October 14, 2015

WordPress XML-RPC Brute Force Attacks

Last weekend (October, 10th 2015) we become inundated with emails from several of our websites and our clients websites with massive amounts of failed login attempts. These attempts were inspired by a security hole caused from having XML-RPC enabled (by default) on WordPress Websites. What is...

May 4, 2015

Security Advisory: XSS Vulnerability in WordPress Plugins

Multiple WordPress Plugins are vulnerable to Cross-site Scripting (XSS) due to the misuse of the add_query_arg() and remove_query_arg() functions. These are popular functions used by developers to modify and add query strings to URLs within WordPress. The official WordPress Official Documentation (Codex) for these functions was...

April 28, 2015

WordPress Core 4.2.1 Security Release – Update Immediately

WordPress.org has released WordPress 4.2.1 which is a critical security release that fixes a cross-site scripting vulnerability in WordPress core. The vulnerability was publicly disclosed immediately after the 4.2.1 release went out yesterday so please upgrade immediately to prevent hackers from exploiting this vulnerability on...

March 30, 2015

Check to See if Your Website is Mobile Friendly

It has been said that on April 21st, 2015 Google will begin penalizing search ranking results of websites that are not “mobile friendly” and reward websites that are “mobile friendly” with improved ranking. Bottom line, your website better be “Mobile friendly” approved by Google. Use...

March 30, 2015

Why Make A Website Mobile-Friendly?

94% of people with smart phones search for local information on their phones, even when they are sitting near a desktop at work or home. Based on these facts, Google is rolling out an initiative for websites to be “mobile friendly” in the beginning of...