At Sucuri, we believe in making the internet safe for everyone. One way we show this is through our free WordPress security plugin. The Sucuri WordPress plugin is available for download in the WordPress repository. It comes with a range Continue reading Sucuri WordPress Plugin Updates for 2024
As we have noted in the past, the GoDaddy owned security provider Sucuri keeps writing blog posts about what has happened to their customers’ websites after they have been hacked. They seem uninterested in how those websites were hacked, despite Continue reading Bleeping Computer’s Bill Toulas Falsely Blames WordPress Plugin When Sucuri Fails to Protect Their Customers
What is a Content Security Policy (CSP)? A Content Security Policy (CSP) is a security feature used to help protect websites and web apps from clickjacking, cross-site scripting (XSS), and other malicious code injection attacks. At the most basic level, Continue reading How to Set Up a Content Security Policy (CSP) in 3 Steps
Yesterday, we wrote about how Automattic’s Jetpack has been telling people an authenticated SQL injection vulnerability had been fixed in a WordPress plugin, while the vulnerability still exists. In their post, they recommended that people update the plugin despite that Continue reading These Jetpack Security Features Won’t Protect Against the Unfixed SQL Injection Vulnerability They Disclosed
Nowadays, the term DDoS raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they might be familiar with the effects of getting DDoSed: an extremely sluggish, shut down, or dysfunctional website. In Continue reading How to Know If You’re Under DDoS Attack
The Sucuri Firewall functions as a reverse proxy. A simple change to your DNS settings is all it takes to thoroughly filter incoming traffic to sniff and parse out bad requests from the good ones. However, these DNS changes can Continue reading Help! My Email Server Got B0rked & I Have Problems After Malware Infection!
The headline of the most recent post on the blog of GoDaddy’s security service, Sucuri, blares “Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network”, which was written by Denis Sinegubko. How massive? Not massive at Continue reading GoDaddy/Sucuri’s FUD About New “Massive Campaign” Claimed to Involve Hacked WordPress Websites
Last year GoDaddy disclosed a massive security breach of their managed WordPress hosting service, which according to them, impacted 1.2 million of their current and previous customers. They also claimed that customers’ passwords were compromised: •The original WordPress Admin password Continue reading Sucuri Doesn’t Seem Concerned Their Customers’ Websites Keep Getting Hacked
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote scanners may not provide as comprehensive of a scan as server-side scanners, they allow users to instantly identify malicious Continue reading SiteCheck Malware Trends Report – Q2 2022
The threat landscape is constantly shifting. As attackers continue to hone their tools and exploit new vulnerabilities, our team works diligently to identify and analyze threats posed to webmasters. So – what do you need to do to stay one Continue reading 2021 Threat Report Webinar
Are you worried about hackers attacking your website? Cross-site scripting, also called XSS, is one of the most common attacks on WordPress sites. Hackers find vulnerabilities on your site and use them to steal information and misuse your website. What’s Continue reading How to Fix and Prevent XSS Attacks in WordPress
Nowadays, the term DDoS probably raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they do know the effect: an extremely sluggish or shut-down website. In this article, we’ll focus on how Continue reading What Happens During a DDoS Attack and How to Know if You Are Under an Attack
DDoS attacks are a growing threat for websites. But do you know how to mitigate them in their tracks? We’ll cover some essential fundamentals on stopping a DDoS attack and preventing them from happening in the future. Specifically, as a Continue reading How to Stop a DDoS Attack & Prevent Future DDoS Attacks
Our 2021 Website Threat Research Report details our findings and analysis of emerging and ongoing trends and threats in the website security landscape. We’ve put together this analysis to help keep website owners informed and aware of the dangers posed Continue reading Hacked Website Threat Report 2021
Sucuri has always been a dedicated supporter of the WordPress community. Our free plugin was one of our first contributions to WordPress security (before bootstrapping our efforts into our WAF/CDN, Backups, and Malware Remediation services). However, over my many years Continue reading Sucuri WordPress Plugin += Sucuri WAF
A month ago, GoDaddy was in the news after announcing a data breach of information for customers using their managed WordPress hosting service. What was lacking in the coverage of that is that GoDaddy owns a major web security provider, Continue reading GoDaddy (Though Sucuri) Spreads Misinformation About Recently Fixed Vulnerabilities in All in One SEO