Category: Security
Cyber-attacks, backups, data protection: follow my expert advice to strengthen the security of your websites and online services.
ACF: CVE-2025-54940: why 6.4.3 is still a must-have update (even if the CVSS score is moderate)
An HTM injection flaw affects Advanced Custom Fields up to version 6.4.2. Moderate risk, but must be corrected quickly to avoid degradations, phishing or XSS.
💥 GiveWP data leak: over 100,000 WordPress sites affected
A vulnerability in the plugin GiveWP exposes donor names and emails on thousands of WordPress sites. No login required. Find out what happened, why it's controversial... and most importantly, how to protect yourself.
The best free, open-source password manager in 2025 (KeePass)
Secure your passwords with an open-source, self-hosted solution Managing passwords is a real headache! We all know that the security of our personal data depends on our passwords, but honestly, who hasn't made a mistake when managing them? Let's take a look at how to avoid the pitfalls.
A critical flaw in ASUS routers: thousands of devices compromised in a stealth campaign
Since March 2025, a very discreet hacking campaign has been targeting ASUS routers exposed on the Internet. Cybersecurity company GreyNoise recently revealed that thousands of these devices had been infected without leaving any visible traces. The level of sophistication of the attacks suggests a highly experienced group, possibly even state-sponsored. The goal appears to be
World Data Backup Day 2025 - Web data and collaborative clouds
How much would it cost you to lose your business or personal data? You don't want to know. And yet, it's a very real risk—one that affects individuals and professionals every day, often due to negligence, forgetfulness, or a false sense of security. On World Backup Day,
Let's Encrypt stops SSL/TLS certificate expiration notifications: Why this is good news
Starting June 4, 2025, Let’s Encrypt will no longer send you emails to notify you of the expiration of your SSL/TLS certificates. This change, which may seem surprising, is actually excellent news for system administrators, web hosts, and website owners. In this article, we will explore why this decision was made.
Performance and Security: LRob's strategy for optimal WordPress hosting
High-performance, secure WordPress hosting, without compromise At LRob, our mission is clear: to offer fast, secure WordPress hosting, minimizing the impact of attacks while optimizing server performance. Unlike standard solutions that merely respond to threats, we go further by actively preventing server loads.
Record attack: 2.8 million IPs compromised: What impact for WordPress hosts?
A new threat of unprecedented scale is shaking up the web: 2.8 million compromised network devices are currently being exploited to flood the Internet with malicious requests. At LRob, as a web host, we have seen a dramatic increase in attacks in recent days. We will explain how we are effectively blocking them. These attacks are not only
Symfony: 8 new security vulnerabilities discovered - Analysis and recommendations
After a year without incident, Symfony revealed eight vulnerabilities at once on its blog on November 6, 2024. They affect different versions of the Symfony framework. Here is a summary of these critical flaws, their potential impacts, and the solutions implemented by Symfony. This will help you understand the implications of these vulnerabilities for security.
LRob now contributes to malicious IP reporting with AbuseIPDB
For a long time, I had been looking for a way to effectively exploit the hacking data blocked by my servers. And as a WordPress specialist host, believe me when I say that I thwart hundreds, even thousands, of hacking attempts every day (and I regularly repair hacked WordPress sites that come from other hosts). Intrusion attempts are constant,
Blacklists (RBL): SPFBL.net's outrageous practices
Not all blacklists are created equal. And SPFBL is an example not to be followed. Don't use this blacklist and don't give in to its pressures.
Critical security flaw in CUPS on GNU/Linux September-October 2024: What you need to know
A critical quadruple security flaw has just been discovered in CUPS for all GNU/Linux systems. This article will be updated with new information to provide you with a simple and effective summary of what you need to know and the measures you need to take. Update 09/29/2024: These flaws only affect CUPS, so very
Apache web server vulnerability affects millions of servers
The Apache HTTP server is one of the most widely used web servers in the world. However, like all software, it is not immune to vulnerabilities. And beware, because this is a double flaw. On July 4, a critical security flaw was discovered affecting version 2.4.60 of Apache. This flaw is noted as CVE-2024-39884.