Website Security News
We regularly talk about brute force attacks on WordPress sites and explain why WordPress credentials should always be unique, complex, and hard to guess. However, the WordPress login is not the only point of entry that hackers use to break into sites. Since the WordPress…
Read More about WordPress Database Brute Force and Backdoors
The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities…
We discovered a xmlrpc.php brute-force tool in a malicious PHP script that appears to have been uploaded months ago after a vulnerable GDPR plugin exploit: $data = $_POST[‘data’]; $parameter =…
Have you ever wondered if your website security posture is adequate enough? The risk of having a website compromise is never going to be zero. However, as a webmaster, you…
Read More about How to Improve Your Website Security Posture – Part I
Hackers are constantly scanning the internet for exploitable sites, which is why even small, new sites should be fully patched and protected. At the same time, it is not feasible…
Read More about Mining Adminers – Hackers Scan the Internet For DB Scripts
Based in Melbourne, Australia for over 17 years, 24Digital knows what it takes to succeed in the ever-evolving digital marketing space which is no longer a world resting on desktop…
Read More about Spotlight: How a Digital Marketing Agency Secures Client Sites
In 2016, I shared some thoughts about firewalls in general; their history and purpose in the information security domain. The point of the article was to help website owners differentiate…
Read More about Website Application Firewalls (WAF) – Practical Approach to Website Security
Ask Sucuri: My site is under a brute force attack. What can I do? How can we solve this password guessing problem known as brute forcing? This is a common…
Read More about Ask Sucuri: How to Stop Brute Force Attacks?
A few weeks ago we ran an experiment to see how long it would take for some IPv4-only and IPv6-only servers to be compromised via SSH brute force attacks. We…
When using WPScan you can scan your WordPress website for known vulnerabilities within the core version, plugins, and themes. You can also find out if any weak passwords, users, and…
Read More about Using WPScan: Finding WordPress Vulnerabilities
Brute force attacks are one of the oldest and most common types of attacks that we still see on the Internet today. If you have a server online, it’s most…
Read More about Brute Force Amplification Attacks Against WordPress XMLRPC
