via pluginvulnerabilities.com => original post link
A basic rule of security is that if you know a lot, you don’t know much. Those knowledgeable about security try to be careful about what they say, as they realize they might not know everything. A lot of WordPress security providers don’t have much knowledge and therefore don’t understand how little they know, leading to unqualified and inaccurate security advice that gets repeated widely without much pushback.
One example of that is with claims that changing the WordPress database prefix has no impact on security. Here was how a new entrant in the WordPress security space, Snicco, put that, while criticizing other security providers: [Read more]