WordPress HTTP Headers – WordPress Security Headers Plugin to Improve WordPress Security

If you are using WordPress website, then you can increase your website security by implementing proper Security Headers on your website. These HTTP Headers pass additional information between the client and the server. Using these you can add another layer of security in your website to prevent and mitigate attacks. In this tutorial we will see how to add HTTP headers on your wordpress website using HTTP Headers wordpress plugin. You don’t need to add or change any code of your Websites.

(more…)

Continue ReadingWordPress HTTP Headers – WordPress Security Headers Plugin to Improve WordPress Security

How to Protect Your WordPress Website From Bad Malicious Hacker Bots

If you want to protect your WordPress website from bad bots and hacker’s malicious url requests then this article is for your. These can be a big nuisance for your website. You can block it by using plugin or using your .htaccess file. In this tutorial we will see one by one.

Block Bad Malicious Hacker Bots using plugin:

BBQ Block Bad Queries is a free wordpress security plugin from Jeff Starr. Using this you can protect your wordpress website against malicious URL requests by bad hackers, bots and scrapers. This plugin acts as a firewall between your user and your website and scans all incoming traffic to your website and blocks malicious bad requests. Some important features are blocks malicious requests, directory traversal attacks, executable file uploads and SQL injection attacks. It scans all type of requests like GET, POST, PUT, DELETE. It comes with zero configuration option. So no need worry about the settings. Just install and forget about it.

(more…)

Continue ReadingHow to Protect Your WordPress Website From Bad Malicious Hacker Bots

How to improve Google Chrome privacy settings

Google Chrome is a free web browser from Google. It is the most popular browser for desktop and smart phones. In chrome browser, some features send data to Google servers. It maybe useful to you, but if you are concerned about your privacy just disable the features and improve your privacy.

Don’t sign-in chrome with your Google account:

This feature will synchronizes your browser data like passwords, auto fill form entries, your browsing history and some others things to your Google account by default.

(more…)

Continue ReadingHow to improve Google Chrome privacy settings

Secure your WordPress Website – Wordfence Security

Wordfence Security is a free WordPress security plugin from Feedjit Inc. It is also available as a paid form. This is must have security plugin for WordPress. The free version comes with a firewall, malware scan, blocking, live real-time traffic and login security. And the pro version offers Premium Support, Country Blocking, Scheduled Scans and Password Auditing.

wordfence-security

(more…)

Continue ReadingSecure your WordPress Website – Wordfence Security

How to find and remove Superfish, Komodia and PrivDog malvertising software on your computer

Just go to below webpage for a simple and fast test.

Superfish, Komodia, PrivDog vulnerability test

If you see a “YES” the you have a problem. Otherwise you will see “Good,Superfish is probably not intercepting your connections.”

Just download the free portable lenovo SuperFishRemovalTool

Open SuperFishRemovalTool and click Analyze and remove SuperFish Now button.

(more…)

Continue ReadingHow to find and remove Superfish, Komodia and PrivDog malvertising software on your computer

W3 Total Cache WordPress plugin exposes site database info

Security researcher Jason A. Donenfeld has found a vulnerability in a popular WordPress plugin W3 Total Cache that makes sites to obtain sensitive data from an affected site.

Two important holes:

1.Directory listings were enabled on the cache directory, which means anyone could easily recursively download all the database cache keys, and extract ones containing sensitive information, such as password hashes.

2.Even with directory listings off, cache files are by default publicly downloadable, and the key values / file names of the database cache items are easily predictable.
(more…)

Continue ReadingW3 Total Cache WordPress plugin exposes site database info

Malicious code added to open-source Piwik

Piwik web server compromised and hackers inserted malicious code into the open-source Piwik analytics software. According to Piwik, those who installed Piwik 1.9.2 during an eight-hour window on Monday Nov 26th from 15:43 UTC to 23:59 UTC that their Web servers may be running malicious code. Please click the the source link to get the complete details.
(more…)

Continue ReadingMalicious code added to open-source Piwik

How to secure multi-author wordpress blog

Secure wordpress is a wordpress plugin, it increases the security of your multi-author wordpress blog.

Some of its feature are

Removes error messages on login-page.
Removes the wordpress version except in admin.
Removes wordpress version in admin area for non-admins
Adds index.php plugin-directory (virtual)
Removes Really Simple Discovery link in wp_head of the frontend.
Removes Windows Live Writer.
Removes core update for non-admins.
Removes plugin update for non-admins.
Removes theme update non-admins.
Removes version on urls from scripts and stylesheets onyl on frontend
Block bad queries
(more…)

Continue ReadingHow to secure multi-author wordpress blog