How to Add HTTP Security Headers in WordPress (Beginner’s Guide)

Do you want to add HTTP security headers in WordPress? HTTP security headers allow you to add an extra layer of security to your WordPress website. They can help block common malicious activity from affecting your site’s performance. In this beginner’s guide, we will show you how to add HTTP security headers in WordPress. What… Continue reading How to Add HTTP Security Headers in WordPress (Beginner’s Guide)

Why Is WordPress So Hard (And How to Make It Easier)

If you’re comparing different website builders, then you may have come across the sentiment that WordPress is hard to use. WordPress is the world’s most popular website builder powering over 43% of all websites on the internet. However, some people complain that WordPress is more difficult to use than solutions like Squarespace and Wix. In… Continue reading Why Is WordPress So Hard (And How to Make It Easier)

Business Roundup Week Ending February 17

https://thehackernews.com/2023/02/massive-adsense-fraud-campaign.html https://blog.sucuri.net/2023/02/bogus-url-shorteners-redirect-thousands-of-hacked-sites-in-adsense-fraud-campaign.html A recent report from Sucuri revealed a major AdSense fraud campaign that has affected over 10,000 WordPress sites. The campaign redirects traffic to fake websites to generate revenue through AdSense ads. Additionally, Sucuri’s report outlines several best practices for web admins to ensure their sites are secure and protected from fraudulent activities. WordPress… Continue reading Business Roundup Week Ending February 17

Sites hacked with fake CloudFlare DDoS alerts infected with RATs

Remote Access Trojans (RATs) are new to me — apparently, you can get one on a Windows machine as a malware payload from fake CloudFlare DDoS alert pages on hacked WordPress sites. Ben Martin at Sucuri explains “a recent surge in JavaScript injections targeting WordPress sites has resulted in fake DDoS prevent prompts which lead… Continue reading Sites hacked with fake CloudFlare DDoS alerts infected with RATs

Hacked Website Threat Report 2021

Our 2021 Website Threat Research Report details our findings and analysis of emerging and ongoing trends and threats in the website security landscape. We’ve put together this analysis to help keep website owners informed and aware of the dangers posed by malicious actors. This year’s report is a collection of observations made by Sucuri’s Research… Continue reading Hacked Website Threat Report 2021

Sucuri WordPress Plugin += Sucuri WAF

Sucuri has always been a dedicated supporter of the WordPress community. Our free plugin was one of our first contributions to WordPress security (before bootstrapping our efforts into our WAF/CDN, Backups, and Malware Remediation services). However, over my many years involved in web application security, I’ve found that one of the most evasive aspects of… Continue reading Sucuri WordPress Plugin += Sucuri WAF