Page Not Found
Page not found. Your pixels are in another canvas.
A list of all the posts and pages found on the site. For you robots out there is an XML version available for digesting as well.
Page not found. Your pixels are in another canvas.
Sucuri is committed to helping women develop their careers in technology. On International Women’s Day, Sucuri team members share their insights into workin...
Moving a WordPress website from HTTP to HTTPS should be a priority for any webmaster. Recent statistics show that over 33% of website administrators across ...
We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / ...
Recently we came across a malicious campaign injecting scripts that push fake browser updates onto site visitors. This is what a typical fake update request...
Over the last few months, we’ve noticed several credit card-stealing scripts that use variations of the Google Analytics name to make them look less suspici...
The most effective phishing and malware campaigns usually employ one of the following two age-old social engineering techniques: Impersonation These online ...
As a security company, we deal with a lot of compromised websites. Unfortunately, in most cases, we have limited access to customer logs, which is one of th...
As a website industry professional, you are aware of the importance of website security. This is especially true when managing 10 or more sites. How can you...
A bot is a software application that uses automation to run scripts on the internet. Also called crawlers or spiders, these guys take on the simple yet repe...
We see a lot of files infected by website malware on a daily basis here at Sucuri Labs. What we don’t see is very many categories of infections. The purpose...
<p>Here at Sucuri, we clean WordPress websites every day. There are various types of common malware, but when we stumble upon a different scenario, our...
<p>Distributed denial-of-service (DDoS) attacks can disrupt website traffic and impact any business. To help website owners and webmasters improve thei...
<p>SiteCheck is Sucuri’s free website malware and security scanner offered to anyone who wants to scan their websites for malware and blacklist status....
<p>To bring awareness to what threatens the integrity of websites, we are continuing a series of posts on the OWASP top 10 security risks.</p> Th...
<p>If we navigate way back into the recesses of our memory to the era of GeoCities websites and MySpace pages, we might distinctly recollect the popula...
<p>In the first post of this series, we talked about the practices that will optimize your site and increase its resilience to DDoS attacks. In the sec...
<p>To bring awareness to what threatens the integrity of websites, we are continuing a series of posts on the OWASP top 10 security risks.</p> Th...
<p>What is Cross-Site Contamination?</p> Cross-site contamination happens when a hacked site infects other sites on a shared server. Think of it ...
<p>Have you included website security as a part of your new year’s resolutions for 2019?</p> Here is a quick retrospective on tips some of our te...
<p>Christmas is a wonderful time to spend with family and friends. A lot of kids look forward to opening their presents under the Christmas tree, but n...
<p>The Sucuri team is excited to announce that we have been recognized as a December 2018 Gartner Peer Insights Customers’ Choice for the Sucuri Firewa...
<p>It’s very common for us here at Sucuri to face SEO injections on almost any type of CMS-based site. Today, I’ll be presenting how one particularly i...
<p>Santa Claus is coming! Was your website naughty or nice this year?</p> Here is a quick checklist of the top 10 bad things that can harm your w...
<p>To bring awareness to what threatens the integrity of websites, we are continuing a series of posts on the OWASP top 10 security risks.</p> Th...
<p>We recently investigated a suspicious link received by one of my colleagues on WhatsApp. The message (in Portuguese) states that Volkswagen is offer...
<p>Credit card stealing malware is becoming more and more customized. We’ve been regularly seeing injected scripts with URLs that either mimic or inclu...
<p>All across the internet, we find guides and tutorials on how to keep your WordPress site secure. Most of them approach the concept of user roles, bu...
<p>Phishing is a serious threat to any industry. We have seen this topic appear in the news more each day. You might have already received a fraudulent...
<p>There’s a term for the practice of scaring potential customers into purchasing products or services they don’t need: FUD; fear, uncertainty, and dou...
<p>As we take a step back and think about how much the Internet has grown over the past 20 years, we realize how much content/data has been made availa...
<p>Every year we see an increase in website attacks during the holidays. </p> While business owners see their sales go up due to promotional Blac...
<p>Though the Sucuri Firewall is simple to set up and protects your website immediately, it’s possible to have granular control of the WAF by using an ...
<p>Last Friday, we reported on a hack that used a vulnerability in the popular WP GDPR Compliance plugin to change WordPress siteurl settings to ereali...
<p>We have noticed a growing number of WordPress-based sites that have had their URL settings changed to hxxp://erealitatea[.]net. Further investigatio...
<p>Having a website has become easier than ever due to the proliferation of great tools and services in the web development space. Content management s...
<p>Recent statistics show that over 32% of website administrators across the web use WordPress.</p> Unfortunately, the CMSs popularity comes at a...
<p>In our previous post, we have discussed why marketers should have a proactive approach to website security. Today we are going to discuss some secur...
<p>Most online marketers think of themselves as T-shaped individuals. The theory behind this concept is that individuals possess a wide range of skills...
<p>Earlier this week, we published a blog post about an ongoing massive malware campaign describing multiple infection vectors that it uses. This same ...
<p>It is National Cyber Security Awareness Month and in order to bring awareness to what threatens the integrity of websites, we have started a series ...
<p>Last month, we shared information about yet another series of ongoing massive infections using multiple different vectors to inject malicious script...
<p>As a website owner, you may have experienced your website being down for any number of reasons. Maybe due to errors in code, server related difficul...
<p>When Twitter announced their new design for “Tweet” and “follow” buttons back in October 2015, marketers across the web developed a mild anxiety—the...
<p>For the second week of National Cyber Security Awareness Month, we would like to focus on a very important part in having a good website security p...
<p>During an incident response investigation, we detected an interesting piece of heavily obfuscated JavaScript malware. Once decoded, we found out tha...
<p>It is National Cyber Security Awareness Month and in order to bring awareness to what threatens the integrity of websites, we would like to start a ...
<p>Since 2003, October has been recognized as National Cybersecurity Awareness Month. It is an annual campaign to raise awareness about the importance ...
<p>Having a website today is way easier than it was 10 or 15 years ago. Tools like content management systems (CMS), website builders, static site gene...
<p>This is the last post in our series on E-commerce Security:</p> Intro to Securing an Online Store – Part 1 Intro to Securing an Online Store ...
<p>Finding backdoors is one of the biggest challenges of a website security analyst, as backdoors are designed to be hidden in case the malware is foun...
<p>We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file.</p...
<p>Defaced websites are a type of hack that is easy to notice and a pain for website owners. Recently, we came across some defacement pages with a pecu...
<p>Sucuri has always been active in the WordPress community. We’ve attended WordCamps around the world, created tools and features specifically for Wor...
<p>We have recently been notified of phishing emails that target WordPress users. The content informs site owners that their database requires an updat...
<p>In the first post of this series, we discussed some of the main website security threats. Knowing the website security environment is a vital part o...
<p>In order to clean a malware infection, the first thing we need to know is which files have been compromised. At Sucuri, we use several techniques in...
<p>Every day we see different website infections. When we receive unusual or interesting cases, our researcher instincts are triggered to investigate t...
<p>This August, we’ve seen a new massive wave of WordPress infections that redirect visitors to unwanted sites.</p> When redirected, users see an...
<p>Since July, we’ve been observing a massive WordPress infection that is responsible for unwanted redirects to scam and ad sites. This infection invol...
<p>Have you ever wondered if your website security posture is adequate enough?</p> The risk of having a website compromise is never going to be z...
<p>In the first post of this series, we talked about the practices that will optimize your site and increase your website’s resilience to DDoS attacks....
<p>Most websites today use cookies. Since May 25th, 2018, all websites that do business in the European Union (EU) had to make some changes to be compl...
<p>Recently, we came across another way to use files from GitHub repositories in malware infections.</p> This time the infections weren’t via Git...
<p>Google, Mozilla, and other web authorities are pushing for website owners to adopt HTTPS. Soon, Google Chrome will start flagging sites by displayin...
<p>A few years ago, we saw how a browser extension introduced a threat to serve unwanted ads. Today, the number of browser extensions available to user...
<p>If you have been following our blog for a long time, you might remember us writing about malware that used EXIF data to hide its code.</p> Thi...
<p>It’s always nice to meet an old friend or someone you used to know well. You have news to share and talk about, stories to tell, etc. But what if yo...
<p>The WordPress team has just released a critical security and maintenance update to resolve a number of bugs and security issues.</p> Included ...
<p>We are all familiar with the conventional domain name notation, where different levels are concatenated with the full stop character (period).</p...
<p>We’ve all seen sketchy looking emails or texts with malicious links to click on. There are still people who fall for these more obvious types of sca...
<p>Protecting our users’ information and privacy is extremely important to us. As a cloud-based security service, we are fully committed to complying w...
<p>When a site gets compromised, the attackers will often leave some piece of malware behind to allow them access back to the site. Hackers want to lea...
<p>Most people assume that if their website has been compromised, there must have been an attacker evaluating their site and looking for a specific vul...
<p>In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit ...
<p>Imagine waking up in the morning to see that a couple of calls were missed and your email is overloaded with messages saying that your website is do...
<p>Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks are unforgiving. They test the limits of your web server and application re...
<p>Day-to-day operations can present many challenges. Whether you’re wearing multiple hats within the same department or a project lead managing dozens...
<p>Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following fi...
<p>Website security is challenging, especially when dealing with a large network of sites. That is why we have created a guide for web professionals an...
<p>Protecting our users’ information and privacy is extremely important to us. As a cloud-based security service, we’re fully committed to complying wi...
<p>Sucuri’s main objective is to make the internet a safer place for everyone. With that in mind, we created a Referral Program, which gives you the op...
<p>Have you ever wondered what happens if your e-commerce site is breached?</p> Usually, when you think about data breaches, you think about big ...
<p>Sucuri aims at keeping the internet safe. That is why we are so keen on informing our customers of potential threats. We have posted many articles r...
<p>After a series of critical Drupal vulnerabilities disclosed this spring, it’s not surprising to see a surge of massive Drupal infections like this o...
<p>After a successful compromise, backdoors are frequently left behind and function as a point of re-entry into the website environment. These maliciou...
<p>An enormous number of SEO spam infections are handled by us here at Sucuri. In our most recent hacked website trend report, we analyzed over 34,000+...
<p>Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam page...
<p>If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say “yes” or even “absolutely”...
