As a security company, we deal with a lot of compromised websites. Unfortunately, in most cases, we have limited access to customer logs, which is one of the reasons why we don’t offer forensic analysis.
Sucuri offers website monitoring, protection, and clean up, but sometimes we go that extra mile and investigate how websites become compromised in the first place. This usually happens when websites become reinfected after a cleanup.
The reinfection itself can be caused by something as simple as a compromised admin user.
A bot is a software application that uses automation to run scripts on the internet. Also called crawlers or spiders, these guys take on the simple yet repetitive tasks we do. There are legitimate bots and malicious ones. A Web Application Firewall (WAF) filters the web traffic and blocks any malicious bots, letting the good ones pass.
Googlebot is Google’s web crawling bot. Google uses it to discover new and updated pages to be added to the search engine index.
We see a lot of files infected by website malware on a daily basis here at Sucuri Labs. What we don’t see is very many categories of infections. The purpose of this blog post series is to provide an overview of the most common infection categories and types of website malware.
Are you interested in how backdoors, injectors, hacktools, or spam redirectors look and operate on a website? I’ll be covering these topics (and many others) in my upcoming articles.
It isn’t easy to be secure all the time — this is especially true if you are new to cybersecurity. A well-formed security plan takes deliberate effort at the very least, and constant vigilance at most. Even the top experts have room to improve because cybersecurity is a constantly moving target.
Unfortunately, most internet users aren’t using best practices.
The top two [passwords] have been left unchanged for the fifth year in a row.
Distributed denial-of-service (DDoS) attacks can disrupt website traffic and impact any business. To help website owners and webmasters improve their website resilience to DDoS attacks, we have put together a series of posts.
Here are the topics that will be discussed:
Website optimization best practices
Caching best practices
Web Application Firewall (WAF) protection
Today, we are going to explore website setup optimization best practices.
In the first post of this series, we talked about the practices that will optimize your site and increase its resilience to DDoS attacks. In the second post, we focused on caching best practices that can reduce the chances of a DDoS attack taking down your site. Today, we are going to emphasize the importance of having a Web Application Firewall.
What is a Web Application Firewall?
A web application firewall (WAF) is a firewall that filters, monitors, and blocks HTTP/HTTPS traffic to and from a web application.
Cross-site contamination happens when a hacked site infects other sites on a shared server. Think of it as your kid in daycare catching the flu, next thing you know, everybody in the family has it as well. The same happens with websites. A site can be negatively affected by neighboring sites that are on the same server.
One of the main causes of cross-site contamination is poor isolation on the server or weak account configuration.
Have you included website security as a part of your new year’s resolutions for 2019?
Here is a quick retrospective on tips some of our team members shared with us throughout the year.
The cost for neglecting security is 10 times greater than the effort to keep it safe. Your brand value takes 10 times as long to be recovered than to build it. Make sure to follow security best practices to protect your web assets.
Christmas is a wonderful time to spend with family and friends. A lot of kids look forward to opening their presents under the Christmas tree, but not all of them have a present to open. This is why our family started a charity project in 2007 called the Shoebox Project. A few years later, my wife suggested that I create a website to help us spread the word of how people could fill a shoebox with gifts and bring it into a collection center.
The Sucuri team is excited to announce that we have been recognized as a December 2018 Gartner Peer Insights Customers’ Choice for the Sucuri Firewall. Our team takes great pride in this distinction, as customer feedback continues to shape our products and services.
In its announcement, Gartner explains,
“The Gartner Peer Insights Customers’ Choice is a recognition of vendors in this market by verified end-user professionals, taking into account both the number of reviews and the overall user ratings.”
To ensure fair evaluation, Gartner maintains rigorous criteria for recognizing vendors with a high customer satisfaction rate.