Reactive and Instant Remediation
Incapsula Backdoor Protection will detect and neutralize backdoors even if you activate Incapsula after the backdoor was uploaded.
Incapsula Backdoor Protection, detects and blocks any attempt by hackers to install or operate a backdoor on your site. It also notifies you of the location of the backdoor so you can instantly remove it.
Detects backdoors by eavesdropping on the website traffic and identifying when a backdoor is being operated.
Quarantines the backdoor by denying access to it, rendering it useless.
Notifies the website administrator and pin-points the backdoor for removal.
One of the first things a hacker does after breaking in to a website is install a backdoor. A backdoor allows the hacker to remotely operating the site or server for future exploitation.
Easy command and control of the server even after the original exploit that enabled activating the backdoor was patched.
Maintain site/server access for the purposes of distribution of malware & spam, credit card or other sensitive data theft, perpetrating DDoS attacks.
Currently, the most common method of backdoor shell detection involves server-wide scans to to find modified files or files that “should not be there”.
Searching for illegal files, however, is like looking for a needle in a haystack. This is because backdoor shells are usually heavily encrypted and can be installed anywhere and under any alias.
The complexity of such scans is compounded by the fact that most websites are built on external frameworks and include 3rd party extensions. Thus, traditional scanning solutions are only effective against the most naive attack attempts.