
We measured before telling anyone to disable wp-cron. An empty WP-Cron check costs 18 ms, just 1.17% of an uncached page load. On 100% of the WordPress installs we audited, the default was fine.
Recently, Finnish security researcher Joukou Pynnonen revealed a security flaw in Yoast’s WordPress SEO plugin which allowed hackers to take over the administrator account of any CMS on which the plugin was installed. One of the most popular SEO…

I’m sure you’ve heard on at least one occasion that content delivery networks are awesome. They significantly improve the speed at which your website can deliver content. Not only does that make for a better user experience, there’s also…

What do WordPress, Drupal, Joomla!, and pretty much every other market-leading content management system have in common? Simply put, they’re having just a little bit of trouble adapting to the small screen. As smartphones and tablets become more and…

You could be forgiven for thinking Distributed Denial of Service attacks aren’t really anything to be taken seriously. After all, they’re basically the hacking equivalent of driving a truck into a storefront. Although they can wreak a bit of…
