WordPress

The State of WordPress Security

Security and performance are priority and guide how I manage and host my client websites.

By Yael Reinhardt-Matsliah

| Updated on

This is not a post I enjoy writing, because I need to figure out how to share critical information without overwhelming you with technical details.

There’s been a big “hullabaloo” happening around WordPress security the last few months, starting with a recent WooCommerce Stripe vulnerability that resulted in one site being hacked, Stripe keys stolen, along with a ton of money stolen from the site owner.  

I take security very seriously, which is why all my client sites are hosted on the GridPane infrastructure which out of the box provides more security than most other WordPress VPS managed hosting.

It’s also why I run weekly updates on my site, why I get immediate notification if there is a security vulnerability, and why if there is a security vulnerability, that plugin gets updated immediately.

The GridPane hosting infrastructure provides security at the server level via their 7G Web Application Firewall and built in integration with Fail2Ban.

I add Cloudlfare, which provides network security by protecting against DDos attacks. 

So think of it like this:

Network level -> Server level – > User level

There’s actually an additional level between server and user, file level, where GridPane also provides protection but I’ll leave that out of this conversation!

But what if a hacker gets your password?

The issue that has come to light in the last few months is mostly at the user level, as WordPress stores passwords using what is called md5 format; this is compounded by the lack of reliable 2 factor authentication protection. 

And this is where Snicco Fortress comes in to save the day!

Sure, there are other 2FA Wordpress plugins, even for free, but they are easily conquered by hackers gaining access to the session cookies.

Snicco Fortress provides 4 layers of protection at the user level, ensuring no one gains access to your site. Ever!

I know it’s a lot to process, but I wanted to provide enough information so you can understand what the issue is and how Snicco solves it.

And this is why I’ve added Snicco to my hosting and maintenance toolbox.

Even if your site doesn’t process payments (via an online payment form or an e-commerce / online learning plugin), hackers gaining access to your site wouldn’t be much fun. And costly to recover from. But if you process payments on your website, hackers gaining access to your site could be a disaster!

With the addition of Snicco, the sites I host are 100% secure at every level (network, server, and user).

Guaranteed.

If something does happen to your site, I’ll take care of it. No additional cost to you.

Simply because I know they are safe and secure.

Photo by Hacker Noon on Unsplash

Posted in WordPress

Share this post

Wisdom Nugget: Why your newsletter is not a blog post

From Raw to Real

Leave a Comment

Pixel Happy Studio

Helping ethical educators and consultants build websites that reflect their values and fuel business growth.

20+ YEARS CRAFTING TRANSFORMATIVE, SCALABLE WEBSITES.

© 2024 Pixel Happy Studio | Privacy Policy

site

Home About Process Portfolio Get Started

resources

faqs articles Wall of Love Premium Hosting Contact