14
Mar 2017

Secure WordPress Hosting: Total Lockdown!

  Secure WordPress hosting is a term that is thrown around a lot these days. But what exactly does it mean? What does an enterprise hosting solution offer in terms of security, that regular hosting does not? We will delve into these questions and identify the design principles behind secure hosting environments. Armed with that information, you will be able to make an educated guess when researching hosting solutions for […]

05
Jan 2017

2016: Major WordPress Vulnerabilities & The Best Thing You Can Do

  The WordPress ecosystem is vast. According to the official WordPress site, there are 48,360 different, available plugins (in the time of writing) and over 2,000 themes available for downloading. A plugin, usually, consists of thousands of lines of code. And it only takes one line of code that is not well thought of, or a missing check, for it to be rendered vulnerable to attack. As the WPScan Vulnerability […]

22
Nov 2016

Secure your website with Let's Encrypt!

Let’s Encrypt is an initiative that provides a free and automated way of securing the HTTP traffic of your website. Setting up secure HTTPS was always an involved process, and we're happy to support any effort that makes the whole process simpler and more straightforward for people.  Generally speaking, in order to enable HTTPS on your website, you need to acquire a security certificate from a Certificate Authority (CA). A […]

10
Nov 2016

“Dirty Cow” Linux Kernel Vulnerability (CVE-2016-5195)

A privilege escalation bug in the Linux kernel was recently made public, that has gone unnoticed since 2007! It’s name is derived from the “Copy-on-Write” mechanism that is being exploited. The bug allows a user to gain write access to parts in the memory that  are otherwise read-only, thus increasing their access rights inside the system.  What systems are affected by it ? Since the vulnerability exists in the Linux […]

04
Aug 2015

Critical WordPress 4.2.4 Security Release

Today saw the release of the new WordPress 4.2.4 update, addressing critical security issues that can be potentially damaging to many WordPress sites. The critical cross-site scripting vulnerabilities which was first reported by Marc-Alexandre Montpas (part of the Sucuri team), Helen Hou-Sandi (of WordPress Security), Netanel Rubin (of CheckPoint) and Ivan Grigorov, had the potential to allow anonymous users to compromise a site.   The full details of this vulnerability can […]

23
Jul 2015

Critical WordPress 4.2.3 Security Release

Today saw the release of the new WordPress 4.2.3 update, addressing critical security issues that can be potentially damaging to many WordPress sites. The critical cross-site vulnerability which was first reported by Jon Cave (part of the WordPress Security Team), had the potential to allow anonymous users to compromise a site.   The full details of this vulnerability can be found on the WordPress website here, where they also corrected […]

15
May 2015

Backing Up Your WordPress Site: The Pressidium Approach

Backing Up Your WordPress Website   Having regular backups of your website is important for the safety of your content. It's something that's drummed into us in articles across the web, in the courses we take and the how-to posts we consume on a daily basis. For anyone working regularly in the web design and development industry, it's a given.   Without backing up your data, you could lose access […]

07
May 2015

Pressidium Customer Sites Are Now Updated To WordPress 4.1.5

WordPress Releases 4.1.5 And 4.2.2 Due To New Vulnerability   There have been a lot of security issues of late targeting WordPress websites and today is no different. In a response to a DOM-based Cross-Site Scripting (XSS) vulnerability, WordPress has released updates to tackle these issues.  On May 6, 2015, WordPress 4.1.5 was released to the public, along with WordPress 4.2.2. This is both a security update for all previous […]

12