WordPress Security 'Secure' in Chrome Browser Does Not Mean 'Safe'
This was the title of an email I received this morning from the publishers of Wordfence Wordpress Security plugin.
This morning they published a public service post showing how malicious phishing sites are getting valid SSL certificates from certificate authorities. In Chrome, this means that a phishing site is labeled as 'Secure'.
They show that even if a certificate authority realizes they issued a certificate to a malicious site, when they revoke that certificate, Chrome still shows the site as 'Secure'. The fact that the certificate is revoked is buried deep in Chrome developer tools where most people won't find it.
The Wordfence team feel this is something every online user should know about and we explain how to protect yourself and your friends and family against the large number of phishing sites that are now installing free valid SSL certificates and are shown as 'Secure' by Chrome.
I am posting a "non" affiliate link to their article and would like to add that Wordfence plugin may not be able to secure your Wordpress sites completely, as a retiring Internet marketer, I cannot say enough good things about this plugin and at this late stage in my IM life, it is a plugin my remaining sites will have until they are sold and I am fully retired.
Here is the link to the full article about this latest revelation on WP security:
Secure in Chrome Browser Does Not Mean Safe
This morning they published a public service post showing how malicious phishing sites are getting valid SSL certificates from certificate authorities. In Chrome, this means that a phishing site is labeled as 'Secure'.
They show that even if a certificate authority realizes they issued a certificate to a malicious site, when they revoke that certificate, Chrome still shows the site as 'Secure'. The fact that the certificate is revoked is buried deep in Chrome developer tools where most people won't find it.
The Wordfence team feel this is something every online user should know about and we explain how to protect yourself and your friends and family against the large number of phishing sites that are now installing free valid SSL certificates and are shown as 'Secure' by Chrome.
I am posting a "non" affiliate link to their article and would like to add that Wordfence plugin may not be able to secure your Wordpress sites completely, as a retiring Internet marketer, I cannot say enough good things about this plugin and at this late stage in my IM life, it is a plugin my remaining sites will have until they are sold and I am fully retired.
Here is the link to the full article about this latest revelation on WP security:
Secure in Chrome Browser Does Not Mean Safe