Archive by Author

Hacking WordPress Sites on Shared Servers

A website is only as safe as the weakest link on its shared server. Once a hacker gains access to one site on the server, they can easily infect other sites that share the same server permissions. This is called cross-site contamination. When it comes to WordPress websites, the core structure is well known by… […]

New Guide on How to Fix Hacked WordPress Sites

Our involvement in WordPress security has always been a core part of our mission here at Sucuri. We have teams who actively lend advice on WordPress support forums to hacked webmasters. We’ve taken a leadership role by creating sections of the official WordPress Codex relevant to security. Our company has attended over 75 WordCamps and… […]

Product Update: Sucuri Firewall in Tokyo, Japan

For the last couple of years, we have been transitioning the Sucuri Firewall (WAF) away from the cloud and expanding it to run on top of our own Anycast content delivery network (CDN). We provide security for websites using our service and felt we needed to couple the performance benefits of a CDN with the… […]

Cleaning the Wp-Page Pharma Hack in WordPress

Pharma hacks are common website infections categorized under SEO spam. With pharma hacks, the attacker exploits vulnerable websites to distribute pharmaceutical advertisements to visitors. Symptoms of a pharma hack include embedded links and anchor text on pages or modified listings in Search Engine Results Pages (SERPs). These attacks most often target search engines like Google… […]

IoT Home Router Botnet Leveraged in Large DDoS Attack

We have been monitoring a large-scale Layer 7 HTTPS flood attack (i.e., application level DDoS) against a customer over the past few weeks. It is being distributed across 47,000 IP addresses and has been pushing over 120,000 HTTPS requests per second (RPS) to the website. Unlike volumetric attacks that target the network link (measured in… […]

Ask Sucuri: How Modern Web Phishing Works

Most of us have experienced some kind of phishing attempt in our online lives, and we have seen phishing grow in complexity. Usually, we notice that the login pages are crafted to convince users they are logging into a valid service. When the user fails to notice that the phishing page is fake, their login… […]

IPv4 vs IPv6 Performance Comparison

IPv6 usage has been growing very slowly through the last 10 to 15 years. Since mid-2015 it started to pick up and increase adoption at a rapid pace. Google, for example, has been tracking their IPv6 usage since 2009 and it is beautiful to finally see some growth. As the number of available IPv4 addresses… […]

Spotlight: How WebMechanix Provides Client Site Security

WebMechanix is a full-service digital marketing agency focused on managing the online presences of over 100 web properties. In 2009, when WebMechanix was founded, managing websites was a bit less stressful. For website administrators, security was as much of a concern as it is today. All at once, hackers became wise to the lucrative nature… […]

SQL Injection Vulnerability in Ninja Forms

As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the Ninja Forms plugin for WordPress, currently installed on 600,000+ websites. Vulnerability Disclosure Timeline: August 11th 9:35 am, 2016 – Initial report to the Ninja Forms team August 11th 2:49 pm, 2016 – Public release of version… […]