Astra Web Security Blog - Website & CMS Security News

astra, web, security, blog, website, cms, security, news

Explore easily with these CMS filters

We are back with our second video. In this one we interview Maximo Pico, who is a Growth Hacker and Founder of Save My Customers. We ask Maxime: What's his take on security and how does security fit in Growth Hacking? (if it does) As a growth hacker, his thoughts on security companies that hack their potential customers and then approach…

Removing Pub2srv malware from Opencart & WordPress

We’ve been watching a specific malware infection targeting OpenCart & WordPress websites for several months. It's commonly referred to as the pub2srv malware infection which redirects your website visitors to other malicious domains like go.pub2srv[.]com go.mobisla[.]com go.oclaserver[.com] deloton.com/afu.php?zoneid= site Dolohen.com Also, Google will suspend your Ads under Malicious links on your website. Few of them are https://defpush.com/ntfc.php?p=1565632 https://deloplen.com/apu.php?zoneid=1558096 https://go.mobisla.com/notice.php?p=1558098&interactive=1&pushup=1 https://mobpushup.com/notice.php?p=1558098&interactive=1&pushup=1 https://wowreality.info/page.js?wm=gr…

When your business is secure, you should flaunt it! Every customer using Astra gets a security seal.  Our customers love to proudly exhibit the security seal on their website. We did an analysis on a set of websites using Astra's trust seal on their website. The results show that there has been increase in conversion rate by 9.7% after the…

Prevent XSS in OpenCart

Common signs of your OpenCart store being vulnerable to Cross-site Scripting is malicious popups, credit card information theft and compromise of username/passwords of your users. While OpenCart takes security very seriously, new security issues may be discovered over time. Poorly coded extensions tend to be the #1 cause of security breaches. In this guide, we'll talk about what XSS is,…

Joomla 3.8 Patches Critical 8-Year Old Vulnerability

Joomla, one of the world's most popular CMS powering over 3.3% of world's websites, recently patched a critical vulnerability which has persisted in its content management system for 8 years. Leveraging this vulnerability could allow an attacker to steal administrator login credentials, paving way for further key information theft. This appalling revelation reveals the vulnerable state of CMSs which often go…

Over the years after securing hundreds of websites we realized that there are two type of businesses. First ones are those who know that they can be hacked and take steps to do something about it. Second type of businesses are the ones who are very confident that they won't get hacked, but eventually do. As they say 'only the…

In 2016, the Magecart infrastructure, notoriously known as a fraudulent payment stealing script was making waves across the e-commerce industry. Named so because it largely targeted e-commerce platform giants like Magento, Powerfront CMS and OpenCart, leading to massive theft of credit card information from these e-commerce sites. However, even a year later, the Magecart issue hasn't been dissolved and remains a…

Magento SUPEE-10266 and New Versions: Update Immediately

Magento, one of the most favored e-commerce platforms, is often a target for cyber-criminals. Its huge popularity owes to its strict security practices, a timely update of system core and immediate fixes to security issues. Magento's latest security update contains multiple security enhancements. These updates relate to the Magento Open Source (formerly Community Edition) and Magento Commerce (formerly Enterprise Edition).…

Wordpress, the juggernaut CMS powering more than 1 billion websites, most notable ones being Techcrunch, The New Yorker, Sony, and MTV among many other, is not devoid of vulnerabilities when it comes to website security. Recently, one of its most popular plugins, WP Statistics, was deemed as flawed, rendering nearly 300,000 websites open to exploitation by attackers online. The plugin WP Statistics has…

TED is a nonprofit organization spreading great ideas. TED works with the tagline, " Ideas worth spreading". Since its start, TED has been renowned with the inclusion of subject expert speakers with groundbreaking and Eye-opening ideas revolutionalising our thought process. Astra brings you the collection of 5 best TED Talks on the topic of Cyber Security. Why I teach people…

Free Website Security Scanner

Close