From DNS to Web Fingerprints: Introducing DNSArchive Web Search
DNSArchive now goes beyond passive DNS history with a new Web Search feature that fingerprints websites—headers, CMS versions, linked assets, and more—for faster investigations and infrastructure mapping.
Introducing API Security: Access Control Protection
Announcing NOC’s API Security & Access Control: edge-level authentication, authorization, and abuse prevention to keep APIs fast and safe.
How a Web Application Firewall (WAF) and Content Delivery Network (CDN) Mitigate Protocol Attacks
How WAFs and CDNs work together to filter malicious traffic, distribute load, and maintain availability during protocol-layer attacks.
Proactive Website Security with Custom Honeypots — A NOC Feature
Use NOC Custom Rules to build honeypot URLs that only bots should touch—then auto-block scanners with stealth responses to keep attackers unaware.
eCommerce Security: Don’t Host Your Own Payment Pages or Forms
Why merchants should avoid hosting card payment pages and forms, and practical alternatives that reduce risk and PCI scope.
A Guide to Email Security for Domain Owners
A practical guide to SPF, DKIM, DMARC, MTA-STS/TLS-RPT, and BIMI—how to publish DNS records, enforce alignment, monitor reports, stop spoofing, and improve deliverability.
Bringing a Domain to Life: Choosing Between Closed and Open Web Platforms
A practical framework for deciding between closed (SaaS) site builders and open (self-hosted) platforms—covering speed, cost, security, SEO, compliance, extensibility, and long-term portability.
Responding to Security Incidents – Incident Response Plan Basics and Log4Shell
A practical primer on building an incident response plan aligned to NIST CSF, using Log4Shell to walk through identification, prioritization, remediation, and communication.
Registries, Registrars and DNS
A clear primer on the roles of registries, registrars, and DNS—how they interact and what control you actually have over your domain.
Introducing DNS Archive (formerly DNSRepo)
DNS Archive—formerly DNSRepo—is a free network visibility tool powered by NOC’s global data: enumerate subdomains, find domains by IP, and more.
Securing WordPress in The Enterprise
Enterprise-focused WordPress hardening: access controls, file integrity, and limiting lateral movement, with practical server and application configurations.
WooCommerce Patches Two SQLi Vulnerabilities
Details on the 2021 WooCommerce SQLi fixes (core search and Blocks taxonomies), why they mattered, and how to protect stores—including virtual patching via WAF.
The Affects of a CDN on your Websites Performance and Users Experience (and Google)
Real measurements from GTmetrix, WebPageTest, and Uptrends showing how a CDN improves FCP, LCP, and overall load time across regions.
The Affects of a CDN on your Websites Performance and Users Experience (and Google)
Real measurements from GTmetrix, WebPageTest, and Uptrends showing how a CDN improves FCP, LCP, and overall load time across regions.
Log4Shell – Lessons Learned in 30 Days
Lessons learned from the first 30 days of Log4Shell (CVE-2021-44228): how it works, real-world activity, and practical mitigation options.
NMAP – A Free Network Mapping Tool
An introduction to Nmap, the open-source network discovery and security auditing tool, with practical tips and NSE scripting examples.
Introducing Support for WebSockets
NOC now supports persistent WebSocket connections at the edge—ideal for real-time apps like chat, dashboards, multiplayer games, and streaming updates.
Using cURL to Test the NOC CDN Performance against Fastly, Sucuri and Cloudflare
How to use cURL to compare Time to First Byte (TTFB) across CDNs (NOC vs Fastly, Sucuri, Cloudflare) from multiple regions.
Using cURL to Test the NOC CDN Performance against Fastly, Sucuri and Cloudflare
How to use cURL to compare Time to First Byte (TTFB) across CDNs (NOC vs Fastly, Sucuri, Cloudflare) from multiple regions.
WordPress Security: BackupBuddy Plugin Vulnerability Active Exploit Attempts
Active exploit attempts targeting BackupBuddy (v8.5.8.0–8.7.4.1). Details on the LFI vector, real-world IOCs (admin-ajax.php/admin-post.php, wp-config.php, /etc/passwd), observed attack timelines, and mitigation tips.
Navigating 81 Layers of Encoding to Reveal the C&C
We decode a heavily obfuscated payload used in a SERP hijacking campaign and follow it to the attacker’s C&C.
Hijacking a Website’s SERP Results with SEO SPAM
How attackers hijack a site’s search results using large-scale SEO spam, sitemaps, and persistence mechanisms.
Optimized Origin with the NOC CDN
How NOC’s optimized-origin routing improves performance by choosing the closest healthy origin per region—plus round-robin and failover options.
WordPress PHP Backdoor to DDoS Attacks
How a PHP backdoor planted in a WordPress core file was used to launch outbound DDoS attacks—decoded payloads, indicators, and defense tips.
