Security tools for your Webpage ?

Finally the planed WordPress Security Post get much too long so here some useful short preview and resources . If you want to check the quality of your WordPress Web Server host, Google offers a incredible tool to start you will be surprised. You will know more thatn your host about there security. Nearly every day i read about hacked WordPress and jomla web spaces even with updated software . Many Austrian Government webpages get attacked redirected or simple file folder permission was wrong and huge datasets with personal files get published on the internet. Mostly if your webpage get vulnerable its only a question of time before some one install his project on your webspace google will find it on the next time it cowls your page and Blacklist your domain. Its happen twice to me thats the reason i share some resources and hints that could be useful for you too.

Safe Browsing

Diagnostic  Advisory

You can enter yourpage or the page of your host Domain , Hosts will get a short string like AS:6830  for UPC 


How it will affect you even if your webspace is clean
Most Wespaces are shared host so you share the CPU memory and mostly Linux Server with many others. If a webpage get infected or malware installed the injector will brute force the maximum output. The perfomance of your webspace will drop into hell.

2) If once you get infected Google will bann your Url form all Search results, even when its only a Search redirect.

3) Check your trafic regularly for unnatural trafic peeks or dops. If a “Bad Boy” find your server vulnerable he will work on it to prepare your webspace for his needs. Mass Email , Redirect to Pharma shops , Aviliate ect most of the stuff is to make money so they are very professional in there attacks.

4) Double check every registration visit from Poland Russia and Turkey if you dont need that trafic you can block it in the htacces with a  Country Block

5) Change your Password regularly and make them strong like Arnold Schwarzenger  you dont want to lose all your posts and time you spend on your Blog

6) The better your Blog is ranked in Google Bing or yahoo  the higher the interest to force screw on your domain.

7) Bad code can be hidden in BAse64 coded part of your template or even in pictures uploaded to the Wp upload directory and executed

Most time Host company dont talk or blog about there vulnerable parts  as its against there business , but as a client you have the right to know for what you pay. About 99% they will tell you  your plugin software is not uptoodate . The true is there apache configuration will allow ftp and root acces to the attacker.

Releated Wiki Botnet

Some Free Tools to find and isolate infected pages

Find hidden malware on your Server.

Best malware scanner  / sURLs analysis :

More infos you can find also at