Here’s what I know. People with ill-intent never rest. From malicious hackers targeting your specific website for ill-gotten gains to script kiddies just looking for a website to mess with to web-based malware, there are no boundaries. A full-time web presence translates into being a full-time target.

You need to know where the security vulnerabilities are located and it certainly helps to know when they crop up. You can find these issues by performing your own web security checks every few months or you can use an automated technology to do the heavy lifting for you around the clock. If you need the utmost in security, perhaps the best solution is to do manual checking and use an automated monitoring tool.

In addition to checking for website vulnerabilities, there are a few other security-related issues to keep in mind including:

• How often you’re backing up your website and web server?
• How often you’re patching your operating system, web server and related software?
• How often malware scans are being run at the operating system level using traditional anti-virus software?

Even if you’re monitoring for security vulnerabilities in real time, you still have other considerations so you can’t simply set it and forget it. Whether your website is for personal use or business use, and even if a third-party is hosting it, website security is something you need to keep an eye on periodically and consistently over time. Unless you’re specifically paying for such services, nobody else is going to do this stuff for you.

Ensure that your website is constantly monitored for security vulnerabilities and threats by simply signing up for a WebsiteDefender account!

‘Like’ our WebsiteDefender Facebook page and read our WebsiteDefender Blog to receive updates about how to maximise your website security.

When you receive an email from WebsiteDefender informing you that your web files have been changed, log in to your WebsiteDefender Dashboard and open the ‘Website File Contents Changed’ alert as below:

Choose the option ‘Click here to view the changes’ to see the full comparison between a changed file and its previous version. The detected changes will be highlighted so that you can easily realize if the changed code looks ‘funny’, or if there is something completely different from the rest of your codes which can lead to hacker activity. Usually, a malicious code can be identified by its long encoded or obfuscated commands or values that might include malware links to third party websites or URLs. For example, a malicious code that is imported in the .htaccess file might replace all custom error pages links to redirect your visitors to a phishing website.

The below examples shows how WebsiteDefender can detect file differences on your website.

Example 1:

 In the above example, WebsiteDefender shows that some code has been deleted from a file. As you can see, the deleted code is highlighted in red in order for you to identify it easily.

Example 2:

In this example, WebsiteDefender shows that new code has been injected in a file. The newly injected code is highlighted in green so that you can check if the code is malicious or not.

Example 3:

 This example shows that some code have been deleted from a file and new code have been injected in the same file. Again, WebsiteDefender highlights these changes so that you can easily analyse them.

As you can see in the above examples, you don’t need to be an expert to detect file changes or malicious code injected on your website. All you have to do is to sign up for your WebsiteDefender account here!

What is a Backdoor Script?

Backdoor scripts are malicious software that use secret or undocumented means to gain unauthorized access to a computer, website or network.  These exploits inherent vulnerabilities of the installed operating system or programs and allow attackers to obtain control over a system. Backdoor scripts work in the background of the compromised system or website and remain hidden from the website owners, which makes them a very high security risk.

What Risks can Result from Backdoor Scripts Attacks?

Backdoor scripts attacks can have catastrophic consequences for your online presence. The results depend very much on the hacker’s intentions and on the type of the backdoor scripts used. The most common types of backdoors are:

Active Backdoor Scripts: These types of malware scripts send sensitive information to one or more hosts. Active backdoor scripts are capable of providing complete access to your website. They can allow hackers to monitor your website activity, collect data and send out information is chunks, while receiving commands and acknowledgements from remote systems.

Passive Backdoor Scripts: Through this type of malware a hacker gains access your website by creating an entrance into your system. This entrance allows the attacker to log into your website at any time without using any password. The hacker can even gain administrative privileges to your website. Similar to the active backdoor scripts, these malware programs can be used for either, accepting distinct commands and returning the requested information, or for establishing a forward tunnel into a compromised network.

One common aspect with all these types of backdoor scripts is that they are capable of bypassing elaborate security infrastructures, so it is absolutely essential that you take the necessary steps to maintain a clean website.

WebsiteDefender regularly scans and checks for such malware scripts to help you eliminate the associated risks. So what are you waiting for? Put your mind at rest and sign up for your WebsiteDefender account today!

Stay up to date with the latest security news by ‘liking’ the WebsiteDefender Facebook Page and reading the WebsiteDefender Blog.

