How To Know For Sure You Can Trust A Plugin

Date aired: January 21, 2019

A webinar to help you minimize risks and stay secure as you’re downloading WordPress plugins.

Remkus de Vries - Sucuri Webinar Profile

Remkus de Vries

Manager of Partnerships at Yoast

Remkus is from Fryslân, the Netherlands and is the Manager of Partnerships at Yoast. He’s been active in the WordPress Community since 2006 and co-founded WordCamp Netherlands and WordCamp Europe.

Questions & Answers

Question #1: The WordPress repository is loaded with plugins. A lot of them are not updated for some time. They might work, but how do you know how safe they are? Is there a way to test for issues?

Answer: Depends. If there are three plugins and if the information that I went through in these slides didn’t help you decide, then ultimately it comes down to your gut feeling. You can also look at what the plugin does when you actually installed it. The local development side would be the next thing I’d make sure of. Like does one sway me a little bit more than the other? If you are a developer yourself, there are a few more things you can look at, like code quality. Actually, open up the plugin in a code editor and start clicking around. I would say that’s the only way to go. Ultimately after that, if they all pass, you have yourself three good plugins… just pick one. 😉

Question #2: If I am looking for a particular plugin and several seem to match my needs, should I do additional steps before deciding on one of them?

Answer: Of course. You can begin as well with steps in Answer 1.

Question #3: Can I select a plugin also based on what position it has in the search results page of the WordPress plugin repository when I search?

Answer: The way the algorithm is built for when you search for a plugin on, it is not necessarily an indication that the better plugins are ranking higher. It’s more of an indication of what you search for and how it relates to the plugins actually out there. Even though I’d like that search to be better, it’s not very feasible to make rankings due to things like the number of reviews. I’m not actually sure if it’s currently being implemented, like if a vast majority are five-star reviews. In my head, it would make sense to have those types of plugins rank higher when you search for it. I don’t know if that’s actually the case. I don’t have a good explanation about that.

Question #4: Should I always have a test WordPress site to test the plugin before installing on my live website?

Answer: Yes.

Question #5: The date that the plugin has first been published in the WP repository does it have any effect on how quick it is found while searching?

Answer: No, not to the best of my knowledge.

Question #6: How dangerous is it to install a plugin on a newer version of WordPress that the plugin is labeled as “not compatible with”?

Answer: It doesn’t necessarily mean it’s dangerous. The way that it is displayed, it’s in the readme. txt of a plugin. You have a field where you can say “tested up to”. That field they need to change when they update the plugin. It’s one of those things that can be overlooked. Having said that, if the plugin is being actively developed, it’s a fair indication that the particular metric is changed every single time they do an update because they would have an automated way of doing it. That leads me to the conclusion that if you are wanting to install a plugin that says “Tested up to 4.9” and you are running 5.0, I would send out a Tweet. I would send out a message to whoever built the plugin, look around for them on the internet. They’re probably easily findable. Just ask the question or maybe even add a support thread.

I don’t think it’s going to be very, very difficult, but when workers introduce a big change, as it did with Gutenberg, I’d be a little bit more hesitant.

Question #7: Can you describe how you use Query Monitor?

Answer: Query monitor is a pretty straightforward plugin in a sense that once you’ve activated it, you have an entry in the toolbar. That toolbar entry basically tells you on whichever page you are on your website, whether that’s on the dashboard or on the front end. It gives you a whole bunch of information of how that particular page performs with regards to queries. It goes well beyond this particular webinar to explain much more in depth, but there’s a whole bunch of people who wrote a very interesting post about how to use Query Monitor. I would start Googling for that because there’s a lot of options out there with that plugin.

Question #8: For someone not comfortable with importing a local host – if using cPanel there is a great Cloning tool in Installatron to make a copy to “domain.tld/staging” folder. Is it just as important to either remove this application after testing is complete or make sure to make it part of their regular site plugin/theme/version update schedule?

