WP-News: 4 measures against XSS attacks & 100,000 .blog domains

Torben Simon Meier Last updated 14.01.2020
2 Min.
WordPress  Newsletter #31

Last week, the corks popped at Automattic's subsidiary Knock Knock Whois There. The 100,000th .blog domain was registered. Plus: SiteLock doubles its customer base with the acquisition of security startup Patchman. And we take another look at the danger of cross-site scripting and show you how to protect yourself effectively.

Effectively combat XSS attacks

How to prevent XSS attacks

Cross-site scripting (or XSS) is a particularly devious type of attack. Hackers inject code snippets into your site and can steal your customers' data, take over your site or infect your visitors' computers. All completely unnoticed and under the umbrella of your site and the trust of your visitors in your offer.

And XSS vulnerabilities are also particularly common: in a survey of 1,599 Plugins by security vendor Wordfence, nearly half of the vulnerabilities found were XSS-related.

Fortunately, the most important safeguards against this type of hack are simple: regular updates to close security holes and a firewall that screens out suspicious scripts. What else you can dowe show in our latest blogpost.

WordPress -News

International WordPress Awards
The first International WordPress Awards (IWP) are being planned. The goal of the awards, according to organizer Pragmatic, is "to recognize the extraordinary effort and talent on display from thousands of WordPress developers, designers and agencies across the world." The WP community can currently vote on the award categories in a two-minute poll.

100,000th .blog domain
In 2016, Knock Knock Whois There LLC - a subsidiary of Automattic - paid approximately 20 million US dollars for the rights to the .blog top-level domain. It recently registered its 100,000th domain. 63 percent of it was assigned by Automattic itself.

Performance News

WPMU DEV Checkup 2.0
Since the launch of the free WPMU DEV performance checkup six months ago, tens of thousands of analyses have been performed. The test not only measures the performance of your WordPress site , but also gives a rating in terms of SEO and security. The new version of the test also includes accessibility recommendations. And the test results - including recommendations - can be downloaded directly as a PDF. A white-label solution is also planned.

Combining work and family life with WordPress
This topic is of course not about the performance of a website, but about how you can improve your own everyday life and quality of life. In his podcast, Vladimir Simovic from perun.net talks about how WordPress and self-employment have helped him to combine work and family life.

Security News

SiteLock buys security startup Patchman
The security provider SiteLock has acquired the startup Patchman. The Dutch offer security software for web hosts that automatically fixes vulnerabilities and removes malware. Before the takeover, SiteLock was used by approximately 2.2 million WordPress sites . The acquisition doubles SiteLock's customer base from six to 12 million websites. Four million of those run at WordPress .

5 SecurityPlugins in comparison
You are looking for a Firewall-Plugin for your WordPress site , but don't know which provider to choose? WPWarefare has taken a look at the pros and cons of some securityPlugins and created a top five list.

Comments on this article

Post a comment

Your email address will not be published. Required fields are marked with *.