Welcome to our third post on WP-CLI for secure WordPress management over an SSH command line interface. In our previous two articles, we discussed how to connect to WordPress over SSH, and then how to back up & update WordPress securely. Like other open-source content management systems, WordPress lets you easily add code to makeRead […]
Archive by Author
SweetCaptcha Returns Hijacking Another Plugin
Yesterday we observed a strange short return of the SweetCaptcha plugin to WordPress.org repository. In June we reported that SweetCaptcha injected third-party ad code to their scripts which lead to malvertising problems on the sites that used this CAPTCHA service. After that incident, the SweetCaptcha WordPress plugin had been removed from the official plugin repository.Read […]
Malicious Google Analytics Referral Spam
Robots (bots) have outnumbered people on the Internet for almost two years, and they browse much faster than your average visitor. Aside from spamming your comment systems and crawling for vulnerable websites to attack, bots can also cause a lot of confusion in your website traffic reporting systems. If you use analytics software on yourRead […]
WP-CLI Guide: Secure WordPress Backup and Update
Welcome to our second post in the series on WP-CLI for WordPress management over SSH. In our previous post, we discussed how to get your SSH credentials and use WP-CLI to connect to your website over the command line. Before we get into changing anything, we’ll show you how to back up your database and compressRead […]
Webutation Distributing Malware Through Safety Badge
If you are using the Webutation badge on your site, remove it now. It appears they got hacked and are distributing malware to mobile devices through redirects hidden within the badge’s code. We were analyzing a website that was compromised and redirecting visitors to bogus apps on the Apple App Store and the Google PlayRead […]
WP-CLI Guide: Connect to WordPress via SSH Intro
Do you use the WordPress dashboard to update plugins and themes? How do you back up your database? If you have not used it yet, WP-CLI is an efficient way to manage your WordPress installation using a command line interface, meaning you type text commands like these two: wp core update wp plugin update-all YouRead […]
10 Years of Joomla! – Supporting JoomlaDay Minnesota
As Joomla prepares to celebrate its 10 year anniversary, we want to be certain to join in the festivities. Why? Because open source platforms allow individuals to better support their families, capitalize on time at home, and maximize earning potential. The follow up questions to these assertions could be: “How do you come to that conclusion?Read […]
Common Website Security Terminology Defined
If you want to keep your website safe, it is important to understand the terminology used to describe the causes and effects of hacks. Software vulnerabilities and access control issues are two of the main causes of website infections, and in this post we will define some of the terminology used to describe them. WeRead […]
Analyzing a Facebook Clickbait Worm
Here at Sucuri we suspect everything, especially when your friends start to share content written in another language with clickbait headlines. If you are not familiar with the term, clickbait is when web content is created in a way that psychologically exploits the reader’s curiosity using compelling headlines. When someone clicks on the article toRead […]
Magento Platform Targeted By Credit Card Scrapers
We’ve been writing a lot about E-Commerce hacks and PCI Compliance recently. The more people buy things online, the more of an issue this will be come and the more important it will be to talk about it. We live in an online world where a single mistake can lead to catastrophic results; that impact isRead […]

