Tony Perez

About Tony Perez

Tony is the Head of Security Products at GoDaddy and Sucuri Co-Founder. His passion lies in educating and bringing awareness about online threats to business owners. His passions revolve around understanding the psychology of bad actors, the impacts and havoc hacks have on website owners, and thinking through the evolution of attacks. You can find his personal thoughts on security at perezbox.com and you can follow him on Twitter at @perezbox.

April 29, 2021Tony Perez

How to Find & Fix Mixed Content Issues with SSL / HTTPS

Note: We’ve updated this post to reflect the evolving security standards around mixed content, SSLs, and server access as a whole. With the web’s increased emphasis on security, all sites should operate on HTTPS. Installing an SSL allows you to make that transition with your…

September 8, 2017Tony Perez

Creating a Basic Website Security Framework

When you build or remodel a house, construction workers create a strong framework that can withstand the elements to keep your home and possessions secure. But what happens if you…

August 28, 2017Tony Perez

Google Warnings For Form Input Over HTTP Coming in October

For years, Google has been actively seeking ways to encourage website owners to implement SSL certificates. SSL allows websites to be accessed over HTTPS, which encrypts information sent between the…

July 18, 2017Tony Perez

What is Cross-Site Contamination and How to Prevent it

If you suffer multiple reinfections and your site is one of many in an account, the odds are high that you’re suffering from cross-site contamination. Cross-site contamination is when a…

February 22, 2017Tony Perez

Ask Sucuri: Common WAF Questions and Concerns

There is no more frustrating experience than knowing you need something, but not knowing which questions to ask. This resonates with website owners when they are told they need to…

February 3, 2017Tony Perez

Website Application Firewalls (WAF) – Practical Approach to Website Security

In 2016, I shared some thoughts about firewalls in general; their history and purpose in the information security domain. The point of the article was to help website owners differentiate…

October 19, 2016Tony Perez

Accounting for Defense in Depth in Website Security

In the field of Information Security (InfoSec) we like to use the phrase defense in depth. Like many things, it is a borrowed term with roots dating back millennia (216…

October 11, 2016Tony Perez

Ask Sucuri: Is My Website Hacked?

Having your website hacked can be a devastating experience for any website owner. Unfortunately, many website owners rarely know they are infected until days, if not weeks, after the compromise…

September 6, 2016Tony Perez

Cleaning the Wp-Page Pharma Hack in WordPress

Pharma hacks are common website infections categorized under SEO spam. With pharma hacks, the attacker exploits vulnerable websites to distribute pharmaceutical content to search engines and the sites visitors. Symptoms of…

June 23, 2016Tony Perez

PCI Compliance for eCommerce – Choosing Between SAQ A and A-EP

Update: Read our new PCI Compliance guide. The Payment Card Industry Data Security Standards (PCI DSS) is a set of security standards established in a joint venture between a number…

June 14, 2016Tony Perez

The Growing DDoS Threat to Website Owners

As website attacks continue to evolve, we see growing levels of sophistication in the way attackers are expanding the economics of their industry. The monetization potential of attacking websites continues…