Blog Header Banner

Archive for the ‘web hosting’ tag

Effective Security Measures For Your Server   no comments

Posted at Apr 4, 2017 @ 10:49am Web hosting

If you run a server, especially for your business or organization, security should be a top priority. Whether the server exists to host files for a website or is networking computers for an office, it needs to be protected from malicious software, exploits and hackers. Failing to secure a server can lead to lost or corrupted data, damage to devices connected to the network and unauthorized individuals getting access to sensitive data. Below are various security measures that you can employ on your server that are extremely effective.

 

Review & Modify Default Settings

Programs running on your server, such as control panels (cPanel, Plesk), CMS (WordPress, Joomla, etc.) and even the operating system, contain various default settings  that need to be reviewed and if necessary modified. They include everything from preset usernames and passwords for admin access to default connection ports. Anything that is left as set up by the software manufacturer may be used as a way to gain easier access to a system. Even leaving the URL for admin access to a server or programs on the server can make it easier for hackers to get in. There are hacking tools that specifically scan websites and servers for default URLs and folders, so changing default login locations is important. On this same basis, it’s a good idea to make sure that directories are protected so that people cannot see their contents.

 

Active Monitoring

A critical requirement to properly managing a server is knowing what is happening with it at all times. Even the best security software cannot prevent all intrusions, and hackers are constantly figuring out new ways to exploit and circumvent security systems. Therefore, it’s important that activity on a server is always being monitored. Things that normally indicate a problem include incredibly high data transfer or processing power use as well as multiple failed login attempts. Brute force hacking involves trying to login to a system over and over again with different login and password combinations. In addition to draining system resources, it can also eventually allow a hacker to find a combination that lets them into your system. Real-time monitoring can help detect these issues and alert the appropriate people, and it can also shut down brute force login attempts.

 

Passwords & Permissions

Another important server security measure is to ensure that all passwords, especially the root and/or Admin passwords, are complex and that people are only given access to areas that they need to do their job. Aside from malice, giving an intern administrative access to databases could lead to major problems through simple error. It’s also recommended to change your passwords on a regular basis, even if they are robust.

There are a number of ways to tackle the issue of making sure passwords are complex enough, including using computer generated passwords or using passphrases. Computer generated passwords normally require certain characters, length and require a combination of upper and lower case letters; passphrases are combinations of words, and they tend to be easier to remember and more secure than passwords. There should also be a set time that passwords expire, which will require users on the network to change them on a regular basis.

Along with ensuring that people are only given access to parts of a server that they need to have, it’s important that permissions are updated when people leave a job or move to a different part of the company. This can be done with proper database management and doing occasional audits to ensure that access levels are appropriate.

 

Updates

One way that hackers get into many servers is by going through weak points that developers did not notice when creating an application or an operating system. This is why both computers and mobile devices need regular updates. Along with offering new options, updates close off back doors and holes in the security of software. Therefore, it’s important that all software hosted on your server is kept up to date. For web hosting servers, that means content management systems (CMS) and the plug-ins the CMS uses must be kept current. Many operating systems and software applications can be set up to update automatically, but if you’re not comfortable with that, it’s important that you have some way of being notified when important changes are available.

 

For those of you who feel there’s just not enough time in your day to employ these server security measures, or if you just prefer someone else does it for you, at TurnKey Internet we got your back. We offer Fully Managed solutions that include Server Hardening. We’ll take care of securing and protecting your server so you can focus on running your business. For more information, visit https://turnkeyinternet.net/managed/

 

 

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on April 4th, 2017

Tagged with , , , , ,

Top 5 Benefits of a Dedicated Server   2 comments

Posted at Jan 31, 2017 @ 10:19am dedicated servers,Web hosting

Benefits of Dedicated Servers

Whether you’re an online business or an individual looking for more power, flexibility, and control over your web hosting solution, the answer for you may be a dedicated server. With a dedicated server, your business has exclusive use of that server’s resources. You also have the flexibility of customizing the server to meet your individual performance and security requirements. To fully understand why a dedicated server is the better solution for you or your business, let’s take a look at the top five benefits they provide.

 

1. Exclusive Resources

When using a dedicated server, every bit of power, storage, and bandwidth is exclusive to you and no one else. Not only will this give your business more room to work with and expand, it will also prevent issues with your site caused by other websites. For example, if you’re site is hosted on a shared server where there is another website that is being attacked or hogging up resources, this can affect the performance of your company’s site.

