July 9 2019

Keep WordPress safe by updating it or inquiring about security issues.

How to make WordPress secure? Some advices.

Keeping WordPress safe from hacker attacks, bots and worms is something extremely easy if you follow simple good practices, such as using strong passwords and always updating the WordPress core and its themes and plugins.

Unfortunately, however, when dealing with complex installations, it is not always possible to rely on a simple click on all the plugins and themes to be updated, under penalty of malfunctioning of the site which can return very conspicuous errors at PHP level or more bland and silent. plugin errors that may continue to run without generating blatant 500 errors at the PHP level, but which may produce malfunctions in terms of functionality and business logic.

It is not always easy to update.

For example, imagine a complex installation with WordPress, WooCommerce and a few dozen plugins that deal with extending the functionality of WooCommerce, for calculating the cost of shipments, for calculating the weight of the packages, for product customization.

We have had many cases in which a developer updating these components would generate an insurmountable and difficult to solve error, which is why in fact it was not possible to proceed with a quick update even for the simple reason that the site was in a particularly profitable seasonal period and the summer sales certainly could not be interrupted.

However, although it is possible to accept to continue to run the site with plugins that are not updated but certainly functional, it is not acceptable to be violated the site and still suffer damage deriving from the offline site, from the damage of image that would undermine the trust of customers who they would come across a visibly hacked site, or worse still, steal the entire customer database to resell it on the black market.

Learn about vulnerabilities inherent in the WordPress world.

A good compromise (obviously waiting for all plugins and themes to be updated to the latest version) is to inform yourself and stay up to date in terms of new vulnerabilities both at Core level, themes and plugins.

It is no coincidence that there are excellent sites to be able to constantly monitor the security situation of your WordPress site.


Directly sponsored by SUCURI, a company among the leaders in terms of security, wpvulndb is in its essence the abbreviation of WPScan Vulnerability Database.

WPScan is a free for non-commercial use WordPress black box vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. WPScan is written in Ruby, the first version of WPScan was released on June 16th 2011. Today WPScan is managed by the WPScan Team and other contributors.

WPScan Vulnerability Database
The WPScan vulnerability database is a WordPress Core, Plugin and Theme vulnerability database. This database has been compiled by the WPScan Team and various other contributors since the WPScan publication.

You can visit the site here: https://wpvulndb.com/


Do you have doubts? Don't know where to start? Contact us!

We have all the answers to your questions to help you make the right choice.

Chat with us

Chat directly with our presales support.


Contact us by phone during office hours 9:30 - 19:30

Contact us online

Open a request directly in the contact area.


Managed Server Srl is a leading Italian player in providing advanced GNU/Linux system solutions oriented towards high performance. With a low-cost and predictable subscription model, we ensure that our customers have access to advanced technologies in hosting, dedicated servers and cloud services. In addition to this, we offer systems consultancy on Linux systems and specialized maintenance in DBMS, IT Security, Cloud and much more. We stand out for our expertise in hosting leading Open Source CMS such as WordPress, WooCommerce, Drupal, Prestashop, Joomla, OpenCart and Magento, supported by a high-level support and consultancy service suitable for Public Administration, SMEs and any size.

Red Hat, Inc. owns the rights to Red Hat®, RHEL®, RedHat Linux®, and CentOS®; AlmaLinux™ is a trademark of AlmaLinux OS Foundation; Rocky Linux® is a registered trademark of the Rocky Linux Foundation; SUSE® is a registered trademark of SUSE LLC; Canonical Ltd. owns the rights to Ubuntu®; Software in the Public Interest, Inc. holds the rights to Debian®; Linus Torvalds holds the rights to Linux®; FreeBSD® is a registered trademark of The FreeBSD Foundation; NetBSD® is a registered trademark of The NetBSD Foundation; OpenBSD® is a registered trademark of Theo de Raadt. Oracle Corporation owns the rights to Oracle®, MySQL®, and MyRocks®; Percona® is a registered trademark of Percona LLC; MariaDB® is a registered trademark of MariaDB Corporation Ab; REDIS® is a registered trademark of Redis Labs Ltd. F5 Networks, Inc. owns the rights to NGINX® and NGINX Plus®; Varnish® is a registered trademark of Varnish Software AB. Adobe Inc. holds the rights to Magento®; PrestaShop® is a registered trademark of PrestaShop SA; OpenCart® is a registered trademark of OpenCart Limited. Automattic Inc. owns the rights to WordPress®, WooCommerce®, and JetPack®; Open Source Matters, Inc. owns the rights to Joomla®; Dries Buytaert holds the rights to Drupal®. Amazon Web Services, Inc. holds the rights to AWS®; Google LLC holds the rights to Google Cloud™ and Chrome™; Microsoft Corporation holds the rights to Microsoft®, Azure®, and Internet Explorer®; Mozilla Foundation owns the rights to Firefox®. Apache® is a registered trademark of The Apache Software Foundation; PHP® is a registered trademark of the PHP Group. CloudFlare® is a registered trademark of Cloudflare, Inc.; NETSCOUT® is a registered trademark of NETSCOUT Systems Inc.; ElasticSearch®, LogStash®, and Kibana® are registered trademarks of Elastic NV Hetzner Online GmbH owns the rights to Hetzner®; OVHcloud is a registered trademark of OVH Groupe SAS; cPanel®, LLC owns the rights to cPanel®; Plesk® is a registered trademark of Plesk International GmbH; Facebook, Inc. owns the rights to Facebook®. This site is not affiliated, sponsored or otherwise associated with any of the entities mentioned above and does not represent any of these entities in any way. All rights to the brands and product names mentioned are the property of their respective copyright holders. Any other trademarks mentioned belong to their registrants. MANAGED SERVER® is a trademark registered at European level by MANAGED SERVER SRL, Via Enzo Ferrari, 9, 62012 Civitanova Marche (MC), Italy.


Would you like to see how your WooCommerce runs on our systems without having to migrate anything? 

Enter the address of your WooCommerce site and you will get a navigable demonstration, without having to do absolutely anything and completely free.

No thanks, my customers prefer the slow site.
Back to top