How-To Guide: Fixing Mixed Content Error Manually or via Plugin

You are switching WordPress to HTTPS? This can lead to so-called mixed content errors. Browsers like Google Chrome then show your website as insecure or block it completely. We show you several ways to fix mixed content errors with WordPress. A mixed content error always occurs when your site or ... read more

Protection Against Brute Force Attacks: The RB Login Protector

Effective protection against WordPress brute force attacks and unauthorised login attempts - that's what our new feature, the Raidboxes Login Protector, offers you. We show you where to find the security feature in the RB-Dashboard and how to set it up correctly. Brute force attacks are by far the most common type of attack on WordPress sites. Bots try to automatically hack into your ... read more

Critical Vulnerability in GDPR Plugin: Immediate Update Required

There is currently a critical security vulnerability in plugin WP GDPR Compliance. If you have installed this plugin , you should therefore update it to the latest version 1.4.3 as soon as possible. Background: In version 1.4.2, unauthorised users were able to perform basically all actions on the WordPress website and, in particular, create their own user ... read more

WordPress Security: How useful are security plugins really?

Meanwhile, more than 43 percent of all websites run on WordPress. This makes our favorite CMS a popular target for attacks and malware. But there's no need to panic! Because WordPress security is not witchcraft. In addition to practical security tips, today we have the three best WordPress security plugins in the bag and show you when you really need them. Do I need ... read more

Cookies as a Threat: Cross-Site Request Forgery

CSRF, this abbreviation appears again and again in the security and maintenance updates of the WordPress core. The method behind it is now old hat and exploits the abundant cookies of an internet user. Fortunately, however, you can protect yourself from cross-site request forgery quite easily. All you need is a little time and ... read more

SQL Injections: Attacking the Heart of Your Site

In addition to brute force attacks, WordPress SQL injections repeatedly appear on the list of the greatest threats to WordPress sites . These are relatively easy manipulations of the database of your pages. Hackers can get hold of sensitive data or set up their own admin accounts and manipulate your site at will. We show how ... read more

XSS Attacks: How to Protect Yourself, Your Customers and Your Business

XSS attacks are particularly sneaky. And they are particularly popular with hackers. We show how you can protect yourself against hijacking your site- as a website operator and as a user. The security provider Wordfence analysed 1599 WordPress plug-ins over a period of 14 months, and the most frequent vulnerabilities of all were so-called XSS vulnerabilities. Almost 47 percent of the vulnerabilities found had to do with cross-site scripting... read more

Cross Site Scripting - How hackers hijack your website

XSS, SQL Injection, XMLrpc - when a WordPress security update is released, you'll find mostly cryptic acronyms in the update reports. Even if it is clear that these updates are necessary and the plus in security is very pleasing, it is important to understand what is behind these vulnerabilities. Because only if you understand what gaps the ... read more

This Is How WordPress Sites Are Attacked Almost a Billion Times a Month

In Mai 2017 alone, WordPress sites was bombarded almost one billion times with so-called brute force attacks. This makes automated login attacks by far the biggest threat to WordPress projects. Fortunately, you can quickly and effectively protect yourself against the login flood. Because brute force attacks are easy to fend off. There are intruders who plan ... read more