<p>As a website owner, it’s a good idea to be aware of the security issues that might affect your site. For example, Cross-site Scripting (XSS) attacks...
<p>The malware attack that began as an installation of malicious Injectbody/Injectscr WordPress plugins back in February has evolved since then.</p&...
<p>We are proud to be releasing our latest Hacked Website Trend Report for 2017.</p> This report is based on data collected and analyzed by the S...
<p>Recently, I analyzed a malware sample provided by our analyst Edward C. Woelke and noticed that it had been placed in a core WordPress folder. This ...
<p>If you want to make your website security more robust, you need to think about hardening. To harden your website means to add different layers of pr...
<p>A few months ago, we reported on how cybercriminals were using GitHub to load a variety of cryptominers on hacked websites. We have now discovered t...
<p>We often find mailer scripts while cleaning malicious code from websites. Some of them are easily discovered, while others are obfuscated or heavily...
<p>Last year, we introduced the theme of Securing an Online Store. We talked about how to identify the potential risks and what to look out for. These ...
<p>Last week, we explained what zero-day vulnerabilities and attacks are. Essentially, zero-day vulnerabilities exist in the wild, with no patch availa...
<p>Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research websit...
<p>In computer science, a vulnerability is considered to be a zero-day vulnerability if it’s unknown to all parties interested in patching it, such as:...
<p>Since December, we’ve seen a number of websites with this funny looking obfuscated script injected at the very top of the HTML code (before the tag...
<p>On February 8th, 2018, we noticed a new wave of WordPress infections involving two malicious plugins: injectbody and injectscr. These plugins inject...
<p>We’re excited to be sharing some changes we’ve recently pushed for our Website Backups product.</p> If you’re not familiar with this feature, ...
Photo by Niko Soikkeli / Unsplash The root of the DNS tree has been using DNSSEC to protect the zone content since 2010. DNSSEC is simply a mechanism to prov...
<p>Website security has crossed the mind of nearly every website owner. However, as a website security company, we know that most webmasters come to us...
<p>Have you ever wondered what WAF means?</p> WAF stands for Website Application Firewall. In order to make it simple to understand, imagine your...
<p>A few months ago, we covered two injections related to the “cloudflare.solutions” malware: a CoinHive cryptominer hidden within fake Google Analytic...
Democratizing the Internet and making new features available to all Cloudflare customers is a core part of what we do. We're proud to be early adopters and h...
<p>As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the YITH WooCommerce Wishlist...
Last week the news of two significant computer bugs was announced. They've been dubbed Meltdown and Spectre. These bugs take advantage of very technical syst...
<p>Recently we wrote about how GitHub/GitHub.io was used in attacks that injected cryptocurrency miners into compromised websites. Around the same time...
<p>It’s the day after Christmas; or, depending on your geography, Boxing Day. With the festivities over, you may still find yourself stuck at home and ...
<p>Today, December 25th, Cloudflare offices around the world are taking a break. From San Francisco to London and Singapore; engineers have retreated h...
<p>As I’m writing this, four DDoS attacks are ongoing and being automatically mitigated by Gatebot. Cloudflare’s job is to get attacked. Our network ge...
During 2017 Cloudflare published 172 blog posts (including this one). If you need a distraction from the holiday festivities at this time of year here are so...
<p>Over the last few weeks, we’ve noticed a JavaScript injection in a number of WordPress databases, and we recently wrote about them in a Sucuri Labs ...
<p>Have you ever had to sign up for a new account, but once the time came to create a password, your spirits dropped a little? It’s hard enough to reme...
<p>Earlier this year, we faced a growing volume of infections related to a vulnerability in outdated versions of the Newspaper and Newsmag themes. The ...
<p>It is now commonly accepted as fact that web performance is critical for business. Slower sites can affect conversion rates on e-commerce stores, th...
<p>Recently, a webmaster contacted us when his AVG antivirus reported that the JS:Miner-C [Trj] infection was found on their site.</p> Our invest...
<p>A few weeks ago, we wrote about a massive WordPress infection that injected an obfuscated script pretending to be jQuery and Google Analytics. In re...
It may (or may not!) come as surprise, but a few months ago we migrated Cloudflare’s edge SSL connection termination stack to use BoringSSL: Google's crypto ...
<p>On Monday, November 20th, we were notified about a vulnerability that poses a serious security risk when the Shortcodes Ultimate and Formidable Form...
<p>News outlets and blogs will frequently compare DDoS attacks by the volume of traffic that a victim receives. Surely this makes some sense, right? Th...
<p>Shopping season is here, and with that, so is the opportunity for ecommerce site owners to grow their revenue and reputation. However, hackers are a...
<p>A few months ago at Cloudflare’s Internet Summit, we hosted a discussion on A Cloud Without Handcuffs with Joe Beda, one of the creators of Kubernet...
<p>As consumers prepare to take advantage of the discounts and promotions for the Black Friday and Cyber Monday ecommerce holidays, bad actors are craf...
<p>During regular audits of our Sucuri Firewall (WAF), one of our researchers at the time, Slavco Mihajloski, discovered an SQL Injection vulnerability...
<p>We are now 3 months on from one of the biggest, most significant data breaches in history, but has it redefined people’s awareness on security?</...
<p>This is a guest post by Alex Davidson, a PhD student in Cryptography at Royal Holloway, University of London, who is part of the team that developed...
<p>Enabling anonymous access to the web with privacy-preserving cryptography</p>
<p>You would never leave the front door to your house wide open when you’re not home would you? Doing so would allow criminals to seize the opportunity...
<p>WordPress has become the most popular CMS and now powers over 28% of the web. With over 60 million downloads, its popularity makes it a prime target...
<p>Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive mi...
<p>I have a weird setup. I type in Dvorak. But, when I hold ctrl or alt, my keyboard reverts to Qwerty.</p>
<p>We handle an enormous number of SEO spam infections here at Sucuri. In Q3 of 2016, approximately 37% of all website infection cases were related to ...
<p> Photo by Cloudflare Staff</p>
<p>Three years ago, researchers at Yandex discovered a complex server infection, dubbed Mayhem, that embeds itself deep within a system by compiling a ...
<p>Cloudflare helps make over 6 million websites faster and more secure. In doing so, Cloudflare has a vast and diverse community of users throughout t...
<p>During a recent investigation, I found a new piece of malicious code being used to steal credit card information from compromised Magento sites. <...
OnAir Video Presentation
<p> Fire the Gric Cannon! Hot on the heels of several birthday week product announcements, we continue to expand our global network. </p>
October is European Cybersecurity Month, an annual advocacy campaign to raise awareness of cyber risks among citizens and businesses, and to share best pract...
<p>Cryptocurrencies are all the rage now. Bitcoin, altcoins, blockchain, ICO, mining farms, skyrocketing exchange rates – you see or hear this everyday...
<p>If you are doing website development and have a local repository, or store website backups on your computer, you should strongly consider encrypting...
Ben Sadeghipour, Technical Account Manager, HackerOne, and Katie Moussouris, Founder & CEO, Luta Security
Brandon Philips, Co-Founder & CTO, CoreOS, and Joe Beda, CTO, Heptio, & Co-Founder, Kubernetes
Cole Crawford, Founder & CEO, Vapor IO, and Chaitali Sengupta, Consultant, Qualcomm Datacenter Technologies
<p>Over the summer we’ve seen waves of WordPress database infections that use vulnerabilities in tagDiv’s Newspaper/Newsmag themes or InterconnectIT Se...
<p>HTTPS is a hot topic among online marketers and SEO professionals who understand the future of the web needs to be more secure. Not just for the goo...
<p>When you build or remodel a house, construction workers create a strong framework that can withstand the elements to keep your home and possessions ...
<p>Inline frames (iFrames) are an easy way to embed content from another site onto your own. This element allows you to insert another document inside ...
The Quantum Threat
<p>Ecommerce websites have one of the most difficult challenges in the web security space – keeping the implicit trust of a customer in order to make t...
<p>Hackers are constantly scanning the internet for exploitable sites, which is why even small, new sites should be fully patched and protected. At the...
<p>For years, Google has been actively seeking ways to encourage website owners to implement SSL certificates. SSL allows websites to be accessed over ...
<p>A malicious redirect is a snippet of code used by attackers with the intention of redirecting visitors to another site; a very common tactic seen in...
<p>We all know that we shouldn’t click on links from sketchy looking emails. But what if the website you’re viewing takes you to a spoofed page at the ...
A game-changer
<p>We’ve covered a lot of personal security practices, but many people forget how important it is to secure mobile devices, which are riddled with pers...
<p>When cleaning websites, one of the most complicated parts of our job is ensuring we find all backdoors. Most of the time, attackers inject code into...
<p>Earlier this week we wrote about how to use command line tools to back up your website. Check our our previous article for details on how we create ...
<p>Creating website backups should be one of the most important recurring tasks for a website administrator, and yet backups are often forgotten when t...
<p>I have a website. Sweet! What happens next?</p> Well, it’s a natural question. I had a brilliant idea and purchased a domain name, but what do...
<p>Backdoors are found in 72% of infected websites, according to our latest reports. Backdoors are files left on the server by attackers in order to re...
Cloudflare runs 3,588 containers, making up 1,264 apps and services that all need to be able to find and discover each other in order to communicate -- a pro...
<p>This month, our Malware Research and Incident Response teams wrote about redirects that deliver malware and ads to visitors, as well as a backdoor m...
As we’ve previously discussed on this blog, Cloudflare has been challenging for years the constitutionality of the FBI’s use of national security letters (NS...
<p>If you suffer multiple reinfections and your site is one of many in an account, the odds are high that you’re suffering from cross-site contaminatio...
<p>PHP contains an interesting but rarely used feature called Phar, which stands for PHp ARchive, that allows developers to package entire applications...
<p>Drupal is an open-source content management system and website builder with a unique structure that allows it to be highly flexible and extendible. ...
<p>At Cloudflare our focus is making the internet faster and more secure. Today we are announcing a new enhancement to our HTTPS service: High-Reliabil...
<p>The Internet is getting more secure every day as people enable HTTPS, the secure version of HTTP, on their sites and services. Last year, Mozilla re...
<p>Last year we took a look at how attackers were infecting Drupal installations to spread their spam and keep their campaigns going by just including...
