Conditional redirections are classified differently than the iframe/javascript ones because they are generally done though the HTTP headers (via .htaccess) to redirect users from certain browsers or locations to malware/malicious locations. Referrer...
JavaScript is a coding language that can be executed directly by the browser and many other applications that support it such as: PDF, email readers, etc. Javascript malware Because it is a full programming language executed by the browser...
Layer 7 HTTP Flood – Cache Bypass is the smartest type of attack. The attackers try to use URLs that cause the most damage making the site use up all of its resources without being cached. For example, an attack can do random dictionary...
A distributed denial-of-service (DDoS) attack happens when multiple IP addresses (sources) are trying to DoS (denial-of-service) a chosen target. This means that the targeted site or server gets so many requests that it cannot respond to legitimate...
“An HTTP flood attack is a type of Layer 7 application attack that utilizes the standard valid GET/POST requests used to fetch information, as in typical URL data retrievals (images, information, etc.) during SSL sessions. An HTTP GET/POST flood is...
A Layer 3 DNS Amplification is a type of DDoS attack where the attacker hides the origin of the attack from the targeted site by reflecting the attack off of a third party. It also uses amplification, meaning that the victim receives more byte...
Brute force, or password guessing, attacks are very common against websites and web servers. They are one of the most common vectors used to compromise websites. The process is very simple and the attackers basically try multiple combinations of...
Brute force directory guessing attacks are very common attacks used against websites and web servers. They are used to find hidden and often forgotten directories on a site to try to compromise. Directory Guessing Targets Attackers generally focus...
What is SSL? An SSL (Secure Sockets Layer) is a certificate on the website that allows for the safe passage of encrypted information from the client to the host server. If your site uses an SSL certificate, it is important to know the status of the...
Here’s a quick explanation on what some of our server alerts and errors mean. 403 error The 403 error is the ‘Forbidden’ error. It’s triggered when website or file settings have been configured with permissions above what users or the scanner...