How to Identify if My WordPress Website is Hacked - How to Identify if My WordPress Website is Hacked?

How to Identify if My WordPress Website is Hacked?

This is one of the most-asked questions that I get emailed from people that read some posts from my Types of WordPress Malware Attacks and What They Do series. 99% of the time website owners are the last ones to find out that their WordPress websites are hacked, after visitors, Google, website scanners, and their … Read more

5 Easy Steps to start a WordPress blog today - 5 Easy Steps to start a WordPress blog today

5 Easy Steps to start a WordPress blog today

Welcome to the world of Blogging. 🎉🎉🎉 Blogging is a great way to express yourself, build a business, or share experiences. There are endless reasons that drive people to start blogs. No matter what your reason for beginning is, you can get your WordPress blog set up and running in five easy steps. 1. What’s … Read more

wp lfi - What is 🗄️ File inclusion and How to prevent WordPress file inclusion attacks

What is 🗄️ File inclusion and How to prevent WordPress file inclusion attacks

File inclusion vulnerabilities allow an attacker to read (and sometimes execute) files on the WordPress website, gain unauthorized access to sensitive information and inject malicious files through the “include” functionality. This can be very dangerous because if the webserver is misconfigured the attacker may gain access to sensitive user information and even execute arbitrary commands. There … Read more

WPXSS CLANCI - wp_actionscheduler_actions & wp_actionscheduler_logs tables

wp_actionscheduler_actions & wp_actionscheduler_logs tables

WooCommerce plugin uses the wp_actionsscheduler_actions table in the database to log scheduled actions such as cron’s running, product synchronization, upgrade, etc. These actions should be deleted once they are executed but this doesn’t always happen, in most cases, this table uses an InnoDB database engine with a row-level locking feature meaning that multiple queries can … Read more

How to exclude wp admin from Cloudflare - How to exclude wp-admin from ☁️ Cloudflare

How to exclude wp-admin from ☁️ Cloudflare

First and first, I must stress that this is a bad idea and that I do not recommend it. Why? Because you’ll remove all of Cloudflare’s protection for the wp-admin dashboard. Cloudflare waits 100 seconds for an HTTP response. If the origin doesn’t respond in that time, Cloudflare closes the connection and you’ll see “Error … Read more

curl error 60 - How to fix curl error 60: SSL certificate problem: certificate has expired error ✅

How to fix curl error 60: SSL certificate problem: certificate has expired error ✅

From September 30, 2021, WordPress websites that use Let’s Encrypt certificates are having issues with HTTP API requests. For example, here is an example that will cause this error: $res = wp_remote_get( ‘https://abcdef.com/’ ); if( is_wp_error( $res ) ){ echo $res->get_error_message(); } the error message: cURL error 60: SSL certificate problem: certificate has expired What causes this error? … Read more