A blind SQL injection vulnerability has been discovered and fixed in Yoast’s WordPress SEO plugin. This has been fixed in version 1.7.4. Please upgrade immediately.
Security
WordPress security may seem boring when compared to the marketing or promotion of your blog, but it is so important and a subject near and dear to my heart. Learn more about how you can take control of your site's security with these tutorials and reviews.
Public Service Announcement: WP Slimstat Plugin
A very high-risk vulnerability has been found in WP Slimstat plugin version 3.9.5 and lower. This bug could allow an attacker to take control of your WordPress site. Please upgrade to 3.9.6 immediately.
Why a Manual WordPress Install is More Secure than a 1-Click Install
I really, really want it to be easy for you to install WordPress, but I’ve heard too many horror stories about hacked WordPress sites to let you go down that path. Here’s why a manual install, following the Famous 5 Minute Install instructions, is usually better than a 1-click install. Of course, not all hosts… [Continue]
How to Add 2-Step Verification to WordPress
Also known as 2-step authentication and 2-factor authentication, two-step verification is my favorite way to secure my WordPress logins. As a bit of background, the two in 2-steps means:
1) something you know (your password)
2) something you have (such as a secret code generated on your phone)
With 2-step login verification, you could post your WordPress password on a billboard in Times Square, and no one would be able to use it to get into your WordPress site…. [Continue]