Everybody has secrets. Software developers have many. Often these secrets -- API tokens, TLS private keys, database passwords, SSH keys, and other sensitive ...
<p>As part of a vulnerability research project for our Sucuri Firewall, we have been auditing popular open source projects looking for security issues....
Last month we shared statistics on some popular reflection attacks. Back then the average SSDP attack size was ~12 Gbps and largest SSDP reflection we record...
<p>For the fourth installment of our personal security guides, we are covering how to secure your computer.</p> This includes current versions of...
When we started Cloudflare we had no idea if anyone would validate our core idea. Our idea was what that everyone should have the ability to be as fast and s...
<p>Unwanted ads are one of the most common problems that site owners ask us to solve. Recently, we’ve noticed quite a few requests to remove intrusive ...
<p>Every day we face countless cases of sites getting compromised and infected by an attacker. From there, the sites can be used for various operations...
<p>We are always on guard for phishing emails and websites that might try to compromise our customers or employees, so that we can be on top of the iss...
<p>Sucuri Labs provides website malware research updates directly from our teams on the front line. You can read past-monthly recaps to catch up on tre...
<p>This is the third part in our series on personal security that offers methods to strengthen your overall security posture. By taking a holistic appr...
<p>We submit hundreds of blacklist review requests every day after cleaning our clients’ websites. Google’s Deceptive Content warning applies when Goog...
Recently Akamai published an article about CLDAP reflection attacks. This got us thinking. We saw attacks from Conectionless LDAP servers back in November 20...
<p>In our last post on browser security, we talked about how developing a broader security mindset can help keep your website safe. By taking steps to ...
<p>If your computer is infected, malware can spread to your website through text editors and FTP clients. Weak passwords are also vulnerable to brute f...
<p>During regular research audits for our Sucuri Firewall (WAF), we discovered a SQL Injection vulnerability affecting Joomla! 3.7. The vulnerability i...
<p>Website security is a continuous process. It’s not something that should be turned on when the time is right; rather integrated into the full scope ...
On March 20th, Cloudflare received our first patent infringement claim: Blackbird Tech LLC v. Cloudflare, Inc. Today we’re filing our Answer to that claim in...
<p>Cookies are stored in the user’s browser to track behavior on a specific website. They also keep a user logged in during the active browsing session...
Last Thursday, ProPublica published an article critiquing our handling of some abuse reports that we receive. Feedback from the article caused us to reevalua...
<p>Over the course of the last year, our teams have been getting creative and making a collaborative effort to improve the experience of our customer d...
Cloudflare’s community of users is vast. With more than 6 million domains registered, our users come in all shapes and sizes and are located all over the wor...
This is a guest post by Gabe Kassel, Product Manager for Embedded Software at eero.
<p>This month, our Malware Research and Incident Response teams wrote about several malware techniques that attempt to evade detection by focusing on s...
<p>From security cameras to traffic lights, an increasing amount of appliances we interact with on a daily basis are internet connected. A device can b...
<p>If you are a customer of ours, you may have noticed the recent updates we’ve made to our dashboard. These changes enhance your ability to manage the...
<p>The Sucuri Firewall dashboard provides a rich set of API functions that can be used to control your firewall settings remotely. In addition, there i...
<p>If you own a website and collaborate with others, the principle of least privilege should never be questioned. It is a computer science principle wh...
<p>We are happy to share some big changes to the monitoring dashboard. The Sucuri Platform features a monitoring dashboard that provides information re...
If you’re running a SaaS company, you know how important it is that your application is performant, highly available, and hardened against attack. Your custo...
<p>Every month we recap the latest posts on Sucuri Labs, written by our Malware Research Team (MRT) and Incident Response Team (IRT).</p> Sucuri ...
About a month ago, security researcher Omer Gil published the details of an attack that he calls the Web Cache Deception attack. It works against sites that ...
<p>After carefully designing a theme and images that represent your brand, nothing is worse than seeing a malicious image suddenly associated with your...
<p>Since late last year, there has been a steady rise in malware campaigns that aim to steal sensitive personal information and financial credentials. ...
<p>We’ve been watching a specific WordPress infection for several months and would like to share details about it.</p> The attacks inject malicio...
<p>Try to remember what you ate for lunch yesterday.</p> It took you about 3-5 seconds, right? Ok. Now recall that memory once more. Took you les...
CC-BY 2.0 image by Ilaria Giacomi
CC-BY 2.0 image by Scipio
<p>In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on oth...
<p>Just over a week ago, WordPress released version 4.7.3 to patch multiple security issues. Despite the automatic update feature provided by many host...
<p>Cloudflare’s mission is to help build a faster and more secure Internet. Over the last several years, the Internet Engineering Task Force (IETF) has...
<p>As you might remember, we recently blogged about a critical Content Injection Vulnerability in WordPress which allowed attackers to deface vulnerabl...
<p>Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracke...
<p>Everyone has received a phishing scam via email at one point or another. Thanks to modern anti-spam technology, most of these messages are blocked f...
The Cloudflare team is headed down the street to Google NEXT 2017 from March 8th - 10th at Moscone Center booth C7 in San Francisco, CA. We’re excited to mee...
<p>In the past, we have seen a massive amount of vBulletin websites compromised through the VBSeo Vulnerability. Attackers have been infecting vBulleti...
<p>Every month we recap the latest posts on Sucuri Labs, written by our Malware Research Team (MRT) and Incident Response Team (IRT).</p> The Suc...
<p>We write quite often about SEO spam injections on compromised websites, but this is the first time we have seen this blackhat tactic spreading into ...
Last Thursday we released details on a bug in Cloudflare's parser impacting our customers. It was an extremely serious bug that caused data flowing through C...
<p>As part of a vulnerability research project for our Sucuri Firewall (WAF), we have been auditing multiple open source projects looking for security ...
Last Friday, Tavis Ormandy from Google’s Project Zero contacted Cloudflare to report a security problem with our edge servers. He was seeing corrupted web pa...
<p>One of the worst experiences for a website owner is finding out that the search results for your site have turned into a pharmacy, a fashion outlet,...
<p>Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot...
<p>Ecommerce refers to websites that involve online purchases. This functionality sparks new challenges, concerns, and requirements for website securit...
The Cloudflare TLS 1.3 beta is run by a Go implementation of the protocol based on the Go standard library, crypto/tls. Starting from that excellent Go codeb...
<p>Every month we recap the latest posts on Sucuri Labs, written by our Malware Research Team (MRT) and Incident Response Teams (IRT).</p> The Su...
<p>We are starting to see remote command execution (RCE) attempts trying to exploit the latest WordPress REST API Vulnerability.</p> These RCE at...
<p>During a recent malware investigation, we found some interesting obfuscated Javascript code. This code pretends to appear as part of the popular Add...
Come join us on Cloudflare HQ in San Francisco on Tuesday, Febrary 28, 2017 for another cryptography meetup. We again had a great time at the last one, we de...
<p>WordPress 4.7.2 was released two weeks ago, including a fix for a severe vulnerability in the WordPress REST API. We have been monitoring our WAF ne...
<p>In 2016, I shared some thoughts about firewalls in general; their history and purpose in the information security domain. The point of the article w...
<p>The North American Network Operators Group (NANOG) is the loci of modern Internet innovation and the day-to-day cumulative network-operational knowl...
Today a severe vulnerability was announced by the WordPress Security Team that allows unauthenticated users to change content on a site using unpatched (belo...
Nick Sullivan and I gave a talk about TLS 1.3 at 33c3, the latest Chaos Communication Congress. The congress, attended by more that 13,000 hackers in Hamburg...
<p>As part of a vulnerability research project for our Sucuri Firewall (WAF), we have been auditing multiple open source projects looking for security ...
<p>When a website is hacked, we often find that attackers have injected multiple backdoors, web shells, and malicious code that allows them to regain a...
<p>Since launching our website performance testing tool we have been getting a lot of questions about how to improve the speed and performance of WordP...
<p>A common pattern we see in compromised websites is the presence of backdoors and other malicious code. During Q3 of 2016, we found that 72% of all ...
<p>Last month there were a number of interesting website hacks being analyzed by our Malware Research Team (MRT) and Incident Response Teams (IRT).<...
Cloudflare is publishing today its seventh transparency report, covering the second half of 2016. For the first time, we are able to present information on ...
<p>During the last couple of years, it has become quite prevalent for hackers to monetize compromised sites by injecting unwanted ads. They can be pop-...
<p>Today we are proud to release our quarterly Hacked Website Report for 2016/Q3. This report is based on data collected and analyzed by the Sucuri Rem...
<p>Navigating the web on a mobile device can be tricky even when you’re browsing clean sites. If hackers are involved, the frustration of a pop-up can ...
<p>With so many open-source ecommerce platforms available in the market, selling online is an appealing and easy option for any store owner. In a few c...
<p>As a business owner, the last thing you want is for a potential customer to search Google for your business and find a lewd image.</p> The way...
This piece was originally written for the Gopher Academy advent series. We are grateful to them for allowing us to republish it here.
<p>One of the worst experiences a website owner can have is being blacklisted by Google. If you are one of the 10,000 websites that has been slapped wi...
<p>Attackers compromise sites with a number of goals in mind – also referred to as actions on objective. In some instances they aim to abuse resources ...
<p>Time for another monthly recap! If you haven’t seen the other monthly recaps, make sure to check out October and September. Our malware research and...
In 2011 we launched the Cloudflare Apps platform in an article that first declared Cloudflare as “not ... the sexiest business in the world.” Sexy or not, Cl...
<p>If you use Skype, recently you may have received Baidu link spam from some of your contacts.</p> The links look like this: www.baidu[.]com/lin...
<p>In our last webinar, How To Account For Security With Customer Projects, I spoke about maintenance and sustainment contracts – specifically how to u...
<p>From the attacker’s perspective, creating ways to maintain access to a compromised website is desirable. This allows them to further distribute malw...
<p>As WordPress continues to grow in popularity, so does its library. New and experienced developers are creating themes and plugins – which creates di...
<p>With the holiday season around the corner, ecommerce sites are very valuable to website owners and equally attractive to attackers. Hackers have bee...
<p>Since the beginning of November we’ve been cleaning many sites infected with the same SEO spam malware.</p> The malware creates doorways for h...
<p>A few months ago, we posted an article about the difference between IPv4 and IPv6. Our research team has expanded on those findings with additional ...
