BuddyBoss Home – Web Support Forums Solutions Social Learner How to reduce risk of cross site scripting?

Viewing 5 posts - 1 through 5 (of 5 total)
  • Question




    No day without new experiences: today my site was down for an hour because of the badly maintained wordpress installation of another client on my host’s server. Nice!

    The host pointed me to the current wordpress security update and reading about cross site scripting I realized that I have no idea how secure my site really is.

    As I plan to encourage clients to discuss startup and business projects on my site, could you please explain:

    1. What measures have you undertaken from your site to prevent cross site scripting?

    2. What can we do?

    Thanks a lot.




    Hi @nmschaller , most of theme developers uses fonts and static css from global cdn resources and it is a regular practice to improve site speed and performance.
    You should have to keep you all plugin, wordpress core version and theme version updated.

    You can also use security plugin like

    Varun Dubey


    a complete tutorial of how to harden your WordPress installation is made by our team here: http://codex.wordpress.org/Hardening_WordPress



    Thank you @jeanpierre,

    I have been referred to this guide several times now. Looks like I really have to read it. Question remains, if it will make me qualified and knowledgable to administer the security of my site.

    When reading about the many issues, I rather feel that this is way above my competencies.


    sometimes it’s better to refer to a specialist, even if we think we’re good… we may mess up something very important without noticing it.

    about cross site scripting, read this: https://wordpress.org/news/2015/04/wordpress-4-2-1/

    .. and if you think the host is letting people use bad versions of unfixed softwares, simply move to a different host, there are plenty

Viewing 5 posts - 1 through 5 (of 5 total)
  • The question ‘How to reduce risk of cross site scripting?’ is closed to new replies.