Attackers are always on the hunt for vulnerable websites. Whether you have a WordPress, Magento, or Joomla website — you’ll want to take steps to keep your site and server secure. In today’s post, we’ll be outlining the top twelve steps you can take to harden your website and enhance the security of your environment.
There’s no one specific topic or target or audience when it comes to website security. But when you clean enough hacked websites, you start to see trends and techniques emerge in the landscape. In my last presentation at WordCamp Europe, I dove into the latest findings from our threat report to highlight the major themes
A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and execute whatever commands they want. Another common scenario includes malware which is directly injected into a website’s files and used to redirect traffic, steal credit cards and other sensitive information,
When it comes to content management systems (CMS) for websites, Drupal is a highly flexible and extendible open-source solution. It is often preferred by technical developers and large government and educational websites. Because of this, the Drupal community is strongly committed to keeping the software secure. But no software can be completely immune from vulnerabilities
The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities to massively exploit, our team works diligently around the clock to identify, analyze, and protect website owners from compromise. Education is key to protecting yourself
We are all familiar with the conventional domain name notation, where different levels are concatenated with the full stop character (period). E.g. “www.example.com”, where “www” is a subdomain, “example” is a second level domain, and “com” is a top level domain. However, very few know that there is also a DNS root domain and it
We are proud to be releasing our latest Hacked Website Trend Report for 2017. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which includes the Incident Response Team (IRT) and the Malware Research Team (MRT). The data presented stems from the analysis of 34,371 infected websites summarizing the
Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research website vulnerabilities and who are eager to share with you some tips on how to clean your hacked website. We are happy to help the community learn the steps they
Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised sites without the consent of the website owners. We reviewed two types of infections that affected WordPress and Magento sites, and have been monitoring the malicious use of the CoinHive
Drupal is an open-source content management system and website builder with a unique structure that allows it to be highly flexible and extendible. For these reasons and more, it’s favored by technical developers and many large websites, including .gov and .edu domains. With its popularity among enterprise and mid-market users, there is a strong focus
