Securing WordPress with a Web Application Firewall: NinjaFirewall (WP Edition).
In this article we will see how to provide a very high level of protection to a WordPress blog with a web application firewall.
NinjaScanner: A powerful antivirus scanner for WordPress.
NinjaScanner is a lightweight, fast and powerful antivirus scanner for WordPress which includes many features to help you scan your blog for malware and virus.
An introduction to NinjaFirewall filtering engine.
Starting from version 3.0, NinjaFirewall, our Web Application Firewall for PHP (Pro and Pro+ Edition) and WordPress (WP and WP+ Edition), includes a new powerful filtering engine.
Zero-day vulnerability in WordPress YellowPencil Visual CSS Style Editor plugin actively exploited.
We are seeing today a lot of hacked WordPress blogs due to a critical vulnerability in the WordPress YellowPencil Visual CSS Style Editor plugin which has 30,000+ active installations.
WordPress Yuzo Related Posts plugin vulnerability massively exploited.
Hackers are currently actively exploiting a vulnerability in the WordPress Related Posts plugin, which has 60,000+ active installations.
NinjaFirewall (WP Edition) adds PHP backtrace to email notifications.
Starting from version 3.8.3, NinjaFirewall (WP and WP+ Edition) will attach a PHP backtrace to some important email notifications sent to the administrator.
Another day, another zero-day: WordPress Social Sharing Plugin Social Warfare under attack.
A vulnerability in WordPress Social Sharing Plugin – Social Warfare is currently exploited.
Critical zero-day vulnerability fixed in WordPress Easy WP SMTP plugin.
The popular Easy WP SMTP plugin, which as 300,000+ active installations, was prone to a critical zero-day vulnerability.
Critical vulnerability in WordPress Kiwi Social Sharing plugin actively exploited.
A critical vulnerability in the WordPress WordPress Kiwi Social Sharing plugin <2.0.11 (30,000+ active installations) is currently exploited since December 6th.
Critical vulnerability in WP GDPR Compliance plugin massively exploited.
A critical vulnerability in the WordPress WP GDPR Compliance plugin (100k+ active installations) is currently massively exploited.
NinjaScanner Troubleshooting.
NinjaScanner should work out-of-the-box in most cases, but some hosting restrictions, e.g., server resource limits or security policies, may prevent it from working as expected. We will see in this article the most common issues a user may experience.
Arbitrary file upload vulnerability in WordPress Ultimate Member plugin.
A critical vulnerability in the popular WordPress Ultimate Member plugin allows allows attackers to upload any files, including PHP backdoors.
Misuse of WordPress WP-CLI could leak user passwords.
WP-CLI is a command line interface for WordPress. It is a nice and very helpful tool if you want to manage a lot of WordPress installations from a Unix shell.