<p>In a recent post, we covered how attackers were abusing server resources to create WordPress sites in subdirectories and distribute spam. By adding ...
<p>Joomla! is one of the most popular open-source content management systems (CMS) on the market, powering a large percentage of websites on the intern...
<p>We have been monitoring a new campaign specifically targeting WordPress sites, using hundreds of them for SEO spam distribution. We call it the XM1R...
<p>In our September Labs Notes Recap, we listed recent discoveries made by our Incident Response and Malware Research Teams. These monthly recaps serve...
Come join us on Cloudflare HQ in San Francisco on Tuesday, November 22 for another cryptography meetup. We had such a great time at the last one, we decided ...
<p>When a site gets hacked, the attack doesn’t end with the malicious payload or spam content. Hackers know that most website administrators will clean...
<p>Exactly 3 days ago, the Joomla team issued a patch for a high-severity vulnerability that allows remote users to create accounts and increase their ...
<p>Yesterday, Joomla! 3.6.4 was released, patching a critical privilege escalation and arbitrary account creation vulnerability.</p> As we’ve see...
<p>The Joomla team released a serious security vulnerability affecting all Joomla versions from 3.4.4 and up. If you’re using one of these versions of ...
<p>Remediating over 500 infected sites per day, we see attacks executed at varying levels of complexity. The tactics attackers use to compromise a site...
<p>In a matter of hours, a big e-commerce website can have hundreds of credit card numbers stolen and used by attackers on other websites around the wo...
In the field of Information Security (InfoSec) we like to use the phrase defense in depth. Like many things, it is a borrowed term with roots dating back mil...
Over the past year we have seen a rash of credit card swipers in Magento and other ecommerce-based websites. In fact, we have been finding new variants nearl...
The FUD factor has been employed by sales and marketing teams from multiple industries for decades. It stands for fear, uncertainty and doubt (FUD) and first...
One of the base principles of cryptography is that you can't just encrypt multiple messages with the same key. At the very least, what will happen is that tw...
Sharing what we learn in the form of content and tools has been a staple here at Sucuri since our inception. Our greatest challenge is having enough hours to...
One of the worst feelings a website owner can experience is discovering that your site has been hacked. Without proper security measures in place, even websi...
Cloudflare has certified with the U.S. Department of Commerce for the new EU-U.S. Privacy Shield framework.
When we launched Universal SSL in September 2014 we eliminated the costly and confusing process of securing a website or application with SSL, and replaced i...
Today, we're introducing two new Cloudflare Traffic products to give customers control over how Cloudflare’s edge network handles their traffic, allowing the...
A few weeks ago we ran an experiment to see how long it would take for some IPv4-only and IPv6-only servers to be compromised via SSH brute force attacks. We...
CloudFlare's mission is to make HTTPS accessible for all our customers. It provides security for their websites, improved ranking on search engines, better p...
The internet is a complex ecosystem of interconnected devices, and at its core is the Internet Protocol (IP). This protocol is currently in its second major ...
The CloudFlare London office hosts weekly internal Tech Talks (with free lunch picked by the speaker). My recent one was an explanation of the latest version...
CloudFlare aims to put an end to the unencrypted Internet. But the web has a chicken and egg problem moving to HTTPS.
Today we’re releasing our quarterly Hacked Website Report for 2016/Q2. The data in this report is based on compromised websites we worked on, with insights a...
CloudFlare is turbocharging the encrypted internet
Since CloudFlare’s inception, we have worked tirelessly to make encryption as simple and as accessible as possible. Over the last two years, we’ve made Cloud...
Over 25% of all websites use WordPress, and over 10% of all internet traffic flows through CloudFlare; WordPress + CloudFlare has always been a winning combi...
A website is only as safe as the weakest link on its shared server. Once a hacker gains access to one site on the server, they can easily infect other sites ...
Our involvement in WordPress security has always been a core part of our mission here at Sucuri. We have teams who actively lend advice on WordPress support ...
Pharma hacks are common website infections categorized under SEO spam. With pharma hacks, the attacker exploits vulnerable websites to distribute pharmaceuti...
We have been monitoring a large-scale Layer 7 HTTPS flood attack (i.e., application level DDoS) against a customer over the past few weeks. It is being distr...
<p>The mission of the United State’s Government’s Consumer Product Safety Commission (CPSC) is to protect consumers from injury by products. It’s ironi...
IPv6 usage has been growing very slowly through the last 10 to 15 years. Since mid-2015 it started to pick up and increase adoption at a rapid pace. Google, ...
Traveling back and forth between the UK and US I often find myself answering the question “What does CloudFlare do?”. That question gets posed by USCIS on ar...
On a recent trip to Cuba I brought with me a smartphone and hoped to get Internet access either via WiFi or 3G. I managed that (at a price) but also saw for ...
As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the Ninja Forms plugin for WordPress, ...
Blackhat SEO spam comes in many forms, and one of the most nefarious is hijacked search results. This happens when search engines crawl and display unwanted ...
Cart66 offers a comprehensive plugin solution for WordPress shop owners. With a unique suite of services, intuitive features, and essential security componen...
Do you keep all your website software (including all third-party themes, plugins and components) up-to-date? You should! We always recommend this to our clie...
During the last couple of days we performed a few similar cleanup requests where sites occasionally redirected visitors to malicious sites that displayed ads...
The need to make better sense of markets is paramount to the way businesses are run and decisions are made. We see this with the proliferation of online serv...
Hunting credit card details on compromised ecommerce websites has become popular over the last two years. We have reported multiple cases in the past where a...
Over the past few weeks we’ve seen a large number of Joomla websites compromised with the Realstatistics malware campaign. This mass infection is still evolv...
If you have an e-commerce website and you accept credit cards from your clients, you probably already heard of the term PCI compliance. PCI DSS (Payment Card...
In this post we’ll show you the tactics employed by the realstatistics malware campaign to make their injections seem less suspicious. The injection looks li...
Our Incident Response Team (IRT) has been tracking a mass infection campaign over the last 2 weeks ( codenamed “Realstatistics”). This campaign has compromis...
Recently we wrote about domain renewal scams that used real paper letters to tricks site owners into transferring their domains and renewing them for 3-4x th...
Our security operations team investigate and mitigate multiple denial of service (DDoS) attacks every single day. One recent case caught our attention becaus...
The Payment Card Industry Data Security Standards (PCI DSS) is a set of security standards established in a joint venture between a number of the top credit ...
When I received a letter in the mail asking me to renew my domain name, I immediately recognized it as a scam. The letter was designed to look like a bill, e...
As website attacks continue to evolve, we see growing levels of sophistication in the way attackers are expanding the economics of their industry. The moneti...
<p>GitHub offers a web hosting service whereby you can serve a static website from a GitHub repository. This platform, GitHub Pages, can be used with C...
Recently we told you how hackers use alternative domain names provided by web hosts to make their URLs look less suspicious. This time we’ll show a similar t...
We regularly find and write about malware that steals credit card details from Magento sites because attackers discover new techniques to obtain sensitive da...
For the last few days, we have noticed an increasing number of websites infected without any outdated plugin or known vulnerability. In most cases it was a p...
It has been over 19 months since Drupalgeddon, which refers to Drupal’s Security Advisory (SA) SA-CORE-2014-005. For those unfamiliar with it, it was a highl...
We usually write a lot about obfuscation methods on Sucuri Labs and here on the blog. Sometimes we write about free tools to obfuscate your code that aren’t...
Our Remediation group is comprised of two distinct teams, the Incident Response Team (IRT) and Malware Research Team (MRT). These teams work closely with our...
From time to time a customer writes in and asks about certain requests that have been blocked by the CloudFlare WAF. Recently, a customer couldn’t understand...
Last week we described the hack that randomly redirected site visitors either to a parked test0 .com domain or to malicious sites via the default7 .com domai...
Nobody likes spam. It’s never fun (unless you’re watching Monty Python). For us it comes with the territory; removing SEO spam has been at the core of what w...
Three days ago the ImageMagic (ImageTragick) vulnerability was released to the world. We’ve been actively monitoring as promised, and have started to see a f...
We’ve been working on a few WordPress sites with the same infection that randomly redirects visitors to malicious sites via the default7 .com / test0 .com / ...
ImageMagick is a popular software used to convert, edit and manipulate images. It has libraries for all common programming languages, including PHP, Python, ...
Yesterday a new vulnerability has been announced in OpenSSL/LibreSSL. A padding oracle in CBC mode decryption, to be precise. Just like Lucky13. Actually, it...
Free and performant encryption to the origin for CloudFlare customers
CloudFlare has released a new version of our plugin for cPanel with two new features and more control over the security settings of your website.
We often speak of black hat SEO tactics and content scraping sites are just one example of such tactics. Scraping is the act of copying all content from a we...
Much of the web continues to march towards creating secure communications between devices through the use of things like HTTPS/TLS (aka SSL). We’ve seen Goog...
Ten years ago the internet looked very different than it does now. Today, web designers have more options and standards to make a website stand out. Do you r...
Not long ago we introduced support for TLS cipher suites based on the ChaCha20-Poly1305 AEAD, for all our customers. Back then those cipher suites were only ...
A few weeks ago, while enjoying a fine lunch on a bright sunny day in Southern California, our researcher and marketing teams found themselves across the tab...
Web developers today rely on various third-party APIs. For example, these APIs allow you to accept credit card payments, integrate a social network with your...
Continuing our commitment to high quality open-source software, we’re happy to announce release 1.2 of CFSSL, our TLS/PKI Swiss Army knife. We haven’t writte...
The Tor Project makes a browser that allows anyone to surf the Internet anonymously. Tor stands for "the Onion router" and that describes how the service wor...
We write a lot about various blackhat SEO hacks on this blog and most of you are already familiar with such things as doorways, cloaking and SEO poisoning. T...
If you’re in Buenos Aires on April 2-3 and are interested in building, come join the IETF Hackathon. CloudFlare and Mozilla will be working on TLS 1.3, the f...
Last summer we shared a story about the SweetCaptcha WordPress plugin injecting ads and causing malvertising problems for websites that leveraged the plugin....
While analyzing our website firewall logs we discovered an old vulnerability in the RevSlider plugin being retargeted. RevSlider, the plugin whose vulnerabil...
