WordPress today has issued a security release to WordPress core, which fixes a few known vulnerabilities. You can read more about this in the release notes.
Because you are a WP Engine customer, you do not have to take action at this time. Our team is working to issue patches across the WP Engine platform to upgrade affected installs to their next stable version. We’ve got your back. As always, thank you for trusting WP Engine to host your WordPress sites. Automated security updates like these are part of our promise to deliver a secure WordPress experience while ensuring the security of our customers.
Awesome! 😉
“We’ve got your back.” – Sounds good, I’m a new customer at WPEngine so forgive me if I’m wrong but I’m pretty sure there’s nothing else I have to do to secure my site? Is that right? Do I need to have any firewall plugins or any other security thing I should be doing apart from having a really strong password?
There are some things you have to be aware *not* to do, like installing plugins that haven’t been updated in a long time. This article provides some additional things you can do to harden the security of your WordPress site, including what WP Engine addresses: https://wpengine.com/blog/15-ways-harden-wordpress-security/