Website Security News

Website errors can be extremely frustrating, and one that often appears is the 504 Gateway Timeout error. This error occurs when an upstream server fails to complete your request within a specified time frame. For visitors, this can be an aggravating experience, and can negatively impact your website conversions and revenue. Typically, 504 errors arise from server-side issues or problems with the website itself. This HTTP status code can adversely affect a website’s SEO and lead to a loss of visitors or revenue. Continue reading What is HTTP 504 Gateway Timeout & How to Fix It at Sucuri Blog.

Website errors can be a real test of patience. One common culprit is the 502 bad gateway error. Known for its ubiquity across the web, it doesn’t discriminate between small WordPress sites or well-known services like Gmail, Twitter, or Instagram. You may encounter a 502 Bad Gateway error when a server upstream (i.e. one closer to the website than the client’s end) either fails to receive a valid response from another server or encounters an issue while trying to fulfill a request. Continue reading What is HTTP Error 502 Bad Gateway & How to Troubleshoot It at Sucuri Blog.

Encountering the HTTP Error 429 can be frustrating for both website owners and users. Error 429 is an HTTP status code indicating that a user has sent too many requests in a given amount of time. Websites and servers implement rate limiting to manage their resources efficiently and ensure equitable access for all users. In this post, we’ll dive into what 429 errors mean and how to fix them, elaborating on their causes, troubleshooting methods, and preventive measures. Continue reading What is HTTP Error 429: Too Many Requests at Sucuri Blog.

One of our analysts recently identified a new Mal.Metrica redirect scam on compromised websites, but one that requires a little bit of effort on the part of the victim. It’s another lesson for web users to be careful what they click on, and to be wary of anything suspicious that pops up in their browser — even if it’s coming from a website that they would otherwise trust. Please verify that you are a human When visiting an infected website we are prompted with a (fake) human verification prompt: These prompts are quite common on the web these days, and most users would probably not think twice about clicking on it. Continue reading Mal.Metrica Redirects Users to Scam Sites at Sucuri Blog.

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this past month. The vulnerabilities listed below are virtually patched by the Sucuri Firewall and existing clients are protected. Continue reading WordPress Vulnerability & Patch Roundup April 2024 at Sucuri Blog.

Navigating the world of website security can feel like stepping into a minefield, especially when you have to navigate threats like zero-day vulnerabilities. Zero-days are security flaws that, worryingly, remain hidden from everyone involved — from dev teams and users, to even the most conscientious vulnerability researchers. In this post, we’ll take a look at what zero-day vulnerabilities are, what they mean for you and your website, and how to mitigate risk and protect your environment. Continue reading What is a Zero-Day Vulnerability? at Sucuri Blog.

Cookie hijacking involves unauthorized access to cookies, which are small pieces of data stored on your browser by websites you visit. Cookies often contain sensitive information, including session tokens that authenticate users to a web application. By hijacking these cookies, attackers can impersonate users and gain unauthorized access to private accounts and sensitive data. Given the potential risks associated with these attacks, it’s important to understand what cookie hijacking is, how it occurs, and the steps you can take to protect yourself and your website against it. Continue reading What is Cookie Hijacking at Sucuri Blog.

Last August we documented a malware campaign that was injecting malicious JavaScript code into compromised WordPress sites to redirect site visitors to VexTrio domains. The most interesting thing about that malware was how it used dynamic DNS TXT records of the tracker-cloud[.]com domain to obtain redirect URLs. We’ve been tracking this campaign ever since — and we’ve recorded multiple changes in obfuscation techniques and domain names used in their DNS TXT traffic direction system (TDS). Continue reading JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS at Sucuri Blog.

If you’re managing a WordPress site, it’s crucial to ensure it runs smoothly and securely. Many site owners worry that WordPress maintenance is a complex chore that requires a ton of technical expertise, but that’s not entirely true. This guide is here to show you the steps you can take on your own to help maintain your WordPress site and keep it running at its best. Think of your WordPress site like a car. Continue reading WordPress Maintenance: Tasks & Best Practices at Sucuri Blog.

In recent months, we have encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code — for example, the miscellaneous scripts area of the Magento admin panel, or WordPress plugins such as Custom CSS & JS. Custom script editors are popular with bad actors because they allow for external third party (and malicious) JavaScript and can easily pretend to be benign by leveraging naming conventions that match popular scripts like Google Analytics or libraries like JQuery. Continue reading Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker at Sucuri Blog.

Web shells are malicious scripts that give attackers persistent access to compromised web servers, enabling them to execute commands and control the server remotely. These scripts exploit vulnerabilities like SQL injection, remote file inclusion (RFI), and cross-site scripting (XSS) to gain entry. Once deployed, web shells allow attackers to manipulate the server, leading to data theft, website defacement, or serving as a launchpad for further attacks. Given their stealth and versatility across various programming languages (PHP, Python, Ruby, ASP, Perl, Bash), web shells pose a significant threat to a website’s security. Continue reading Web Shells: Types, Mitigation & Removal at Sucuri Blog.