What do you do if you suspect your server (VPS or dedicated) has been compromised? If you are a customer, you have the option to leverage our team to perform...
We're happy to announce that next week CloudFlare is hosting the Null Security meetup in Singapore. You are invited!
We first disclosed that the WordPress pingback method was being misused to perform massive layer 7 Distributed Denial of Service (DDoS) attacks back on March...
In case you don’t know, SUPEE-5344 is an official security patch to the infamous Magento shoplift bug. That bug allows bad actors to obtain admin access to v...
At CloudFlare, we’re committed to making sure the encrypted web is available to everyone, even those with older browsers. At the same time, we want to make s...
Initial Problem Report
Here at Sucuri we handle countless cases of SEO spam. This malware involves a website being compromised in order to spread (mostly pharmaceutical) advertisem...
With about 30% of the market share, Magento is gradually becoming a “WordPress” of the ecommerce world. Like WordPress, it becomes a major target for hackers...
This past weekend we registered a spike in WordPress infections where hackers injected encrypted code at the end of all legitimate .js files. The distinguish...
Today we are not going to explore malware or any other overtly malicious traffic. Instead this post is a warning about dishonest marketing tactics used by se...
Improving your site’s SEO is probably top of mind for you, but doing so takes a lot of hard work and the rules of the game are constantly changing. On Tuesda...
In this day and age, connecting with other people, group, community is so easy. Finding the best group however can be tricky. So here are 20 Best Wordpress F...
<p>Internet Exchange Points (IXPs) or Network Access Points (NAPs) facilities are where networks meet, participating in what’s known as peering, which ...
<p>If you read this blog on a regular basis, you probably use the little tool called SSH, especially its ubiquitous and most popular implementation Ope...
Ransomware is one of the most insidious types of malware that one can come across. These infections will encrypt all files on the target computer as well as ...
This tutorial doesn’t just teach you how to add a link in your posts but also on pages, text widgets, navigation menus, and more. How great is that?! What ar...
Website hackers are always changing tactics and borrowing ideas from each other. One of the challenges of website security is staying on top of those threats...
Are you looking into retargeting ads on Facebook? Do you want to install Facebook’s remarketing/retargeting pixel in WordPress? This article from WPBeginner ...
Your website is a huge part of your brand reputation. It serves as a place to build your audience and helps you get noticed by new visitors from search engin...
It’s December 25th, which means most of you are probably at home visiting with family. I asked a few of the security engineers here at CloudFlare how they ex...
It’s well known that SHA-1 is no longer considered a secure cryptographic hash function. Researchers now believe that finding a hash collision (two values th...
The Joomla security team have just released a new version of Joomla to patch a critical remote command execution vulnerability that affects all versions from...
Wikipedia defines analytics as the discovery and communication of meaningful patterns in data. Especially valuable in areas rich with recorded information, a...
Over the past few months, our security operations group have identified and mitigated an increasing number of DDoS attacks tied to extortion attempts from di...
With CloudFlare's release of HTTP/2 for all our customers the web suddenly has a lot of HTTP/2 connections. To get the most out of HTTP/2 you'll want to be u...
Why choose, if you can have both? Today CloudFlare is introducing HTTP/2 support for all customers using SSL/TLS connections, while still supporting SPDY. Th...
Here’s another tutorial from WPBeginner. How to Rollback WordPress Plugins (Version Control for Beginners) Have you ever updated a WordPress plugin only to r...
We are happy to announce that we are now offering HTTP/2 support to all clients using our Website Firewall (CloudProxy) product. Our own site already support...
We frequently clean blacklisted websites and submit reconsideration requests to have them de-listed. We have encountered many kinds of blacklist warnings inc...
Every once in a while we get a glimpse into rare and strange behavior that doesn’t involve the website being hacked, but causes major problems for website ow...
Source: WPBeginner
Sometimes just a few lines of access logs can tell a whole story… Many ongoing attacks against WordPress and Joomla sites use a collection of known vulnerabi...
Today, we are sharing some tips from Social Media Examiner on How to Improve your Social Media Ad Campaign. I hope it helps! 5 Tips to Improve Your Social Me...
Fake jQuery injections have been popular among hackers since jQuery itself went mainstream and became one of the most widely adopted JavaScript libraries. Ev...
The vBulletin team patched a serious object injection vulnerability yesterday, that can lead to full command execution on any site running on an out-of-date ...
Last week, the Joomla team released an update patching a serious vulnerability in Joomla 3.x. This vulnerability, an SQL injection (CVE-2015-7858), allows ...
The Joomla team just released a new Joomla version (3.4.5) to fix some serious security vulnerabilities. The most critical one is a remote and unauthenticate...
If you’re a heavy AirPlay user, and you use older hardware such as the original AirPort Express, you may want to hold off on the latest iTunes update. Screen...
via WPMUDEV We tried coming up with a more exciting name for Custom Sidebars but what else do you call a plugin that gives you custom sidebars? Or more speci...
We are currently seeing a massive attack on Magento sites where hackers inject malicious scripts that create iframes from “guruincsite[.]com“. Google already...
When the Rolling Stones covered “Time is On My Side” by Kai Winding in 1964, they clearly didn’t foresee a world where we’d be fighting so hard to maintain ...
These days we rarely see Microsoft Word malware on websites, but it still exists and compromised websites can distribute this kind of malware as well. It’s n...
Adding an old post notification can help readers identify which posts are still relevant specially for websites that belong to a fast paced industry. I’m tal...
Brute Force attacks are one of the oldest and most common types of attacks that we still see on the Internet today. If you have a server online, it’s most li...
Everyone has encountered phishing at some point – fake emails and web pages designed to look legitimate. This tactic is becoming more popular as attackers ar...
Hackers are known to use URL shortening services to obfuscate their real landing pages. It’s very effective in clickbait scams on social networks. Some hacke...
Have you ever wanted to add a custom CSS in your site? You should be able to do it like a pro with these simple tips. How to Easily Add Custom CSS to Your Wo...
As you might know a lot of hacks use Apache configuration .htaccess files to override default web site behavior: add conditional redirects, create virtual pa...
Five years ago next week, CloudFlare launched its service to the public. We’re celebrating our birthday in a variety of ways, including holding our first-eve...
We are no strangers to Blackhat SEO techniques, we’ve actually spent a great deal of time working and sharing various bits of information related to Blackhat...
One of the first server-level compromises I had to deal with in my life was around 15 years ago, and it was caused by an SSH brute force attack. A co-worker ...
Want to beautify the appearance of your email templates? I suggest you read on! How to Add Beautiful Email Templates in WordPress Do you want to change the a...
This past summer we noticed a trend of more and more Blackhat SEO hacks trying to verify additional accounts as owners of compromised sites in Google Search ...
Distributed Denial of Service (DDoS) attacks have been a major concern for website owners for a while. All types of sites, from small to big, have been taken...
Today’s guest blogger is George Cagle. George is a system administrator at Simple Helix, a CloudFlare partner.
If you have poked around a server before you have probably encountered file permissions. In fact, all computer file systems offer permissions based on the sa...
Every once in a while we get a case that makes us dig deep to find answers. We have spoken before about the trouble with forensics and reasons why websites g...
This week my colleague Peter Gramantik showed me a few infected sites that had very similar code embedded in the WordPress index.php files: if (eregi('-dbst'...
This is the text of an internal email I sent at CloudFlare that we thought worth sharing more widely. I annotated it a bit with links that weren't in the ori...
Security Risk: Dangerous Exploitation level: Easy DREAD Score: 6/10 Vulnerability: Persistent XSS Patched Version: 4.2.4 Last week the WordPress team releas...
Elegant Themes again provides us with another checklist of things to do after installing Wordpress. This list will “make sure your site is set-up and working...
Here at CloudFlare we are heavy users of the github.com/miekgs/dns Go DNS library and we make sure to contribute to its development as much as possible. Ther...
BIND is one of the most popular DNS servers in the world. It comes bundled with almost every cPanel, VPS and dedicated server installation and is used by mos...
A great career in business could be likened to a well penned novel. It will be wrought with twists, sharp turns and will feature dull plateaus as well as the...
Email subscription is a great way to keep your customer’s updated. The article from WP Beginner that we’re sharing today discusses Email Subscriptions.
Lifehacker New Android Flaw Lets Hackers Into Your Phone With Just a Text
Yesterday we observed a strange short return of the SweetCaptcha plugin to WordPress.org repository. In June we reported that SweetCaptcha injected third-par...
Robots (bots) have outnumbered people on the Internet for almost two years, and they browse much faster than your average visitor. Aside from spamming your...
What is personal branding?
If you are using the Webutation badge on your site, remove it now. It appears they got hacked and are distributing malware to mobile devices through redirect...
Having a website requires maintenance and constant updates. Here are some maintenance tasks to perform in your site as suggested by Elegant Themes. Backup ...
As Joomla prepares to celebrate its 10 year anniversary, we want to be certain to join in the festivities. Why? Because open source platforms allow individua...
If you want to keep your website safe, it is important to understand the terminology used to describe the causes and effects of hacks. Software vulnerabiliti...
Here’s another dose of How To’s from WPBeginner. Enjoy!
Here at Sucuri we suspect everything, especially when your friends start to share content written in another language with clickbait headlines. If you are no...
For the music lovers and for those who wants to add music or playlist to their website this article is for you. 9 Best Audio Player Plugins for WordPress Wor...
A major part of securing a network as geographically diverse as CloudFlare’s is protecting data as it travels between datacenters. Customer data and logs are...
We’ve been writing a lot about E-Commerce hacks and PCI Compliance recently. The more people buy things online, the more of an issue this will be come and th...
The past few months we’ve been spending a good deal of time talking about backups. This is for good reason, they are often your safety net when things go wro...
Administrator Editor Author Contributor Subscriber You can give different permissions to different user roles on your Wordpress site. The article that...
This blog was originally posted by the Electronic Frontier Foundation who is represents CloudFlare in this case.
In recent years there has been a proliferation of great tools and services in the web development space. Content management systems (CMS) like WordPress, Joo...
Are you looking to add a donate button on your WordPress site?
Imagine for a moment, you have a suspicion that you have somehow been hacked. You see that something is off, but you feel as if you are missing something. Th...
Do you want to display multiple blog or posts on multiple pages of your site?
