How to Add Two-Factor Authentication to WordPress (Best Plugin)

It’s a scary world out there, and lots of people would love to get their hands on your precious WordPress login credentials. That’s why, according to Wordfence’s survey of people who knew how hackers got into their sites, brute force attacks and password issues accounted for about ~20% of the hacked sites. Two-factor authentication is …

Read moreHow to Add Two-Factor Authentication to WordPress (Best Plugin)

How to Disable PHP Execution in Certain WordPress Directories

By default, WordPress makes certain directories writeable so that you and other authorized users on your website can easily upload themes, plugins, images, and videos to your website. However this capability can be abused if it gets in the wrong hand such as hackers who can use it to upload backdoor access files or malware …

Read moreHow to Disable PHP Execution in Certain WordPress Directories

Breath Freely! Your Security with WPMU DEV is Stronger Than Ever

Is WordPress security a big deal to you and your clients? Why would I ask such a silly question? Because our security suite has new superpowers including Defender location-based IP blocking and Automate Safe Upgrade scans…now on up to 5 pages. What’s the WPMU DEV Security Suite, you Ask? We’ve built a fierce set of …

Read moreBreath Freely! Your Security with WPMU DEV is Stronger Than Ever

How to Automatically Log out Idle Users in WordPress

Do you want to automatically log out idle users in WordPress? As a security-conscious site admin, you may want to force inactive users to login again. Banking websites and apps already use this technique to avoid unauthorized users from accessing accounts or hijacking them. You can also implement this functionality on your own WordPress website …

Read moreHow to Automatically Log out Idle Users in WordPress

Hello, Hackers! Best Practices for WordPress Security

When talking about WordPress security, it feels like we’re left with 2 choices, devastating paranoia or ignorant bliss. With all the news of our personal information, usernames, passwords, and identities getting jacked and sold on the dark web, the topic of web security to a noobie sounds impossible. But after falling hard into the deep …

Read moreHello, Hackers! Best Practices for WordPress Security

The Ultimate WordPress Security Guide (Step by Step)

WordPress security is a topic of huge importance for every website owner. Google blacklists around 10,000+ websites every day for malware and around 50,000 for phishing every week. If you are serious about your website, then you need to pay attention to the WordPress security best practices. In this guide, we will share all the …

Read moreThe Ultimate WordPress Security Guide (Step by Step)

How to Scan Your WordPress Site for Potentially Malicious Code

Often we get asked by our users, is there a way to scan your WordPress site for potentially malicious code? The answer to that question is YES, YES, and YES. There are both free and paid tools available to scan your WordPress site for potentially malicious or unwanted code. Usually, malware and malicious code can …

Read moreHow to Scan Your WordPress Site for Potentially Malicious Code

Make Your WordPress Sites 100% Immune To Phishing

Google recently made a splash in the security scene when they announced none of their 85,000+ employees have been successfully phished on their work-related accounts since early 2017. It’s the kind of magic sauce we all long to boast about for our clients’ WordPress sites. What was the secret to Google’s success and how can …

Read moreMake Your WordPress Sites 100% Immune To Phishing

Defender 2.0, Forced 2FA, New Tweaks And “We’ll Clean Up Your Site!”

Defender 2.0 is now available including forced Two-Factor Authentication by user role and a new XML-RPC disabler. Big news, I know…but the real stunner comes as a new members-only service upgrade. WPMU DEV security experts will now restore and clean up your site after it’s been hacked! Defender has already been downloaded half a million …

Read moreDefender 2.0, Forced 2FA, New Tweaks And “We’ll Clean Up Your Site!”