WordPress Malware Disables Security Plugins to Avoid Detection

  • Resolved mava0

    (@mava0)


    5 years, 8 months ago

    I read about GP that it has a focus on security along side it’s coding standards, so that’s why I’m asking about this.

    One of the big WP security plugins had a blog post with the title of this topic, dated the 10th of September, and it seems like a very dangerous thing to happen.

    The question is about GP’s ability to stop attacks like this, and more generally I would like to know what the scope of GP’s security focus is, in how far is it able to plug security holes in WP itself?

    https://blog.sucuri.net/2020/09/wordpress-malware-disables-security-to-avoid-detection.html

Viewing 3 replies - 1 through 3 (of 3 total)
  • David

    (@diggeddy)

    5 years, 8 months ago

    Hi there,

    GP doesn’t add any security systems to stop would be attackers.
    That is the responsibility of server side security and security plugins.

    GP complies to WordPress Coding standards, all of its code is checked for standards and security. These checks are completed internally, by the WordPress review teams and 3rd party security advisers.

    We closely monitor future updates to WordPress. If a new vulnerability is identified in WP that was exposed through the theme then we would patch this immediately. This to my knowledge has never been required in the 6 years that GeneratePress has been available in the WordPress repository.

    Thread Starter mava0

    (@mava0)

    5 years, 8 months ago

    Ok, thank you for your reply.

    David

    (@diggeddy)

    5 years, 8 months ago

    You’re welcome

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘WordPress Malware Disables Security Plugins to Avoid Detection’ is closed to new replies.