Nulled WordPress themes and plugins are a controversial topic for many in the web development world — and arguably one of the bigger threats to WordPress security. Essentially modified versions of official WordPress themes and plugins with their licensing restrictions removed, these nulled software copies are often touted as premium functionality packaged in a free […]
Tag Archives: Website Security
Bogus URL Shorteners Redirect Thousands of Hacked Sites in AdSense Fraud Campaign
Late last year we reported on a malware campaign targeting thousands of WordPress websites to redirect visitors to bogus Q&A websites. The sites themselves contained very little useful information to a regular visitor, but — more importantly — also contained Google Adsense advertisements. It appeared to be an attempt to artificially pump ad views to […]
What is Black Hat SEO?
Your website’s search results and rankings are vital to the success of your online business. Better search visibility equates to more traffic — which results in more opportunities to convert leads into customers. And while it may be tempting to game search engine algorithms to come out on top, there’s a hard line in the […]
How to Fix the “Deceptive Site Ahead” Warning
Did you just try to access your site and encounter a Deceptive Site Ahead warning? This error message occurs when the browser believes your website is unsafe and experiencing security issues — and it can seriously affect your traffic and reputation. When this warning appears on your site, you’ll want to address it as soon […]
Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network
Every so often attackers register a new domain to host their malware. In many cases, these new domains are associated with specific malware campaigns, often related to redirecting legitimate website traffic to third party sites of their choosing — including tech support scams, adult dating, phishing, or drive-by-downloads. Since late December, our team has been […]
Vulnerable WordPress Sites Compromised with Different Database Infections
Vulnerabilities within WordPress can lead to compromise, and oftentimes known vulnerabilities are utilized to infect WordPress sites with more than one infection. It is common for out of date websites to be attacked by multiple threat actors or targeted by the same attacker using multiple different channels. We recently came across a database injection that […]
Is WordPress Secure?
According to W3Techs, 43.2% of all websites on the internet use WordPress. And of all websites that use a CMS (Content Management System) more than half (64%) leverage WordPress to power their blog or website. Unfortunately, since WordPress has such a large market share it has also become a prime target for attackers. You might […]
How to Fix “There Has Been a Critical Error on Your Website” in WordPress
Critical errors on any system can be extremely frustrating. But if you’ve recently encountered the “There has been a critical error on your website” message on your WordPress site, don’t fret! In many cases, critical errors are the result of conflicts in plugins, theme files, or PHP related issues. This is one of the most […]
Bad Paths & The Importance of Using Valid URL Characters
To ensure that your web files and pages are accessible to a wide range of users with various different devices and operating systems, it’s important to use valid URL characters. Unsafe characters are known to cause compatibility issues with various browser clients, web servers, and even lead to incompatibility issues with web application firewalls. In […]
Finding & Removing Malware From Weebly Sites
Weebly is an easy-to-use website builder that allows admins to quickly create and publish responsive blogs and sites. Website builder environments are usually considered to be very safe and not prone to malware infections, but during a recent investigation I found some malicious behavior which revealed that even closed proprietary systems for WYSIWYG website builders […]
