You have a website, a vital part of your life. It may be a personal blog running on WordPress, or a simple PHP portfolio site.
But, did you know cyber attacks are significantly increasing every day? Have you taken any steps to protect your site from attack? What will you do if someone hacks, compromises or exposes your website?
A sad reality of our times is that netizens are unaware of the latest internet vulnerabilities. They either don’t have enough resources to protect themselves or, worse still, are unconcerned about the impact and severity of cyber threats.
The global cyber security software company, Symantec Corporation, recently released its 2019 Internet Security Threat Report. Here are a few key points from it.
- 1 in 10 URLs are malicious.
- Web attacks have increased by 56%.
- Form-jacking attacks have skyrocketed, with an average of 4,800 websites compromised each month.
- Mobile ransomware attacks have increased by 33%.
- 48% of malicious email attachments are office files.
- There has been a 1000% increase in malicious PowerShell scripts.
WordPress: the Most Targeted and Most Infected CMS
We love WordPress—it is, after all, the world’s most popular CMS and the most-used back-end for websites. Unsurprisingly, increasing numbers of hackers are targeting it.
According to Sucuri’s Hacked Website Report, 2018, WordPress infections rose from 83% in 2017 to 90% in 2018.
These shocking figures are not because of WordPress Core developers taking security lightly. In contrast, they are doing a great job of keeping their platform bug-free and secure.
Instead, the biggest threats to WordPress and other CMSs are from vulnerabilities introduced by third-parties: add-on modules, plugins, themes, and extensions.
Top 3 Files Targeted by Malware
1 – index.php — Sucuri’s report shows that over a third of sites (34.5%) had their index.php files modified after a compromise. This shows that this file is an important asset, and that file integrity monitoring systems should monitor it.
Index files are on almost every PHP-based site and are guaranteed to be loaded during web page generation. This makes them prime targets for infection by bad actors. Attackers modify these files for a variety of reasons, including malware distribution, inserting server scripts, coordinating phishing attacks, for black hat SEO, effecting conditional redirects, and for website defacement.
2 – functions.php —Sucuri also identified that the functions.php file was changed in 13.5% of sites after a successful attack. This file is often used to deploy SEO spam and other malicious payloads, including backdoors and injections.
3 – wp-config.php —The third most common file modified after a compromise.
There are several reasons why hackers prefer to target the index.php, functions.php and wp-config.php files:
- Websites load them every time the site is visited.
- They are in a group of core files unchanged by WordPress updates (so changes are persistent).
- They are often ignored by integrity monitoring systems, because the value changes frequently.
Cyber Threats in India
Hackers are increasingly targeting countries like India, where there are growing internet adoption and less awareness of the importance of online security.
WordPress is also the most popular CMS in India. Local or self-hosted WordPress instances are free. But, to get more features on a website, website owners must install third-party plugins. Most of these are freemium/premium with expensive subscription plans.
Such costly and necessary components are expensive for the majority of website owners, who may be students or aspiring entrepreneurs on tight budgets. These people often turn to free themes and plugins without realising how dangerous they are. There are many websites and closed Facebook groups offering free or cracked pro themes and plugins. Many of these files are compromised, and installing them on websites can potentially threaten the website, its owners and its visitors.
Hackers can easily add malware code and remotely initiate attacks like form jacking, crypto jacking, ransomware, etc. These new attacks are done in ‘stealth mode’, and most security tools are unable to spot them.
Imunify360 is the Answer
We believe that cybersecurity is a fundamental right, especially for online activities. Over a number of months, we researched and tested many security tools and found Imunify360 outperforming every other security application on the market. We have now tightly integrated it into our operating systems and control panels.
Imunify360 is a multi-layered, fully-automated and fully-integrated website security solution. It keeps servers and websites safe from attack and free from malware and viruses.
It defends against brute-force attacks, 0-day exploits, and DoS and port-scanning attacks. Its firewall rules intelligently adapt to evolving threats, a feature called ‘herd protection’, whereby threat intelligence information is shared between Imunify360 installations around the world.
Imunify360 has other excellent features, such as Centralized Incident Management, Advanced Firewall, Intrusion Detection and Protection System, Malware Detection with One Click Automated Removal, Patch Management, and Reputation Management.
Proprietary ‘Proactive Defense’ Technology
The Proactive Defense component is unique to Imunify360. It scans incoming PHP scripts, inspecting the code, looking for malicious content and blocking it before it can run and cause damage. This means even unknown malware is blocked, something that no other tool can do.
The Blamer: ‘How you were hacked’
50% to 70% of shared hosting websites have infections. Finding and removing malware and viruses is easy. But detecting website infections isn’t enough. To stop it happening again, you must know how it got there.
‘The Blamer’ is an extension for Proactive Defense that tracks and explains the origin of malware infections. Other Imunify360 instances can optionally share this information, improving the overall attack detection success rate and reducing false positives.
This gives you more power to protect your website, even if it was hacked only once.
cPanel and Plesk Integrate ImunifyAV
ImunifyAV is the free anti-malware and antivirus component of Imunify360. It scans files and detects infections without impacting your system. It can optionally clean infections automatically with a single click by upgrading to ImunifyAV+.
Imunify360: Free, for You!
Imunify360 is one of the most cost-effective security platforms around for web hosting, but, it isn’t free.
We believe robust cybersecurity is an important and fundamental requirement. So, we’ve decided to include the full Imunify360 security solution with all our hosting packages, completely free of charge.
We want you to have the best experience setting up and running your websites. And we want you and your customers to be safe online.