In order to access the database, a database user should have specific privileges that allow him or her to manipulate it. The WordPress database is built using MySQL and contains privileges which allow users to make certain changes. The ‘grant access privileges’ give users full privileges. This is a very convenient option for a user if they want to have full control over the WordPress database.

However, from the security point of view, this is extremely dangerous, since if a hacker gains access to the database then he or she will have full control over the WordPress database and the stored data, which can have catastrophic consequences on your website security. Therefore it’s not recommended to grant a user full access, unless the user needs to be able to use the DROP or DELETE SQL commands.

Below is an example of the minimum privileges a database user needs to have. Other database permissions are regarded as “extra” privileges that in most cases are not needed. A typical WordPress user should be granted the following database privileges only:

• SELECT
• INSERT
• UPDATE

If you are upgrading WordPress, the above database permissions might not suffice between versions, WordPress might need to make further changes to the database. In this case, if you are only upgrading to the latest version of WordPress, add the below privileges to the WordPress database user:

• CREATE
• ALTER

NOTE: Some plugins might require additional database privileges such as CREATE, DROP or DELETE and in those cases these privileges should be granted.

In addition to securing your WordPress database permissions, you should make sure that each database of your website is accessed through a separate account and not through the root account. Read our article on why you shouldn’t access your WordPress databases using the root account.

Sign up for your WebsiteDefender account here in order to make sure that all the permissions to your web files and directory are secured.

To stay up to date with the latest news on website security, “like” the WebsiteDefender Facebook Page and read the WebsiteDefender Blog.

Malware is injected onto websites for many reasons, varying from simple pranks and experiments to serious organized internet crime, such as stealing customer credit card details. Considering the severity of this problem, website owners should take protective measures in order to ensure that their website is secured at all times. Let’s take a look at some of the most commonly asked questions about malware links.

What is a Malware Link?

To understand what a malware link is, we need to know what malware is in the first place. Malware refers to malicious code that is designed to interrupt a computer operation or steal sensitive information from a computer or website. It generally includes worms, spyware, computer viruses, adware, crimeware, trojans or other malicious programs.

One of the most common infections that can compromise your website is the malware link. Hackers can insert new malware links into a website or replace your existing links with malicious links. When a visitor access an infected website and clicks on the malicious link, malware viruses get access into the visitor’s computer. Malware links can even redirect your users and customers to phishing or scam websites in order to steal credit card details or email addresses.

How Does a Website Get Infected with Malware Links?

Advertising is a very popular method used by webmasters to earn revenues from a website. In most cases, a job is outsourced to a third party advertising service provider who may skip scanning each and every ad before posting it onto your website. Hackers can take this opportunity to serve malware links into your website. Interestingly, in some cases even Google Adsense, AdultAdWorld and Adbrite were tricked by hackers to allow ads packed with malware links on their networks.

Malware Injection is another technique in which hackers can infect your website. If a hacker inject malicious code into your website, your visitors who click on that specific link will get their PCs infected with the malware. Basically, if a hacker inserts their own malicious code, before the browser processes it, he/ she can effectively control whatever the browser does. The hacker can also collect users’ personal information, which can be misused. In some cases, websites have applications that require some user input through check boxes and forms. Secure websites have adequate filters to make sure that data is entered using only these interfaces. Hackers, however, bypass these security measures and inject malicious code into these legitimate web pages. Hackers may also inject malicious links within the database and collect information and take control of data, or compromise vulnerabilities in the operating system to access files. Another way hackers can plant malware links is if you have weak passwords. Hackers use many different techniques to determine user access passwords to gain access and insert malicious links, such as brute force attacks. You’d be surprised at how many users use “password” as their password!

How to Protect a Website from Malware Links

To secure a website against malware infections, you should hire an ongoing Malware detection scanning service. WebsiteDefender.com offers an extensive solution that protects your website from malware attacks by taking the following measures:

• We detect even the best hidden malware, hidden in your web pages.
• We look for backdoor scripts.
• We find root exploits such as rootkits.
• We check all the JavaScript and iFrames that are within your website’s code.

So, if you want to protect your website from malware infection, sign up for your WebsiteDefender account today and keep your website clean of malware.

‘Like’ our WebsiteDefender Facebook page and read our WebsiteDefender Blog to keep up to date with the latest website security news.