Astra Web Security Blog - Website & CMS Security News

astra, web, security, blog, website, cms, security, news

Did your website get hacked?  Attackers are increasingly using sophisticated tools and methods to break into websites and accounts. From bots to SQL injections, anything can be used to launch an attack. After an attack the looming question of “How to fix my website?” is easily answerable if you know the right steps to take. If you ever get hacked,…

Astra WAF

Magento is a powerful e-commerce platform that has everything your business needs. It’s even touted as the most flexible and capable platform in the market today. Unfortunately, that doesn’t make it immune to cyber-attacks that can compromise the growth and stability of your business. As a matter of fact, evidence suggests Magento websites—given the scale of businesses that use it—are…

Drupal exploit redirect visitors to phishing pages

Drupal is considered to be really secure and this was the reason for its popularity. Drupal is an open source CMS and is known to be robust. Being open source, its source code is publicly visible. This is a goldmine for bug bounty hunters. Drupal suffered from the infamous "Pharma Hack" to "Kitty Cryptomining Malware" in recent few months. Another infection…

How Spam Links Can Affect your Site's SEO and Adwords

When it comes to optimizing your site for SEO, link building is one of the most important measures to gain good standing in Google searches. While you may strive to make your website SEO friendly, the presence of spam links will largely hamper your site's visibility and disrupt its SEO ranking. What are Spam Links? Bad links refer to links obtained…

How to clean & fix WordPress eval (base64_decode) hack

Among the major CMSs used extensively by businesses worldwide, WordPress is notorious for being the most targeted by hackers, who constantly search for ways to circumvent security patches and precautions taken by users. A majority of websites run on Wordpress, rendering it an excellent hackable target for malpractices and data theft. One such hack witnessed by Wordpress users lately is…

WordPress and Drupal are probably the most popular CMS used to create websites. However, their popularity has made them juicy targets for hackers and SEO spammers. Hackers continuously try to manipulate search indexes to include undeserving content on prominent search positions. This Black Hat SEO technique is also dubbed as 'WordPress Pharma hack or SEO Spam'. Why do they do…

In its quest to provide a safe online experience to its users, Google often identifies and flags fraudulent seeming domain and blacklists websites it discovers as potentially malicious. When a domain is blacklisted by Google, it deters users from visiting it, informs the site owner and stops malicious activities at its roots. Domain gets blacklisted when search engines like Google, Bing, Norton…

How to remove the Backdoor: PHP/apiword malware from your WordPress website

Lately, Wordpress witnessed a perilous situation when it discovered a malicious code added to the top of the functions.php file, exploiting which the malware creator can unleash pretty much any damage he'd like. The injected code comes from the apiword malware which not only creates modifications in post.php and functions.php, but also creates a file containing a backdoor: /wp-includes/class.wp.php The presence of the functions.php file is…

Close