Answer: One of my assumptions is that you’re always backing up your website. In that backup, you have all your files and your database. In your file … sorry, your database and your files can be imported into any other insolation, whether that is a staging site or whether that is a local development site. If you want to do that on a staging site, as in the sub-folder that was described, I wouldn’t be too much of a fan for that. I would prefer to have it like staging.domain-name.tld for the simple reason as you don’t want to cross your life-site traffic into Google as well as your staging site. Your staging site should not be accessible for the public view.

Question #9: How do you decide on a premium plugin that has no free version or trial?

Answer: Me, personally, I’ve been in the worker’s community for a very long time and 9 out of 10 times I know one of the developers or I know someone who would know one of the developers, so I would just ask, “Can you vouch for them? What are your experiences about that?” It gets more difficult if you’re one of the ten and you have no idea who the person is. I would say a good example, way back when, was when WP Rock was introduced. It’s been a premium plugin from day one. There’s never been a free version. There’s never been a trial option. You would just have to kind of see what it did.

Because I knew who built it by name and by reputation, you get more lenient. If those people are not … if you’re not in the worker’s community and that very familiar with whoever is whom, it’s a gamble, it’s a choice. You would look at the same metric you would be as … you would try to get as much information as possible. Bottom line, most plugins have a price range somewhere between $30 and $90. It’s worth taking a risk if you think the plugin looks good, and you’ve Googled it, and you’ve reviewed all the things. I’d say go for it. Again, it’s your money so you need to make that decision yourself.

Question #10: If you are a developer, should you trust that you can adapt a plugin in a secure way?

Answer: Not entirely sure if I understand Ryan’s question fully, but should you trust that you can adapt a plugin in a secure way? If a plugin is developed with change in mind, then yes. That means there would be filters, there would be hooks, there would be ways to interject. Yeah, because you want the plugin to … you want it to be able to update continuously. If you’re integrating into that plugin, then yes you want to do that in a secure fashion.

See all Questions & Answers



Remkus de Vries – Manager of Partnerships at Yoast

Thank you so much Val. We’re going to talk about a little thing called, how do I know for sure that I can trust a plugin. It’s a simple question, but not necessarily simple answer. My name is Remkus de Vries. As Val said, manager partnership at Yoast, but before that I had a lot of experience as a small agency handling clients from relatively small websites to really big ones. A lot of experience in the years and I would say I started using WordPress very actively as of 2006. So, basically I’m coming up with 13 years of experience.

Why am I qualified to talk about this topic? Well, I kind of shared that a little bit. There’s a whole bunch of experience on the building websites side of things, but there’s also a few other things that made me quite aware of the consequence of a plugin doing what it’s supposed to do, being secure working as it’s supposed to be working as opposed to the versions that are not working.

You may be wondering what that exactly was. Well, I’ve been pretty active in the WordPress community as of 2006. I’ve been the Dutch forum lead and admin for the Dutch WordPress site since 2008, which means I’ve seen a lot of forum posts, a lot of questions with regards to plugins doing or not doing what they’re supposed to be doing or what they’re advertising. I’ve co-founded WordCamp Netherlands and I’ve co-founded WordCamp Europe and as such been in contact with a lot of plugin writers, a lot of agencies that are building stuff, asking questions what is the good way to go about if I want to add this particular feature set to my site. What do I look at?

So, that’s the background of how I started accumulating information, knowledge about what the possibilities are and what to pay attention to because we’ve all been there. Either you come up with an idea or your own client comes up with an idea like, “Hey, I’ve seen this really cool feature on this particular website. I’d like to have that too. What plugin should I use?” Or maybe you’ve taken over the support of a particular website and you’ll find yourself using three different plugins for forums for instance. So, which ones should you stick with? Which ones should you use?

Now, apart from any particular favorite things that you may or may not have, as in how does it work or how does it look, there’s a few more things that we need to be looking at when we start introducing a plugin into our already existing website because that’s the focus of this webinar. I’ve seen and worked with a lot of plugins over the year and when I say a lot, I mean a lot, lot. I’m a curious person, meaning if I see a plugin that I like, at least as in how it’s advertising itself, I tend to just install it, see what happens. Look at the database, look at the options in there, play around with it.

