Sucuri

StackPath has acquired MaxCDN. If you use…

Brian Krogsgard

July 25, 2016

StackPath has acquired MaxCDN. If you use MaxCDN, it doesn't seem you will be effected in the short term, though based on what I'm reading today, a move upmarket might be in the works down the road. StackPath was started by…

Sucuri has prepared and released it’s…

Brian Krogsgard

May 20, 2016

Sucuri has prepared and released it's first Website Hacked Report for the first quarter of 2016 (direct link to PDF here). Lots of interesting data points in the analysis of over 11,000 infected websites. This is one of the ones…

There’s a Stored XSS vulnerability affecting…

Brian Krogsgard

May 7, 2016

There's a Stored XSS vulnerability affecting the bbPress plugin. This bug is present on every default install of bbPress < 2.5.9, so chances are you might be effect if you have the plugin installed anywhere. Sucuri has more info on…

Sucuri does another of its great…

Brian Krogsgard

April 28, 2016

Sucuri does another of its great in-depth reports on how hackers can add malware and other bad things to your website. This time they show how hackers can tweak WordPress to hide spammy posts from real visitors while leaving them…

It’s nice to see Sucuri is…

April 21, 2016

Hosting

It's nice to see Sucuri is offering SSL certificates to their customers at no charge with LetsEncrypt. With WordPress.com adopting SSL everywhere and ways you can currently installing a LetsEncrypt SSL on hosts like SiteGround, DreamHost, and Bluehost, I'm wondering…

1.4 million WordPress.com custom domains have just gone fully SSL

Brian Krogsgard

April 8, 2016

WordPress.com makes up for a huge number of LetsEncrypt's total SSL certificates. This morning, Automattic flipped the switch on enabling LetsEncrypt certificates for 1.4 custom domains on the platform. They had already enabled SSL on all WordPress.com subdomains, but this…

Sucuri posted some insight on how…

March 26, 2016

Sucuri posted some insight on how they clean infected websites. It's good background knowledge to know what the general procedure is -- and their tips on how to be prepared also serves as a reminder to those who upkeep any website,…

Sucuri has a really in-depth walkthrough…

October 14, 2015

Sucuri has a really in-depth walkthrough of the Akismet XSS vulnerability they discovered, and it's a nasty 9/10 on their DREAD score. That basically means it's easy to do, and can result in a very bad outcome. Fortunately, auto-updates and…

Akismet getting auto-updated for critical XSS bug

Brian Krogsgard

October 13, 2015

Akismet has a critical XSS bug that dates back quite some time. A researcher from Sucuri notified us of an XSS vulnerability in the Akismet WordPress plugin. This bug affects all versions of the Akismet WordPress plugin since 2.5.0, but…

iThemes Security is integrating Sucuri malware scanning

Brian Krogsgard

September 15, 2015

Security

iThemes announced today that both their free iThemes Security and their commercial iThemes Security Pro plugins are integrating Sucuri's malware scanning service. The free one is just an opt-in one off option, which is nice but can also be accomplished…

Sucuri explains the security vulnerability they…

Brian Krogsgard

August 12, 2015

Security

Sucuri explains the security vulnerability they were credited with reporting in the WordPress 4.2.4 release.

Sucuri want to compete with CloudFlare

Brian Krogsgard

May 28, 2015

Security

Sucuri is seeking to build a full CloudFlare alternative, according to WP Tavern: “The fundamental difference is that it’s security first, performance second,” Perez said. “So yes, in the coming months you’ll see more as our solution blossoms into a…

Understanding WordPress security vulnerabilities

Brian Krogsgard

March 17, 2015

Security

Daniel Cid has a good post on Sucuri that describes how they look at WordPress plugin vulnerabilities. Contrary to popular belief, just because you hear “SQL Injection”, it doesn’t mean someone can actually hack your site. The real problem comes…

It’s time to ditch download counts on WordPress.org and get real stats

Brian Krogsgard

February 25, 2015

Security

I'm grumpy today. Clickbait journalism annoys me, and WordPress security related clickbait journalism especially annoys me. Ars Technica, PC World, ZD Net, and TripWire are just a few sites that reported over a million WordPress sites were susceptible to being hacked…

Another Sucuri “responsible disclosure” postmortem

Brian Krogsgard

January 27, 2015

Business

James Giroux manages operations at PageLines. Last week, they were notified of a vulnerability by Sucuri, and he went through the rigmarole most of us are familiar with of juggling responsible disclosure and implementing a fix. James did a postmortem on…

Week in review: Themeforest changes, Jetpack 3.1, Polar Polls, Yoast and Sucuri partner

Brian Krogsgard

August 4, 2014

DesignPlanet

Welcome to the sixth “Week in Review” on Post Status, where I hope to offer up some of the things you may have missed in the last week or so. Unfortunately, I haven't posted since the last week in review. Trust…

StackPath has acquired MaxCDN. If you use…

Sucuri has prepared and released it’s…

There’s a Stored XSS vulnerability affecting…

Sucuri does another of its great…

It’s nice to see Sucuri is…

1.4 million WordPress.com custom domains have just gone fully SSL

Sucuri posted some insight on how…

Sucuri has a really in-depth walkthrough…

Akismet getting auto-updated for critical XSS bug

iThemes Security is integrating Sucuri malware scanning

Sucuri explains the security vulnerability they…

Sucuri want to compete with CloudFlare

Understanding WordPress security vulnerabilities

It’s time to ditch download counts on WordPress.org and get real stats

Another Sucuri “responsible disclosure” postmortem

Week in review: Themeforest changes, Jetpack 3.1, Polar Polls, Yoast and Sucuri partner

Post Status

Opportunities

Partner Directory

Resources

The Community for WordPress Professionals

Post Status

Opportunities

Partner Directory

Resources