Posts Tagged ‘security’
Never leave a File Manager plugin on your WordPress website in the first place!
A File Manager plugin can be a very useful tool when you need it, but you can say the same thing about a stick of dynamite! It’s not something you want to leave in the kitchen junk drawer in case you need it later! David Innes, owner of RealBasics.com The ultra-tech website Ars Technica reported…
Read MoreDon’t tell anyone but we’re beta testing daily backups and WordPress software updates for all maintenance clients…
We’ve been making weekly backups and software updates for our maintenance clients for a very long time. Since sometime back in 2012. We started officially in late 2013 or early 2014. We always watch for malware and software vulnerabilities and run updates as soon as developers release fixes. When we upgrading our hardware and software earlier…
Read MoreBelts and suspenders, eggs in one basket, backup plans, and A2Hosting ransomware!
The popular A2Hosting company is struggling with a ransomware attack that’s knocked quite a few of their Windows-server clients offline. While we’ve recommended A2Hosting to some of our WordPress clients we direct them to Linux hosting so they’re unlikely to have been affected by this attack. Ugh! Ransomware is a serious problem for smaller ISPs…
Read MoreIs the California Consumer Privacy Act the next GDPR? Yes, so don’t worry
A friend in the local WordPress Slack channel cited a recent post on the tech site Ad Age and added “in case you haven’t heard – California’s new “Consumer Privacy Act” (‘GDPR’) law goes into effect January 2020. Clients should start taking their Privacy Policies more seriously. Fines of $750/privacy violation + AG can sue…
Read MoreUpdate for December 2018: Signs of Naughty and Nice Websites
Photo by kevin dooley Two lists with a seasonal flair from web security provider Sucuri! “Naughty” features include outdated software, resused passwords, every user is an Administrator, and no automatic backups. They also point out that if you’ve got more than one website it’s a security risk if they’re all kept in the same folders…
Read MoreGood time to change your (too-frequently-used) passwords
FYI, if you re-use passwords it might be a good time to a) change passwords on your most critical accounts (bank, Google, Facebook, business websites, you-know-better-than-I-do…) Because thanks to a recent release of 1.4 BILLION username/password pairs hackers are having a field day! Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC From…
Read MoreOnce you get your website secure it’s easy to keep it secure!
It’s a mistake to say “WordPress is insecure.” Yes, it may have once been insecure but then Toyota’s cars once had motorcycle engines! A lot’s changed. David Hayes recently said this very clearly. It is very common for people who know very little about WordPress to say that it’s insecure. And there’s some reasons from history that this diffuse…
Read MoreIt’s finally time to start adding secure certificates to your site
We’ve known for a while that Google was going to start dinging sites that didn’t encrypt their connections to protect their user’s private communications. Now we have a date: Jan. 31. If your hosting company isn’t yet providing nearly free certificates, or totally free ones from Let’s Encrypt or a similar certificate authority then… might be time to think…
Read MoreSecurity Alert: If you’ve got a Dropbox account go change your password now
It’s always a good idea to use good passwords. But passwords are only as good as the security on the database that stores them. If you’re a Dropbox user (a service RealBasics uses to share files and folders with our clients, by the way) you’ll want to change your password now. Here’s the scoop from tech news site…
Read More