Backdoor Protect

Incapsula Backdoor Protect, detects and blocks any attempt by hackers to install or operate a backdoor on your site. It also notifies you of the location of the backdoor so you can instantly remove it.

Backdoor Protect: Detects and Quarntines Malware Shells

See How Incapsula's Backdoor Protect works:

1 - Detects

Detects backdoors by eavesdropping on the website traffic and identifying when a backdoor is being operated.

2 - Quarantines

Quarantines the backdoor by denying access to it, rendering it useless.

3 - Notifies

Notifies the website administrator and pin-points the backdoor for removal.

Backdoor Protect Walkthrough

Backdoor Protect Advantages

Reactive and Instant Remediation

Incapsula Backdoor Protect will detect and neutralize backdoors even if you activate Incapsula after the backdoor was uploaded.

Adaptive Security

Backdoor signatures and heuristics are constantly updated within Incapsula’s security engine.

Non Intrusive

Can be activated without installing any hardware of software or making changes to the website.

About Website Backdoors

One of the first things a hacker does after breaking in to a website is install a backdoor. A backdoor allows the hacker to remotely operating the site or server for future exploitation.

BackDoor Key advantage for hackers

Easy command and control of the server even after the original exploit that enabled activating the backdoor was patched.

Common usages of backdoors

Maintain site/server access for the purposes of distribution of malware & spam, credit card or other sensitive data theft, perpetrating DDoS attacks.

Backdoor Shell, Malware Control Panel

The Challenge of Detecting Website Backdoors

Searching for a website backdoor is like looking for a needle in a haystack. A backdoor can be installed anywhere on the server under any name or alias.

The only currently feasible method to detect a backdoor is by searching every directory & sub-directories on the website, attempting to find a file/s that “should not be there”.

The complexity of doing this is compounded due to the fact that most websites are built on 3rd party frameworks and include other 3rd party extensions. Thus, detecting a single file that “should not be there” – is virtually impossible. Website scanners that scan websites from the outside are practically unable to detect such backdoors because the possible location and filename of a backdoor is infinite and cannot be determined from the outside.