Tag Archives: Learn

Secure Coding: How to Account for Input Sanitization

On average, a website leverages around 18-20 different plugins in its structure. These plugins enhance the website’s functionality and in some instances extend the applications core capabilities. It’s great for website owners because they can pick and choose from different plugins and check which ones better fit their personal blog or businesses. On the otherRead More Info »

Domain Validation: SSL’s Other Job

SSL certificates are a hot topic today. Website owners are becoming increasingly aware that collecting information on non-HTTPS secured pages is a bad idea and the larger web ecosystem is definitely moving in the direction of full web encryption. Google has indicated they’re giving a ranking boost to HTTPS encrypted sites with heavier rankings likelyRead More Info »

Troubleshooting Mixed Content Warnings with HTTPS

Much of the web continues to march towards creating secure communications between devices through the use of things like HTTPS/TLS (aka SSL). We’ve seen Google talk about giving SSL a ranking boost and flagging non-HTTPS websites within the browser (Chrome) as insecure. We have also seen various organizations take the call to arms – with StartSSL offering free SSLRead More Info »

The Risks of Hiring a Bad SEO Company

Today we are not going to explore malware or any other overtly malicious traffic. Instead this post is a warning about dishonest marketing tactics used by services claiming to improve your website traffic or Search Engine Optimization (SEO). We recently received a report from one our clients claiming that their website was experiencing a DistributedRead More Info »

Using WPScan: Finding WordPress Vulnerabilities

When using WPScan you can scan your WordPress website for known vulnerabilities within the core version, plugins, and themes. You can also find out if any weak passwords, users, and security configuration issues are present. The database at wpvulndb.com is used to check for vulnerable software and the WPScan team maintains the ever-growing list ofRead More Info »

Analyzing Proxy Based Spam Networks

We are no strangers to Blackhat SEO techniques, we’ve actually spent a great deal of time working and sharing various bits of information related to Blackhat SEO techniques over the years. What we haven’t shared, however, is the idea of Proxy-based Spam Networks (PSN). It’s not because it wasn’t interesting, it’s just not something we’d seenRead More Info »

Demystifying File and Folder Permissions

If you have poked around a server before you have probably encountered file permissions. In fact, all computer file systems offer permissions based on the same core ideas. The file permissions in Linux, Mac, and Windows computers are very similar to the file and folder permissions in Apache, Nginx, and IIS servers. You can right-clickRead More Info »