I don’t care if it breaks because I have a few test sites that I can play with, but are pretty much … Totally okay to be ruined and start from scratch. That’s a luxury I’ve given myself and I’m quite aware that not everybody has that luxury. But like I said, I’ve been playing with plugins for a very, very long time. So, really, how to know for sure you can trust a plugin? Well, simple question, not a simple answer. There is no guarantee.

Let’s start with that because that really is what it is. There is no guarantee. So, the steps that we’re going to show you are steps that you can reproduce. They are steps that are pretty much covering the whole garment of let’s check this before you actually start installing it on your website. Having said that, this is code. Code will always have bugs. Code will always have small things, maybe even big things that you really want to be sure that are not in there, but they’re going to be there.

So, there will be security updates, there will be feature updates, there will be bug updates. All of those are part of plugins. So, that’s not a thing that we can mitigate. That is something that’s going to happen, that is something that we need to take as a truth. We can pretend it’s not there and we can pretend maybe we’ll do due diligence, but there are certain plugins out there that have thousands and thousands of lines of code.

There’s no way you can be as thorough as you would like to be. As in, there’s no way you’re going to make sure that nothing will be introduced that will cause any trouble. Having said that, there’s a whole bunch of things that we could look at to make sure that that risk of introducing a bad apple is minimized. So, the first question has to be this one. Do you really need that plugin? If you’re building websites for clients, I’m pretty sure you’ve had the question like. I’d like to introduce this particular plugin because I’ve seen what it does.

Now, the first question you should be asking your client and make sure they verify it is, do you really need it? Of course the client is going to say, “I just told you that I needed it. So please just install it.” Or whatever, but it saves a little bit of … The effort of asking are you sure you need it, do you really need it, it also helps you being a little bit more critical about what you introduce in your system. When I say system, I mean your entire stack of what you have like WordPress installation, your theme, your plugins, the whole system you have installed.

So, before you say yes to your client, make sure you absolutely are certain that that is something that you need, as in need, as in they cannot do without. One of the reasons you need to be slightly leaning against let’s not introduce something new is because if you end up giving a yes to every single time you have that question, you end up with a lot of plugins that are sometimes overlapping, sometimes really not that needed. It doesn’t matter how well they are programmed, they bring in any other security risk, maybe a speed risk. There’s a whole bunch of things that you may want to avoid as much as possible. So, this is the first question.

The second question is, where do I start? I took an example that is very near and dear to my heart. This is the Yoast SEO plugin that introduces a whole bunch of SEO features for your website and I’d like to show you by looking at what the actual information is about that you have in front of you. Basically, this is the plugin overview on the WordPress plugin repository over at plugins in this particular case, /WordPress-SEO. You can see a lot of information here already that we’re going to start working with.

One of the first things that should stand out a little bit is the stuff that you see on the right hand side, in the bottom where it says version, last updated, active installations, WordPress version, tested up to, and PHP version. Now, on the left you have the description and it basically describes what the plugin does. So, I’d like you to enter your bit of conscious mind when you start reading things. People advertise all types of things and there’s all types of marketing language you’ll see in the descriptions. So, be slightly cautious when you start reading what a particular plugin does.

So, let’s just take this one. You need SEO for your website because not only you want to have it easy to be publishing, because that’s why you’re WordPress, but you also want to be found. So, you’ve decided on Yoast SEO as a plugin or at least as a potential candidate. Let’s see what type of information we have that you can use. When researching a plugin, the first thing you do is look at the feature descriptions. As you saw here, it starts at the left bottom and it starts describing what the plugin does. I can’t scroll down, but if you start looking up the plugin you’ll see there’s a whole bunch of features being explained what they do.

