We use cookies to understand how you interact with our site, to personalize and streamline your experience, and to tailor advertising. By continuing to use our site, you accept our use of cookies and accept our Privacy Policy.

Your Digital Commerce Experts
Nexcess Logo

Nexcess Blog

|
Category : security
September 02, 2019
By Brad

How Nexcess Helps Your Store Stay PCI Compliant

Having a PCI compliant store requires the sustained efforts of both yourself and your hosting provider. Although there are no shortcuts, choosing a credible web hosting provider is an effective place to start. Even so, most PCI requirements can only be met by you, the merchant. Read on to learn more about the dividing line […]

June 27, 2019

Will The CCPA Affect Your eCommerce Business?

2018 was the year data privacy concerns went mainstream. The media focus on Cambridge Analytica and Facebook brought the importance of data privacy home to the general public. The steady drip of data leaks from prominent companies, including leaks from eCommerce stores targeted by Magecart, cemented the risks in everyone’s minds. Businesses across the world […]

June 24, 2019

Adventures in Timezones: How a Server’s Timezone Can Go Wrong

For the average American living in Chicago, being able to tell the time in New York is easy. Simply take the time in Chicago and add one hour: 10am becomes 11am.

April 25, 2019

How To Protect Your WordPress Business From Insider Threats

In January, users of the popular WPML WordPress plugin received a concerning email. It warned that there were serious security vulnerabilities in the plugin. The email came from a genuine WPML address, and customers had no reason to think it wasn’t legitimate. WPML is used on tens of thousands of WordPress sites, and a critical […]

April 23, 2019

Getting Started With File Permissions

File permissions are an important aspect to consider for any website. This is even more important in a shared hosting environment, since neighboring clients can potentially read or write to your files if the permissions are configured incorrectly.

March 05, 2018

Is Your WordPress Site As Secure As You Think?

WordPress is — as content management systems go — very secure. It’s the most targeted web application in the world, but it’s also the best protected. It is in the interest of many thousands of developers and users to seek and destroy any vulnerabilities that may find their way into the code of WordPress Core, […]

December 08, 2017

OpenVPN Helps To Keep Your Magento And WordPress Dedicated Servers Safe

When a user connects to your Magento store, they connect over HTTPS, a secure protocol that uses an SSL certificate to encrypt data sent between the shopper’s browser and the server that hosts the store. Without HTTPS, it is possible for a third-party to intercept the data, putting the shopper and the store at risk. […]

November 29, 2017

What's Wrong With Security By Obscurity For WordPress?

We instinctively hide the things we find valuable. It makes sense: if thieves and other bad actors can’t find our valuables, how can they take them? In the digital age, we act on the same instinct. A common security precaution taken by WordPress site owners is to move the login page to a different location; […]

October 25, 2017

Are WordPress Plugins Safe?

Over the last couple of months, we’ve seen several incidents of previously trusted plugins being infected with malware by malicious developers. Plugin vulnerabilities are nothing new: developers make mistakes and those mistakes have consequences for security. But many of the recent attacks involved the deliberate introduction of malicious code. Does that mean we can’t trust […]

October 18, 2017

WordPress Security Basics: What Is A Drive-By Download Attack?

In previous articles we’ve talked about why criminals are interested in attacking WordPress sites and some of the methods they use. Today we’re going to look at drive-by downloads, a common category of attack used by criminals to infect site visitors with malware. Drive-by downloads are software downloads made to a device without the permission […]