Archives

Tag Archives for: "web security"

In Focus – WordPress and Data Privacy (GDPR)

In Focus – WordPress and Data Privacy (GDPR)

Anushree Sen

Anushree Sen

Anushree has over 6 years of experience in information security management and risk-based advisory services, working with organizations like PwC, Deloitte & Adobe. She is a CISA certified professional, with a management degree in Software and Systems from Symbiosis International University. Beyond work, Anushree can be seen practicing various dance forms and dreams of being an established choreographer too.
Anushree Sen

Data privacy and protection is one of the key aspects which all business need to demonstrate on a continuous basis. There are a wide number of complex privacy laws worldwide, and even stricter penalties if those directives are not complied to. Some common privacy regulations are the U.S. Health Insurance Portability and Accountability Act (HIPAA), Canada’s Privacy Law, the U.S. Gramm-Leach-Bliley Act (GLBA), the Payment Card Industry Data Security Standard (PCI DSS), and Australia’s Privacy Laws. However, the next big suite of regulations in this field is the General Data Protection Regulation (GDPR).

 

What is the GDPR?

The GDPR is the European […]

9 Steps for Enhanced WordPress Security

9 Steps for Enhanced WordPress Security

Anushree Sen

Anushree Sen

Anushree has over 6 years of experience in information security management and risk-based advisory services, working with organizations like PwC, Deloitte & Adobe. She is a CISA certified professional, with a management degree in Software and Systems from Symbiosis International University. Beyond work, Anushree can be seen practicing various dance forms and dreams of being an established choreographer too.
Anushree Sen

WordPress websites serve as prime hacker targets. In addition to the platform core, the hackers exploit vulnerabilities like backdoors, malware etc in the various plugins available for website protection. While the key measures to WordPress Security are known and illustrated here , listed below are some additional security checks to be incorporated at the file / directory code levels.

Deny automatic execution of all PHP files

All WordPress websites require new content to be uploaded, and hence the upload directory ‘wp-content/uploads’ usually has Write privileges. This leads to significant risk since malicious PHP files can be entered via this route. While the […]

Page Potato

Enjoy this blog? Please spread the word :)