You look at the last time the plugin was updated. Now, this is a very important indication because not only does it mean … If it’s a recent dates, then not only does it mean it’s being actively developed. It also is an indication of how active it is. So, for instance the Yoast SEO plugin has a release schedule of at least once every two weeks, which is a good sign of very active development. Now, that doesn’t mean that a plugin that hasn’t been touched for two months is one to stay away from, but it does mean that if we’re… Anything past 18 months, you should be a little bit weary, why is this plugin not updated? What’s going on here? Especially of you’re aware what does 5.0 introduces the Gutenberg core editor. Now, with that came a lot of changes and those changes mean they need to be reflected at any plugin that works with the editor. SEO plugin, absolutely works with an editor. So, for instance if you were to find an SEO plugin that hasn’t been updated in the last six months, I’m pretty certain you’re going to come across a limited plugin When it comes to actually being able to use it inside the current block editor.

So, that is something to look at. It’s not a black and white type of thing, but the more recent it is, the more of an indication of a actively being developed plugin it is and that is a good sign. I’ll explain a little bit more about this later, but this is actually a very important metric. So, the number of active installations. Let’s just say you’re looking for a particular plugin to solve your problem X. Now, let’s just say there’s five plugins that are actually solving X.

One of the things you could look at is the number of active installations which means, if one of the five plugins has 20000 installations and the rest have hovering around maybe 1000, 1500. It’s a clear indication that the one having 20000 installations is either on the market for a longer time or much more actively being developed, maintained, expanded, taken care of. So, it’s a thing to look at. These are all very straight forward things. The one that is a little bit less straightforward because it’s very subjective is the reviews, but I do encourage you to start reading the reviews.

Let’s go over there. This is the description. This is where you see a, what the plugin does and when you look down a little bit you see taking care of your WordPress SEO. It actually explains and features what our plugin actually does. So, it’s not just it optimizes your SEO, no. It explains to you exactly what it does. You get the advanced XML Sitemaps, you get full control over site breadcrumbs, set canonicals, etcetera, etcetera. So, that’s information that’s helpful for you to actually make a valid decision on do I need this, is this for me?

Active installations, you will find that here. In this particular case we have five plus million installations. That’s pretty good sign that whatever the plugin does is at least very popular. A lot of people agree with this being the number one SEO plugin. You see ratings at the bottom right of the plugin overview screen and ratings is another very interesting metric as it tells you a little bit about what other people.

Will think of this particular project os, in general, I would say you know there’s always one stars. There’s always two starts, and depending on the popularity of the plug in or how well it’s built, to three stars and to four stars will be there as well. But the five stars are actually the interesting ones. So the one I would check is if I have five stars, and I have a lot, how does that balance out the four, three, two, and one stars? I would even go as far as … If we’re checking reviews, I would actually check both the five stars and the one and two, cause I would be curious about what they’re actually saying. Now sometimes that somebody who doesn’t actually fully understand what type of plug in their getting into, so they may not understand everything about the plug in which will make me give a bad review, but those particular types of bad reviews should be easy to figure out which one you should discard or which one are the valid ones.

Same goes or the five stars. There’s the quick ones that go “Perfect plug in. Wonderful.” And they’re done, but there’s also people who actually write out two to three paragraphs explaining why this particular plug in is actually working for them. So, again you need to be a little bit skeptical when you read everything, but you really should read everything because it’ll tell you a little bit more about how that plug in works.

So when you click on rating, the link I just showed you, this is what you get you get an overview of … and technically this is a form. This is why it says “search this forum” that’s because basically, that’s how the at workers dot org architecture works. But, you’ll see there’s a five star, a five star, and then puzzling to say the least. Somebody did not get it. It’d be interesting to read why, but then again, the one below it says used for a beginner, and that one gave a five star review. So, really it’s a very subjective thing, and you need to double check and make sure that whatever type of plug in, and again this is the example of the SEO plug in, but whatever plugin you need, it may not be in SEO plugin you need currently, but it may be a different type of plug in. But the type of things to look at are still the same thing to look at. That doesn’t change so here I would still check.

So when you see the 24 thousand sites, 666 reviews, all those are links you can actually click on just to see the two stars or the four stars, or the five stars, and basically, if you see the overview underneath the topic, you click on very good, you actually get to see what type of review it is. And again, some come with maybe one sentence. Some actually put in some time and effort. All of these are ways to gage what you’re actually looking at. Why is this particular plug in worth your time to install on your sight?

