As a website industry professional, you are aware of the importance of website security. This is especially true when managing 10 or more sites. How can you convey this message to your customers? Offering Website Security to Clients Website security should be part of any web professional’s portfolio. How can you get started talking with […]
Tag Archives: Website Security
Googlebot or a DDoS Attack?
A bot is a software application that uses automation to run scripts on the internet. Also called crawlers or spiders, these guys take on the simple yet repetitive tasks we do. There are legitimate bots and malicious ones. A Web Application Firewall (WAF) filters the web traffic and blocks any malicious bots, letting the good […]
The Anatomy of Website Malware: An Introduction
We see a lot of files infected by website malware on a daily basis here at Sucuri Labs. What we don’t see is very many categories of infections. The purpose of this blog post series is to provide an overview of the most common infection categories and types of website malware. Are you interested in […]
Spam Injector Disguised as License Key in WordPress Website
Here at Sucuri, we clean WordPress websites every day. There are various types of common malware, but when we stumble upon a different scenario, our research team likes to dig deeper and conduct a complete investigation. A license key is a place where a webmaster might not expect to find an infection, however, in this particular […]
Optimize Setup to Improve Your Website Resilience for DDoS Attacks
Distributed denial-of-service (DDoS) attacks can disrupt website traffic and impact any business. To help website owners and webmasters improve their website resilience to DDoS attacks, we have put together a series of posts. Here are the topics that will be discussed: Website optimization best practices Caching best practices Web Application Firewall (WAF) protection Setup Optimization […]
Improvements to SiteCheck Website Scanner
SiteCheck is Sucuri’s free website malware and security scanner offered to anyone who wants to scan their websites for malware and blacklist status. Last year, we improved SiteCheck’s speed and reliability. Today, we are excited to share the latest upgrades that makes SiteCheck even better. SiteCheck Upgrades As one of our first free tools created, SiteCheck has […]
OWASP Top 10 Security Risks – Part V
To bring awareness to what threatens the integrity of websites, we are continuing a series of posts on the OWASP top 10 security risks. The OWASP Top 10 list consists of the 10 most seen application vulnerabilities: Injection Broken Authentication Sensitive data exposure XML External Entities (XXE) Broken Access control Security misconfigurations Cross Site Scripting […]
Free SuperCounters Widget Serves Unwanted Redirects to Dating Site
If we navigate way back into the recesses of our memory to the era of GeoCities websites and MySpace pages, we might distinctly recollect the popularity of the visitor-counting widget. Commonly displayed on homepages across the web, these widgets served as credibility indicators to help site visitors identify the popularity of a website. While this […]
How to Improve Your Website Resilience for DDoS Attacks – Part III – WAF
In the first post of this series, we talked about the practices that will optimize your site and increase its resilience to DDoS attacks. In the second post, we focused on caching best practices that can reduce the chances of a DDoS attack taking down your site. Today, we are going to emphasize the importance […]
OWASP Top 10 Security Risks – Part IV
To bring awareness to what threatens the integrity of websites, we are continuing a series of posts on the OWASP top 10 security risks. The OWASP Top 10 list consists of the 10 most seen application vulnerabilities: Injection Broken Authentication Sensitive data exposure XML External Entities (XXE) Broken Access control Security misconfigurations Cross-Site Scripting (XSS) Insecure […]
