Securing your website and effective way to identify vulnerabilities is through Zed Attack Proxy (ZAP). In this guide, we'll explore how to leverage ZAP for website security assessment. ZAP (Zed Attack Proxy) is a free and easy to use integrated…
If you are using WordPress website, then you can increase your website security by implementing proper Security Headers on your website. These HTTP Headers pass additional information between the client and the server. Using these you can add another layer of security in your website to prevent and mitigate attacks. In this tutorial we will see how to add HTTP headers on your wordpress website using HTTP Headers wordpress plugin. You don’t need to add or change any code of your Websites.
If you want to protect your WordPress website from bad bots and hacker’s malicious url requests then this article is for your. These can be a big nuisance for your website. You can block it by using plugin or using your .htaccess file. In this tutorial we will see one by one.
Block Bad Malicious Hacker Bots using plugin:
BBQ Block Bad Queries is a free wordpress security plugin from Jeff Starr. Using this you can protect your wordpress website against malicious URL requests by bad hackers, bots and scrapers. This plugin acts as a firewall between your user and your website and scans all incoming traffic to your website and blocks malicious bad requests. Some important features are blocks malicious requests, directory traversal attacks, executable file uploads and SQL injection attacks. It scans all type of requests like GET, POST, PUT, DELETE. It comes with zero configuration option. So no need worry about the settings. Just install and forget about it.
Google Chrome is a free web browser from Google. It is the most popular browser for desktop and smart phones. In chrome browser, some features send data to Google servers. It maybe useful to you, but if you are concerned about your privacy just disable the features and improve your privacy.
Don’t sign-in chrome with your Google account:
This feature will synchronizes your browser data like passwords, auto fill form entries, your browsing history and some others things to your Google account by default.
Wordfence Security is a free WordPress security plugin from Feedjit Inc. It is also available as a paid form. This is must have security plugin for WordPress. The free version comes with a firewall, malware scan, blocking, live real-time traffic and login security. And the pro version offers Premium Support, Country Blocking, Scheduled Scans and Password Auditing.
Just go to below webpage for a simple and fast test.
Superfish, Komodia, PrivDog vulnerability test
If you see a “YES” the you have a problem. Otherwise you will see “Good,Superfish is probably not intercepting your connections.”
Just download the free portable lenovo SuperFishRemovalTool
Open SuperFishRemovalTool and click Analyze and remove SuperFish Now button.
Security researcher Jason A. Donenfeld has found a vulnerability in a popular WordPress plugin W3 Total Cache that makes sites to obtain sensitive data from an affected site.
Two important holes:
1.Directory listings were enabled on the cache directory, which means anyone could easily recursively download all the database cache keys, and extract ones containing sensitive information, such as password hashes.
2.Even with directory listings off, cache files are by default publicly downloadable, and the key values / file names of the database cache items are easily predictable.
(more…)
Piwik web server compromised and hackers inserted malicious code into the open-source Piwik analytics software. According to Piwik, those who installed Piwik 1.9.2 during an eight-hour window on Monday Nov 26th from 15:43 UTC to 23:59 UTC that their Web servers may be running malicious code. Please click the the source link to get the complete details.
(more…)
As any tech savvy individual knows, backing up your data on an external hard drive or with an online file storage service is essential. With gigabytes of music, documents, files, data, etc., losing all of that material just because your computer crapped out on you can be truly devastating. While traditional external hard drives have their advantages because they are yours to handle and maintain, online services are becoming ever more popular. Online storage services allow you to access your data from any location or device with internet access.
Secure wordpress is a wordpress plugin, it increases the security of your multi-author wordpress blog.
Some of its feature are
Removes error messages on login-page.
Removes the wordpress version except in admin.
Removes wordpress version in admin area for non-admins
Adds index.php plugin-directory (virtual)
Removes Really Simple Discovery link in wp_head of the frontend.
Removes Windows Live Writer.
Removes core update for non-admins.
Removes plugin update for non-admins.
Removes theme update non-admins.
Removes version on urls from scripts and stylesheets onyl on frontend
Block bad queries
(more…)