Sucuri WordPress Security Plugin Protects Against PHP-CGI Vulnerability

  • May 8, 2012

Today we released an update on the latest PHP CGI vulnerability and provided some additional information that users can use to help protect against it.

Guidance includes updating your .htaccess file with the following:

RewriteEngine on
RewriteCond %{QUERY_STRING} ^[^=]*$
RewriteCond %{QUERY_STRING} %2d|- [NC]
RewriteRule .? – [F,L]

It is important to note however that if you are on WordPress and currently using our Free security plugin you are protected. We are actively seeing the attack across our growing network of plugin users and proactively pushing changes to protect our users.

What’s great about this is that its independent of what your host does. You can rest easy knowing that we’ve got your back.

Not Familiar With our Free Security Plugin?

You can find more information on the specifics by reading our Preventive page. The Security plugin is a new feature that we have recently released for free to all our WordPress clients.

Tony is the Head of Security Products at GoDaddy and Sucuri Co-Founder. His passion lies in educating and bringing awareness about online threats to business owners. His passions revolve around understanding the psychology of bad actors, the impacts and havoc hacks have on website owners, and thinking through the evolution of attacks. You can find his personal thoughts on security at perezbox.com and you can follow him on Twitter at @perezbox.

Related Tags
4 comments
  2. Pingback: Sucuri WordPress Security Plugin Protects Against PHP-CGI … | codu.in

  3. You guys provide a great security plugin that’ll take care of the PHP-CGI Vulnerability. Do you have any stats as to how many attacks has come through that vulnerability this year?

Comments are closed.

Related Categories
You May Also Like