MainWP Blog - WordPress Security
Behind the Scenes: Shaping the Future of MainWP
Research and Development at MainWP Over the past week, the MainWP team concentrated on research, planning, and technical evaluation to support the platform’s continued evolution. This phase of development includes assessing community feedback, refining ideas, exploring implementation approaches, and determining where future efforts will deliver the greatest benefit. Although there are no major feature announcements this week, this work is an important part of ensuring that future updates are well designed, thoroughly tested, and focused on the needs of the Continue reading the post...
The Lowdown on a Comprehensive Federal Privacy Law in the United States
With the recent release of US H8413 (Securing and Establishing Consumer Uniform Rights and Enforcement Over Data Act), it seems that the hopes of a comprehensive federal privacy law in the United States have been somewhat rekindled. However, those of us who have seen many of these bills fail or simply be forgotten about are not overly optimistic. With many countries having comprehensive laws protecting privacy, unfortunately, it does not seem like the US will have one anytime soon. In Continue reading the post...
WordPress Supply Chain Attack: What Happened and How to Check Your Sites
A serious security incident has been circulating through the WordPress community this week, and for anyone managing multiple WordPress sites, it is worth paying close attention. An attacker bought roughly 30 WordPress plugins through legitimate marketplace purchases, then used the WordPress.org commit access to quietly insert malicious code. What makes this especially troubling is not only the scale of the attack, but how long it was able to sit unnoticed. In at least one confirmed case, the malicious code remained Continue reading the post...
How to Review Your Small Business Website for Privacy Mistakes
Published on April 1, 2026 by Donata Stroink-Skillrud under Privacy, Tips & Tricks, WordPress Business, WordPress Security
Privacy requirements can be overwhelming, especially for small businesses. Sometimes, it’s hard to know where to even start evaluating whether your small business website is compliant with the requirements that privacy laws can impose. However, evaluating your website for privacy pitfalls is important as privacy laws can and do apply to small businesses and non-compliance fines can be high (starting at $2,500 per website visitor). In this article, we will discuss how to check your website for the most common Continue reading the post...
Manage Your Patchstack Through MainWP
Published on March 23, 2026 by Marc Benzakein under About, Interviews, MainWP Add-ons, MainWP News, Tips & Tricks, WordPress Business, WordPress Security
This month, not only are we celebrating 12 years of MainWP, but we’re also celebrating yet another partnership. This time, it’s Patchstack. You may already be familiar with Patchstack, but if not, they focus on vulnerability mitigation for WordPress websites. They are the largest WordPress vulnerability discloser and work with over 1,100 plugins as security partners. What that means in practical terms is simple. Patchstack helps protect your sites by mitigating vulnerabilities before they’re actively exploited. The Webinar Last week, Continue reading the post...
Do Privacy Laws Apply to Small Businesses?
Published on March 18, 2026 by Donata Stroink-Skillrud under Privacy, WordPress Business, WordPress Security
If I had a dollar for every time I heard someone say “my business is too small for privacy laws to apply to me”, I’d be rich. In fact, many small businesses assume that privacy laws do not apply to them because their business is too small, they collect too little personal information, they don’t have many (or any) employees, they make too little revenue, or because people input their personal information into website forms voluntarily. However, all of these Continue reading the post...
California’s New Cybersecurity Audit Requirements: What You Need to Know
Published on December 16, 2025 by Donata Stroink-Skillrud under Privacy, Tips & Tricks, WordPress Business, WordPress Security
As many of you know, California leads the nation when it comes to data protection, whether it be the California Online Privacy and Protection Act (CalOPPA), the California Invasion of Privacy Act (CIPA), or the California Privacy Rights Act (CPRA), the State has always been at the forefront of providing privacy protections to consumers. The California Privacy Protection Agency (CPPA) recently enhanced protections for individuals and requirements for businesses by releasing Regulations requiring certain companies to undertake cybersecurity audits. In Continue reading the post...
Vendor Due Diligence: An Important Aspect of Privacy Law Compliance
Published on November 24, 2025 by Donata Stroink-Skillrud under Privacy, Tips & Tricks, WordPress Business, WordPress Security
You have your privacy obligations down pat – you know which privacy laws apply to you, your Privacy Policy is up to date with the latest laws, you don’t track website visitors without consent, and you have a process for replying to privacy rights requests. But have you ensured that your vendors are in compliance too? When you share your customer data with a vendor, you are also responsible for making sure that the vendor processes that data in accordance Continue reading the post...
Secure Your WordPress Site by Limiting Simultaneous User Sessions
Maintaining strong security and user management in WordPress is vital for site administrators, especially when managing multiple users. One common security concern is users having multiple active sessions simultaneously across different devices or browsers. Limiting these sessions enhances security and helps you manage user behavior and access more effectively. Two useful plugins for managing and restricting active sessions in WordPress are Loggedin and Sessions. Here’s how to use them to gain control over user sessions on your WordPress site. Why Continue reading the post...
Tips for Employee Information Security Training
Published on March 21, 2025 by Donata Stroink-Skillrud under Privacy, WordPress Business, WordPress Security
We all make mistakes. Maybe we hold the door for a stranger to be polite, allowing them to enter our building, ignore a warning to update our browsers because we have a busy day ahead of us, or allow a coworker to log into our email to resolve a customer issue. While these actions may seem innocuous, they can lead to extremely costly security incidents and data breaches. In fact, recent studies have found that 88% of cybersecurity breaches were Continue reading the post...
Share
Manage Unlimited WordPress Sites from One Dashboard!
- Privacy-first, Open Source, Self-hosted
- Easy Client Management
- 15+ & 30 + Premium Add-ons
- Bulk Plugins & Themes Management










