Hi, my name is Martin, and I’ve been working with WordPress since 2006 – so I know a little about it..!
What I write about in this site is not a technical guide to completely securing your WordPress website – it focuses on non-technical steps you can take to get basic security measures in place, and to give you an understanding of the threats you face.
To maximise the protection of your website there are additional technical and configuration steps you will need to put in place. I can carry out an audit of your site and make the required changes to strengthen your site’s defences for you, if you’re not comfortable doing them yourself.
If you’d like to know more about that do please contact me.
The latest articles are below – just scroll down to see them. I also review WordPress security tools here, and I’ve curated some WordPress books on Amazon here.
If I need to clarify anything please do not hesitate to get in touch!
We’re coming to the peak shopping season: Black Friday, Cyber Monday, Thanksgiving, Christmas and New Year – and the scammers are gearing up for a killing! Here are two common methods that are used to scam people at this time of year: 1. Phishing scams Watch out for Phishing scams – where the cyber-criminals trick… Read more
I know you’ve heard it before, but it bears repeating: cyber-crime is one of the fastest real growth industries around today – both in volume and sophistication. But here’s the most common response I get when I talk to new or small website owners about this: “Why would anyone want to hack my little website?”… Read more
This article covers:What ransomware isHow to protect your computer against a ransomware attackHow to remove ransomware in the event of a successful attack What is ransomware Ransomware has been around since 2013 but moved into the mainstream with the WannaCry attack in 2017 on the NHS in the UK and companies in around 150 countries… Read more
Are you aware of just how much of your personal information is available to governments, hackers and corporations? I was talking to a friend the other day who said: ‘If my email is hacked it’s a pain, sure, but I don’t get any important emails, so it wouldn’t be the end of the world’. (He’s… Read more
Alert from the the WPScan Team: a glitch in Wordfence version 7.1.12 enabled people to discover usernames if they did the username query using the ‘WWW’ version of the domain name. This was fixed in version 7.1.14 – make sure you have updated..! Stay safe, Martin MaldenOwner – WP Security Basics P.S.Is your WordPress website… Read more
What would be the worst way to find out your website has been hacked? For me it would be to hear it from a customer. And worse still would be if they were furious because visiting my hacked website had caused their computer to be loaded up with malware. This is not a good way… Read more