 

2. Dedicated IP Address

Each dedicated server comes with its own dedicated IP address. With shared hosting, your site may be sharing an IP address with multiple websites. If your website happens to share an IP with a site that spams or contains malware, this can cause multiple problems. Your website can end up getting blocked, your email rejected as spam, even your search results can be affected. Another thing to consider is whether or not you’ll be running an e-commerce or selling things on your site. If so, you will need to have an SSL for your site, which in turn requires a unique dedicated IP.

 

3. Customization

A dedicated server allows your business to customize the hardware and software based on your company’s unique needs. Things like CPU, Memory, Hard Drive, even the speed of the server’s network port, can all be customized and upgraded on dedicated servers. With shared hosting, you are limited to the software already installed on the server, and sometimes it may lack a requirement or feature your business needs. But with a dedicated server, you have full flexibility over which software the server runs, even down to the Operating System.

 

4. Better Access

Another downside of shared hosting is the lack of Administrative or root access to the server. This limitation affects what software you can install as well as the settings and options that you can configure on the server. This can greatly impact the potential of what you are able to do with your website. Another advantage of administrative/root access is the ability to better monitor and troubleshoot your website, with full access to the server’s logs.

 

5. Better Security

With a dedicated server, you have exclusive access and can dictate who shares that access. This allows you to better secure the contents on your server and alleviates the concerns of sharing a server with malicious or careless users. Also because you have full control over the server, you can better enhance and customize its security based on your unique needs.

 

Now if you’re worried that you’re not tech savvy enough to run your own dedicated server, consider the option of going with a Managed Dedicated Server solution, which will provide many additional benefits on top of what’s listed above. Also if cost is a concern, check out our latest Best Value Dedicated Servers. There are countless other advantages to using a dedicated server, however the 5 above are some of the most notable. So before you decide to host your website on a shared server, consider the added flexibility, reliability, and performance that only a dedicated server can provide.

 

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on January 31st, 2017

Tagged with , , ,

10 Essential WordPress Security Tips   no comments

Posted at Dec 6, 2016 @ 12:10pm Web hosting

wordpress security

Failing to protect your WordPress site from potential hackers could leave years of work vulnerable to attack. Malicious users know how to exploit vulnerabilities in unprotected sites, hijack files and plugins for their own use and sabotage functionality.

If you’re not doing all you can secure your site against attacks, it’s time to take action. Use these ten WordPress security tips as a starting point to lock out hackers and protect your web presence.

 

Obscure the Login Page

By default, WordPress users access their login pages via domain names followed by wp-login or wp-admin. Hackers know this and will immediately navigate to these pages when attempting to enter your site. Using a security plugin, you can change the URLs of login and user registration portals. Although this doesn’t prevent hackers from eventually finding these pages, it slows them down and may be frustrating enough to make them give up trying to access your site.

 

Choose Unique User Identification

Using “admin” as your administrator login name is like an open door for hackers. Your login should be distinct to your website and difficult to figure out. One way to ensure your login remains unique is to use the email associated with your WordPress installation instead of a username. Email addresses are harder to guess and offer better authentication for administrator logins.

 

Be a Password Juggler

There was a time when you could stick a few numbers on the end of your dog’s name and call it a reliable password, but in today’s volatile Internet landscape, you need much more than that. Use a password generator to create strong WordPress passwords, and change them on a regular basis. Good passwords include uppercase and lowercase letters, numbers and symbols in various combinations. The more complex your passwords, the more secure your site will be.

 

Enable Two-Factor Authentication

Many sites employ a two-step process to verify the identity of each user attempting to log in. Using the same method on your site means it will take a little longer for you to get to the dashboard, but it may prevent hackers from gaining access to your site. Two-factor authentication lets you choose a secret question or a special code to be after the initial password screen. Some methods use a one-time authentication message sent via text to ensure only authorized users can log in.

 

Install a Security “Watchdog”

Hackers need multiple attempts to get into your WordPress site, and plugins like WordFence alert you to this activity while locking down the site to prevent unauthorized access. Such security plugins act like gatekeepers, watching who tries to log in, sending alerts, checking for file changes and banning offending IP addresses. Reports of activity arrive in your inbox immediately and again in weekly summaries so that you can keep on top of any potential problems.

 

Control Other Accounts

Collaborative or corporate blogs require several user accounts, and this can pose a problem for security unless all users understand how to keep the site protected. Be selective when adding accounts, since every new login creates another potential point of vulnerability. Establish rules about password strength and how frequently passwords should be changed, and make sure each user has a distinct login name. Set individual user permissions at the lowest levels possible so that it’s difficult for hackers to do damage should additional accounts ever be compromised.