Analyzing 17000 Spam Links on a Hacked WordPress Site
We dig into a 17,000-link SEO spam injection on a hacked WordPress site—what it was, how it was planted, and what we can learn from it.
The Domain Name System (DNS)
DNS is the fabric that maps human-friendly names to IP addresses. This guide explains the DNS hierarchy, how lookups work, and which parts you can control as a user and website owner.
Protecting SSH on Web Servers
Practical SSH hardening for web servers—key configuration tips plus an allowlist model using IPAuth to reduce attack surface.
What Hackers Do with WordPress in 2022 - Post Hack Analysis
This article explains what hackers do with WordPress once they successfully hack a website.
Automated Attacks Against WordPress Target Old Vulnerabilities
Evidence from a fresh deployment shows bots quickly probing for years-old plugin flaws and blindly attempting wp-config.php grabs.
How WordPress Gets Hacked in 2022 - Initial Reconnaissance
This article shows the techniques used to hack a WordPress site in 2022.
The Most Effective Security Control for Open Source Admin Panels Never Used
Exposing wp-admin (and other CMS admin URLs) invites automated attacks. This guide shows why default-deny access controls—IP allowlisting or browser authentication—are the most effective, underused defense.
The Importance of Asset Monitoring
Why monitoring servers, websites, API endpoints, and domains matters—and how to cover both CDN edge and origin for true availability and performance visibility.
A Website Security Framework Intro
A practical website security framework inspired by NIST CSF—how to structure Identify, Protect, Detect, Respond, and Recover, make security continuous, and start with asset inventory.
How the JSON API and XMLRPC are used for Brute Force Attacks Against WordPress
How attackers enumerate users via WP-JSON and brute force credentials through XMLRPC (including system.multicall), plus practical hardening tips.
How to Improve the Largest Contentful Paint (LCP) – Web Core Vital Metrics
Where LCP fits in Core Web Vitals, what hurts it (images, render-blocking assets, slow backends), and practical fixes—plus how CDNs help.
Open-Source CMS and Software Bill of Materials (SBOM)
Why SBOMs matter for open-source CMS ecosystems (WordPress, Drupal, Joomla, Magento) and how CycloneDX helps manage software supply-chain risk.
WordPress 5.8.3 Security Release
PSA for WordPress 5.8.3: four security fixes affecting versions 3.7–5.8, including stored XSS, object injection, and SQL injections in WP_Query and WP_Meta_Query. Update now.
Cloud-based Web Application Firewalls (WAF) & The Log4J Vulnerability
How cloud WAFs help mitigate evolving Log4Shell payloads with rapid virtual patches and off-prem inspection.
Does DNSSEC Matter?
A practical look at what DNSSEC actually secures, where it helps, and why many teams still avoid deploying it.
Active Exploits against CVE-2021-41773 (Apache)
What we observed during active exploitation and how WAF + DNS automation reduces risk fast.
Web Applications / Assets Led the Charge in Breaches in 2020 According to the Verizon DBIR
Key takeaways from the 2021 Verizon DBIR: web apps and servers dominated 2020 breach vectors, with many incidents tied to old CVEs and access abuse. Practical guidance on patching, prioritization, and WAF virtual hardening.
Recovering a Business From a Cyber Attack
A practical framework to help small and mid-sized organizations recover after a cyber incident—what to ask, who should lead, and how to communicate.
Arbitrary File Vulnerabilities And Why They Matter to Your Website
Explains arbitrary file vulnerabilities (read, download, upload, execute), how attackers chain them, why GET-based probing is common, and how a WAF can virtually patch at the edge.
Evolving the CDN / WAF Stack
How NOC’s architecture combines Anycast Authoritative DNS, CDN, and WAF to balance performance, flexibility, and security.
WordPress Forced Updates vs Auto-Updates and Abusing User Defined Intent
This article talks about forcing updates in the WordPress platform, and provides opinions on how that affects user-defined intent.
Autodetecting Network Failures & Self-Healing for Optimal Availability
Use Authoritative DNS with smart routing and health checks to detect outages and fail over automatically—then recover gracefully.
Steps To Recovering Servers Post-Hack
A practical framework to decide when to rebuild from fresh OS images vs. restore from backups—and how to phase recovery without risking business continuity.
Using cURL to Test the Performance of a Website
Learn how to use cURL to measure DNS lookup time, connect time, time to first byte (TTFB), and total load time for quick site performance diagnostics.
NOC Content Delivery Network (CDN)
Accelerate global delivery with smart edge caching, geo-routing, and high availability.
NOC Web Application Firewall (WAF)
Protect apps with virtual patching, request hardening, and bot/credential abuse mitigation.
NOC Authoritative DNS
Resilient, smart-routed authoritative DNS with self-healing and global redundancy.