So, next on things to check out is the plug in support. Now, it’s good to remember that plug in support is for the most part a free non-reinforceable type of thing. Everything you find on the plug in repository for workers dot org is open source. And open source basically means you get to use it any which way you like but you don’t get to demand. You need that particular support. Obviously, if there’s a huge bug, you get to be disgruntled, you get to be angry, you get tot be sad, all of those emotions, but you actually have no legal way of making somebody respond. Having said that, if and when a plug in is actively developed, you’ll see that they are actually taken care of their plug in support.

So, what does that mean? Well, it means that they are responding in a correct and prompt fashion. They are usually fast in responding. They also are thinking about what if your coming here for the first time. So they have like a “read this first.” Which explains how their support works and in some cases, in ours for instance, if you really want or need support the easiest way would be to get a premium prescription. That means you get the premium version of the plugin. But with that, you get support. So anything you come across or that you might need would be covered by our premium support, and there you can demand to be helped in whatever and with whatever issue you have. So, that would be explained in the “read this first”.

Now, the fourth thing to look at is how long do topics stay unresolved? So this is pretty much the same idea by when’s the last time the plugin was updated. Here we look at how do certain questions get answered. Do they get answered at all? And the forum actually allows you to see that. So here you see a good example of read this before you post. So Yoast wrote out a bunch of frequently asked questions, a bunch of ideas, and also if you really do need premium support, this is where you need to go. All of these are an indication of a company in this particular case Yoast, taking their support issues seriously.

It basically says “Hey look. We understand that we’re not technically obligated to answer your support questions here, however having said that, we do take them serious and we do answer them, because in term, that will make you a happy customer. And if you’re a happy customer, we have a premium version that will en make you a more happy customer.” So that particular mindset when you see that on the prescription, when you see that on the reviews, and when you also see that in the actual forum, the support threads, you get a sense of what the company is about a and that’s basically really what this is about.

So, any company being serious in this particular market of ours, the workers market, they understand that if they want to gain our trust, the first thing they have to do is make sure that they come across trust worthy, and explaining what your product does eloquently, helping out any, even if it’s free, any questions in the support threads, taking care of your reviews and making sure that they are on the higher level and not on the lower level, all of these are clear indication of the company making sure that they understand, they matter, and the importance of producing quality. And that is really what you’re looking for. You’re looking for signs of quality.

Now, this is all on the surface still. You can do this without even actively having to install the plug in. This is just looking at the information. And depending on he size of the plug or how, you can do this is two or three minutes, or maybe you need a little bit more time and you need some proper investigation, and you’ll be here. You’ll be losing that 15 minutes. Either way, it is something that you shouldn’t skip. It is not something you should be “It’ll be fine. I just want to go download it, install it, be done with it.” As tempting as it sounds, that’s not the way to go.

So, frequently asked questions. That’s an interesting one because it’ll tell you a little bit more about what is the mindset of people starting this and what type of question do they have. The active topics, that’s an interesting view to look at, and the last one is the unresolved topics. So unresolved basically says all for these questions that have been asked, which ones have not been answered? And just click on through, and see what they’re actually about. Sometimes it’s very straight forward stuff, sometimes it’s more complex stuff. To understand it takes time to properly respond. Either way, it gives you an overview of the mindset of the company. And again. They’re showing you their trust.

So, satisfied so far? Right? You’ve looked at it, you’ve read it, you’re convinced the plug in does what you want it to do, you actually decided you needed it, you’ve double checked every single thing you have available for you, you’ve looked at the reviews, you looked at the open support threads, all of that. You looked at that and you went like “Okay. This looks like a plug in that would actually do what I want it to do.” So what’s up next? Testing.

So, testing is not necessarily one of the most complex things to do. But, before you actually do the physical testing, you kind of go, ” let me just double check in good if I can find a little bit more information about who’s the author of the plug in. What do people say about them, or him, or her? ” Have they published more plug ins? If so, that’s a clear indication of people being more inclined to stick around longer. Is there a premium version? Now you might wonder, why is that an interesting … Why do I google that? Why do I search for that? For the simple reason that a premium version means whoever published a plug in is in it to make sure that they are providing a good solution. And a premium version says we’d like to be paid for it as well, and the more you pay for it, the better the actual version becomes.

