Tag Archives: security

WordPress Site Security Plugin – WordFence

WordFenceWe are now recommending the WordFence security plugin as the highest level of WordPress site security. With over a million installations and a very high (4.9 out of 5) rating, we just haven’t seen another security plugin that approaches the features, capabilities and reliability of this plugin.

Security Scans and Monitoring

The plugin scans your site for every imaginable issue, comparing your WordPress installation, theme and plugins against their own stored copies of them. Its firewall blocks hostile agents from your site – with configurable parameters – and presents a report of the blocked agents. It also monitors people who login or attempt to login for threats. It also scans for malware.

The features are almost too good to be true and yet the price is free – though there is a paid version which we will be investigating. We’ll post another review after we’ve experienced a few months of the paid version.

Check out this video for more information:

Yet Another Router Security Issue

router security issueA serious flaw in an estimated 1.2 million routers has been discovered that lets hackers into your home or office network – they can even take control of your network. The problem lies with a feature called NAT-PMP (Network Address Translation – Port Mapping Protocol) which allows you – or someone else – easily setup a connection to things like a security camera or file server.

Ideally, the only way to turn on and configure NAT-PMP is if you’re already connected to your wireless network. However, some routers have NAT-PMP turned on by default and will let anyone outside the network configure it which means that a hacker can snoop on and even control things within your network, or things that you’re monitoring from outside the network. This includes snooping on your Internet browsing, re-directing your browsing to malicious sites, peeking at your security camera video or seeing what Internet-enabled gadgets you have in your home.

Unfortunately, no one knows yet exactly what routers are affected. NAT-PMP is often a feature on Apple, ZyXEL, Linksys and Netgear routers, but the models that might have the wrong settings are unknown. Routers from other companies may be affected as well.

To check if you’re affected, you’ll need to log in to your router. Open your browser of choice and type in the router’s IP address. You can find this in your router manual. Look for the settings involving “NAT-PMP.” You’ll probably see “NAT” or “Network Address Translation” on its own as well. Don’t change those – they aren’t the problem.

Turn off any settings concerning NAT-PMP and “external” or “untrusted” interfaces then save the settings. If you don’t see these settings anywhere, you probably are safe. However, while you’re there, also look at your “port forwarding” settings to make sure there’s nothing on the list you haven’t set up yourself. Anything on that list is a potential weak spot in your security if you don’t know what it does.