Top

Howto detect malware’s with WP-CLI

WP-CLI is the command-line interface for WordPress. You can update plugins, configure multisite installations and much more, without using a web browser. This tool need ssh access to server using it. More information for this tool found their homepage. This tutorial we show how you can detect malware’s in WordPress installation. WP-CLI Installation Depend your […]

Continue Reading

cPanel ModSecurity v2.9.3 results in apache service failures

The following update to the ea-apache24-mod_security2 RPM was included as part of the initial May 29 EasyApache 4 Release: EA-8081 – Update Mod_security2 to 2.9.3 Upon the publication of this update, we observed reports of Apache service failures stemming from ModSecurity segmentation faults. kernel: [123456.123456] httpd[12345]: segfault at 9 ip 0000000000000000 sp 0000000000000 error 4 […]

Continue Reading

cPGuard licenses has reached 500+ servers

OpsShield announces the growth of cPGuard licenses has reached 500+ servers last week. After publically releasing the product in 2017 last quarter, cPGuard is making progressive growth every month. Several major hosting companies now trust cPGuard to secure their servers and user accounts. Since the initial release, cPGuard is adding more features into the product […]

Continue Reading

How to pick a secure WordPress theme

When it comes to choosing a WordPress theme, most website creators look for two things in particular: looks and functionality. However, another arguably more important factor that most people overlook is security. Picking a secure WordPress theme is one of the best ways to protect your website from hackers. There are, of course, many ways […]

Continue Reading

What makes a safe password generator and how to get started with one

Countless password generators exist in the market, and they all promise to deliver unique, secure and random passwords. However, according to an Andrea Rock study, consumers should be cautious and examine a password generator more closely before using it. That is because some password generators are less secure compared to others. To fully understand this, […]

Continue Reading

What is ModSecurity and why do we need it ?

For time being, the internet growth and the accompanying vulnerability are very much. So we have to implement something special security for servers. So at the current state plugin like ModSecurity is a very good option to use. To learn more about it, Lets go down.. ModSecurity is an open source web based firewall application […]

Continue Reading

WordPress Easy WP SMTP plugin <= 1.3.9 - Unauthenticated arbitrary - wp_options import vulnerability

Last week, two cybersecurity companies found a Zero-Day vulnerability in WordPress SMTP Plugin. The vulnerability is located in the new import/export functionality added in v1.3.9 of Easy WP SMTP. It lets attackers exploit the lack of capability checks in the plugin’s admin_init hook to alter any values in the wp_options table. Additionally, since the admin_init […]

Continue Reading

Remote File Inclusion (RFI)

Remote File Inclusion (also known as RFI) is the process of including remote files through the exploiting of vulnerable inclusion procedures implemented in the application. This vulnerability occurs, for example, when a page receives, as input, the path to the file that has to be included and this input is not properly sanitized, allowing external […]

Continue Reading

Malware plugin’s to WordPress (woocomerce & aksimet)

When WordPress website user account compromised, there is possibility upload plugins. We have seen new malware plugins for WordPress which are named with woocomerce and aksimet. These plugins not have anything doing with real plugins, which are woocommerce and akismet. Both of these plugins use WordPress add_action(‘init’,”) function to activate itself and ready take commands […]

Continue Reading

Configure Two-Factor Authentication for WHM/cPanel

Even if you still have a handy password for your account, you still want account to be as safe as possible. Two Factor Authentication gives you an additional layer of security when accessing your cPanel/WHM account. In this guide we will discuss how to setup, configure, and use two step authentication options within the Web […]

Continue Reading