Security

Thoughts On The GoDaddy Hack

December 2, 2021

If you don’t already know, GoDaddy was the victim of a successful mass hacking attempt. Discovered in mid November, the intruders are suspected to have been rummaging around since the beginning of September. As more data became available, it was discovered that many GoDaddy subsidiaries were also part of the hack. More than 1 million…

Read More

WPCloudDeploy 4.7.1: A Security-Focused Release

June 30, 2021

WPCD V 4.7.x has ZERO new features. Instead it is a release focused on bug-fixes, code improvement and, more importantly, a release that has been audited for security issues by a third party. If you’re looking for information about new features, please check out the announcement from our last release – version 4.6.0 (or any…

Read More

Deep Thoughts On Supply Chain Attacks

May 14, 2021

Supply chain attacks are becoming more prevalent and they pose a tremendous risk to everyone in the chain – developers, end users, customers etc. If you don’t know what a software supply chain attack is, here’s a brief overview of how it works: instead of attacking a company directly, hackers attack the software dependencies the…

Read More

When WordPress Professionals Publicly Trash-Talk WordPress

April 12, 2021

Ok, so this is less of an article and likely should be classified as a “rant”. You should definitely move on to the next article if you don’t like opinions and rants. <rant class=”start”> A couple of days ago a prospect of ours posted about our product in a private Facebook group. Our potential customer…

Read More

WPCloudDeploy 4.1.0 – A Security Focused Update Featuring WPScan & Dewhurst Security

October 28, 2020

Version 4.1.0 of WPCloudDeploy has only two new features. In fact, it probably has the least amount of new features of any release we’ve ever done. But there’s a good reason for that. Before we talk about that reason, here are the two new features: You can now choose a language / locale when installing…

Read More

5 Best-Practices For New Servers Built On WPCloudDeploy

October 3, 2020

After you deploy a server using WPCloudDeploy you have multiple options to help protect it and keep it running properly. 1. Turn On Malware Scanning & Detection Before you do anything with your new server, you probably want to check the reputation of the IP address it was assigned. Many IP addresses can be placed…

Read More

Exposed API Keys: Handling A Nightmare Scenario

May 22, 2020

Recently we noticed a post on twitter about an exposed API key for Convertkit where the author of the tweet was unable to contact Convertkit to remove the exposed API key from their account. Which made us wonder – what would be a nightmare scenario for api keys for a Cloud Server provider? For example,…

Read More

The Security Risks Behind SaaS WordPress Management Panels

February 11, 2020

SAAS (software as a service) WordPress Management Panels are growing in popularity. These consoles allow you to spin up servers at a cloud provider of your choice and install and manage WordPress sites on those servers. At the time of this writing the four most popular ones that we are aware of are: GridPane SpinupWP…

Read More