Tag

Security

Website security threats, protection strategies, and hosting security.

26 articles

Website security is a moving target. New vulnerabilities appear in CMS plugins, brute force attacks run around the clock, and phishing campaigns get more convincing every year. If you're running a business website, security isn't something you set up once and forget about.

These articles cover the threats that affect UK businesses online: what the attacks look like, how hosting-level protection works, and the steps you can take to reduce your attack surface without needing a cybersecurity degree.

Explore topics

WordPress Hosting UK Business Small Business AI Visibility SEO Web Hosting Content Strategy AI Discovery Files WordPress Digital Marketing

Security 15 May 2026

Avada Builder Just Patched a 1M-Site SQL Injection. The WooCommerce Deactivated Trap Is the Buried Lead.

Wordfence disclosed CVE-2026-4798 in Avada Builder this week, affecting over 1,050,000 WordPress installations. The headline is patch to 3.15.3. The buried lead almost nobody covered is the WooCommerce-installed-then-deactivated precondition that turns the SQL injection from a "1M sites at risk" panic into a much narrower exploit window. We have held Avada licences for years and patched our portfolio first. Here is what actually matters.

7 min read Read

WordPress 11 Apr 2026

Every WordPress Error Message Explained and How to Fix Them

The complete reference guide to every common WordPress error message. White screen of death, 500 errors, database connection, memory exhausted, redirect loops. Diagnose, fix, and stop it happening again.

18 min read Read

Hosting 24 Mar 2026

Why Your WordPress Emails End Up in Spam (Or Never Arrive)

Your contact form submissions vanish. Order confirmations never arrive. The problem isn't WordPress or your plugins. It's that PHP mail() sends email with no proof of identity, and Gmail rejects it. Here's the hosting-level fix.

8 min read Read

Security 17 Mar 2026

How to Check Your WordPress Site's Security in 30 Seconds

Your WordPress site is being probed by bots right now. Our free scanner checks eight things attackers look for, grades your site A+ to F, and tells you how to fix every issue. No plugin, no signup, 30 seconds.

10 min read Read

Security 12 Mar 2026

WordPress Ships Three Security Patches in 24 Hours as Exploits Hit the Wild

WordPress released versions 6.9.2, 6.9.3, and 6.9.4 in a single day after discovering that initial security fixes were incomplete. Four vulnerabilities, including a critical PclZip path traversal flaw, are already being exploited. If you manage your own WordPress updates, this is your wake-up call.

6 min read Read

News 8 Mar 2026

House of Lords Says AI Is Strip-Mining UK Websites. Here's What to Do About It

A 180-page Lords report warns that AI companies are scraping UK website content without permission, payment, or disclosure. The committee wants licensing, not opt-out. Here's what it means for the 5.5 million UK businesses publishing content online, and five steps you can take before the law catches up.

7 min read Read

Security 4 Mar 2026

Cloudflare's 2026 Threat Report: Bots Make 94% of Login Attempts as DDoS Attacks Double

Cloudflare's 2026 State of Application Security report reveals that 94% of all login attempts are bots, 46% of human logins use compromised credentials, and DDoS attacks doubled to 47.1 million in 2025. Here's what UK businesses need to do right now.

7 min read Read

Security 2 Mar 2026

SSL Certificate Validity Is Now 200 Days: What UK Businesses Need to Know

SSL/TLS certificates have been capped at 200 days since 15 March 2026. DigiCert moved first with a 199-day limit. The browser ecosystem transitioned without a major incident. Here's what actually happened, and what UK businesses still managing their own certificates should do before the 100-day cap lands in 2027.

8 min read Read

Security 28 Feb 2026

The 7-Step WordPress Security & GDPR Checklist for UK Small Businesses

43% of UK businesses reported a cyber breach last year. If your WordPress site has a contact form, analytics, or customer logins, security and GDPR overlap. This seven-step checklist covers SSL, two-factor authentication, safe updates, daily backups, user permissions, GDPR compliance, and security monitoring.

8 min read Read

Hosting 28 Feb 2026

Managed WordPress vs Cheap Hosting: The Hidden Costs UK Businesses Pay

Budget hosting at £2-3/month looks like a bargain until you count the hidden costs. Slow pages lose sales, security gaps mean cleanup bills and GDPR fines, downtime costs UK SMEs a median of £7,500/year, and DIY server management eats hours every month.

7 min read Read

News 25 Feb 2026

The Pentagon Just Threatened Your AI Provider. Here's What Every Business Should Do Next

Defense Secretary Hegseth gave Anthropic until Friday to drop Claude's safety guardrails or face the Defense Production Act. Eight of the ten largest US companies use Claude. Here's why this is a business continuity problem, not just a Washington power struggle.

9 min read Read

Domains 24 Feb 2026

How to Set Up DNS Records for Your Domain

DNS records control where your website loads and where your email goes. Get one wrong and visitors see an error page, or emails vanish. This guide walks through every record type, from A records and CNAMEs to SPF, DKIM, and DMARC, with instructions that work at any registrar.

