All software has bugs — but some bugs can lead to serious security vulnerabilities that can impact your website and traffic. Vulnerabilities can be especially dangerous when your software is running over the web, since anyone can reach out and try to attack it. That’s why keeping your website up-to-date with the latest patches and […]
Tag Archives: WordPress Security
Gambling Spam in Visual Composer Raw HTML Element: [vc_raw_html]
Bad actors often look for clever ways to boost the rankings and visibility of their spam pages in search. One of the many black hat SEO injections that we regularly find on compromised sites involves spammy links hidden inside a with the following style “overflow:hidden;height:1px” that makes them invisible to a regular site visitor. Our […]
How Are Favicon (.ico) Files Used in Website Malware?
When a website is hacked symptoms can sometimes include unexpected, unfamiliar and strangely located favicon or .ico files. Other symptoms might include: ”This site may be hacked” warnings Strange redirects to spam websites Blocklisting by Google, Bing and other search authorities Randomly named folders containing spam files and big spam sitemaps If you’re experiencing these […]
What Is a 500 Internal Server Error & How to Fix It
A frustrating interruption to anyone’s day is the infamous 500 internal server error. When it happens not only do you lose traffic or potential site revenue, but it can also reflect badly on your site’s reputation and even affect your Google rankings. Furthermore, 500 server errors can sometimes be an indicator of compromise — the […]
WordPress Vulnerabilities & Patch Roundup — August 2022
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
Post-Hack Instructions: SEO Spam & 404 Errors in Search Console
Every once in a while, we get a glimpse into the strange behavior that happens after a site is compromised. Hacked websites are known to result in a plethora of headaches for webmasters, including malicious redirects, broken links, and unwanted spam content. But did you also know that it can also result in problems for […]
Examining Less-Common WordPress Credit Card Skimmers
Since 2020 considerable attention has been spent analysing the emergence of MageCart malware within WordPress environments which most commonly affects sites using WooCommerce. As demonstrated in a previous post WordPress has quickly become the most commonly affected CMS platform for credit card skimmers due to the CMS’ popularity and ease-of-use. In fact, so far this […]
Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads
It’s not uncommon for users to experience “DDoS Protection” pages when casually browsing the web. These DDoS protection pages are typically associated with browser checks performed by WAF/CDN services which verify if the site visitor is, in fact, a human or is part of a Distributed Denial of Service (DDoS) attack or other unwanted bot. […]
Importance of Website Logs
Have you ever looked at your server or website logs and realized that they make absolutely no sense to you? Or thought that logs just seem to take up a lot of valuable server space? Or perhaps they fail to provide clear insights into what happened in the first place? As a security company, we […]
7 Tips to Clean & Maintain Your Website
Most people would agree — living in a house full of accumulated debris and unnecessary objects can create a chaotic environment, and even cause health problems. This scenario is easily applicable to your website, too. You can think of your hosting environment as the home where your website lives. It’s extremely easy for hosting accounts […]
