Jan 302013
 
Share this article...Share on FacebookTweet about this on TwitterShare on Google+Share on RedditShare on LinkedInPin on PinterestShare on StumbleUponShare on TumblrEmail this to someone


Yesterday, Incapsula made their Backdoor Protect feature open up to public beta.  This feature adds an additional layer of protection for your site by performing on-execution request monitoring and combining it with HTTP signature detection methods to detect any inappropriate shell environments that may be opening and being used on your web host.

image

If a backdoor is detected by Incapsula Backdoor Protect it will notify the admin and send a preview link identifying the file so the admin can take immediate action. You can also set default actions to quarantine, alert or ignore but in rare cases would you ignore, since this is something if found you will want to take immediate action on.

For those who don’t know, backdoor is a method hackers can use to open a shell and have access to your website/account.  Backdoors can be installed and are typically used to turn your host into a bot that can be used in denial of service attacks against others sites and companies without you even realizing it.  Typically a .php or other script file is injected into your server and is very hard to notice in most cases unless you are intimately familiar with all the WordPress php files and theme/plugin php file names.

Once this file is installed, it is executed remotely and gives the hacker access to run virtually any command he wants from your website.  The new Backdoor Protect feature from Incapsula is just another great reason you should be considering Incapsula to protect your website and remember it is free for blogs with under 50GB of data transfer per month.

http://youtu.be/-LrVfIGuvik


Share this article...Share on FacebookTweet about this on TwitterShare on Google+Share on RedditShare on LinkedInPin on PinterestShare on StumbleUponShare on TumblrEmail this to someone
Justin Germino
Working in the IT Industry for over 13 years and specializing in web based technologies. Dragon Blogger has unique insights and opinions to how the internet and web technology works. An Avid movie fan, video game fan and fan of trying anything and everything new.
Justin Germino
Justin Germino
  • anonymousguy

    Justin, you have lots of goodies here! Question on incapsula, I followed you here on a thread from somewhereland, having to do with both incapsula and wp better security. Now, it was saying something about one not liking the other, (wpbs not liking incapsula) being the reason for my 403 forbidden error when I try and look from Safari on my iphone. Sure enough, when I disable wpbs – I am onboard. I’d like to make sure I’m using both. Could you please pass on how you were able to get the two working together? I can’t seem to find much on the support site, and also any other incapsula insights either good or bad, would be helpful.

    • http://www.dragonblogger.com/ Justin Germino

      In this case you have to find out which one is causing the 403 error, look in Incapsula event logs for the resource you were hitting and see if Incapsula shows it as blocked, if not you need to add the Incapsula cloud servers to the Whitelist for Better WP Security.

      In the end I removed Better WP Security altogether from my sites, most of its functionality is not required with Incapsula except the WordPress hardening which can be taken care of by other plugins. I decided I wanted no hits to be against the hosting server, and blocked in the cloud so they didn’t consume resources in the first place.

      • anonymousguy

        Thanks for the tip and such a quick response! Unfortunately whitelisting didn’t help – I sent mailed Bit51 so they can get wind of the issue – I think I’m going to follow your advice, though I wish I could see the paid features for the WAP (problem with a few spam visitors with malicious intents and multiple bad logins visible courtesy BWPS logs). In the end, I’m hoping to keep both around so I can see how the plugin develops, but for now – I’ll take your recommendation :)

        • http://www.dragonblogger.com/ Justin Germino

          Have you looked at the Wordfence security plugin for WordPress as an alternative to Better WP Security, I know many have switched to this one after having some problems with Better WP as well, not just with Incapsula either.