PHP

WordPress Plugin Security: Preventing SQL Injection

SQL Injection is code injection on SQL queries used in an application using SQL database. WordPress uses MySQL so it has risks getting an attack through SQL Injection. In OWASP (Open Web Application Security Project) Injection is listed as the top threat in web-based applications, SQL Injection is a part of it. We can prevent…

Read More »

WordPress Plugin Security: Prevent Directory Listing

PHP based applications can have its structures exposed to the public. WordPress is also the same. This can have potential security risks if not taken care of properly. The agreed best practice is to configure the server, where the WordPress live, to prevent its directory structures. However, for average users, this might not be feasible.…

Read More »