Top

Author Archive | admin

RBL – Fight SPAM With Postfix

Using RBL is really efficient and pretty lightweight. All it take is some DNS queries and if you were going to receive a lot of spam email from the same client, this DNS entries will be cached in your (local) DNS. To get some figures on how many emails get caught through, on a server […]

Continue Reading

Howto detect malware’s with WP-CLI

WP-CLI is the command-line interface for WordPress. You can update plugins, configure multisite installations and much more, without using a web browser. This tool need ssh access to server using it. More information for this tool found their homepage. This tutorial we show how you can detect malware’s in WordPress installation. WP-CLI Installation Depend your […]

Continue Reading

cPanel ModSecurity v2.9.3 results in apache service failures

The following update to the ea-apache24-mod_security2 RPM was included as part of the initial May 29 EasyApache 4 Release: EA-8081 – Update Mod_security2 to 2.9.3 Upon the publication of this update, we observed reports of Apache service failures stemming from ModSecurity segmentation faults. kernel: [123456.123456] httpd[12345]: segfault at 9 ip 0000000000000000 sp 0000000000000 error 4 […]

Continue Reading

cPGuard licenses has reached 500+ servers

OpsShield announces the growth of cPGuard licenses has reached 500+ servers last week. After publically releasing the product in 2017 last quarter, cPGuard is making progressive growth every month. Several major hosting companies now trust cPGuard to secure their servers and user accounts. Since the initial release, cPGuard is adding more features into the product […]

Continue Reading

How to pick a secure WordPress theme

When it comes to choosing a WordPress theme, most website creators look for two things in particular: looks and functionality. However, another arguably more important factor that most people overlook is security. Picking a secure WordPress theme is one of the best ways to protect your website from hackers. There are, of course, many ways […]

Continue Reading

What makes a safe password generator and how to get started with one

Countless password generators exist in the market, and they all promise to deliver unique, secure and random passwords. However, according to an Andrea Rock study, consumers should be cautious and examine a password generator more closely before using it. That is because some password generators are less secure compared to others. To fully understand this, […]

Continue Reading

Remote File Inclusion (RFI)

Remote File Inclusion (also known as RFI) is the process of including remote files through the exploiting of vulnerable inclusion procedures implemented in the application. This vulnerability occurs, for example, when a page receives, as input, the path to the file that has to be included and this input is not properly sanitized, allowing external […]

Continue Reading

Malware plugin’s to WordPress (woocomerce & aksimet)

When WordPress website user account compromised, there is possibility upload plugins. We have seen new malware plugins for WordPress which are named with woocomerce and aksimet. These plugins not have anything doing with real plugins, which are woocommerce and akismet. Both of these plugins use WordPress add_action(‘init’,”) function to activate itself and ready take commands […]

Continue Reading

Technology & Development partnership with OpsShield (cPGuard)

Malware.Expert a leading provider well-known for Commercial WAF rules, ClamAV Signatures for PHP and for many other projects under their hood announcing its technology/development partnership with OpsShield, an Indian based development and server management company offering security suite for cPanel servers and other security/management solutions for Linux servers. “We are very excited to join cPGuard […]

Continue Reading

WordPress GDPR Compliance Plug-in exploited (Privilege Escalation Flaw)

On the 6th of November 2018, a popular WordPress plugin known as WP GDPR Compliance plugin, which is created to help website owners with GDPR compliance, was found to contain harmful vulnerabilities for privilege escalation that could allow for arbitrary code execution. Hackers have exploited this vulnerability to attack a number of websites. The vulnerability […]

Continue Reading