Assisting You in Making the Most of Your Online Presence

At White Fir Design we are focused on assisting you in making sure that you make the most of your online presence. Whether you are a new business, an established business, or a non-profit organization, we provide services that will assist you in creating or improving online presence. We provide an assortment of web design, security, and marketing services. We provide the technical expertise needed to quickly and easily create or improve your online presence, so that you can spend your time on what you do best. We work hard to provide you value for your investment in your online presence and we make sure that you are fully satisfied with the work we do.


Latest Blog Posts


Fresh Installs of WordPress Apparently Being Hacked Based on Public Disclosure From Let's Encrypt
It's long been a known issue that if you place a copy of WordPress on a publicly accessible website, but don't configure it, hackers will eventually configure it, which gives them access to the website. This works because WordPress has no restrictions on configuring it once the files are loaded on the website and you can configure it with a database on another server, so you don't need to have acc... Read More

A Malicious File in Your WordPress Site's Uploads Directory Doesn't Necessarily Mean It Is Infected
Before we take on a hack cleanup of a WordPress website, we always want to make sure the website is actually hacked. That is important for an ethical security provider because in many instances where there is a belief or a claim that a WordPress website is infected with malware or otherwise infected, that turns out to not be the case. Recently we had someone contact us that had a security compa... Read More

Latest Versions of Moodle Contain Publicly Disclosed Authenticated SQL Injection and XSS Vulnerabilities
A week ago an authenticated SQL injection vulnerability and a cross-site scripting (XSS) vulnerability that exist in the latest version of Moodle was publicly disclosed. The post that was done in makes no mention of notifying the Moodle developers about the issue. The vulnerabilities received more exposure in a article on a news outlet owned by the security company PortSwigger yesterday. Curiou... Read More

Backups Made With WordPress Plugins Might Not Back Up All of Your Website
When it comes to dealing with a hacked website, one of the recommended solutions is to revert the website to a clean backup. There are multiple possible issues with that, including not knowing whether a backup is clean or not, as well as that reverting to a backup doesn't resolve the underlying issue that caused the hack in the first place. Another problem we noticed while dealing with a recent... Read More

This Doesn't Inspire Confidence in cPanel's Understanding and Handling of Security
One problem that companies in the web security space have to deal with is the large volume of inaccurate security advice that is out there, much it coming from people that you should be able to rely on, including web security companies. One company that you would hope that you could rely to provide accurate security information would be company behind the widely used cPanel web hosting control ... Read More