Assisting You in Making the Most of Your Online Presence

At White Fir Design we are focused on assisting you in making sure that you make the most of your online presence. Whether you are a new business, an established business, or a non-profit organization we provide services that will assist you in creating or improving online presence. We provide an assortment of web design, security, and marketing services. We provide the technical expertise needed to quickly and easily create or improve your online presence, so that you can spend your time on what you do best. We work hard to provide you value for your investment in your online presence and we make sure that you are fully satisfied with the work we do.


Latest Blog Posts


You Shouldn't Hire Someone to Clean Up a Malware Infected Website Until They Have Confirmed There is an Issue
If you deal with malware infected websites on a regular basis, like we do, you know that with just about any issue that can occur with a website there will be someone who thinks it was caused by malware or some other hack, so what we always want to determine before taking on a cleanup of a website the owner thinks is infected, is if it is really infected. That isn't the case with everybody, as thi... Read More

The Wordfence Security Plugin Continues to Fail to Live Up to its Claim to Stop Websites from Being Hacked
A couple of hacked websites we were contacted about recently are reminders contrary the marketing of the most popular WordPress security plugin, Wordfence Security, that it "stops you from getting hacked", it doesn't accomplish that. In one of those situation we were provided a list of malicious files that had been supplied by the web host and one of them was stored in directory for the Wordfen... Read More

Hackers Using Insecure Magento Extensions to Access Magento Admin Login Page Without Knowing Normal Address
While reviewing the log files while cleaning up a hacked Magento website recently we ran across a reminder that a common security practice isn't full proof. With the Magento software and some other software the software has a built in capability to use a non-standard address for the login page for the admin portion of the website. With other software that is commonly promoted security feature to b... Read More

Hacker Using SQL Injection Vulnerability to Add "magentoupdate" Admin Account to Magento Websites
As is a common occurrence, we were recently hired to re-clean a hacked website that the security company Sucuri, which is owned by GoDaddy, had repeatedly failed to properly clean. This time it was a Magento based ecommerce website we were cleaning. As is standard issue in those situations they had missed malicious code that should have been easy to find. What we also found was that the hacker had... Read More

A Web Application Firewall (WAF) is Not the Way to Deal With the Reoccurrence of a Hack of a Website
These days quite a bit of our business dealing with the cleanup of hacked websites is re-cleaning websites after other security companies didn't clean them up properly before us. Troublingly we recently noticed a company that offers to clean up websites, ASTRA Security, treating that as a normal result and using it to promote using web application firewall (WAF), which they also sell: Even after ... Read More