Continuing our #AskSecPro DDoS series where we last discussed Application Layer Attacks, today we’ll focus on some of the most popular protocol-based DDoS attacks we’ve seen hit our customers’ web application firewall, SiteLock TrueShield™, over the years. TrueShield™ is SiteLock’s distributed cloud-based web application firewall (WAF) with the capability of defending against attacks across layers 3, 4, and 7.
Category: The District Page 9 of 21
In our last #AskSecPro article we discussed the differences between a DoS and a DDoS attack. Now that we understand what a DDoS attack is in concept, let’s learn a little more about the mechanisms involved in these attacks. In Part Two of the DDoS Attacks series we’ll focus on some of the attack vectors utilized by adversaries when launching a denial of service attack.
Rena McDaniel is a self-proclaimed WordPress aficionado and a technology buff. She is also a successful WordPress designer, mother, wife, and grandmother.
Five years ago, McDaniel’s life changed when she was in a serious car accident. Unfortunately, the accident resulted in her becoming physically disabled. After a year of rehabilitation, her husband accepted a new job in South Carolina. They sold everything and made the move. Motivated by the change and inspired by her new environment, McDaniel channeled her energy into her personal passion, WordPress. Her blog quickly grew beyond the simple joy of writing, and developed into a natural curiosity for WordPress design. With continued focus on her passion, McDaniel soon mastered her craft and her friends and family began to take notice. With their encouragement she decided to found TheBlogging911.com.
There’s a lot of buzz going around in many online communities concerning the recent distributed denial of service (DDoS) attacks the world has witnessed. In many of my own circles I’m often the only security guy in the room so I end up fielding a lot of questions, the most common of which is, “how do they do this stuff?!” In this District #AskSecPro series, I’ll be explaining the anatomy of D/DoS attacks and the practical weaponization of regular computers.
There are times when a website may want to send a visitor to another page either immediately or after a specified amount of time (usually seconds). As an example, consider an outdated page that you believe your visitors have bookmarked – You don’t want to lose the traffic, so you just automatically redirect them to another page. While less common today, these redirects and forwards do still exist, but if not setup properly, they could pose an outside risk to your online presence.
In 2015, the SiteLock Digital Kids Fund was established to help local schools fund technology-based projects. We chose to partner with DonorsChoose.org, an organization that makes it easy for anyone to help a classroom in need, because of the shared passion in our mission. Our initiative targeted schools in need of technology for STEM-related projects and day-to-day classwork within the Phoenix, Arizona and Jacksonville, Florida areas. In total, we provided $50,000 in technology grants throughout the month of December 2016.
The end of 2016 is just around the corner—four days in fact—and it has been an incredible year for WordCamps. According to WordCamp Central, there were over 115 camps in 2016 alone, with 65 taking place outside of the U.S. There is no question that WordPress is changing the lives of people globally.
WordCamps bring value to the WordPress community. They inspire and give us the ability to learn from each other. 2016 marked an opportunity for the SiteLock team to immerse itself. We experienced camps large and small, from the U.S. to Canada to Vienna, Austria. We met innovators, developers, bloggers and brand-new users. It was amazing to shake hands and hear how people are changing their lives (and the world) with WordPress.
Happy holidays to all!
It can come as quite a surprise when a site owner is notified that their site has been compromised with malware. After the shock wears off, and the immediate impact understood, it’s important to take stock of what has actually happened behind the scenes and then clean it up. The best advice anyone can give you is to make frequent, downloaded backups of your site in the event something happens to the live version so that the clean backup can replace the live, hacked version.
But what if there is no clean, viable backup available? In a world where websites have hundreds, if not thousands of files, how can any one person go about cleaning out an infection in just a small number of those files?
Last week SiteLock deployed en masse eight members of our team to Philadelphia to begin preparations for the upcoming WordCamp US 2016 as both a sponsor and a thought leader for security in the WordPress community. This year the day before #WCUS was very special, not only because we got to flex our muscles hauling and setting up sponsor booth equipment, but because for the first time ever, Post Status organized the one-day conference Publish. The event focused on WordPress professionals was hosted within walking distance of the WCUS venue in Commerce Square at the heart of Philadelphia.