Website Security News
Imagine waking up in the morning to see that a couple of calls were missed and your email is overloaded with messages saying that your website is down. You go to your computer to check your server and it’s working fine – but oh no, …
Day-to-day operations can present many challenges. Whether you’re wearing multiple hats within the same department or a project lead managing dozens, even hundreds of web applications – time is always the…
Update: Read our new PCI Compliance guide. This is the third post in a series of articles on understanding the Payment Card Industry Data Security Standard – PCI DSS. We…
Read More about PCI for SMB: Requirement 3 & 4 – Secure Cardholder Data
This is the second post of a series about Steps to Keep Your Site Clean. In the first post, we talked about Access Points; here we are going to offer more…
Website hosting security has matured in recent years. Naturally, the types of security issues have changed because of it. For example, cross-contamination over multiple shared hosting accounts used to be a…
Read More about Website Hosting: Security Awareness Can Reduce Costs
PHP contains an interesting but rarely used feature called Phar, which stands for PHp ARchive, that allows developers to package entire applications as a single executable file. It also boasts…
Read More about Code Injection in Signed PHP Archives (Phar)
In our last webinar, How To Account For Security With Customer Projects, I spoke about maintenance and sustainment contracts – specifically how to use them to better account for client…
From the attacker’s perspective, creating ways to maintain access to a compromised website is desirable. We call them backdoors. Backdoors can be done in different ways, either by adding fake…
Read More about Unrestricted Backend Login Backdoor on OpenCart
Update 11/03/2017: If you want to learn how to secure WordPress, you can read all about it in our new guide. As WordPress continues to grow in popularity, so does…
Read More about Exploited Script in WordPress Theme Sends Spam
WebMechanix is a full-service digital marketing agency focused on managing the online presences of over 100 web properties. In 2009, when WebMechanix was founded, managing websites was a bit less…
Read More about Spotlight: How WebMechanix Provides Client Site Security
On average, a website leverages around 18-20 different plugins in its structure. These plugins enhance the website’s functionality and in some instances extend the applications core capabilities. It’s great for…
Read More about Secure Coding: How to Account for Input Sanitization
