Comments on: 7 Quick & Easy WordPress Security Vulnerability Fixes

By: Shiv Patel

Shiv Patel — Wed, 12 May 2021 20:51:18 +0000

Hey,

Great blog, lots of information on how to quickly assess whether your site has any security vulnerabilities and fixes if you do happen to have any. I think this is crucial in all my projects a strong security is what I pride myself on ensuring client data is safe is super key in today’s world. These methods are really easy for beginners and I’ll class myself as an expert since I’m now using defender on 8+ sites.

Thanks again!
Shiv

By: Mike

Mike — Fri, 29 Jan 2021 09:33:02 +0000

For even more security and ease of updating both plugins and WordPress version with just one command, I suggest developing and deploying sites using Roots, Bedrock framework.

By: Predrag Dubajic

Predrag Dubajic — Mon, 25 Jan 2021 11:23:21 +0000

In reply to Dominique.

Hi Dominique,

Having an FTP account that has access to all installations could certainly be a risk and allow other sites to be affected from a single one.
You should be able to limit the FTP account to access certain folders (installations) only which will prevent it from changing other hosted sites.

You can also check with your hosting provider if they have an option to “Jail” the installation, which basically prevents other installations from being affected with malicious attacks/scripts if one site gets compromised.

Cheers,
Predrag

By: Dominique

Dominique — Mon, 25 Jan 2021 08:00:19 +0000

Some hosting environments contain sites from multiple domains, which you can navigate in the FTP environment. Is this a risk as well? I can imagine that if a site on one of those domains gets hacked, it’s possible to infect the others as well. The different domains probably won’t share the same database, but the login details can easily be gained from the wp-config file.