We are happy to launch a new free tool (aka Global Website Performance Tester) that allows anyone to quickly check how fast a website is loading from across ...
We recently investigated some random redirects on a WordPress website that would only happen to certain visitors. Traffic analysis showed us that it was not ...
Social media has a huge impact nowadays. Marketers found a way how to broaden their reach through social media marketing. This article was first published on...
In 2014 the total number of websites on the internet reached 1 billion, today it’s hovering somewhere in the neighborhood of 944 million due to websites goin...
Remembering your Wordpress login URL is easy peasy.
In today’s world, we are all browsing websites online and sharing content on a multitude of social media platforms every day. Worldwide social media users ex...
Here’s a great write up over at the Elegant Themes Blog - definitely worth a quick scan for anyone that routinely uses WordPress.
Want to know how to edit those post thumbnails? This article from WPBeginner will teach you the trick! How to Crop and Edit WordPress Post Thumbnails Are you...
Any WordPress Plugin or theme that leverages the genericons package is vulnerable to a DOM-based Cross-Site Scripting (XSS) vulnerability due to an insecure ...
Recently, we began to notice that some hacked websites were redirecting traffic from certain browsers to the BitCoin site, bitcoin.org. What’s going on? Is B...
The free trial is a common SaaS marketing strategy. According to Totango, 44% of SaaS companies offer a free trial. But the strategy is only as good as how f...
<p> CloudFlare protects millions of websites from online threats. One of the oldest and most pervasive attacks launched against websites is the Distrib...
Being blacklisted is one of the worst things that can happen to a website. The public shame coming from every visitor being stopped by the Big Red Warning pa...
When we started CloudFlare, we thought we were building a service to make websites faster and more secure, and we wanted to make the service as easy and acce...
by Brenda Barron
Yes, you’ve read it right: a critical, unpatched 0-day vulnerability affecting WordPress’ comment mechanisms was disclosed earlier today by Klikki Oy. Who’s ...
Today the Magento Security Team created a new ModSecurity rule and added it to our WAF rules to mitigate an important RCE (remote code execution) vulnerabili...
Proxying around 5% of the Internet’s requests gives us an interesting vantage point from which to observe malicious behavior. It also make us a target. Aside...
As warned a few days ago, the Magento Shoplift (SUPEE-5344) vulnerability details have been disclosed by the CheckPoint team. They show step by step how it c...
This Friday at the RSA Conference in San Francisco, along with Marc Rogers, Principal Security Researcher at CloudFlare, I'm speaking about a version of The ...
The Magento team released a critical security patch (SUPEE-5344) to address a remote command execution (RCE) vulnerability back in February. It’s been more t...
By Jenni McKinnon Is your bounce rate high? Are users leaving your site after reading just one post? Encouraging people to stick around and browse your site ...
Microsoft just disclosed a serious vulnerability (MS15-034) on their Web Server IIS that allows for remote and unauthenticated Denial of Service (DoS) and/or...
Recently we wrote about the impacts of a hacked website and how it is important to give website visitors a safe online experience In this post, I’ll show you...
This article seems like a timely one to share and commiserate with folks today. If you’re ok with digitizing your life - some folks are and others certainly...
Sprint has been pledging to support WiFi calling for ages, and now that iOS 8.3 has been released , they have finally made good on their word. It doesn't get...
I have a LinkedIn account and just like the author of the article I’m not paying much attention to it. But after reading his post, I am now considering to be...
We’ve all heard it million times before – backups are important. Still, the reality is that even today, backups remain one of the most overlooked and under-u...
by Brenda Barron
Last year, we released a post about a malware injector found in an Adobe Flash (.SWF) file. In that post, we showed how a .SWF file is used to inject an invi...
Last year, we released a post about a malware injector found in an Adobe Flash (.SWF) file. In that post, we showed how a .SWF file is used to inject an invi...
Naming your databases allows you to determine which database is for which site. Aside from that, it is also an added protection from hackers. Here are the si...
</a> Have you ever heard of the term Payment Card Industry (PCI)? Specifically, PCI compliance? If you have an e-commerce website, you probably have al...
Have you ever heard of the term PCI? Specifically, PCI compliance? If you have an e-commerce website, you probably have already heard about it. But do you re...
If you want details for the not-so-obvious tweaks that you can do for the following, I suggest you read the full article here.
Source: The National Archives (UK) Darkleech is a nasty malware infection that infects web servers at the root level. It use malicious Apache modules to add ...
Darkleech is a nasty malware infection that infects web servers at the root level. It use malicious Apache modules to add hidden iFrames to certain responses...
I joined Sucuri a little over a month ago. My job is actually as a Social Media Specialist, but we have this process where regardless of your job you have to...
With new tools it is easier to reach your customers and readers through email. Gone are the days where you send emails manually. The article we’re sharing to...
Today there were multiple vulnerabilities released in OpenSSL, a cryptographic library used by CloudFlare (and most sites on the Internet). There has been a...
Today, with the proliferation of open-source technologies like WordPress, Joomla! and other Content Management Systems (CMS) people around the world are abl...
Introducing Bloom — The Ultimate Email Opt-In Plugin For WordPress Has Arrived! by Nick Roach
The last 7 days have been very busy with a number of vulnerabilities being disclosed on multiple WordPress plugins. Some of them are minor issues, some are m...
This article teaches us how to install and set up Soliloquy plugin. How to Create a Video Slider in WordPress Have you seen popular sites using videos in the...
Let’s face it, we hate memorizing let alone remembering those long website addresses. Good thing we can now shorten those long addresses and track it! Here’s...
Trojan (or trojan horse) is software that does (or pretends to be doing) something useful but also contains a secret malicious payload that inconspicuously ...
DNS, one of the oldest technologies running the Internet, keeps evolving. There is a constant stream of new developments, from DNSSEC, through DNS-over-TLS, ...
We all love our code but some of us love it so much that we don’t want anyone else to read or understand it. When you think about it, that’s understandable –...
The article that we’re sharing today tackles how you can use Wordpress for your Marketplace. You’ll learn the difference between eCommerce store and a Market...
Do you want to reach more people or customers? Why not make your website multilingual? The article that we’re sharing today will guide you how to do that. Ho...
This is for all the Web Developers out there! Both free and paid code editors are discussed in the article. Some of them are: Atom UltraEdit Sublime Tex...
During our regular cleanup process we came across a reinfection case that caught our attention. This particular environment didn’t have anything special or f...
I spend a good amount of time engaging with website owners across a broad spectrum of businesses. Interestingly enough, unless I’m talking large enterprise, ...
Hypertext Strict Transport Security (HSTS, RFC 6797) is a web security policy technology designed to help secure HTTPS web servers against downgrade attacks....
Some users trying to access their WordPress admin panel have found that Google Chrome seemingly auto-fills their password. Hooray for technology! But once th...
Advisory for: WP-Slimstat Security Risk: Very high Exploitation level: Remote DREAD Score: 8/10 Vulnerability: Weak Cryptographic keys leading to SQL injecti...
Survey Questions That Work: How to Unlock Your Customers’ Deepest Desires How well do you know your customers and their needs? And, how well do you meet thos...
In this article, the following concerns below will be tackled; What is HTTPS and SSL? Why do you need HTTPS and SSL? Requirements for using HTTPS and SSL...
This post is entirely for developers. Feel free to read, but approach it with that in mind. There is no such thing as bug-free code, and any code, even the ...
How often do you think about the passwords you’re using? Not only for your website, but also for everything else you do on the internet on a daily basis? Ar...
Although the majority of our posts describe WordPress and Joomla attacks (no wonder, given their market-share), there are still attacks that target smaller C...
ServerShield makes it easy to activate CloudFlare and StopTheHacker.
CloudFlare is, arguably, the largest third-party DNS Authoritative operator in the world. We manage well over 1 million domains and have registrations in alm...
Our research team was alerted to a possible malware outbreak affecting many WordPress websites. All the infections had a similar malicious iframe from “203ko...
Advisory for: UpdraftPlus Security Risk: High Exploitation level: Remote DREAD Score: 7/10 Vulnerability: Privilege Escalation Patched Version: 1.9.51 If yo...
During one of our recent in-house Capture The Flag (CTF) events, I was playing with the idea of what could be done with Non-Breaking Spaces. I really wanted ...
A new take on those symbols! 8 Keys to Creating More Meaningful Content by Barry Feldman Hello ! @ # $ % ^ & * I was staring at my keyboard when I got ...
Here at Sucuri we see countless cases of SEO spam where a website is compromised in order to spread pharmaceutical advertisements or backlinks to sites selli...
This blog post is probably more personal than the usual posts here. It’s about why I joined CloudFlare.
Don’t have any idea what Google Webmaster tools can do for you? Here is a good article from Elegant Themes that explains the things that you need to know. Ho...
A very critical vulnerability affecting the GNU C Library (glibc) is threatening Linux servers for a remote command execution. This security bug was discover...
Over the past few weeks, our Security Operation Center (SOC) has been seeing some different, and very suspicious requests to some of our servers. At first we...
Here is another trick that you can add in you arsenal. How to Block a WordPress User Without Deleting Their Account
by Rachel McColli
Advisory for: Pagelines and Platform Themes Security Risk: Very High Exploitation level: Easy/Remote DREAD Score: 9/10 Vulnerability: Privilege Escalation / ...
Showing the most commented posts on your site allows you to know which topic attracts most people to your site. We hope you find this tutorial from WPBeginne...
Last weekend we noticed a large number of requests to scan websites for malware because they randomly redirected to some “magazine” websites. Most of them me...
We were notified last week that the vBulletin team sent an email to all their clients about a potential security vulnerability in vBSEO. After further invest...
Have you noticed that most popular sites like Facebook, Twitter, etc allow users to log in with email or their username? Want to add the same functionality o...
The vBulletin team sent an email yesterday to all their clients about a potential security vulnerability on VBSEO. VBSEO is widely used SEO module for vBulle...
Before anything else, let us greet you a Happy New Year!
We continue our series of posts about hacker attacks that exploit a vulnerability in older versions of the popular RevSlider plugin. In this post we’ll show ...
Defacements are the most visual and obvious hack that a website can suffer from. They also come parcelled with their own exquisite sense of dread. Nothing gi...
