Email Hacking

I talk a lot about the importance of website and blog security on this site, but there are many ways you can get hacked. If you’ve been following the news in recent years, you’ll likely have heard about at least one data breach that’s occurred where customer or user data has been scooped up by…

Read the rest of this article…

Not all webhosts are created equal. There is a perception among many people, especially those new to building a presence online, that one webserver is pretty much the same as another and with cost being a consideration, finding the cheapest webhost is what you should do. Not so. In many cases you get what you…

Read the rest of this article…

Security Risk: Severe Exploitation Level: Easy/Remote DREAD Score: 9/10 Vulnerability: Privilege Escalation / Content Injection Patched Version: 4.7.2 There is a Content Injection Vulnerability in WordPress versions 4.7 and 4.7.1. While working on WordPress, the Sucuri security team discovered a severe content injection vulnerability affecting the REST API in these two versions of WordPress. This…

Read the rest of this article…

Brute Force Attack

With WordPress being the most popular site building tool in use today, that also makes sites built with it a target for hackers. And sometimes those sites are very easy targets when little or no security precautions are taken. Hack attacks come in various guises but one of the better known is the Brute Force…

Read the rest of this article…

Broken Links On A Website

This article will describe how to find broken links on a WordPress site and how to fix broken links. Later, I’ll look at what causes them, the consequences of having bad links on a site and why you should fix them as quickly as you can. What Are Broken Links? You website may link to…

Read the rest of this article…

WordPress 4.6.1

A new version of WordPress (4.6.1) was released recently to address an important security flaw. WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename, reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from…

Read the rest of this article…

WooCommerce Plugin Security Vulnerability

The company that supervises WordPress and WooCommerce development, Automattic, has patched a persistent XSS (cross-site scripting) vulnerability in the WooCommerce e-commerce plugin for WordPress. This was an important and crucial fix as the vulnerability could potentially have affected over 1 million e-commerce stores built using the plugin on the WordPress blogging platform. This month (July,…

Read the rest of this article…

"All In One SEO Pack" Plugin Security Vulnerability

In an interesting development, it’s been found that there’s a security vulnerability in older versions of the popular All In One SEO Pack plugin. (Note: this plugin is not used in the blogs we build here at Top Design Blogs). The vulnerability allows an attacker to store malicious code in the website’s Admin panel that…

Read the rest of this article…

WordPress Redirect Hack

This email is to notify you of a malware campaign targeting WordPress websites, in which the attackers are injecting a highly conditional malicious redirect. It randomly affects your users, and pushes them to default7 (.)com / test0 (.)com / test246 (.)com domains, in which they then perform a Drive-by-Download attack on the user – targeting…

Read the rest of this article…

Using Affiliate Links Effectively On Your Blog

If you do affiliate marketing you’ll know that many affiliate links are long and ugly, containing what looks like a random mix of characters. When a visitor comes to your site and sees a link like that appear in their browser status bar, they can find it offputting. The link may go to a site…

Read the rest of this article…