Cyberattacks suck – and as webmasters we have to deal with a lot of them. All the time. From SoakSoak, to WannaCry, malware and cyber attacks have been on the rise for years. The SiteLock Website Security Report for Q1 2018 recently showed that 1% of sampled sites are infected – which sounds like a […]
Tag Archives: server security
429 Million Identities Have Been Exposed in 2015
Online security is an ever increasing concern, with new data-breaches occurring almost monthly – and more and more scams and hacks being thrust upon the public. Symantec has published the latest Website Security Threat Report and there are some rather alarming statistics within the report. Here are just some key statistics: 318 data breaches reported […]
Media Temple Launches CloudTech Security Powered By SiteLock
SiteLock is by far the most popular website security solution out there today – catering to roughly 5 million customers around the world. Thanks to the recent partnership with Media Temple the SiteLock suite of services will now be activated across the 1.5 million websites managed by Media Temple! The new service is called CloudTech […]
Warning: SoakSoak Malware Compromises 100,000+ WordPress Websites
Sucuri has picked up the SoakSoak malware which has compromised over 100,000 websites so far. The point of entry seems to be the same vulnerability Sucuri pointed out a few months back associated with the WordPress plugin Revolution Slider. That being said make sure you’re updated to the latest version of Revolution Slider if you’re […]
Warning! Every Drupal 7 Website was Compromised Unless Patched
A few weeks ago Drupal released an update to a critical SQL Injection vulnerability and urged all their users to update or patch their sites immediately. Initially the scope of the vulnerability wasn’t known however today the Drupal team released a public service announcement that really hit home how important that update was. You should […]
SSLv3 Disabled on Rapid Purple Shared Hosting Servers
Heads up Rapid Purple hosting customers – following the recent POODLE bug we have disabled SSLv3 support on all our shared hosting servers. That unfortunately means that those of you using Internet Explorer 6.0 or older (and based on our stats that’s a small handful of you) will not be able to access any SSL […]
4 Newly Added Free Webmaster Resources
I haven’t really added anything worthwhile to the Free Webmaster Resources Directory in a little while – luckily I’ve been playing around with a few awesome new webmaster resources lately and they seemed to be the perfect candidates to be added to the directory. First up is Infoactive. Infoactive offers an online platform to develop […]
Webmasters Read This Before Disabling SSLv3 for cPanel/WHM
Following the announcement of the SSL Poodle vulnerability most webmasters have been hard at work securing their servers. Alas while doing some of these updates myself I had discovered that while it is possible to disable SSLv3 for cPanel services on ports 2083, 2087, 2096 – this breaks connections to cPanel from all current versions […]
New SSL Security Bug Prompts Google To Drop Support For SSL 3.0
Google has published details regarding the latest vulnerability within SSL called Poodle – this time targeting SSL 3.0. The newly found exploit allows one to steal secure cookies and other …
Shellshock Exploit: What It Is, What It Means, & What To Do
Surely you’ve heard the term Shellshock exploit be mentioned everyone across the internet these last couple of days, however what is it exactly and what does it really mean for you? Well, Shellshock is the name for a brand new exploit which targets a vulnerability in Bash. Bash, an acronym for Bourne Again Shell, is […]
Warning: WordPress Slider Revolution Critical Security Vulnerability
I know that Wordpress 4.0 was released last night and the majority of the Wordpress community is spending these next few days updating their websites and fixing any bugs and issues that arise. With that …
ModSecurity Enabled On All VPS Accounts
Back in December of 2013 I had finally gotten ModSecurity perfected and launched it as a public feature across all Rapid Purple shared hosting accounts. After some more months of work I am excited to announce that now the highly effective anti-hack firewall is enabled with all Rapid Purple VPSs as well. As with shared hosting accounts, […]
FireHost Reports 160% Increase in Cross-Site Scripting Attacks
Secure cloud hosting company, FireHost, has recently announced its Q4 2012 web application attack statistics, detailing the type and number of cyberattacks blocked by
Trojan Port List
Following the recent breach of the popular hosting company, ServerPro, the internet is back to buzzing about trojans and server ports, which it should be. It never should have stopped in the first place. With that in mind – comes this list – listing the majority of the more popular known trojans, and the ports […]
Server Security: Turn Off rwhod
The rwhod daemon is a process that allows a remote user to see who is logged into your system. The client program is rwho. It has many of the same security problems as the finger daemon. For a crack,er use of rwho could allow him to watch for times on your system when nobody is […]