Our friends at SpiderLabs released a blog post today talking about the latest WP Symposium file upload vulnerability, and the attacks they have been seeing i...
This post is a dissection of one of a few backdoor variations hackers are uploading via the RevSlider security hole. We also provide webmasters a complete mi...
Since Sunday, we have seen a new wave of SoakSoak reinfections. The Javascript continues to evolve and load other scripts in order to infect additional websi...
Kyoto Tycoon is a distributed key-value store written by FAL Labs, and it is used extensively at CloudFlare. Like many popular key-value stores, Kyoto Tycoon...
Website security is a major concern nowadays. It is best to keep your site’s plugins and security software up to date. Here is another plugin that you can ad...
Ever wanted to update the featured images in your site in one go? Assign images in all your posts? This plugin is the answer.
“We should rename SEO indicate relevance,” says Andy @Crestodia, the content chemist.”
This Sunday has started with a bang. Google has blacklisted over 11,000 domains with this latest malware campaign from SoakSoak.ru: Google Blacklisting – Soa...
When you first configure your website, whether it be WordPress, Joomla, Drupal, or any other flavor of the month, it is often in its purest state. Unless of...
I do get a lot of phishing emails, we all do, but as security professionals we tend to recognize them immediately. Either the syntax is wrong, or it’s missin...
I am a frustrated writer.
We’ve been notified of a critical vulnerability affecting the HD FLV Player plugin for Joomla!, WordPress and custom websites. It was silently patched only J...
While doing an analysis of one black-hat SEO doorway on a hacked site, I noticed that it linked to many similar doorways on other websites, and all those web...
We’ve all seen WordPress comment and pingback spam, but thanks to strict moderation regimes and brilliant WordPress plugins that focus strictly on SPAM comme...
Nowadays, most businesses rely on the internet to widen the range of people that they can reach. And to make others aware of the services that they offer. Th...
Advisory for: WordPress Download Manager Security Risk: Very High Exploitation level: Easy/Remote DREAD Score: 9/10 Vulnerability: Code Execution / Remote Fi...
Advisory for: InfiniteWP Client for WordPress Security Risk: High (DREAD score : 8/10) Exploitation level: Easy/Remote Vulnerability: Privilege escalation an...
We are receiving reports from many users of the popular JoomDonation platform that they received a very scary email from someone that supposedly hacked into ...
Have you ever thought about the cost of a typo? You know what I mean, a simple misspelling of a word somewhere on your website. Do you think there’s a risk i...
Bugs exist in every piece of code. It is suggested that for every 1,000 lines of code, there are on average 1 to 5 bugs to be found. Some of these bugs can ...
Advisory for: WordPress WP-Statistics Plugin Security Risk: High (DREAD score : 7/10) Exploitation level: Easy/Remote Vulnerability: Stored XSS which execute...
It’s been two months since our disclosure of an Object Injection vulnerability affecting versions <2.3.3 of the Joomla! Hikashop extension. The vulnerabil...
When talking about defense against malicious hacks, the attack vector is a common topic for Information Security (InfoSec) professionals. The primary concer...
It’s an everyday conversation for security professionals that interact with everyday website owners. The one where we have to explain that just because every...
Blackhat SEO spam is the plague of the internet, and the big search engines take it seriously. One of the worst spam tactics on the internet is becoming mor...
Finding malware in Adobe Flash files (.swf) is nothing new, but it usually affects personal computers, not servers. Typically, a hidden iFrame is used to dro...
New web-based attack types and vectors are coming out every day, this is causing businesses, communities and individuals to take security seriously now more ...
Being able to spot suspicious code, and then determine whether it is benign or malicious is a very important skill for a security researcher. Every day we sc...
Advisory for: WordPress WP eCommerce Plugin Security Risk: Medium (DREAD score : 6/10) Exploitation level: Easy/Remote Vulnerability: Information leak and ac...
The Drupal team released an update to a critical SQL Injection vulnerability a few weeks ago and urged all their users to update or patch their sites as imme...
We love investigating unusual hacks. There are so many ways to compromise a website, but often it’s the same thing. When we see malicious code on web pages, ...
I recently came to the realization that it might appear that we’re partial to PHP and WordPress. This realization has brought about an overwhelming need to c...
If you ever shortened a URL using bit.ly or if you use it anywhere, be aware that Google recently blacklisted all bit.ly pages through its Safe Browsing prog...
It’s been a month since our disclosure of a low-severity vulnerability affecting Akeeba Backup version 3.11.4, which allowed an attacker to list and download...
Less than 48 hours ago, the Drupal team released an update (version 7.32) for a serious security vulnerability (SQL injection) that affected all versions of ...
The Drupal team just released a security update for Drupal 7.x to address a highly critical SQL injection vulnerability. This bug can be exploited remotely b...
It seems that SSL just cannot stay out of the news. Another vulnerability, this time in SSL 3.0, has been disclosed at the Google Online Security Blog. Whil...
We are starting a new series of articles where we will talk about different active website attacks we are seeing. The first one we will cover is known as a S...
The Joomla team just released versions 3.3.5, 3.2.6 and 2.5.26, patching security issues. The first one is an Remote File Include (RFI) vulnerability and the...
The Bash ShellShocker vulnerability was first disclosed to the public yesterday, 2014/Sep/24. Just a few hours after the initial release, we started to see a...
The team behind the Bash project (the most common shell used on Linux) recently issued a patch for a serious vulnerability that could allow for remote comman...
Advisory for: Hikashop for Joomla! Security Risk: High (DREAD score : 7/10) Vulnerability: Object Injection / Remote Code Execution Updated Version: 2.3.2 In...
I really enjoy when I see different types of conditional redirects on compromised sites. They are really hard to detect and always lead to interesting invest...
If you are one of the many users of the WordPress Security Plugin, WordFence, we highly encourage you to update. They recently pushed out a security update t...
As a child, did you ever play that game where you sit in a circle and one person is responsible for whispering something into one persons ear, and that messa...
What if we told you that a compromised website has the ability to hack your home router? Yesterday we were notified that a popular newspaper in Brazil (polit...
Advisory for: VirtueMart for Joomla! Security Risk: High Exploitation level: Easy/Remote Vulnerability: Access control bypass / Increase of Privilege If you’...
We often spend a lot of time talking about application level malware, but from time to time we do like to dabble in the ever so interesting web server infect...
One of our clients was being attacked by a layer-7 DDoS attack for more than a week. The attack was generating around 5,000 HTTP requests per second, which t...
Mika Epstein, Ipstenu, of Dreamhost, notified us today of a serious vulnerability in the WordPress Slider Revolution Premium plugin which was patched silentl...
Last week, one of our many clients came under an interesting attack. Enough that it was flagged for human intervention. The interesting aspect of the case wa...
Before you freak out, allow me to clarify. It was one of several honeypots we have running. The honeypots are spread across the most commonly employed hostin...
Advisory for: Akeeba for Joomla! Security Risk: Low Exploitation level: Difficult/Remote Vulnerability: Access control bypass If you’re a user of the very po...
We’re pleased to introduce a new CloudFlare App: Tinfoil Security. Tinfoil Security is a service designed to find possible web application vulnerabilities. ...
As avid readers of this blog know, we’ve discovered or written about multiple vulnerabilities within the WordPress ecosystem over the last couple of weeks s...
If you’re a using the Custom Contact Forms WordPress plugin, you need to update it right away. During a routine audit for our WAF, we found a critical vulner...
Both WordPress and Drupal are affected by a DoS (denial of service) vulnerability on the PHP XML parser used by their XMLRPC implementations. The issue lies ...
We’re very excited to finally talk about a partnership that’s been in the works for a few months and in light of the serious nature of the Security in the Wo...
I travel a lot (a lot might actually be an understatement these days), but the travel always revolves around a couple common threads – namely website securit...
One of the services that CloudFlare provides to paying customers is called Polish. Polish automatically recompresses images cached by CloudFlare to ensure th...
Many don’t know who I am. My name is Tony Perez, I’m the CEO of Sucuri. I have the pleasure of calling this company my family and everyday I work for every p...
Brute force attacks against WordPress have always been very common. In fact, Brute Force attacks against any CMS these days is a common occurrence, what is a...
A few weeks ago we found and disclosed a serious vulnerability on the MailPoet WordPress Plugin. We urged everyone to upgrade their sites immediately due to ...
The last few days has brought about a massive influx of broken WordPress websites. What makes it so unique is that the malicious payload is being blindly inj...
The vBulletin team just released a security patch for vBulletin 5.0.4, 5.0.5, 5.1.0, 5.1.1, and 5.1.2 to address a SQL injection vulnerability on the member ...
Today we’re proud to introduce CFSSL—our open source toolkit for everything TLS/SSL. CFSSL is used internally by CloudFlare for bundling TLS/SSL certificates...
A few weeks ago we reported that we were seeing a huge increase in the number of web sites compromised with a hidden redirection to pornographic content. It ...
A couple of weeks ago, the Sucuri team was at HostingCon. We rubbed elbows with the people who bring your websites to the world and spoke at length with the...
“Chile may have scored a CloudFlare data center first, but at least we’re still in the Cup” Brazil is home to not only the most successful national football...
In the past we've written about how CloudFlare isn't afraid to rip out and replace chunks of code that have proved to be hard to maintain or have simply reac...
Marc-Alexandre Montpas, from our research team, found a serious security vulnerability in the MailPoet WordPress plugin. This bug allows an attacker to uploa...
If you are still using Timthumb after the serious vulnerability that was found on it last year, you have one more reason to be concerned. A new 0-day was jus...
Do you run your website on WordPress? Have you checked the integrity of your core install lately for SPAM like “Google Pharmacy” stores or other fake stores?...
Lackey being hoisted onto Sealand in the North Sea circa 2000 How did you get into computer security? I started using the Internet when I was young—in the e...
We're excited to announce that CloudFlare has acquired the Trusted Computing and virtual private network (VPN) as a service company CryptoSeal. CryptoSeal w...
The problem with phishing, and therefore the reason so many people have trouble with it, is that the code is fairly benign and can be very difficult to spot ...
What’s in a Name Earlier today, CloudFlare announced Project Galileo to protect free speech on the Web by using its sophisticated anti-DDoS resources. Seve...
Our CloudProxy Firewall already protects and speeds load times for 1,000′s of websites. Now, it’ll be even faster. We’re happy to announce that we just added...
