Two years ago, we started compiling reviews from Sucuri customers. Today we have over 60 case studies, most of them from web developers and designers. Interestingly enough, we also have a lot of case studies from photographers who run their own websites.
Our very first case study came from Spyros Papaspyropolous – street photographer, blogger, and Cofounder of the website StreetHunters.net. With a loyal following of street photographers and art enthusiasts, Spyros and his team offer insightful blog posts and rich image galleries.
Cause for Concern
One of the worst ways to find out that your website has been hacked is by hearing it from your visitors, customers, or readers first. Knowing that real people have already been impacted by encountering malware or blacklist warnings can come as a real shock to website owners. This is what happened to Spyros one morning in December 2014. A massive malware campaign called SoakSoak infected over 100,000 WordPress websites in a single weekend.
I got an email from one of my readers saying that your site has been reported for malware…
After hearing it from customers, Spyros had to check for himself. By this point, Google had blacklisted the site with a large warning to all visitors attempting to access the site.
I fired up Chrome and got the red screen. I felt I’d had a heart attack, you know? I felt that my readers would lose credibility in the brand immediately, and they would think that we don’t take security seriously, and we don’t take them seriously.
Cleanup and Reinfection
Having a background in web design, Spyros attempted to resolve the issue and clean up the files with the help of WordPress plugins and tools.
We take security very seriously at Streethunters.net and we do not leave things to chance. Our website had all the latest security patches installed when the attack took place and is also backed by a highly respected security suite since it first launched, keeping our data and [our reader] safe from almost all possible attacks.
At the time, the theme he used contained a vulnerable version of Slider Revolution (revslider). The developer had not yet patched his theme, leading Spyros to believe he had done all he needed to clean up the infection. With hours of manual cleaning, the Google blacklist lifted. Spyros slept soundly that night.
But here in Greece we have a saying: “Your luck works even when you are sleeping” which means that the world keeps on moving, sometimes to your disadvantage, even when you are asleep.
The next morning, the SoakSoak malware campaign had evolved and reinfected his site through the same vulnerable theme. This time, over 50% of his web files had been modified with malware injections.
Virtual Patching via Sucuri Firewall
Spyros read an article on Gizmodo where commenters recommended Sucuri. After signing up, Spyros received help quickly in securing his site and virtually patching the vulnerable theme. Upon activating the Sucuri Firewall, the attempts against the StreetHunters website were blocked and the threat neutralized.
As a curious web administrator, Spyros checked his Sucuri dashboard to see the number and rate of malicious requests that were blocked by the firewall.
I saw the firewall was really working well!
After finding Sucuri and recovering the StreetHunters website, Spyros wrote a blog post to tell his visitors how they had eradicated the malware threat and secured their site:
After this incident, we decided that we mustn’t just be serious about our security. We must be paranoid!!! There is just no other way to be safe. So with clean files to work on, we purchased a bundle of monitoring and security options from our new security partner, Sucuri. To put your mind at ease, we guarantee our security and to show it we have now placed a badge on our pages to let you know that we do not take these things lightly. So, feel free to safely surf the pages of our website once again!
If you would like to be featured as our next customer case study, click the button above and fill in the form at the bottom of the page.