Sucuri has always been a dedicated supporter of the WordPress community. Our free plugin was one of our first contributions to WordPress security (before bootstrapping our efforts into our WAF/CDN, Backups, and Malware Remediation services). However, over my many years involved in web application security, I’ve found that one of the most evasive aspects of […]
Tag Archives: sucuri
The People Behind Us – Website Security Champions 2021
Kayleigh Martin is a tier 2 Website Security Analyst. Her daily responsibilities include investigating sites for malware, removing the malware, and advising clients on how to prevent future attacks. The most exciting part of her day is finding new malware that’s not been seen before. She finds that if she focuses on doing her job […]
A Walk Through a Year of Website Security: Part II
Part I of our 2021 Security Walkthrough shows the initial 5 posts of our top 10. 6 – Vulnerable Plugin Exploited in Spam Redirect Campaign It was brought to our malware research team’s attention that a vulnerability was discovered in old, unpatched versions of the wp-user-avatar plugin. The type of vulnerability found is known as […]
E-commerce Website Security Strategy for Holiday Shopping Season
As shopping season approaches once again, we’d like to give you some helpful advice when it comes to managing an e-commerce site, and how to avoid being the target of an attack. Due to the pandemic, more people are spending their time shopping for gifts online than ever before. Global e-commerce sales are projected to […]
Network Firewall vs. Web Application Firewall (WAF)
When the world shut their doors and began spending more time online, hackers saw a clear opportunity. The costs of data breaches continue to rise, and attacks are becoming harder to detect. Attackers are becoming more sophisticated and creative. According to a 2020 report by IBM, it took an average of 228 days to identify […]
How to Set Up a Content Security Policy (CSP) in 3 Steps
What is a Content Security Policy (CSP)? A CSP is a policy that uses headers or meta elements to restrict or greenlight what content loads onto your website. It is a widely-supported security standard recommended to anyone who operates a website. Why do you Need it ? Using a CSP adds a layer of protection […]
7 Scary Good Tips to Secure Your Website
Nothing pairs quite as well as cybersecurity and Halloween. Prepare for more than trick-or-treaters this spooky season with these 5 wicked Website Security tips. 1 – Make a horcrux ( aka backup your data) – In Harry Potter, a horcrux lets wizards store a fragment of their soul in different objects as a safeguard against […]
5 Types of Hackers & Why They Hack
When considering why hackers are attacking websites, you might think that there’s a specific reason they target you as a website owner—your business, your reputation, or your information. The truth is, while it feels personal to the victim, hackers rarely single out specific targets. Most of the time, hackers perform mass searches for specific vulnerabilities, […]
How to Know If You Are Under DDoS Attack
Nowadays, the term DDoS probably raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they do know the effect: an extremely sluggish or shut-down website. In this article, we’ll focus on how to know if your website is under attack and how to protect it. Hopefully, we […]
Optimizing Performance and Behavior with WordPress and the Sucuri WAF
Aside from providing significant protection from a wide range of threats, the Sucuri WAF also acts as a CDN due to its caching capabilities and regional PoPs — often performing even better than dedicated CDNs based on recent tests. CDNs can significantly help speed up your website by storing and delivering content as close to […]
