Free Website Protection
In today’s day and age you NEED website protection. No matter if you run a blog about cats, a full time business or a corporation you are a target.
You’re a target because you’re a target whether you’ve done something or not. Technology has advanced and internet connection speeds have increased. This allows literally anyone to use a bot to scan the entire internet for vulnerabilities. Some may sell these copy and paste scripts for a few bucks online.
What’s worse is you don’t even need a tool to identify vulnerable websites! If you know how to use google correctly, google itself will show you a list of sites with outdated versions of plugins, themes, cms systems etc.
They are called “Google Dorks” and they are as simple as copying and pasting a search string into google which will show you sensitive information about websites, including but not limited to, scripts to give full control of the website, database passwords, ftp passwords, wordpress admin passwords and more.
Vulnerabilities exist in hundreds of thousands of applications people may be running without knowing they are vulnerable. These applications are indexed by Google (because google doesn’t discriminate again what’s good/bad), they are then available for anyone to search.
So, now that you’re terrified (just kidding that was not my intent but the above should not be taken lightly).
How can someone with a website get basic protection, lets say a step in the right direction that’s going to mitigate and prevent most of these Google Dorks and Bad Bots?
Cloudflares FREE Firewall Protects Your Website From Bad Bots & Hackers.
If you do not have a firewall for your website these days and do not have someone 24/7 for your sites security, it’s a matter of when not if you’re going to forget to update a cms theme, or plugin.
* Detect, Block and Filter Malware Attacks!
* Stop DDOS and Brute Force Hack Attempts!
* Prevent Blacklisting and Malware!
* Increase Your Sites Speed and Up time!
* Stop SQL Injections and Cross Site Scripting!
Step 2: Scan Your Website For Malware
A firewall is a no-brainer to start protecting your website, but you need to make sure you are not infected already (however if you are the firewall is still going to stop most of what can be done to exploit that code.
We recommend you use Sucuri’s frontend website scanner to scan your site (100% free).
This means it can only scan pages that can be found on page content and links from that page content.
The only way to find shells and backdoors that are placed and linked on your site is to do an inside file clean, with access to the actual file contents.
That is why we recommend you install Wordfence. Wordfence will actually scan the files on your website to see if they contain Malware.
The best part? Wordfence is Free!
An alternative to Wordfence which costs money is SiteLock.
SiteLock has many products but they are ahead of the competition because..
- They download and scan your files for malware continuously.
- If any malware is found it is immediately and surgically removed.
- Will check your site for XSS & SQL injections.
Additional Website Malware Scanning Resources:
Malcare – Premium WordPress Malware Scanner and Cleaning Plugin