Posts Tagged ‘Security’

Blog Posts

Switching to PHP7 for Default PHP on Shared Servers

We have supported PHP7 from the start (even compiling it ourselves before it was supported in cPanel);  but for compatibility reasons, we have left PHP 5.6 as the default for our customers on shared servers. But, as PHP5.6 ages, we want to encourage our customers to update their code to run on more up-to-date versions…

Read More

WordPress Vulnerability in the Wild

Security Company Sucuri recently announced that they had found a Content Injection Vulnerability in WordPress Core, stemming from the recently included (in version 4.7) and enabled by default WordPress API feature. The vulnerability would allow a malicious user to use the Rest API to edit pages and posts, inject shortcodes or even run PHP directly if certain…

Read More

Latest Security Alert – Dirty CoW

CVE-2016-5195, Also known as “Dirty CoW” is a Local Privilege Escalation vulnerability in Linux Kernel 2.6.22 and higher.  This impacts some of the most popular OSs like: Red Hat Enterprise Linux 7.x Red Hat Enterprise Linux 6.x Red Hat Enterprise Linux 5.x CentOS Linux 7.x CentOS Linux 6.x CentOS Linux 5.x Debian Linux wheezy Debian Linux jessie…

Read More

Logging in over HTTP is bad – And Google wants you to know it

Google Chrome Security has announced that in a future release of Chrome (version 56), websites that are not secured for login pages will be flagged. This means that in future releases of Chrome you will see a change in the address bar like this: https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html   And eventually,  Chrome will show: https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html This is not…

Read More