Over 25% of all websites use WordPress, and over 10% of all internet traffic flows through CloudFlare; WordPress + CloudFlare has always been a winning combination, and now with CloudFlare’s new WordPress plugin, it's easier than ever to make your site 60% faster.
A Look at the New WordPress Brute Force Amplification Attack
Recently, a new brute force attack method for WordPress instances was identified by Sucuri. This latest technique allows attackers to try a large number of WordPress username and password login combinations in a single HTTP request.
Of Phishing Attacks and WordPress 0days
Proxying around 5% of the Internet’s requests gives us an interesting vantage point from which to observe malicious behavior. However, it also makes us a target.
Flexible SSL & Wordpress: Fixing “Mixed Content” Errors
As many are aware, CloudFlare launched Universal SSL several months ago. We saw lots of customers sign up and start using these new, free SSL certificates. For many customers that didn’t already have an SSL certificate, they were able to use “Flexible SSL”.
Automatic protection for common web platforms
If you are a CloudFlare Pro or above customer you enjoy the protection of the CloudFlare WAF. If you use one of the common web platforms, such as WordPress, Drupal, Plone, WHMCS, or Joomla, then it's worth checking if the relevant CloudFlare WAF ruleset is enabled.