11 min read Read

Hosting 24 Feb 2026

Cloudflare's Outage Shows Why One Script Can Still Break the Internet

A cleanup script with an empty API filter deleted 1,100 BYOIP prefixes from Cloudflare's global routing table on 20 February. It's the third time in four weeks that a major cloud provider has had automation destroy production infrastructure.

9 min read Read

SEO 23 Feb 2026

Free WHOIS Lookup: Check Domain Registration, Expiry and Ownership

Over 150,000 domains expire every day. Our free WHOIS Lookup tool queries RDAP servers to show registration dates, expiry, nameservers, EPP status codes, registrar info, and DNSSEC for any domain. No sign-up needed.

7 min read Read

Security 23 Feb 2026

Why No Padlock? How to Find and Fix Mixed Content on Your Website

One HTTP image on an HTTPS page is all it takes to kill your padlock icon and trigger browser warnings. Our free mixed content scanner checks your pages in seconds, grades your SSL setup A to F, and shows you exactly which resources need fixing.

8 min read Read

Hosting 23 Feb 2026

Free DNS Lookup Tool: Check Domain Health and Email Authentication in Seconds

Your emails might not be arriving, and your domain's DNS could be the reason. Our free DNS Lookup tool checks every record type, grades your SPF, DKIM, DMARC, MX and DNSSEC setup, and flags problems in under 10 seconds. No sign-up required.

7 min read Read

Security 23 Feb 2026

HTTP Header Inspector: Check Your Site's Security Headers for Free

Your SSL padlock doesn't protect against clickjacking, XSS, or downgrade attacks. Security headers do. Our free HTTP Header Inspector grades your headers A to F, traces redirect chains, and flags server version leaks. Here's what to check and how to fix it.

8 min read Read

Hosting 23 Feb 2026

8 Free SEO Tools We Built for Webmasters and Web Designers

We built eight free SEO tools and gave them away. HTTP header grading, DNS health checks, HTTPS inspection, meta tag analysis, robots.txt testing, WHOIS lookups, WordPress security scanning, and sitemap-to-CSV export. No sign-up, no limits, no catch.

7 min read Read

Hosting 22 Feb 2026

Amazon's AI Coding Tool Deleted a Live Server and Took AWS Down for 13 Hours

Amazon's AI coding assistant Kiro deleted a critical production server during a routine permissions change, triggering a 13-hour outage across AWS. The incident raises hard questions for every business running AI tools on live infrastructure.

8 min read Read

Security 7 Jan 2026

AI Crawlers Violate robots.txt on 72% of UK Sites, Cloudflare Data Shows

Cloudflare's new robots.txt compliance tracker reveals which AI crawlers respect your rules and which ignore them. Testing across 47 UK business sites: 72% had violations. Sites with AI discovery files saw 43% fewer.

8 min read Read

News 16 Dec 2025

Grok's Bondi Errors Show AI Risks for UK WordPress Sites

Grok AI spread false information about the Bondi Beach terrorist attack, inventing a fictional hero and misidentifying victims. Here's why UK WordPress site owners using AI for content need to pay attention to the Online Safety Act and implement proper verification workflows.

10 min read Read

Security 12 Dec 2025

170 WordPress Vulnerabilities in One Week, 91 With No Patch

SolidWP disclosed 170 WordPress vulnerabilities on 10 December 2025. Four were critical RCE and file upload flaws affecting 2.3 million sites. Ninety-one had no patch. Here's what to update, what to deactivate, and how to build long-term resilience.

8 min read Read

Security 10 Dec 2025

131,000 Attacks Target WordPress Sites via Sneeit RCE Flaw

A critical remote code execution flaw in the Sneeit Framework WordPress plugin (CVE-2025-6389, CVSS 9.8) has triggered 131,000+ attack attempts. Attackers are creating admin accounts and uploading backdoors. Here's how to check if you're compromised and what to do right now.

8 min read Read

Security 5 Dec 2025

4 Critical WordPress Plugin Vulnerabilities Under Active Attack (December 2025)

Four WordPress plugins with critical CVSS 9.0+ vulnerabilities were under active exploitation in December 2025. All required zero authentication to exploit. Here's what to check and how to protect your site.

8 min read Read

Security 4 Dec 2025

King Addons Hack Lets Anyone Become WordPress Admin

A critical vulnerability in King Addons for Elementor (CVE-2025-8489) lets anyone create an admin account on your WordPress site. Over 48,400 exploit attempts logged since October. Here's how to check if you're compromised and lock it down.

9 min read Read

Hosting 26 Jun 2025

Running LLMs on RunPod with Open WebUI on Windows

How to self-host large language models on RunPod GPU cloud with Open WebUI as the frontend, all controlled from Windows. Setup, model strategy, cost management, and security for private AI infrastructure.

9 min read Read

Back to all articles