Jan 8, 2018

Meltdown, security issue resolved

If you are following news on the Internet, and especially if you have any interest in security matters, then probably you have heard about Meltdown. This is a security vulnerability in popular CPUs, that affects most devices on the Internet, including servers, personal computers, and smartphones. Although the technical details of the vulnerabiliy are rather long, in a summary - they allow unauthorized access to system resources and sensitive data between users, programs, and virtualization pl...

Read more

Oct 11, 2016

Let's Encrypt certificates

Today, our in-house developed hosting Control Panel got another feature - an installation utility for the SSL certificates of Let's Encrypt. Our customers can now install Let's Encrypt certificates for any of the domains they host with us.

Let's Encrypt is a certificate authority that provides free domain-validated SSL certificates. Its activity is aimed towards providing secure connection between users and servers, a...

Read more

May 4, 2016

Critical vulnerability in ImageMagick discovered and immediately resolved on our servers

Recently, sources on the Internet reported a critical security vulnerability in the ImageMagick library. ImageMagick is a popular image processing utility for web sites, and it is utilized by many image processing plugins and tools. The vulnerability allows execution of remote code and file manipulation on the server.

Server security is a concern of an utmost importance, and our system administrators are constantly monitoring servers software and security lists, to make sure that ou...

Read more

Oct 17, 2014

Highly-critical SQL injection vulnerability for Drupal - mass-fixed on our servers

On Oct 15, 2014, Drupal developers issued a notification of a critical SQL injection vulnerability, which affected all current Drupal 7.x versions. More information on the matter can be found at https://www.drupal.org/SA-CORE-2014-005.

The existing proof of concept allowed hackers to turn the SQL injection vulnerability into a remote code execution / file upload, and there are reports of many hack attempts against Drupal sites on...

Read more

Apr 12, 2013

WordPress sites with us are now protected against botnet brute-force attacks

During the last week, there is a massive botnet attack against random WordPress sites on the Internet, attempting to brute-force their administrative sections.

To protect the WordPress sites of our customers, we have set up an automatic brute-force protection for all of them. In case of too many unsuccessful login attempts against a WordPress site, its administrative section login screen will start to display a static page, thus not allowing the botnet to make further password-guess...

Read more