Zen Cart is an open source shopping cart software. Unfortunately, Zen Cart has had some difficulties in the past sending email from a website. Here is how to let Zen Cart send email over an encrypted TLS connection, when the following condition is met: StartTLS is required. Since Zen Cart v1.5.2 StartTLS support is available.
Where the Vevida Optimizer WordPress plugin kept plugins on all my WordPress sites up-2-date
Sucuri reports that multiple WordPress plugins are vulnerable to Cross-site Scripting (XSS) due to the misuse of the
remove_query_arg() functions. These are popular functions used by developers to modify and add query strings to URLs within WordPress. If you haven’t configured automatic updates for WordPress plugins, please update NOW!
Securing WordPress uploads folder is important, because: In many hacked WordPress sites, a PHP backdoor is found within the
WP_CONTENT_DIR/uploads directory. Often because this is the location where uploads are placed automatically. From the backdoor within
wp-content/uploads other backdoors are uploaded to various locations, and scripts are injected with malware.
The following PHP function will disable the execution of PHP scripts in WordPress’ wp-content/uploads, on IIS web servers.
Web security firm Sucuri reports on their blog, that over 50% of all Magento installations haven’t applied a critical security patch (SUPEE-5344). Leaving them open to attacks. The security patch, to address a remote command execution (RCE) vulnerability, was released back in February.
Think like a hacker and ask yourself how fast your passwords might be able to be cracked based on their structure.
Easily configure automatic updates from the WordPress Dashboard, and modernize your MySQL database.
Installing WordPress is one thing, keeping it up to date is something else. Each week brings new bugs or potential attack scenarios that will make a WordPress website vulnerable to hacks. Enabling automatic updates for all or at least most parts of WordPress solves a large number of problems with irregularly maintained WordPress websites.