Once upon a time, they were active on your site, adding comments or buying products. Now, they’re nowhere to be found, clogging up your stats and creating a security risk. What’s the solution to this problem of inactive WordPress users? Is there some sort of logout plugin that gives them an auto logout? Can you send them a warning message with a countdown to kicking them out?
In this blog post for beginners, we define inactive WordPress users, explain the website application security risks and business implications, and suggest proactive measures you can take to eliminate some risks, reduce others and mitigate the potential harm to your organization.
What is an activity log analysis, why and how should you conduct one, and what tools can help you? This blog post answers these questions, and gives guidance on what to look out for in an activity log analysis, as well as providing best practice tips, and a tool recommendation.
As cybersecurity threats continue to evolve, organizations big and small are placing a stronger emphasis on security. Increasingly, WordPress websites are coming under the spotlight due to their widespread usage by many modern businesses. Monitoring and tracking are two essential aspects of any security policy, with OWASP listing insufficient logging and monitoring as one of […]
Did you know that you can track and monitor changes that occur within your WordPress’ site database? This post explains how you can do just that, as well as learn more about the benefits of monitoring WordPress databases and the types of alerts you can receive whenever something has changed within your database. What are […]
PCI DSS stands for Payment Card Industry Data Security Standards. It is a set of compliance regulations that any eCommerce and WordPress site that deals with cardholder data has to adhere to. Websites have to be compliant even if they do not store cardholder data and uses a third party payment gateway. PCI DSS compliance […]
Logging and monitoring are so important in web application and WordPress security that lack of logging functionality in web applications has now been added to the OWASP Top 10 list: Insufficient logging and monitoring, coupled with missing or ineffective integration with incident response, allows attackers to further attack systems, maintain persistence, pivot to more systems, […]
An Intrusion Detection System (IDS) is a software that monitors networks or systems for malicious activity. In this article we will be seeing how you can setup an IDS for your WordPress website. Suspicious activity is typically a sign that someone is trying to find a security hole on your WordPress website. Sometimes, it is […]