What kind of attacks are there, and will SpoofProof™ protect me from them?

There are so many types of attacks that it is impossible to name them all.

That said, I will list the common ones (common because there are more effective)

  1. DDOS (also DOS)
  2. Spoofing
  3. Phishing
  4. MItM
  5. MIB, MIM
  6. Brute Force
  7. Insertion attacks
  8. Exploits (Including Zero Day)

DDOS and DOD (Distributed Denial Of Service and Denial Of Service) attacks are basically attacks against your hardware capacity to bring your site down and or distract you from other attacks taking place at the same time.  A DDOS attack over whelms your hardware with requests for pages.

Spoofing is where they copy a website and try to get people visiting the site to enter their username and password so the hacker can collect it.

Phishing is basically where they send out emails telling people to go to a site (often a phishing site) often they will pretend to be an entity like “your bank” saying you need to come login and check some important thing.

MItM is where the hacker sets up a site that may or may not have a certificate, but passes anything you tell it to the legitimate site, as if it came from you.  the legitimate site responds and they pass this data on to you.  you think you are talkig to your site, so you give them information, usernames, passwords account balances, etc without even knowing it.

MIB (Man In the Browser) and MIM (Man In the Machine) are your website being accessed by machines that are already compromised.  there is not much you can do for those people.

Brute Force is where some one tries combinations either from a dictionary, or a progression of possible combinations to get into your site.  The only defense is to lock machines out after a specified number of tries for a specified period of time, making the brute force take too long to be profitable.

Insertion attacks are where code (JavaScript / SQL / PHP / ASP / ETC) is inserted into a user editable field and slipped into the website, this can compromise data, and the site itself.

Exploits are chinks in the armor of a program running on the server, an Exploit is “Zero Day” if it is not publicly known.  Good software companies issue patches as fast as they can to close such loopholes in security, hence Zero Day exploits are more powerful than ones that are likely to be patched at any time.

SpoofProof™, as the name implies stops Spoofing, Phishing and MItM attacks with a Patent Pending technology.  We also strip tags for JavaScript, PHP, SQL etc from comments that call the posting API protecting your whole site from injection attacks, lastly, our service is watching Brute Force attacks and will interupt such an attack, by locking it out for five(5) minutes.  We may make that longer or user configurable in the future.

In short, we stop Spoofing, Phishing, MItM, insertion and Brute Force attacks.

Do I really need to protect a WordPress website?

As of the writing of this FAQ a google search of “WordPress website hacking” returned over 2 million hits.

If you are a blog with no E-Commerce, no logins for guests and no forum for users to give you feedback, you may feel you are safe already, and truthfully, you might never be found by a hacker.

If you have a PayPal account, Merchant account or anything to sell, Hackers are looking for you.  IT’s simple, $200 US in the Philippines or Russia goes a long way. If you have a membership site and users who have entrusted you with user-names and passwords, those are valuable to a hackers because they can sell them, the email addresses, can be added to a list they can sell, the user-names and passwords, sadly are often used on all the accounts online the customer goes to, so banks, credit unions, stock management accounts, etc can all be hacked because the hacker got into your site.  For those, hackers look for small unprotected websites that are easy money.

I’m not trying to scare you, but this is reality, click the google search and see for yourself what the hackers are looking for.

How can I see a report of activity on my site?

Go to Plugins | SpoofProof | Settings | Account

There will be a table of activity against your account.

You can block an IP address for 20 minutes by entering the IP address and clicking the Block IP Address for 20 minutes

Can I test to see if my the plugin is working?

There are several tests you can do to make sure your SpoofProof™ control is protecting your website.

Testing brute force detection:

Simply click on the Next button five or six times (wait a second in between) and the login page should start telling you that you have been locked out.

Testing Two-Stage Login Screen:

Type an invalid Username into the Username input and click the Next button. The dialog should ask you if you miss typed your username. The Two stage login process keeps people from using Spoofing and or Phishing to compromise your website.

Testing JavaScript/SQL/PHP/ASP stripping with SpoofProof:

While not logged in as administrator, enter a comment/post/ (as a guest editor) then look at the post to see if the text between the tags is visible, or if it has been stripped out.

Testing the MItM detection

Simply click the Simulate attack check box on your login screen and click the next button. The SpoofProof™ plugin will purposefully mess up your computer’s profile the way MItM attacks often do and allow the SpoofProof™ service to detect a MItM attack. When the message saying you are being attacked appears in your login dialog box, you know the detection is active.

Why do my Images show broken image link boxes?

I installed SpoofProof, and can’t see images in the settings | Images tab.

If the name of the zip file was changed from “spoofproof.zip” all in lower case, then uninstall the plugin, name the zip file correctly, then reinstall, your database settings are safe, you should start seeing the images.