Moving to Endpoint Security for WordPress

Wordfence has been providing endpoint security for WordPress powered web sites since 2012. Here is a recent blog post on providing information about what endpoint security is.

You’ve probably seen the term ‘endpoint’ talked about in the press recently in the context of information security. Lets discuss what a network endpoint is, why securing endpoints can dramatically strengthen your overall security posture and why big vendors like Intel Security (formerly McAfee) and a number of startups are launching products that focus on endpoint security…

Full article at

Should You Disable XML-RPC on WordPress?

Wordfence has posted a well written blog post that describes the XML-RPC API and how disabling it will affect your WordPress hosted web site.

Recent improvements to WordPress and Wordfence’s blocking tools have lessened the need to disable the API.

Here is the blog post:

Wordfence is one of the most effective plugins to manage  security for WordPress powered web sites. Learn more about it here:

New Year’s WordPress Housekeeping Tips

WordPress Attachment Details

I wish I had seen this in December as I like to do year-end cleanup and new year planning during the holidays. Since it was only published yesterday, I’ll share it with you anyway because it has such wonderful information.

These things should be done on a regular basis, not just at the start of each year. It will serve as a good reminder checklist. Here are the thirteen items it lists:

  • Better Image Data
  • Optimize Your Installation
  • Optimize Your Images
  • Find and Learn Great Tools
  • Automate Your Workflow
  • Optimize Your Interface
  • Taxonomies Are Your Friend
  • Remove Unnecessary Plugins
  • Use Rich Content
  • Perform a Security Overhaul
  • Start a Blog
  • Contribute Back
  • Start Learning to Code

I see a number of things that I’ve been meaning to do and think that perhaps 2015 will be a good time to start. Things like the last three items on the list.

Here is the link to the full article:

Start the Year off Right with These WordPress Housekeeping Tips (Daniel Pataki,


Where is WordPress headed in 2015?

WordPress logos


Here are two views on the future of WordPress which may be of interest to WordPress developers and hosts.

They talk about the inclusion of WP-API and how it will facilitate a broader implementation of custom dashboards, something I’ve been seeking for a long time. Why is this important? Imagine WP-Admin as a seamless integration of presentation and administration. Expect front-end editing.

Noel Tock’s other thoughts include language, since the majority of WordPress sites are not English serving and the WordPress community.

Tim Nash makes some dire predictions in the area of security: That a serious security failure will visit a major commercial plugin developer and even the WordPress core itself. He also discusses Drupal, Magento, SSL and PHP.

Noel Tock from Human Made
WordPress in 20153

Tim Nash (developer-centric)
Tim’s 2015 WordPress Predictions3


What every WordPress user must know about File Permissions

File permissions grid

File permissions play a vital role in security and functionality of a web site. Here is an excellent article by Shylaja Sreedharan that provides a good overview of file (and directory) permissions. Understanding this is fundamental to managing many web sites, including WordPress sites.

Read the full article here: