NinjaFirewall Full WAF vs WordPress WAF modes.

Since version 3.4, NinjaFirewall (WP and WP+) can be installed in two different modes: Full WAF or WordPress WAF. Full WAF mode In Full WAF mode,…

Posted on December 10, 2016July 29, 2018
NinjaFirewall

Arbitrary file upload vulnerability in WordPress Delete-All-Comments plugin.

On November 20th, while auditing a hacked WordPress website, we identified a critical vulnerability in the Delete All Comments WordPress plugin v2.0, which has over 30,000…

Posted on August 27, 2016July 29, 2018
Brute-force attack

Blocking a WordPress XML-RPC attack with the Linux kernel firewall.

One of our customers faced a large attack against his WordPress blog xmlrpc.php script. When I connected to his server, the CPU load was over 100.…

Posted on April 28, 2016July 29, 2018
Security

All In One WP Security & Firewall multiple XSS vulnerabilities (<=4.0.7).

NinTechNet identified multiple XSS vulnerabilities in the All In One WP Security & Firewall v4.0.7 plugin. The affected parameter was ‘tab’ (all pages): /wp-admin/admin.php?page=aiowpsec&tab=[XSS] /wp-admin/admin.php?page=aiowpsec_settings&tab=[XSS] /wp-admin/admin.php?page=aiowpsec_useracc&tab=[XSS]…

Posted on February 21, 2016February 25, 2019
NinjaFirewall

An introduction to NinjaFirewall filtering engine.

Starting from version 3.0, NinjaFirewall, our Web Application Firewall for PHP (Pro and Pro+ Edition) and WordPress (WP and WP+ Edition), includes a new powerful filtering engine.

Posted on February 9, 2016July 29, 2018
Malware

Malicious plugins hosted in the WordPress Plugin repository.

While cleaning-up an infected server today, I came across this plugin: Breadcrumb shortcode (slug: breadcrumbs-ez). It was downloaded from the WordPress official repository but it had…

Posted on December 16, 2015July 29, 2018
Malware

Fake WordPress plugin repository distributing malware.

We mentioned a few weeks ago fake WordPress websites used by hackers to distribute malware via malicious plugins installed on their victims blog. Hackers have lately…

Posted on November 6, 2015July 29, 2018
NinjaFirewall

Restricting access to NinjaFirewall (WP Edition) settings.

Starting from version 1.8.1, it is possible to restrict access to NinjaFirewall (WP+/WP Edition) menu and settings. Note: Restrictions apply to single sites only, not to…

Posted on October 27, 2015July 29, 2018
Malware

Fake wordpress-update.com site used to distribute malware via malicious plugins.

In recent days, we have worked on several infected WordPress websites that all had the particularity of having the same malicious plugin installed: Hackers gained access…

Posted on October 22, 2015July 28, 2018
Benchmarks

WordPress brute-force attack detection plugins comparison (2015 edition).

Following our 2013 benchmarks, we received quite a lot of requests to perform new ones and, this time, to include a category of plugins that wasn’t…