Important Vulnerability on Advanced Custom Fields Plugin for WordPress

Cybercriminals, in their relentless pursuit of exploiting vulnerabilities, have recently focused their efforts on a critical flaw in the WooCommerce Payments WordPress plugin. This flaw, tagged as CVE-2023-28121, is a perfect example of how an unauthorized attacker can impersonate users and potentially gain complete control over websites. The sheer scale and potential for site takeovers underscore the importance of deploying comprehensive cybersecurity solutions, such as Imunify360, to detect and protect against such threats in real time.

For Linux-based web servers, ModSecurity is an open-source web application firewall (WAF) that protects websites from specific threats. Most threats take advantage of poorly coded web applications either through cross-site scripting (XSS), SQL injection (SQLi), header exploits, session hijacking, and code injection. Web-based exploits are distinctive from network and protocol layer attacks, so they need different technology -- such as a WAF -- to stop them. Most applications have at least one bug, and it could be just one bug that creates a vulnerability. A WAF will help you stop exploits on these vulnerabilities. This articles provides more information about the following topics:

False positives from your monitoring applications can cause undue stress and unnecessary overhead for administrators if they do not have the security knowledge to identify them. If monitoring software reports inaccurate information, administrators unfamiliar with cybersecurity could make changes based on the application’s false positives that could harm the security and stability of the environment. 

Shared hosting is beneficial for small hobby sites and personal blogs, but businesses might find that shared hosting limits growth. To start out, however, many site owners begin with shared hosting until their business grows and makes enough to justify paying for virtual private servers or dedicated hosting. For web hosting providers, it’s critical that servers run at optimal speeds and don’t harbor any malware. Security can be complex when hundreds of site owners with little knowledge of performance tuning and cybersecurity install applications on the shared server. With the right tools, site owners and administrators can keep their servers running at peak performance and keep them secure from common exploits. Keep on reading to find the answers to the following questions:

Ranking in search engine results is a valuable marketing tool for organizations, and losing this ranking can directly affect revenue. Search engines do what is best for their users, and one of those strategies is to remove hacked sites and those hosting malware. Google has its own scanner that detects hacked sites, but many site owners are unaware they’ve been hacked until they realize that they no longer receive search engine traffic to their sites. To help site owners fight threat actors and protect sites, shared hoster Create.com uses Imunify360 to detect, stop, and clean malicious content.

Stablepoint supports over 60,000 websites across 38 locations. The web hosting organization prides itself on a 5.0 Trustpilot rating based on customer reviews and satisfaction. Stablepoint optimizes their web servers for speed and reliability, but the company experienced issues with hacked sites on shared hosts. Malware exhausts server resources, so Stablepoint administrators spent enormous amounts of time identifying hacked sites, removing malware, and closing tickets to maintain performance.

Every web hosting provider offers site management solutions so that customers can customize their domain settings and manage their sites independently. DirectAdmin is one of the most popular tools on the market, similar to Plesk (discover Plesk security best practices) and cPanel (learn more about cPanel security). After deployment, server administrators and site owners should review configurations and follow cybersecurity best practices to protect sites from exploits and safeguard sensitive data. Although this guide does not reduce risk by 100%, following it will improve your cybersecurity posture and stop many common threats that could harm hosted sites. In this article, you will learn about DirectAdmin and discover DirectAdmin security best practices:

Interserver.net is a US-based web hosting company focused on quality service at an affordable price. To ensure customer satisfaction and to continue their gold-star reputation, Interserver.net turned to Imunify360 to detect, block, and clean malware directed at shared hosted websites. After Interserver.net installed Imunify360, the web host saw a considerable decrease in hacked sites and the benefit of reducing technician overhead necessary to clean customer sites. Keep on reading to learn the full story and also discover the post from Interserver.net side here.

Reactive security is no longer practical to stop attackers and leaves your organization vulnerable to data exfiltration that can persist for months. It only takes a few minutes for an attacker to compromise and exfiltrate data, and afterward, your organization is left to perform clean-up.

If  you don’t proactively catch threat actors, they could go undetected for months on your network, exfiltrating data silently until you finally contain the threat. An advanced persistent threat (APT) could maintain a presence on your network even when you think it’s contained. Any threat that compromises your system causes monetary loss, potential brand damage, and future legal issues. A better way of cleaning up after a compromise is to put up a better defense and implement proactive security that catches, blocks, and contains threats before they damage your systems. Imunify360 team created an article based on Igor Seletskiy's speech, the CEO of CloudLinux Inc., "Proact, not overreact", keep on reading to learn more about proactive cyber security and watch Igor's speech in the end.

Web host administrators are aware that performance is important for customer satisfaction, but what they don’t know is that performance degradation can be directly related to malware and exploited vulnerabilities on the server. Advanced threats can be difficult to detect, but web hosts must rely on website owners with leased space on the server to stop them. Imunify360 has helped numerous web hosters detect, block, and remediate threats across the entire shared server.