Private and Shared Hosting

Private and Shared Hosting

In my last post I talked about Google’s free SEO tools that included a report on successful SEO methods over the past year.  A recurring argument in that report was that branding is playing a continuingly enhanced role in search rankings as opposed to the more technical aspects of site building.  With so many options available for IaaS and SaaS the major factor in online branding has become security.  Should your online business take extra steps to ensure privacy and if so is your website duly trusted by search engines as well as clients? One way to be able to boast security is through customized or private hosting.  Privately hosted servers are dedicated to your business alone and are as secure as your front end.  If your business collects private information from customers then it is your responsibility to safeguard that information through enhanced security.  Shared servers suffer the vulnerabilities of their weakest sites and after the numerous recent hacks of both governmental and private services like the recent break into dating website Ashley Madison not to mention the breach of the U.S. IRS database many online users have become more concerned about the safety of information kept in large stores. If your website is not dedicated to collecting the world’s secrets then the problems that face shared hosting should not concern you too greatly.  There are enough steps that you can take on your own to reduce risk. Using secure and trusted themes or hiring a trustworthy and capable web designer can prevent front end attacks like SQL injections Limit access to your website by third parties (e.g....
Is Your WordPress Website getting hacked? Here’s a guide to secure WordPress

Is Your WordPress Website getting hacked? Here’s a guide to secure WordPress

With WordPress powering 61% of CMS based websites, it has become a lucrative target for hackers. Google blacklisting for phishing and email blacklisting for spamming is quite common in WordPress hosting. A well maintained WordPress site is immune to hacking, but in shared hosting, the majority of WordPress websites will be un-patched, and vulnerable to hacking. Through a few simple strategies, it is possible to make WordPress immune to hacking. Securing the web server through web application firewalls The efficiency of a web application firewall largely depends on how quickly the firewall is able to include zero day WordPress exploits into their signature database. While commercial signatures gave close to 100% detection rates, free rules from Comodo, AtomiCorp, etc for the mod_security Apache module is good enough to prevent more than 95% of exploit attempts. Additionally, we were able to extend the malware detection capability of mod_security module by integrating it with ClamAV anti-virus software. Enabling auto-upgrade for WordPress installations Since WordPress v3.7, automatic security updates are switched on by default, and wouldn’t break anyone’s site. We further extended this feature by plugins like Advanced Automatic Updates, which can upgrade plugins and themes as well. For customers who chose security over extensive customization, the full-auto-upgrade worked very well in preventing website exploits. File upload scanning through FTP Compromised FTP accounts are another major source of malware uploads. Desktops, laptops and mobile devices get infected with trojans all the time, and web masters losing their FTP login details are a common cause of malware uploads. We put a block on this channel by deploying file upload scanners. For those web hosts...
Bash Critical Security Hole – Explained

Bash Critical Security Hole – Explained

Yesterday we swiftly patched all of our customers web servers due to a critical vulnerability to Bash, aka the Bourne-Again Shell. but what damage could this vulnerability do? The flaw involves how Bash evaluates environment variables. With specifically crafted variables, a hacker could use this hole to execute shell commands. This, in turn, could render a server vulnerable to ever greater assaults. By itself, this is one of those security holes where an attacker would already need to have a high level of system access to cause damage. Unfortunately, as Red Hat’s security team put it, “Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.” The root of the problem is that Bash is frequently used as the system shell. Thus, if an application calls a Bash shell command via web HTTP or a Common-Gateway Interface (CGI) in a way that allows a user to insert data, the web server could be hacked. As Andy Ellis, the Chief Security Officer of Akamai Technologies, wrote: “This vulnerability may affect many applications that evaluate user input, and call other applications via a shell.” That could be a lot of web applications — including many of yours. The consequences of an attacker successfully exploiting this vulnerability on a Web server are serious in nature. For example attackers may have the ability to dump password files or download malware on to infected computers. Once inside the victim’s firewall, the attackers could then compromise and infect other computers on the network. Aside from Web servers, other vulnerable devices include Linux-based routers that have a Web interface...