Security

What is CSF (ConfigServer Security and Firewall)?

ConfigServer Firewall, also known as CSF, is a firewall configuration script created to provide better security for your server while giving you an advanced, easy to use interface for managing firewall settings. CSF configures your server’s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP,…
Read More

Using Hotlink Protection

Hotlink Protection prevents other web sites from directly linking to certain files (typically images) that are on your web site. This tutorial will assume that you are logged into your cPanel. If you are having trouble doing that, please see the tutorial named "How to Login to cPanel". The purpose of Hotlink Protection is so…
Read More

Top Reasons why WordPress websites get hacked (and how you can stop it)

Hacking is the process of finding flaws in a system, and exploiting them to bypass security controls. ‘Ethical’ hackers use this process to learn about a system and find its weaknesses. However, malicious or ‘black hat’ hacking is also common. It is often used to break into websites. There are a lot of reasons why…
Read More

How to Password Protect a Directory

This tutorial will teach how to password protect a directory. Password protecting a directory will allow you to require a username and password to access a folder or folders from the web. This tutorial will assume that you are logged into your cPanel. On your main cPanel page, scroll down to the section called Security.…
Read More

How To Use The IP Deny Manager

This tutorial will teach you how to use the IP Deny Manager to block access to your web site from a specific IP address or IP address range. This tutorial will assume that you are logged into your cPanel. If you are having trouble doing that, please see the tutorial named "How to Login to…
Read More

Free Online Tools for Looking up Potentially Malicious Websites

Several organizations offer free online tools for looking up a potentially malicious website. Some of these tools provide historical information; others examine the URL in real time to identify threats: AbuseIPDB: Provides reputation data about the IP address or hostname BrightCloud URL/IP Lookup: Presents historical reputation data about the website CheckPhish: Checks whether the URL…
Read More

CAPTCHA Telling Humans and Computers Apart Automatically

This tutorial is to explain CAPTCHA, an acronym which stands for "Completely Automated Public Turing test to tell Computers and Humans Apart". The purpose of a CAPTCHA is to provide a problem that is easy enough for a human to solve, but yet will prevent automated software on a computer from performing whatever tasks the…
Read More

After the cleanup. What to do after your site is fixed.

May 31, 2011  by sucuri-research If you are reading this page then you are on your way to being proactive and actively taking steps to help reduce the risk of reinfection. While no-one can promise you the risk will ever be zero, we can work together to ensure that its as low as possible. Will this…
Read More