Hello WordPress 3.3! The legendary Content Management System (CMS) — or blogging platform for us mortals — has been given a slick update, code-named ‘Sonny’ after the late jazz saxophonist Sonny Stitt. WordPress 3.3 is now available us an automatic update through your WordPress dashboard,…
Weak WordPress Directory Permissions Can Be Exploited On Your Site
If a directory is not configured with the correct permissions, an intruder can upload and execute malicious files and modify critical files which can compromise your WordPress security. Eventually, the malicious user can gain full control over your web server which can lead to other serious…
Your WordPress Installation Is Using the Default Admin Account
Using the default Admin WordPress Account, hackers can easily launch a brute force attack against it. In order to help deter this type of attack, you should change your default WordPress administrator username to something more difficult to guess. Fix: Do not make the following…
Easy Tips to Increase Your Blog Security
Blog security is a hot topic among today’s online community. If you own a blog, you want a regular supply of visitors and it’s up to you to keep them safe. Some people panic when they find technical security solutions which they can’t understand; but…
Your WordPress Database Table Prefix Is Not Secure
Prefixes are given to table names so they cannot be easily guessed by a hacker or malicious user. When guessed, the default database table prefix can make life easy for a hacker and enable attacks (like SQL Injection) to be easier to execute successfully. By…
TimThumb vulnerability: a big number of WordPress plugins and themes are affected
Recently a new high risk vulnerability was discovered in the highly popular TimThumb script. TimThumb is a “A small php script for cropping, zooming and resizing web images (jpg, png, gif). Perfect for use on blogs and other applications.“ TimThumb is included in a lot…
htaccess Files and WordPress Security
Adding server-side protection around the WordPress wp-admin folder is like adding a second layer of protection to your WordPress admin area, login page and files. Server-side protection can be added by adding a .htaccess file (directory level configuration file) in your wp-admin WordPress sub directory….
WordPress Database Security: Why Change the Database Tables Prefix
The majority of reported WordPress database security attacks were performed by exploiting SQL Injection vulnerabilities. By renaming the WordPress database table prefixes you are increasing the security of your WordPress blog and website from zero day SQL injections attacks. WordPress Database Security: The Prefix Guessing…
How can I change the WordPress database table name prefix?
**Do not do the below change unless you are comfortable with PHPMyAdmin and making changes to MySQL. If not, ask someone who is familiar with WordPress and MySQL to assist you. Also, backup your blog; it is of utmost importance that before doing any changes…