Reactive and Instant Remediation
Incapsula Backdoor Protect will detect and neutralize backdoors even if you activate Incapsula after the backdoor was uploaded.
Incapsula Backdoor Protect, detects and blocks any attempt by hackers to install or operate a backdoor on your site. It also notifies you of the location of the backdoor so you can instantly remove it.
Detects backdoors by eavesdropping on the website traffic and identifying when a backdoor is being operated.
Quarantines the backdoor by denying access to it, rendering it useless.
Notifies the website administrator and pin-points the backdoor for removal.
One of the first things a hacker does after breaking in to a website is install a backdoor. A backdoor allows the hacker to remotely operating the site or server for future exploitation.
Easy command and control of the server even after the original exploit that enabled activating the backdoor was patched.
Maintain site/server access for the purposes of distribution of malware & spam, credit card or other sensitive data theft, perpetrating DDoS attacks.
Searching for a website backdoor is like looking for a needle in a haystack. A backdoor can be installed anywhere on the server under any name or alias.
The only currently feasible method to detect a backdoor is by searching every directory & sub-directories on the website, attempting to find a file/s that “should not be there”.
The complexity of doing this is compounded due to the fact that most websites are built on 3rd party frameworks and include other 3rd party extensions. Thus, detecting a single file that “should not be there” – is virtually impossible. Website scanners that scan websites from the outside are practically unable to detect such backdoors because the possible location and filename of a backdoor is infinite and cannot be determined from the outside.