This morning as I was logging into various social networks I was presented with a popup with “XSS on Tweet Deck.” This obviously set every hair on my neck on...
When you work with malware for a while, you start to become very good at pattern recognition. A couple sites in every hundred cleaned might be infected in a ...
Today, we are launching the new and improved Protected Page capability in our Website Firewall, CloudProxy. It allows for a simple (1-click) activation of se...
Over the last couple of weeks, we’ve written about malicious redirects pushing users to porn sites, ever more complicated phishing scams being carried out b...
Great news for everyone using CloudFlare on an e-commerce site, or a site accepting or processing credit card transactions. After undergoing a Payment Card I...
As many know, our company has deep Brazilian roots, as such we have no choice but to enamored with the upcoming World Cup. Yes, the World Cup is coming, socc...
The team behind the All in One SEO Pack just released a new version of their popular WordPress plugin. It is a security release patching two privilege escala...
Over the last week, we’ve been working with some interesting malware injections. Developers and malware prevention professionals usually think of hidden ifra...
The past week has brought about a large number of cases where compromised websites had hidden redirections to porn injected into their code. All the infectio...
When LA’s DA says that, “73% of our local businesses appear to have been hacked,” it begins to illustrate the importance website protection will play in the ...
Brian Dye tells the Wall Street Journal that antivirus tools like his company’s Norton suite are effectively “dead” because they catch less than half of all...
A few weeks back we reported on very large Layer 7 DDOS attacks within the WordPress ecosystem. Today we decided to provide you a little illustration of what...
We’ve been scanning and removing malware from websites for years, and in this time frame we have seen the website security domain grow by leaps and bounds. O...
Over time we've updated the SSL configuration we use for serving HTTPS as the security landscape has changed. In the past we've documented those changes in b...
Sucuri SiteCheck is our free website malware scanner that crawls any website to detect signs of Malware injections, SEO Spam, Blacklisting, Defacement and ot...
We deal with different types of malware injections and compromises everyday and the most common question our clients ask us is, “Why me? Why my small little ...
We recently wrote about backdoors in pirated commercial WordPress plugins. This time it will be a short post about an interesting backdoor we found in a Joom...
At CloudFlare, we love connecting with our communities, and so we are excited to announce two meetups to be hosted here at the CloudFlare headquarters in Sa...
Trust, transparency, and collaboration are values which we hold dear at CloudFlare. As a web security and performance company, we are always interested in ho...
As most of you probably already know, ten days ago security Researchers disclosed a very serious vulnerability in the OpenSSL library, which is used to power...
Earlier today we announced the Heartbleed Challenge. We set up a nginx server with a vulnerable version of OpenSSL and challenged the community to steal its ...
The Jetpack team just released a critical security update to fix a security vulnerability in the Jetpack WordPress plugin. The vulnerability allows an attack...
Security Researchers have discovered a very serious vulnerability in the OpenSSL library that is used to power HTTPS on most websites. Many news sources are ...
Our friends from SpiderLabs, issued a warning today on their blog about increased activity on their honeypots looking to exploit the old JCE (Joomla Content ...
WordPress has a large repository of free plugins (currently 30,000+) that can add almost any functionality to your blog. However, there is still a market for...
Our friends over at ESET released a very detailed document about the Windigo Operation. The Windigo Operation has been responsible for the compromise of thou...
At CloudFlare, security is on the top of our minds. We are always looking for ways to better secure the data we are entrusted with and improve the security o...
The vBulletin team just issued a warning, and released patches for a security exploit that affected all versions of vBulletin including 3.5, 3.6, 3.7, 3.8, 4...
Today’s guest blogger is Rodney Gibbs. Rodney is the CIO of The Texas Tribune, a nonprofit media organization that covers public policy, politics, and gov...
Many are likely getting emails with the following subject header Large Distributed Brute Force WordPress Attack Underway – 40,000 Attacks Per Minute. Just th...
At CloudFlare a lot of our customers use WordPress, that's why we have our own plugin, we hang out at WordCamp and we wrote a WordPress specific ruleset for ...
Distributed Denial of Service (DDOS) attacks are becoming a common trend on our blog lately, and that’s OK because it’s a very serious issue for every websit...
The Joomla team just released 2 security updates and pushed out the stable versions for Joomla 2.5.19 and 3.2.3. If you run your site on Joomla, you need to ...
It feels like every day we’re finding gems, or what appear to be gems to us. We try to balance the use of the term, but I can’t lie, these are truly gems. Th...
On January 27, the Department of Justice and the Director of National Intelligence announced a change in rules governing the disclosure of National Security ...
If you are are a regular reader of our blog, you probably know about our CloudProxy Website Firewall which launched publicly almost a year ago. Since then, ...
Have you ever wondered if the websites you (or your family) visit contain code that is potentially harmful to you or your computer? If you are a Chrome user,...
It’s always fun to watch malware developers using different techniques to code their creations. Sometimes it’s a matter of obfuscation, placement, injection,...
About a week ago we got an interesting Zencart case. Being that we don’t often write about Zencart we figured it’d be good time to share the case and details...
Remember back in school or college when you had to write pages and pages of long essays, but had no time to write them? Or maybe you were just too lazy? Yeah...
Today on The Day We Fight Back, companies are coming together to protest the NSA’s mass surveillance programs. CloudFlare is proud to be one of those compani...
The JomSocial team just released an update that fixes a very serious remote code execution vulnerability that affects any JomSocial version older than 3.1.0....
This post is about how hackers abuse popular web services, and how this helps security researchers obtain interesting statistics about malware attacks. We, a...
At CloudFlare, we're fiercely committed to an open internet. That's why we’re announcing a new app that lets you easily add to your website a banner from The...
There are many types of Distributed Denial of Service (DDOS) attacks that can affect and bring down a website, and they vary in complexity and size. The most...
We’re always trying to stay ahead of the latest trends, and today we caught a very interesting one that we have either been missing, or it’s new. We’ll just ...
Each day at CloudFlare is full of surprises. As it turns out, it takes a lot of work to stop massive attacks and to help make the web faster. Over the past ...
Over the past few years, the CloudFlare blog has covered a great range of different topics, drilling down into the technology we use to both protect websites...
Back in 2011, the BEAST attack on the cipher block chaining (CBC) encryption mode used in TLS v1.0 was demonstrated. At the time the advice of experts (inclu...
Earlier today, the Department of Justice and the Director of National Intelligence announced a change in rules governing the disclosure of National Security...
Can you imagine having the keys to a kingdom? How awesome would that be!! This is true in all domains, especialy when it comes to your website. This is almos...
A few weeks ago we wrote about a file upload vulnerability in the OptmizePress theme. We were seeing a few sites being compromised by it, but nothing major. ...
An attackers key to creating a profitable malware campaign is its persistency. Malicious code that is easily detected and removed will not generate enough va...
2013 was a great year for Sucuri! We were able to add some great services and tools like CloudProxy to help website owners and administrators fight malware. ...
The vBulletin team recently disclosed a XSS (cross site scripting) vulnerability in the uploader.swf file that is included by default on vBulletin 4 and 5. T...
Note: this post originally appeared as part of the 2013 PerfPlanet Calendar It’s common knowledge that domain sharding, where the resources in a web page are...
Back in October I wrote a blog post about CloudFlare and open source software titled CloudFlare And Open Source Software: A Two-Way Street which detailed the...
If you are using OpenX or the new Revive Adserver (fork of OpenX), you need to update it ASAP. Florian Sander discovered a serious SQL injection vulnerabilit...
Almost two years ago CloudFlare started working with Go. What started as an experiment on one network and concurrency heavy project has turned into full, pro...
Elliptic Curve Cryptography (ECC) is one of the most powerful but least understood types of cryptography in wide use today. At CloudFlare, we make extensive ...
attribution: Flickr/mark van de wouw license: CC Attribution-NonCommercial-ShareAlike 2.0 Generic When building secure systems, having a source of random nu...
If you connect to CloudFlare's web site using HTTPS the connection will be secured using one of the many encryption schemes supported by SSL/TLS. When I conn...
(Image Copyright (c) Walt Disney) If you've been following recent news about technical spying by the US National Security Agency and the UK's Government Com...
When I woke up this morning I had no idea I'd be on a video conference with CloudFlare, OpenDNS, Google, GoDaddy, Twitter tech folks all day— Rajiv Pant (@ra...
Hi I’m Ken Carter, CloudFlare’s newly minted in-house counsel. Now that I have introduced myself, feel free to introduce yourself. Or, don’t. You may want to...
CloudFlare makes extensive use of TLS connections throughout our service which makes staying on top of the latest news about security problems with TLS a pri...
Over the last week we've closely watched the disclosures about the alleged NSA PRISM program. At CloudFlare, we have never been approached to participate in...
Over the last few weeks, we've had a number of requests for information about what data CloudFlare logs when someone visits a site on our network. While we ...
[caption id=”attachment_156” align=”alignright” width=”300”] Image: Cloudflare[/caption]
The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times c...
The Art When you think of San Francisco, undoubtedly one bridge in particular comes to mind - The Golden Gate Bridge. This year, however, the Bay Bridge is ...
You may have heard that Facebook took down a significant portion of the Internet today. A bug in their Facebook Connect script -- which is installed widely a...
CloudFlare is heading to Parallels Summit in Las Vegas on Monday, February 4th to Wednesday, February 6th. We look forward to meeting and reconnecting with ...
A little over a month ago, we published a couple of blog posts about how we were making SSL faster. Specifically, we enabled OCSP stapling across our networ...
At CloudFlare, Nginx is at the core of what we do. It is part of the underlying foundation of our reverse proxy service. In addition to the built-in Nginx f...
In early October we quietly announced our partnership with Parallels, a global leader in hosting, cloud services enablement and desktop virtualization. Para...
We've been thinking about how to best implement two-factor authentication to better protect our customers' accounts for quite some time now. When, about 6 m...
With web performance and security being the core of CloudFlare, we are always looking for ways to improve not just our customers' website security, but their...
*We get a lot of questions from our customers about CloudFlare and how we impact SEO. So when SEO.com signed up for CloudFlare, I thought it would be a grea...
Each day I get to trade notes with CloudFlare customers. I'm constantly amazed by the diversity of businesses that use the service from around the world. I w...