Wednesday, September 28, 2016

OWASP WordPress Security Implementation Guide

An email came across the OWASP leaders list today about securing WordPress.  If your interested to strengthen your WordPress server there are some free and helpful tools you may not be aware that exist.

OWASP WordPress Security Implementation Guide
The OWASP guide describes security cross-domain techniques and tips for strengthening security on your WordPress servers.  The guide is not version specific so you should check to see if there are any version specific vulnerabilities you need to be aware of for your particular version.

WordPress Nuke
Project by Munir Njenga (OWASP Chapter Leader, Kenya) applies some the techniques described by the OWASP WordPress security guide and applies them to a plugin that you can install on your WordPress server.  The plugin is being tested with WP version 4.6.1 and work in progress.

WordPress is an amazing application for managing your blog.  WordPress packs some powerful extensibility features for integrating 3rd party tools.  There is also a lively community of developers working on these tools and there's virtually a plugin for almost anything you want to do.  Like many highly extensible and useful software products, WordPress is challenging to secure and my reason to post.

Share It!