MalCare Releases Plugin Update with Improved Authentication Systems
by
7-layers of Security for Your WordPress Site
Your website needs the most comprehensive security to protect it from the constant attacks it faces everyday.
Recently, a security researcher reached out to us. He disclosed a limitation in the authentication system of our plugin. We responded to the security researcher, after conducting our due diligence.
In the rare situation, where a site has a pre-existing, high severity SQL injection vulnerability, an attacker might be able to read the MalCare key. To address such issues, we are further strengthening our authentication systems.
Authentication is a critical system and any improvements must be done in a careful manner. We have reviewed various plugins and best practices in our ecosystem to come up with our solution.
In light of the current public discourse, we are expediting the update of our plugin. We will initiate a rollout by EOD. All your sites will be automatically updated with the latest MalCare plugin as normal.
The MalCare firewall is enabled by default on your site. It includes rules that protect your site from such high-severity SQL injection attacks.
We have seen no evidence of any malicious activities.
We appreciate the work that security researchers put in, and we thank Calvin for his efforts.
Please reach out to our support if you have any questions or concerns.
Category:
Share it:
You may also like
How to Whitelist an IP Address in WordPress
Whitelisting IP addresses is a manual way to ensure that certain IPs have access to your WordPress website. Ideally, you’d want your WordPress firewall to take care of that hassle…
5 Best WordPress Firewalls to Block Attacks
To keep your WordPress site secure from hackers, prevention is key. Fixing a hacked site can take a lot of time, effort, and money. Hacks can also cause your site…
Essential Website Security: Guide on How to Secure Your Website
Many website get hacked because of preventable reasons: vulnerabilities, updates not done in time, insecure passwords, and so on. In this essential website security guide, we’ll show you how to…
How can we help you?
If you’re worried that your website has been hacked, MalCare can help you quickly fix the issue and secure your site to prevent future hacks.
My site is hacked – Help me clean it
Clean your site with MalCare’s AntiVirus solution within minutes. It will remove all malware from your complete site. Guaranteed.
Secure my WordPress Site from hackers
MalCare’s 7-Layer Security Offers Complete Protection for Your Website. 300,000+ Websites Trust MalCare for Total Defence from Attacks.
