WordPress is one of the most SEO-friendly content management systems today. If you have a WordPress website, there are many things you can do to improve your SEO. But if you’re not careful, you could also harm your site’s ranking without realizing it. In this post, you’ll discover 12 settings to consider if you want your WordPress website to reach its full SEO potential. In SEO, security is an often overlooked but important consideration. Beyond general SEO settings, we’ll review some necessary security settings that can help prevent… More Info
Read More »Shopify Vs WordPress.org: which is best?
Best value: Shopify On paper, it appears that WordpPess.org is the best value for money, considering you can download the software completely for free. Whereas with Shopify, you will be set back at least £19 per month for its basic plan, and £49 for its standard plan. As you well know – every penny counts for a small business. But don’t let the ‘free’ element of WordPress.org fool you. Although the platform itself is free, as is the WooCommerce plug-in required to set up your online store, the costs do begin to add up. This is because WordPress.org is self hosted, meaning you need… More Info
Read More »WordPress sites backdoored after FishPig supply chain attack • The Register
It’s only been a week or so, and obviously there are at least three critical holes in WordPress plugins and tools that are being exploited in the wild right now to compromise loads of websites. We’ll start with FishPig, a UK-based maker of software that integrates Adobe’s Magento ecommerce suite into WordPress-powered websites. FishPig’s distribution systems were compromised and its products altered so that installations of the code semi-automatically downloaded and ran the Rekoobe Linux trojan. Infosec outfit Sansec raised the alarm this week that FishPig’s software was acting weird:… More Info
Read More »Severe flaw in popular plugin remains unpatched
An actively exploited zero-day vulnerability in WordPress plugin WPGateway has led to more than 4.6 million attempted attacks in the past month. The currently unpatched flaw is the second significant WordPress vulnerability to be found over the past week. A WordPress plugin vulnerability is being actively targeted for attack. (Photo by Primakov/Shutterstock) When exploited, this vulnerability, identified as CVE-2022-3180, is used to add malicious administrator users to sites running the plugin. Administrator privileges allow… More Info
Read More »WordPress Plugin Vulnerability Abused in Zero-Day Exploit
The WPGateway premium WordPress plugin has been exploited by malicious actors. A vulnerability within the WPGateway premium WordPress plugin has been exploited by threat actors, as found and reported by security analysts from WordFence. WPGateway Plugin Vulnerability Has Been Exploited On September 13th, 2022, WordFence’s Threat Intelligence team reported in a blog post that a security vulnerability within the WPGateway premium plugin was exploited in the wild by malicious parties. WPGateway can be used on WordPress sites to install and backup sites, as… More Info
Read More »6 steps to creating patient trust in telehealth
With Covid-19, came a flood of new telehealth (virtual consulting) healthcare solutions, exposing more patients to its benefits and features. More advertising, more awareness and more conversations have introduced telehealth to a broader public, and this can only be good for everyone. The question remains though, how do we create that trust in telehealth for a patient, so that they turn to it the next time they need healthcare? Possible contenders for understanding the dynamics could include, different patient demographics, or the fact that the solution on offer is easier to navigate in one… More Info
Read More »WordPress plugin vulnerability leaves sites open to total takeover
Security firm WordFence has warned of an actively exploited vulnerability in a widely-used WordPress plugin that could leave websites totally exposed to hackers. WPGateway is a paid plugin that gives WordPress users the ability to manage their website from a centralised dashboard. The flaw, designated CVE-2022-3180, allows for threat actors to add their own profile with administrator access to the dashboard, and completely take over a victim’s website. WordFence, which provides a firewall service for WordPress websites, released a rule to block the exploit for paying customers on its… More Info
Read More »Infoblox report shows smishing in websites built on WordPress
Smishing has been identified as a new and sophisticated method of obtaining personal and financial information from victims by using fake forms on fraudulent websites. Smishing is a cyberattack tactic that combines SMS (short message service, usually known as text messages) and phishing. A wave of VexTrio attacks using dictionary domain generation algorithm (DDGA) has infected numerous websites built on WordPress, which in turn infect visitors to those sites with malware or spyware by executing Javascript code. Infoblox Inc., a leader in secure and cloud-managed… More Info
Read More »Zero-day in WPGateway WordPress plugin actively exploited in attacks
The Wordfence Threat Intelligence team warned today that WordPress sites are actively targeted with exploits targeting a zero-day vulnerability in the WPGateway premium plugin. WPGateway is a WordPress plugin that allows admins to simplify various tasks, including setting up and backing up sites and managing themes and plugins from a central dashboard. This critical privilege escalation security flaw (CVE-2022-3180) enables unauthenticated attackers to add a rogue user with admin privileges to completely take over sites running the vulnerable WordPress plugin. “On September 8, 2022, the… More Info
Read More »How To Add Google Analytics To WordPress
Google Analytics is a free comprehensive tool that allows you to track your web traffic and data. Google Analytics will show you how many people visit your site, individual pages, conversions, and how people interact with your content. This data is critical for the optimization of your website. There are two types of Google Analytics code. You may be accustomed to the Google Universal Analytics (UA) code. This is being sunsetted and replaced with Google Analytics 4 (GA4). GA4 is much more customizable and applies to websites or apps, whereas Google UA can only be applied to… More Info
Read More »