I appreciate your support! Security is always evolving with new threats and attacks, but there are some common things everyone can do to protect themselves.

Thanks so much, Dustin!

Thanks for watching!

Thanks 👍

I would recommend judicious clicking on any links, whether in comment sections or elsewhere. Please review the domain name of the site you're going to, and pay attention to what is being teased as a part of the link. Is it using a link shortener that hides the link destination? Even if it's going to a real site, that site could be undergoing a security event. So, even if it is a site you trust, a recent hack could mean it's serving up malware. Ad networks also have had a history of malicious ads in their networks that could cause problems on sites. Here's a recent article about Facebook ads pushing malware: www.bleepingcomputer.com/news/security/facebook-ads-push-new-ov3r-stealer-password-stealing-malware/ Antivirus programs will alert you to malicious activity, so please make sure your virus definitions are updated for additional protection. Thanks for your question!

There are certain functionalities you should be using in a security plugin such as 2-factor authentication. So I'd still use a security plugin for that. If your host isn't providing file integrity monitoring and vulnerability alerts, I'd also make sure you are using a plugin that does that for you, too. Solid Security does do both.

@@KathyZant HUGE thanks, Kathy!!!!🙏🙏🙏 You are just the God-sent saviour on to my way of an ongoing battle for my website, which I am pulling out of the ruins. All the best wishes your way!❤‍🩹💛💙

@@kolovrat_scarves You're welcome, and good luck with the website revival! Let me know if you have more questions.

@@kolovrat_scarves send me an email at kathy -at- zant -dot- com and I can send you a security checklist to help you start off on the right foot!

CAPTCHA isn't a failsafe and tuning it can be a pain. It might lessen attacks from bots, but it won't stop it altogether. They also can negatively impact the user experience (username, password, and CAPTCHA). If it's just your blog? Sure. Cloudflare's Turnstile is another alternative to CAPTCHA. For a site that requires users to login (commerce, LMS, etc.), that friction can be problematic. You want to make it super easy for users to register, login, and use the site. Best is something in front of the web server (Cloud WAF) that limits known malicious IP addresses from reaching the site.

@@KathyZant Thanks