TVCNet and HackRepair.com Instrumental in Fixing Longstanding cPanel Bug That Renders Server-Based Firewalls Useless
One of the most popular software firewall options for cPanel servers is the ConfigServer Security & Firewall (CSF). In late 2019, a number of web server administrators began noticing that previously filtered ports like SSH, MySQL and others, would inexplicably become open to all. As you can imagine, from a security standpoint randomly opening ports is a very bad thing ...
Website Security Heads Up for May!
The pandemic has dramatically impacted the status of vulnerabilities for all of the major content management systems, like Joomla, Magento, and WordPress. Hackers stuck at home with nothing to do but "code" have been wreaking havoc on the community of website management scripts, especially WordPress. Luckily plugin and theme developers have likewise been "available" and most of the exploits listed ...
What’s a Web Shell and Why Is My Website Being Repeatedly Hacked?
"What's a web shell?" Most hacked websites have one or more web shell scripts added either during or after the site has been compromised. Web shell scripts, sometimes called backdoor scripts, often include a visual interface that may be used to upload, rename, copy, move, or edit files. These scripts may likewise be used to view, edit, or download a ...
WordPress Symptom Hunting, Malware Removal Services and the “Anyone Can Register” Hack
Today's WordPress hackers are smarter. Many malware removal services focus on symptom hunting instead of providing complete website security. By symptom hunting, I'm referring to the use of automated scanners to search for and remove malicious scripting from within website files. A number of free WordPress plugins provide the same level of symptom hunting and malicious code removal as many ...
SSL Certificates and Email Phishing Campaigns
Email Phishing Campaigns Relating to SSL Certificates A number of our clients have been receiving email notices about expired "certificates" like the one above. SSL certificates tend to be one of those complicated website-related subjects. As a result, these types of phishing emails can be quite alarming and confusing for many. "Should I click the link or not click the ...
Utility or Single-use WordPress Plugins or Other Inactive Themes or Plugins – Just Delete Them Today
This past week an exploit was announced relating to the venerable Duplicator plugin. The Duplicator plugin is frequently used to make a backup of a WordPress site for either archival purposes or for migration to another hosting account. I quote from the article, "An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted request to a WordPress ...
Wordpress Security – Running Automation and Hoping for the Best Has Its Shortcomings…
Just a random observation for all you folks using security plugins to monitor your website. Website security is a lot more than running a "plugin" and hoping for the best. Most of the well-known security plugins will do fine in catching the obvious malware. But keep in mind that malware is only a symptom. The underlying cause "cannot be fixed" ...
I Don’t Think My Website Is Hacked. But Why Does My Database Keep Growing…
In the less common but interesting "website hacking" category, a client called me and reported that his website didn't appear to be hacked. But his hosting space usage had been growing at an alarming rate for the past month. From the outside, all appeared well. There were none of the usual bad entries in Google search or obvious redirects occurring ...
TVCNet and HackRepair.com Instrumental in Fixing Longstanding cPanel Bug That Renders Server-Based Firewalls Useless
One of the most popular software firewall options for cPanel servers is the ConfigServer Security & Firewall (CSF). In late 2019, a number of web server administrators began noticing that previously filtered ports like SSH, MySQL and others, would inexplicably become open to all. As you can imagine, from a security standpoint randomly opening ports is a very bad thing ...
Website Security Heads Up for May!
The pandemic has dramatically impacted the status of vulnerabilities for all of the major content management systems, like Joomla, Magento, and WordPress. Hackers stuck at home with nothing to do but "code" have been wreaking havoc on the community of website management scripts, especially WordPress. Luckily plugin and theme developers have likewise been "available" and most of the exploits listed ...
What’s a Web Shell and Why Is My Website Being Repeatedly Hacked?
"What's a web shell?" Most hacked websites have one or more web shell scripts added either during or after the site has been compromised. Web shell scripts, sometimes called backdoor scripts, often include a visual interface that may be used to upload, rename, copy, move, or edit files. These scripts may likewise be used to view, edit, or download a ...
WordPress Symptom Hunting, Malware Removal Services and the “Anyone Can Register” Hack
Today's WordPress hackers are smarter. Many malware removal services focus on symptom hunting instead of providing complete website security. By symptom hunting, I'm referring to the use of automated scanners to search for and remove malicious scripting from within website files. A number of free WordPress plugins provide the same level of symptom hunting and malicious code removal as many ...
SSL Certificates and Email Phishing Campaigns
Email Phishing Campaigns Relating to SSL Certificates A number of our clients have been receiving email notices about expired "certificates" like the one above. SSL certificates tend to be one of those complicated website-related subjects. As a result, these types of phishing emails can be quite alarming and confusing for many. "Should I click the link or not click the ...
Utility or Single-use WordPress Plugins or Other Inactive Themes or Plugins – Just Delete Them Today
This past week an exploit was announced relating to the venerable Duplicator plugin. The Duplicator plugin is frequently used to make a backup of a WordPress site for either archival purposes or for migration to another hosting account. I quote from the article, "An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted request to a WordPress ...
Wordpress Security – Running Automation and Hoping for the Best Has Its Shortcomings…
Just a random observation for all you folks using security plugins to monitor your website. Website security is a lot more than running a "plugin" and hoping for the best. Most of the well-known security plugins will do fine in catching the obvious malware. But keep in mind that malware is only a symptom. The underlying cause "cannot be fixed" ...
I Don’t Think My Website Is Hacked. But Why Does My Database Keep Growing…
In the less common but interesting "website hacking" category, a client called me and reported that his website didn't appear to be hacked. But his hosting space usage had been growing at an alarming rate for the past month. From the outside, all appeared well. There were none of the usual bad entries in Google search or obvious redirects occurring ...
