We use cookies to understand how you interact with our site, to personalize and streamline your experience, and to tailor advertising. By continuing to use our site, you accept our use of cookies and accept our Privacy Policy.
Contact Us
Contact Us
Sign in
Sign in

Nexcess blog

Category : Security

WordPress site owners who use the Akismet comment spam filtering plugin should update to version 3.1.5 of the plugin as soon as possible. Older versions of the plugin are vulnerable to a cross-site scripting attack that could put WordPress sites and users at risk of compromise. Sites with automatic updates activated should already be running […]

October 20, 2015

WordPress is a relatively secure content management system. As we’ve discussed before, there is no such thing as completely secure software, but the WordPress development team do an excellent job of keeping WordPress users safe by introducing as few vulnerabilities as possible and fixing them when they arise. That said, WordPress is enormously popular, which […]

August 18, 2015

Passwords alone are not a good authentication mechanism. Too many things can go wrong with passwords for eCommerce retailers to entirely trust them. Users often choose weak passwords or accidentally allow them to fall into the hands of malicious individuals. Particularly in the eCommerce world, where sensitive data, money, and a business’s reputation are on […]

August 11, 2015

Magento has just released patch SUPEE-6482, which addresses four different vulnerabilities affecting Magento Community and Enterprise editions. We strongly advise all Magento store administrators to update to the latest version to address these vulnerabilities (1.9.2.1 for Community or 1.14.2.1 for Enterprise). Those that do not want to update to the most current version of Magento […]

August 10, 2015

In the wake of a number of serious vulnerabilities — including the critical ShopLift vulnerability — Magento announced in May that it would be introducing the Magento Alert Registry to keep eCommerce retailers up-to-date about potential security problems. You can now sign up here. “We are committed to platform security and are taking proactive steps intended to […]

August 04, 2015

WordPress is a complex software ecosystem. Its huge userbase and an active developer community numbering in the tens of thousands make for a potential security nightmare, but, in fact, it functions surprisingly smoothly. For users who hear only about the most recent security vulnerability, it might not appear so, but the widespread publicity of security […]

July 16, 2015

Magento has made available a new patch bundle that addresses several serious security vulnerabilities. Magento CE & EE users should update immediately to ensure that their eCommerce store and its users are not put at risk. Among the vulnerabilities addressed are the potential leaking of customer information and cross-site scripting vulnerabilities. The patch bundle — […]

July 14, 2015

Magento has released a bundle of patches that fix several vulnerabilities. The vulnerabilities addressed by the patch can be exploited by attackers to disclose confidential information and execute code remotely. The bundle (SUPEE-5994) can be downloaded here and should be applied as soon as possible by users of Magento Community Edition and Magento Enterprise Edition. […]

May 22, 2015

One of the most heartbreaking experiences I’ve had when advising people about WordPress was with a friend of mine who had spent weeks setting up her site, writing content, and posting images, only to lose everything just as she was about to launch because she mistyped a command on her VPS’s command line. Of course, […]

May 20, 2015

A patch has been released to fix a remote code execution vulnerability in both Magento Enterprise and Community Editions. In February, Check Point researchers announced that they released details of the critical RCE (remote code execution) vulnerability in the Magento platform. Checkpoint originally found this exploit back in February and contacted Magento privately regarding the […]

April 27, 2015
Your inbox needs more Nexcess
Grow your online business faster with news, tips, strategies, and inspiration.
Your Email Address *