News
Over 1 Million Sites Impacted by Vulnerability in Starter Templates Plugin
On October 4, 2021, the Wordfence Threat Intelligence team initiated the responsible disclosure process for the Starter Templates plugin, which is installed on over 1 Million WordPress websites. The full name of the WordPress plugin is “Starter Templates — Elementor, Gutenberg & Beaver Builder Templates”, but we are referring to it in this post as […]
Read More
Understanding .htaccess Malware
The .htaccess file is notorious for being targeted by attackers. Whether it’s using the file to hide malware, redirect search engines to other sites with blackhat SEO tactics, hide backdoors, inject content, modify php.ini values; the possibilities are endless. Many site owners are unaware of this file, due to it starting with a “.” making […]
Read More
Is My Website Hacked? How to Check If Your Website Has Been Hacked
Did you receive a security alert for your website that made you wonder, “Is my website hacked?” Or are you just concerned because you noticed something off about it? Either way, do not panic. You are already ahead of the curve by trying to figure out the issue. Every week, Google blacklists over 20,000 websites […]
Read More
WooCommerce Skimmer Spoofs Checkout Page
Recently a client of ours was reporting a bogus checkout page appearing on their website. When trying to access their “my-account” page an unfamiliar prompt appeared in their browser soliciting credit card billing information: This form was foreign to our client and was clearly placed during a website compromise. Interestingly, the website itself doesn’t even […]
Read More
How to Clean Up Your WordPress Database
Do you want a fast WordPress website? If so, you need to clean up WordPress database by removing unnecessary data. WordPress database cleanup is an important maintenance task that will reduce page loading times on your website. It should be performed alongside other performance techniques such as caching pages, optimizing images, deferring Javascript, and removing […]
Read More
Product Update: Sucuri Firewall in India
Sucuri is pleased to announce the completion of a strategic expansion with the opening of a data center campus in Mumbai – India. This addition adds another layer of security and performance for customers located in the South Asian region. Our Mumbai site, along with our complete portfolio of POPs, meets the highest-tier – Level […]
Read More
Remove the Google Blacklist Warning from Your Website – Easy Guide
Are you seeing a big red warning when you try to visit your website, saying that your website is dangerous? This is a sign of malware on your WordPress site, and your site is blacklisted by Google. Google wants to make sure that its visitors have a safe search experience. So their Safe Browsing initiative […]
Read More
Vulnerability in WP DSGVO Tools (GDPR) Plugin Allows Unauthenticated Page Deletion
Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On September 27, 2021, the Wordfence Threat Intelligence team initiated the disclosure process for a vulnerability we found in WP DSGVO Tools (GDPR), a WordPress plugin with over 30,000 installations. We were investigating […]
Read More
Network Firewall vs. Web Application Firewall (WAF)
When the world shut their doors and began spending more time online, hackers saw a clear opportunity. The costs of data breaches continue to rise, and attacks are becoming harder to detect. Attackers are becoming more sophisticated and creative. According to a 2020 report by IBM, it took an average of 228 days to identify […]
Read More