So it’s an indication of a company or a person having invested interest in staying there, being there, and in two years time, three years time, still be available to you with updates for the plug in. All of that.

Over the years that I’ve played with plug ins and stuff, there’s numerous numerous plug ins that at one time were created because maybe the author had time, maybe they were a student and felt like this is an itch I need to scratch. They wrote the plug I, they released the plug in, they published the plug in, and maybe they were active and updating it for a couple of years, but maybe they went on to do different jobs. Maybe no time anymore, whatever. Having a premium version basically says “I am interested in maintaining this plug in, and please do come and install my plug in.” So, is there a premium version in one of the things you need to be looking for in search for a plug I name, and reviews.

So, on the workers dot org site you will find reviews, but obviously, those are not the only reviews out there. There are plenty of reviews written my people with blogs and you’ll find those interesting as well.

So the adventures mode is the next one. That basically means we get a little bit more technical. It requires you to set up a local development site. Now, if that’s not something you would normally do, I would, say google that, because there are plenty of really relatively easy solutions out there to set up a local development site. One of my favorites is local by flywheel, and what it basically does, it allows you to create a local site, and it’s only available on your computer, and it allows you to play with it. It allows out to make mistakes. You can easily create a new site. You can easily delete it. You can easily start from scratch. So, get yourself a local development site, and make sure that you install the plug in, test it, play around with it, and a very important metric to do is speed. Quickness. So the clearing monitor plug in, is a plug in that actually allows you to test everything you do … Oh sorry. Everything the plug in does on your sight. So you have to see what the response is.

Some plugins, they look good, they are so good, they look trustworthy and everything, but when it turns out you actually install it, they slow down your sight significantly. Now, a query monitor is a plugin that will actually show you the before and the after, so you can deactivate the plugin. You an double check again, experiment more, and if indeed we went form four seconds loading to 15 seconds loading, you know for sure you have a plugin you don’t want on your live site. Adventure’s mode basically says play around. The adventures detective mode goes one step further, and it basically says export your site, import it into your local development site that you just created, and there’s plenty of tutorials with whatever tool you’d like to use.

Again, my favorite is local by flywheel, but desktop server’s also a very good one. And it allows you to relatively easy, turn any export of your live site into a local dev. And with that, you get to test not just on the simple workers sight that you just installed and maybe import a few pages and stuff like that. No. You actually get a full copy of your life sight and it works locally. So again, install the plugin. See if it breaks anything. See if all the screens are … Can you still navigate to the entire dashboard/ does everything work as it did? If you want to go real adventurous, maybe test with an older version of the plug in out would like to introduce, and do an update. See what happens. Does it do what it’s supposed to do? Does it break anything?

Again, test with query monitor plugin because it will tell you how well you’re doing it, and the whole idea is that you do a little do diligence on the code side of things. So you install that plug in, and you make sure you click through the site, you click through the plug in, the settings and whatever it does, and make sure that the output is exactly what you expect it to be. So, when all of this is satisfactory, you basically have an all systems go. You’ve made sure that the plug in is actually well maintained, it’s up to date, it’s used by more people. Questions get answered quickly. There’s even a premium version which makes you … You’re more secure about the future of the company or the person behind the plug in, and that makes it a safer route to go with that particular plug in. So, if that all checks your green boxes, then we have an all systems go. So, congratulations. You are now in a committed … relationship with a new Plugin. I kid you not, this is exactly what it is. You are in a committed relationship because from that moment on you have introduced something into your website that you are going to rely on. You’re going to rely on it to work perfectly in workers 5.0 when you introduced it. You also are going to expect it to work perfectly in workers 5.1, 5.2, maybe even 6.7. It’s not just, “That was it. Done. Next one.” It means up-keeping. It means you need to still make sure that Plugin is actually updated as it was.

