security Archives - OmniSOS - Elite WordPress Security

What exactly is Malware?

Staff — Tue, 28 Oct 2014 22:22:18 +0000

Malware (Virus) is a very broad term, and there are many different ways that malware can be injected into a website. One common way that malware is inserted is by a File Inclusion vulnerability. With this vulnerability, the hacker will insert a malicious script into the site by editing the PHP. This is normally performed by using methods similar to Code Injections. As a result, creating secure user input validation will also mitigate this vulnerability, along with coding the PHP to eliminate the possibility of Remote File Inclusion (RFI). Malware can also be inserted by gaining login access, so many other security measures must be taken to mitigate this risk. Oftentimes, the hacker’s goal is to insert malware, no matter what vulnerability he/she is using to gain access.

The post What exactly is Malware? appeared first on OmniSOS - Elite WordPress Security.

What are Code Injections?

Staff — Tue, 28 Oct 2014 22:16:48 +0000

Code Injections (such as SQL Injections and command injections) are attacks that inject code into a server or database to unexpectedly execute commands or to insert malware. The most common form of Code Injection a hacker will use is to use special command line characters in a normal user input box to trick the server into executing the following command. This vulnerability is used for a wide range of malicious activity, which makes it particularly dangerous. These commands can be injected through any average text input box. The most effective way to prevent Code Injection is to create secure user input validation (such as a whitelist that allows only “innocent” characters, like letters and numbers), and to implement a secure firewall.

The post What are Code Injections? appeared first on OmniSOS - Elite WordPress Security.

What is a Brute-Force Attack?

Staff — Tue, 28 Oct 2014 22:08:48 +0000

Brute-Force attacks (also called an Exhaustive Key Search) are used with the intention of gaining access to the server or website by guessing the login authentication. Hackers who use this method typically have several computers with very fast hardware which use an algorithm to guess the password. These machines can guess thousands to millions of passwords per minute, and they will typically guess every possible password. This can be a very dangerous attack if security measures are not set up properly. The best way to prevent a successful Brute-Force attack is to prevent access to the login page after a certain amount of failed login attempts (implemented into most firewalls), to have a strong, secure password, and to set up two factor authentication. Two factor authentication uses a password, and also sends a verification code to the user’s cell phone. This makes it virtually impossible for Brute-Force attacks to be successful.

The post What is a Brute-Force Attack? appeared first on OmniSOS - Elite WordPress Security.

DDoS – What does it stand for?

Staff — Tue, 28 Oct 2014 21:56:09 +0000

Distributed Denial of Service (DDoS) attacks stress the server in several ways, with the intention of slowing it down or crashing the server itself. Hackers who use DDoS attacks are not necessarily trying to gain access to the website. Their main goal is to make the website inaccessible to its users. It is often unknown why hackers would use an attack like this. In the past, many DDoS attacks have been targeted at large companies. However, it is now much more common for these attacks to be directed at smaller websites, posing a threat to many normal websites on the internet. Having a secure and advanced firewall is one of the best methods for preventing DDoS attacks.

The post DDoS – What does it stand for? appeared first on OmniSOS - Elite WordPress Security.

Can Weak Security Ruin Your SEO Efforts?

Charlie Tobler — Wed, 22 Oct 2014 23:36:10 +0000

Search Engine Optimization (SEO) is an ever-increasing aspect of the web industry, and for good reason. Search engines have become an important part of our lives. We search for information, businesses, reviews… Everything. And without SEO, your potential customers, readers, etc, most likely won’t be able to find your website. That means lost traffic, which means lost business. That is why SEO is of such importance to the web industry, and to business in general.

Unfortunately, it is so easy to forget one of the most integral aspects of SEO: Security. How does security affect search engine rankings?

The search engines rank websites based on relevant, quality content, because this is of most value to the one searching. The search engine has the ability to crawl your site, so it can find your content and determine if it is relevant to the search. Whichever sites the search engine thinks will be of most value are displayed at the top of results.

Makes sense, right? This is where site security comes in.

Let’s say your site has been hacked, and the hackers use your site to send and host spam, or to redirect to an explicit website. When the search engine crawls your site, it will find malicious activity. Red flags to the search engine! The search engine is responsible for showing relevant, SAFE, results to its users. When a site is compromised by malware, it doesn’t look safe to the search engine anymore. And this will show itself in lower rankings, or an even worse scenario: the search engine blacklisting your site. In this case, the search engine has deemed your site dangerous enough to blacklist it. This is bad for both brand reputation, and lost revenue and/or readership. This is something you want to mitigate.

Is this repairable? Yes! Our premium plans feature an added blacklist repair tool which works with our robust Anti-virus service to clean the malware from your site and even remove your site from the blacklist directories.

Hopefully, I have successfully communicated just how essential the security of your website is to its search engine optimization. You can’t afford to be without an Elite Security protocol, such as OmniSOS.

Check out our plans to determine which package is right for you!

The post Can Weak Security Ruin Your SEO Efforts? appeared first on OmniSOS - Elite WordPress Security.

How to Create a Secure Password

Jeff Tobler — Wed, 15 Oct 2014 21:50:33 +0000

Passwords are a pain. We want it simple, easy to remember, and hassle-free. The problem with that is that simple passwords are easily cracked these days by the bad guys.

Therefore, learn what makes a great password:

No proper or common names
Use a mixture of capital letters and lowercase
Include numbers and/or special characters
Use symbols (#$%@!, etc.)
And use 8 characters or longer

I found a great little password generator here. Play around with it and see what you think. They offer two types: Mnemonic (easy-to-remember) passwords and random combinations which are harder to remember but also harder to crack.

Mnemonic Generator

Random Generator

The post How to Create a Secure Password appeared first on OmniSOS - Elite WordPress Security.