now: Website security flaws on the rise! Website malware getting the best of bloggers Website security being undermined by software quality Before you know it, the IT vendor marketing teams have climbed…
Weak WordPress Directory Permissions Can Be Exploited On Your Site
If a directory is not configured with the correct permissions, an intruder can upload and execute malicious files and modify critical files which can compromise your WordPress security. Eventually, the malicious user can gain full control over your web server which can lead to other serious…
Your WordPress Installation Is Using the Default Admin Account
Using the default Admin WordPress Account, hackers can easily launch a brute force attack against it. In order to help deter this type of attack, you should change your default WordPress administrator username to something more difficult to guess. Fix: Do not make the following…
FAQ: Acunetix WVS Scan Settings templates
Scan Settings templates give you the ability to configure the scanner and save such configuration settings as a template for future use, instead of having to reconfigure the global scanner settings for different targets. Using Scan Settings Templates, you can quickly recall scanning options, headers…
FAQ: Which Web Security Alerts are Detected by the Acunetix Crawler?
Acunetix displays vulnerability alerts and threats in real-time throughout the scan. Before scanning a website or web application, Acunetix first crawls the website to find all available inputs and links that can be manipulated later during the scanning stage. However, some of these web security…
FAQ: Is it possible to have different scan settings templates?
In version 8 of WVS, it is possible to save the settings used to scan a website as a template. It is possible to have as many scan settings templates as you like, and they can all be recalled on the fly when performing repetitive…