It doesn’t end there. It is introducing into your site now, but it doesn’t necessarily mean you have the luxury of not looking at whatever the next version of the Plugin introduces. You still need to be reading the changes, see what’s up, and see if you need to change or make sure that whatever you have as a total site is still working perfectly.

That’s basically the path that I use whenever I introduce a new Plugin. I doublecheck all these things and, again, sometimes it takes two to three minutes, sometimes it takes 15-20 minutes. If it’s a large Plugin, I don’t mind to actually start spending more than an hour for the simple reason: the better I test it, the more I make sure of what I actually see here is what it’s supposed to be doing, the happiest it’s gonna make me, and the more headaches I get to prevent.

This is me asking you if you have any questions.

See Full Transcript


Similar Past Webinars

In the website security community, our name is known for fast site hack cleanup and responsible vulnerability disclosure. As thought leaders in website security, we are committed to sharing what we know. Follow our concise and helpful website security guides and tutorials so you can learn how to clean and secure your website.


Picture of presenter of 2022 Website Threat Report Webinar

Webinar – 2022 Website Threat Report Webinar

Join us on April 5th as we cover the latest findings from our 2022 Hacked Website Threat Report. We’ll shed light on some of the most common tactics and techniques we saw within compromised website environments.

Picture of presenter of Virtual Patching Webinar

Webinar – Virtual Patching Webinar

All software has bugs – but some bugs can lead to serious security vulnerabilities that can impact your website and traffic. In this webinar, we dive into the steps you can take to migrate risk from infection and virtually patch known vulnerabilities in your website’s environment.

Picture of presenter of Hacked Website Threat Report 2021

Webinar – Hacked Website Threat Report 2021

The threat landscape is constantly shifting. As attackers continue to hone their tools and exploit new vulnerabilities, our team works diligently to identify and analyze threats posed to webmasters. Join us on July 6th as we cover the latest findings from our Hacked Website Threat Report for 2021.

Picture of presenter of Logs: Understanding Them to Better Manage Your  WordPress Site

Webinar – Logs: Understanding Them to Better Manage Your WordPress Site

In this webinar we will highlight the various activity, access, and error logs WordPress site administrators have at their fingertips. Plus, learn how logs can best be used to manage, troubleshoot, and most importantly, secure your sites.

Picture of presenter of Personal Online Privacy

Webinar – Personal Online Privacy

In our latest webinar, we'll describe action items that can improve the security state of internet-connected devices we all use every day. These devices will include common household staples such as: WiFi Routers, iOS/Android devices, and personal computers.

Picture of presenter of Why Do Hackers Hack?

Webinar – Why Do Hackers Hack?

Join us as we delve into the minds of hackers to explain targeted attacks, random attack, and SEO attacks. Find out why bad actors target websites.

Picture of presenter of WAF (Firewall) and CDN Feature Benefit Guide

Webinar – WAF (Firewall) and CDN Feature Benefit Guide

A feature benefit guide for our agencies and end users. Why use our firewall? What kind of protection does it offer? How does it affect the efficiency and speed of my site? Will it affect my server's resources? Find out the answers to these questions and more in our webinar…..

Picture of presenter of Preventing Cross-Site Contamination for Beginners

Webinar – Preventing Cross-Site Contamination for Beginners

Cross-site contamination happens when one hacked site infects other sites on a shared server. This webinar is for beginners and web professionals to understand cross-site contamination and how to prevent it…..

Picture of presenter of Getting Started with Sucuri!

Webinar – Getting Started with Sucuri!

If you're considering security for your site or are new to our services, this webinar will guide you through Sucuri's simple setup processes. Potential notifications, support options for various scenarios, and ways that you can also work to keep your site malware-free will be discussed…..

Picture of presenter of How to Account for Security with Customer Projects

Webinar – How to Account for Security with Customer Projects

Learn how you or your agency can account for security with your client projects. Presented by Sucuri Co-Founder, Dre Armeda, this webinar shows how you can get involved and help clients who are not aware of some of the security risks involved with managing a website…..