Ask Sucuri

How to Choose a Website Security Provider

As more people are creating websites and becoming aware of website security, companies are popping up everywhere to help with the problem. And just like website security plugins, not all website security services are created equal. Here at Sucuri, we believe that you should do your research so you know the options available and what you

[ Read More ]

PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks

Welcome to the seventh post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how PCI DSS affects anyone going through the compliance process using the PCI SAQ’s (Self Assessment Questionnaires). In the previous articles written about PCI, we covered the following: Requirement 1: Build and Maintain

[ Read More ]

How to Add SSL & Move WordPress from HTTP to HTTPS

Moving a WordPress website from HTTP to HTTPS should be a priority for any webmaster. Recent statistics show that over 33% of website administrators across the web use WordPress and many of these websites have still not added an SSL certificate. Why is Important to Have a WordPress SSL Certificate? SSL has become increasingly important

[ Read More ]

Add Security to Your Website Agency Portfolio

As a website industry professional, you are aware of the importance of website security. This is especially true when managing 10 or more sites. How can you convey this message to your customers? Offering Website Security to Clients Website security should be part of any web professional’s portfolio. How can you get started talking with

[ Read More ]

Googlebot or a DDoS Attack?

A bot is a software application that uses automation to run scripts on the internet. Also called crawlers or spiders, these guys take on the simple yet repetitive tasks we do. There are legitimate bots and malicious ones. A Web Application Firewall (WAF) filters the web traffic and blocks any malicious bots, letting the good

[ Read More ]

Safer Internet Day: Security vs. Convenience

It isn’t easy to be secure all the time — this is especially true if you are new to cybersecurity. A well-formed security plan takes deliberate effort at the very least, and constant vigilance at most. Even the top experts have room to improve because cybersecurity is a constantly moving target. Unfortunately, most internet users

[ Read More ]

Optimize Setup to Improve Your Website Resilience for DDoS Attacks

Distributed denial-of-service (DDoS) attacks can disrupt website traffic and impact any business. To help website owners and webmasters improve their website resilience to DDoS attacks, we have put together a series of posts. Here are the topics that will be discussed: Website optimization best practices Caching best practices Web Application Firewall (WAF) protection Setup Optimization

[ Read More ]

Improvements to SiteCheck Website Scanner

SiteCheck is Sucuri’s free website malware and security scanner offered to anyone who wants to scan their websites for malware and blacklist status. Last year, we improved SiteCheck’s speed and reliability. Today, we are excited to share the latest upgrades that makes SiteCheck even better. SiteCheck Upgrades As one of our first free tools created, SiteCheck has

[ Read More ]

OWASP Top 10 Security Risks – Part V

To bring awareness to what threatens the integrity of websites, we are continuing a series of posts on the OWASP top 10 security risks. The OWASP Top 10 list consists of the 10 most seen application vulnerabilities: Injection Broken Authentication Sensitive data exposure XML External Entities (XXE) Broken Access control Security misconfigurations Cross Site Scripting

[ Read More ]