Tech Translated

IT Security & Technology Blog

Practical IT insights for Australian businesses. Our team covers cybersecurity advisories, compliance updates, and plain-English explainers on the technology your business relies on, published regularly as the landscape shifts.

All IT Services explainer graphic with document, magnifier and EXPLAINED label

What is a webshell? The silent backdoor on hacked websites

You’ve probably heard the term “webshell” pop up in cybersecurity news lately — including in the ACSC’s recent alert about CMS exploitation. But what actually is one, and why should a business owner care?

A webshell is a small script — usually just a few lines of code — that an attacker uploads to a web server after finding a vulnerability. Once it’s there, it acts like a hidden control panel. The attacker can visit a specific URL, type commands, and your server executes them. No login required, no alarm bells ringing.

Why they’re hard to spot

Webshells are designed to blend in. They often have innocent-sounding filenames like config.php or helper.js and sit quietly among thousands of legitimate files. They don’t consume noticeable resources, they don’t slow your site down, and they don’t change what visitors see — at least not at first. A webshell can sit dormant for months before an attacker decides to use it.

What an attacker can do with one

Once a webshell is active, an attacker can steal customer data, install ransomware, send spam from your mail server, deface your website, or use your server to attack other organisations. It’s essentially full remote access disguised as a web page.

How to protect your business

The best defence is keeping your CMS, plugins and themes up to date — most webshells get planted through known vulnerabilities that already have patches available. Remove plugins you’re not using, use a web application firewall, and have your IT provider run regular file integrity checks. If your website isn’t part of your managed IT environment, it’s a blind spot worth addressing.

Related Guide

Cybersecurity for Sydney SMBs

Explore our complete guide to protecting your business from cyber threats.

Read the Full Guide →