Strictly speaking, HTTPS is not a protocol in and of itself, but it is rather HTTP encapsulated in TLS/SSL. TLS, or SSL, as it is commonly referred to, provides websites and web applications with encryption of data being transmitted and authentication to verify the identity…
WordPress Security Tips Part 6 – Disable File Editing
Disable File Editing By default, WordPress allows administrative users to edit PHP files of plugins and themes inside of the WordPress admin interface. This is often the first thing an attacker would look for if they manage to gain access to an administrative account since…
WordPress Security Tips Part 5 – Restrict Access to wp-admin Directory
Password protecting your WordPress admin area through a layer of HTTP authentication is an effective measure to thwart attackers attempting to guess users’ passwords. Additionally, if attackers manages to steal a user’s password, they will need to get past HTTP authentication in order to gain…
Predictions and challenges for website security in 2015
What Happened in 2014 2014 will be remembered for many things; it’s the year HTML5 has been given the green light and the year JavaScript has been used to provide dynamic content more than ever before. We have also seen major version releases in important…
What to look for when choosing a web vulnerability scanner
Evaluating a web vulnerability scanner is not the easiest of tasks. With a multitude of open source and commercial products to choose from, all promising to provide the best of breed scanning functionality, choosing the right web vulnerability scanner is a tough, albeit important decision….
5 most dangerous software bugs of 2014
Wired have just released the 5 most dangerous software bugs in 2014 – 3 of which affect web security. Once again, web sites, web applications and web servers are the main source of concern for IT administrators trying to prevent unauthorised access from the internet….
WordPress Security Tips Part 4 – Complex Security Keys
Heads up – Depending on your webserver’s configuration, activated plugins and/or themes, the following could break some functionality. It is strongly advised to try out any configuration in a testing/staging environment before changing any configuration on production servers. Complex WordPress Security Keys WordPress makes use…
WordPress Security Tips, Part 3 – Security Configurations
Heads up – Depending on your webserver’s configuration, activated plugins and/or themes, the following could break some functionality. It is strongly advised to try out any configuration in a testing/staging environment before changing any configuration on production servers. Prevent Directory Listing Directory Listing occurs when…
Automate post-scan reports and new Coverage Report in Acunetix Online
Acunetix Online Vulnerability Scanner has been updated with 2 new features. These are: The option to generate a report automatically once a scan is completed. This will save time for users. When creating a new scan, users will be able to optionally configure a report…