Website attacks are becoming more and more popular these days, and Base64 attacks are by far one of the most common. They focus on exploiting a PHP vulnerability within a website and injecting malicious, base64-encoded code. The main targets of such attacks are usually out-dated, poorly coded, or nulled plugins. With that said if you’ve […]
Tag Archives: security
Warning! Every Drupal 7 Website was Compromised Unless Patched
A few weeks ago Drupal released an update to a critical SQL Injection vulnerability and urged all their users to update or patch their sites immediately. Initially the scope of the vulnerability wasn’t known however today the Drupal team released a public service announcement that really hit home how important that update was. You should […]
SSLv3 Disabled on Rapid Purple Shared Hosting Servers
Heads up Rapid Purple hosting customers – following the recent POODLE bug we have disabled SSLv3 support on all our shared hosting servers. That unfortunately means that those of you using Internet Explorer 6.0 or older (and based on our stats that’s a small handful of you) will not be able to access any SSL […]
4 Newly Added Free Webmaster Resources
I haven’t really added anything worthwhile to the Free Webmaster Resources Directory in a little while – luckily I’ve been playing around with a few awesome new webmaster resources lately and they seemed to be the perfect candidates to be added to the directory. First up is Infoactive. Infoactive offers an online platform to develop […]
Webmasters Read This Before Disabling SSLv3 for cPanel/WHM
Following the announcement of the SSL Poodle vulnerability most webmasters have been hard at work securing their servers. Alas while doing some of these updates myself I had discovered that while it is possible to disable SSLv3 for cPanel services on ports 2083, 2087, 2096 – this breaks connections to cPanel from all current versions […]
New SSL Security Bug Prompts Google To Drop Support For SSL 3.0
Google has published details regarding the latest vulnerability within SSL called Poodle – this time targeting SSL 3.0. The newly found exploit allows one to steal secure cookies and other …
Shellshock Exploit: What It Is, What It Means, & What To Do
Surely you’ve heard the term Shellshock exploit be mentioned everyone across the internet these last couple of days, however what is it exactly and what does it really mean for you? Well, Shellshock is the name for a brand new exploit which targets a vulnerability in Bash. Bash, an acronym for Bourne Again Shell, is […]
Warning: WordPress Slider Revolution Critical Security Vulnerability
I know that Wordpress 4.0 was released last night and the majority of the Wordpress community is spending these next few days updating their websites and fixing any bugs and issues that arise. With that …
New Study Shows Fake Googlebots Used for DDOS Attacks
Googlebots are an essential part of the Google search engine. Constantly crawling the world wide web looking for new links and websites to ensure that you get the latest …
ModSecurity Enabled On All VPS Accounts
Back in December of 2013 I had finally gotten ModSecurity perfected and launched it as a public feature across all Rapid Purple shared hosting accounts. After some more months of work I am excited to announce that now the highly effective anti-hack firewall is enabled with all Rapid Purple VPSs as well. As with shared hosting accounts, […]
Time To Reset The Net!
There has been a new campaign making its rounds across the internet lately called “Reset the Net” – and I personally fully support it. The campaign arose as a response to the shocking revelations of government surveillance exposed by whistleblower Edward Snowden in June last year. The Reset the Net event looks to commemorate the first anniversary […]
Yet Another Reminder to Choose Secure Passwords
There is a great article circulating the interwebs this week discussing the Worst Passwords of 2013 – or more specifically the Top 25 Worst Passwords. The list, compiled by SplashData, is based on files containing millions of stolen passwords which have been posted online in the last year. Sadly this list goes to show just how […]
GoDaddy Offering $4 .COM Domains with Free WHOIS Privacy
Most of you are already familiar with the amount of personal information you put out onto the Internet when you register a domain name. This might not be much of an issue for a company or a business, as they would simply list their business identity into the WHOIS database, however what if you’re simply […]
FireHost Reports 160% Increase in Cross-Site Scripting Attacks
Secure cloud hosting company, FireHost, has recently announced its Q4 2012 web application attack statistics, detailing the type and number of cyberattacks blocked by
SiteLock Partners With 1&1, Announces 1&1 SiteLock Scanning
SiteLock has recently announced a new partnership with 1&1 Hosting; which will surely help SiteLock reinforce their leadership position in the small business website security market.
Trojan Port List
Following the recent breach of the popular hosting company, ServerPro, the internet is back to buzzing about trojans and server ports, which it should be. It never should have stopped in the first place. With that in mind – comes this list – listing the majority of the more popular known trojans, and the ports […]
Create Strong Passwords!
Following a recent issue I had with my Xbox account – I decided to write up a quick article touching upon creating secure and strong passwords for yourself. Let’s face it – most of you create passwords that are easy and simple to remember – which means that the password is just that much easier […]
SQL Injections – A Powerpoint Presentation
If you haven’t noticed more and more web-related services have been getting hacked lately – and these aren’t small websites either. Infragard – an FBI affiliate, the CIA website and the FBI’s Detroit phone network, the threats and attacks on Unveillance, and ofcourse who can forget the Sony hacking that has went on. What the […]