By this point you surely have noticed the little padlock that appears next to a website’s address bar when browsing the web – and perhaps even gotten a security warning when that’s not configured correctly. What does it mean, why should you want it and how can you get it on your own website?
What is a PCA Compliance Audit? Unlike a PCI assessment, which merchants can perform themselves, a PCI DSS audit can only be performed by a qualified security assessor (QSA). If you’re facing an audit, then you’re likely a large store doing so voluntarily, or a smaller merchant ordered to undergo one because of a recent […]
Having a PCI compliant store requires the sustained efforts of both yourself and your hosting provider. Although there are no shortcuts, choosing a credible web hosting provider is an effective place to start. Even so, most PCI requirements can only be met by you, the merchant. Read on to learn more about the dividing line […]
2018 was the year data privacy concerns went mainstream. The media focus on Cambridge Analytica and Facebook brought the importance of data privacy home to the general public. The steady drip of data leaks from prominent companies, including leaks from eCommerce stores targeted by Magecart, cemented the risks in everyone’s minds. Businesses across the world […]
For the average American living in Chicago, being able to tell the time in New York is easy. Simply take the time in Chicago and add one hour: 10am becomes 11am.
In January, users of the popular WPML WordPress plugin received a concerning email. It warned that there were serious security vulnerabilities in the plugin. The email came from a genuine WPML address, and customers had no reason to think it wasn’t legitimate. WPML is used on tens of thousands of WordPress sites, and a critical […]
File permissions are an important aspect to consider for any website. This is even more important in a shared hosting environment, since neighboring clients can potentially read or write to your files if the permissions are configured incorrectly.
In previous articles we’ve talked about why criminals are interested in attacking WordPress sites and some of the methods they use. Today we’re going to look at drive-by downloads, a common category of attack used by criminals to infect site visitors with malware. Drive-by downloads are software downloads made to a device without the permission […]
A WordPress site with web-facing forms will be spammed. If there’s a form to be filled in, it will be filled in by spammers, even when there is no clear motivation for doing so. Spammers register for membership of any site they find, they fill in forms for gated content, they submit fake email addresses […]
There are lots of hacked WordPress sites on the web. Hacked sites are often the victims of botnets that brute force the login process, trying lots of different combinations of usernames and passwords until they hit one that lets them in. After they have access they can plant malware or other undesirable content on a […]
Your inbox needs more Nexcess
Grow your online business faster with news, tips, strategies, and inspiration.