CVE-2023-44487 – Rapid Reset HTTP/2 attack

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 was published on 10 October 2023. It outlines a vulnerability in the HTTP/2 protocol, which allows DDoS attacks on a massive scale. LiteSpeed Technologies made a … Read more

Disable Directory Browsing

Directory browsing one of the most common security flaws in a WordPress site. By default, the webserver enables directory browsing. This means that all files and folders inside the root directory of the webserver are accessible by a visitor.