Articles

Sharing our performance and security knowledge. A place where we record insights, research and thought leadership.

Full text logging search

Active Exploits against CVE-2021-41773 (Apache Web Server Exploit)

This articles speaks to exploits against CVE-2021-41773. A vulnerability effecting Apache Web Server.







Posted in website-security   psa     /   2023-12-08

Analyzed 17,000 Spam Links on a Hacked WordPress Sites

This articles explores 17,000 spam links on a hacked WordPress website.







Posted in security-research   wordpress-security     /   2023-12-08

Arbitrary File Vulnerabilities And Why They Matter to Your Website

This articles explains Arbitrary File Upload Vulnerabilities and why they matter to the security of your website.







Posted in website-security     /   2023-12-08

Autodetecting Network Failures and Self-Healing To Ensure Optimal Availability

This article explains how automating the detection of downtime can be crucial to an organization and DevSecOps team.







Posted in dns-features   website-performance   noc-product     /   2023-12-08

Automated Attacks Against WordPress Target Old Vulnerabilities

This article shows how attacks against WordPress are mostly automated.







Posted in security-research   wordpress-security     /   2023-12-08

WordPress Forced Updates vs Auto-Updates and Abusing User Defined Intent

This articles talks about forcing updates in the WordPress platform, and provides opinions on how that effects user defined intent.







Posted in wordpress-security     /   2023-12-08

WordPress Security: BackupBuddy Plugin Vulnerability Active Exploit Attempts

This articles reports on active exploit attempts targeting the BackupBuddy plugin vulnerability.







Posted in security-research   wordpress-security     /   2023-12-08

Cloud-based Web Application Firewalls (WAF) & The Log4J Vulnerability

This articles speaks to the effectiveness of WAF solutions in protecting against exploits targeting the Log4J vulnerability.







Posted in log4jshell   website-security     /   2023-12-08

Does DNSSEC matter?

This articles dives into the world of DNSSEC and explores its value to today's domain security.







Posted in general-security     /   2023-12-08

Evolving the CDN / WAF Stack

This articles explains the NOC architecture, diving into the details to understand how it works.







Posted in cdn     /   2023-12-08

Hijacking a Websites SERP Results with SEO SPAM

This articles how hackers hijack a websites SERPs with SEO SPAM links.







Posted in security-research   wordpress-security     /   2023-12-08

Brute Force Attacks With WordPress JSON API and XMLRPC

This articles explains how the WordPress JSON API and XMLRPC can be used to attack WordPress website using Brute Force techniques.







Posted in security-research   wordpress-security     /   2023-12-08

How to Improve the Largest Contentful Paint (LCP) – Web Core Vital Metrics

This article explains how CDN's can have a positive effect on the performance of a website.







Posted in website-performance     /   2023-12-08

How the WordPress Gets Hacked in 2022

This articles shows the techniques used to hack a WordPress site in 2022.







Posted in security-research   wordpress-security     /   2023-12-08

Introducing DNSRepo

This articles introduces DNSRepo to the NOC.







Posted in noc-product     /   2023-12-08

Introducing Support for WebSockets

This articles introduces WebSockets to the NOC CDN / WAF platform.







Posted in cdn-features   cdn     /   2023-12-08

Log4Shell – Lessons Learned in 30 Days

This articles shares lessons learned about the Log4Shell vulnerability during the first 30 days since its disclosure.







Posted in log4shell   general-security     /   2023-12-08

Navigating 81 Layers of Encoding to Reveal the C&C

This articles decodes a pice of malware that leads us to the attackers C&C.







Posted in security-research   wordpress-security     /   2023-12-08

NMAP – A Free Network Mapping Tool

This article introduces NMAP, a free open-source network discovery and security auditing tool.







Posted in security-tools     /   2023-12-08

Using cURL to Test the NOC CDN Performance against Fastly, Sucuri and CloudFlare

This article explains how cURL can be used to compare performance against different CDN providers (e.g., NOC vs Sucuri, NOC vs CloudFlare).







Posted in website-performance   cdn     /   2023-12-08

Open-Source CMS’ and Software Bill of Material (SBOM) | NOC

Apache is a powerful web server and logging is a critical piece to managing a web server. In this article we explain the two log types: access and error, and how to work with them.







Posted in security   educational-guide     /   2023-12-08

Optimized Origin with the NOC CDN

This articles explains how optimizing your origin has a positive impact on how your website performance for your users.







Posted in website-performance   cdn-feature     /   2023-12-08

WordPress PHP Backdoor to DDoS Attacks

Analysis of how a PHP Backdoor on a compromised WordPress site is being used to start DDoS Attacks







Posted in security-research   malware-analysis     /   2023-12-08

Protecting SSH on Web Servers

This article explains how to protect SSH on web servers using basic Tips but placing emphasis on IP whitelisting.







Posted in server-security   educational-guide     /   2023-12-08

Recovering a Business From a Cyber Attack

This articles provides a framework designed to help businesses recover after a cyber attack.







Posted in server-security   educational-guide     /   2023-12-08

Steps To Recovering Servers Post-Hack

This articles provides a framework designed to help recover servers after a compromise.







Posted in website-security   educational-guide     /   2023-12-08

Responding to Security Incidents – Incident Response Plan Basics and Log4Shell

This articles provides a a basic framework that security teams can use to build an incident response plan.







Posted in website-security   educational-guide     /   2023-12-08

Securing WordPress in The Enterprise

This articles provides a guide on how to harden WordPress to keep hackers out of the website.







Posted in wordpress-security   educational-guide     /   2023-12-08

WooCommerce Patches Two SQLi Vulnerabilities

This articles talks about two SQLi vulnerabilities in WooCommerce, patched in 2021.







Posted in website-security   waf-feature     /   2023-12-08

The Affects of a CDN on your Websites Performance and Users Experience (and Google)

This article explains how CDN's can have a positive effect on the performance of a website.







Posted in website-performance   cdn     /   2023-12-08

The Domain Name System (DNS)

DNS stands for Domain Name System (DNS), you might hear it used interchangeably with Domain Name Server (DNS).. This article explains DNS, and how it works







Posted in educational-guide   dns     /   2023-12-08

The Importance of Asset Monitoring

This article explains why it's important to monitor assets like servers, websites and domains.







Posted in website-security   educational-guide     /   2023-12-08

The Most Effective Security Control for Open Source Admin Panels Never Used

This articles explains why it is important to block administrative panels on platforms like WordPress.







Posted in website-security   educational-guide     /   2023-12-08

Using cURL to test the Performance of a Website

This article explains how cURL can be used to measure the performance of a website.







Posted in website-performance   educational-guide     /   2023-12-08

Web Applications / Assets Led the Charge in Breaches in 2020 According to the Verizon DBIR

This articles dives into the 2021 Verizon DBIR and analyzes how Web Applications and their assets contributed to breaches







Posted in industry-insights     /   2023-12-08

A Website Security Framework Intro

This articles provides website owners with a basic security framework for their web environment.







Posted in website-security   educational-guide     /   2023-12-08

What Hackers Do with WordPress in 2022 - Post Hack Analysis

This articles explains what hackers do with WordPress once they successfully hack a website.







Posted in security-research   wordpress-security     /   2023-12-08

WordPress 5.8.3 Security Release

This articles provides a PSA for the WordPress 5.8.3 security release.







Posted in wordpress-security   psa     /   2023-12-08

Registries, Registrars and DNS

This aricle explains the differences between Registries, Registrars and DNS services.







Posted in educational-guide     /   2023-12-08

Improve Your Websites Speed and Security