 

Use .htaccess to Hide Important Files

Editing the .htaccess file can change certain WordPress functions, including the level of security. With the right code, you can:

  • Disable directory listings to prevent unauthorized users from accessing file listings
  • Hide your wp-config file from malicious users
  • Set which IP addresses are granted administrative privleges
  • Block access to the PHP files for themes and plugins

Remember to back up the existing .htaccess file before making any changes.

 

Stay on Top of Updates

Themes, plugins and the WordPress core are updated regularly to fix known problems, including security issues. Before installing any plugin or theme, check the last time it was updated. Ensure the developers offer continued updates after installation, and stay away from pirated “free” versions of premium plugins.

Run updates as soon as you can to eliminate vulnerabilities. If you have trouble remembering to update or have a tendency to miss notifications, consider setting automatic updates to run on a routine basis.

 

Don’t Neglect “Spring Cleaning”

Make a habit of going through the plugins and themes stored on your WordPress site whenever you run updates. Delete anything you haven’t used in a while or have replaced with something more functional. You may be surprised how many plugins you’ve accumulated while building your site, and getting rid of unused ones eliminates vulnerabilities.

It’s also a good idea to clean up your database from time to time. Find a reliable database cleaning plugin and run it to remove old file versions and other outdated information. As a bonus, your site should load faster and run more smoothly without the extra files weighing it down.

 

Back Up as Often as Possible

No matter how careful you are, there’s always a chance an enterprising hacker could break through your site’s defenses. Creating site backups safeguards all the information on your site, giving you a way to restore everything should your security measures ever fail.

Some hosting companies provide scheduled backups as part of their services, but it’s a good idea to also have your own plan in place. Use a backup plugin or make manual backups on a regular basis, and store the files in a secure place so that you know they’ll always be there if you need them.

 

WordPress site security isn’t a “set it and forget it” measure. After putting initial protections in place, it’s essential to continue monitoring activity and running updates. Keep an eye out for new, stronger security tools, and implement the best combination of plugins and code changes to prevent the majority of attacks.

 

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on December 6th, 2016

Tagged with , , ,

4 Ways to Make Your Website Faster   no comments

Posted at Nov 10, 2016 @ 10:51am Web hosting

faster website

Many online business owners make the mistake of overlooking the importance of having a fast website. When you want to get the most from your online presence, the loading speed of your content is one of the most important factors to your success. Your prospects have a lot of distractions fighting for their attention, and you must compete with their friends, family and other advertisers if you want to make any progress.

Web users don’t have much tolerance for slow websites, and most will navigate away if your content takes longer than a few seconds to appear on the screen. So every step that you take to increase your website’s performance will help you attract and retain customers, and you are about to learn how to get moving down the right path.

 

Content Delivery Network

One of the benefits of working online is that you can reach a worldwide audience, and doing so is one of the best ways to enhance your profitability. But when someone downloads your content or accesses your website, the speed at which the content loads will depend on that person’s location. For example, if your hosting server is located in New York, someone who lives in China will encounter delays when trying to access your website.

If your prospects are forced to wait too long, they will often opt to find a local business that can offer them efficient download speeds. You can overcome that problem by using a content delivery network, or CDN. When you have a CDN, your content is stored on several servers around the world. When someone accesses your website or tries to download a file, the CDN will send the files to them from the server that is closest to that person’s location.

 

Reduce Image Size

When crafting great content, including valuable and engaging information is not always enough when you need to attract readers and to keep their attention. When you want to keep your audience’s focus, including images is a great way to reach your desired outcome.

But having too many images on your website can impact the loading speed in a negative way, causing you to lose prospects. Although many people try to remove most of the images from their website, doing so is not your only option. You can try converting your images to a web format to reduce their size without harming their quality.

 

Check Your Scripts

You can find many scripts that will help you captivate and engage your audience, but using too many of them can decrease the loading speed of your website. If you want to speed it up, take a look at each plug-in to determine if you need it and how much it is impacting your site. Disable one script at a time to determine if the changes make a difference in the amount of time that it takes for your content to load. If one of your scripts is causing a lot of harm, consider removing it, but you can also check to see if the developer has released any updates.

 

Upgrade Your Hosting

If you have tried everything of which you can think to improve your loading speed, then you might want to take a look at your hosting provider. If you have a basic plan, then you might not have access to the amount of bandwidth and resources that you need to improve the speed with which your audience can access your content.

If your hosting plan is the source of the problem, then you might want to upgrade to a better provider. Although you likely wish to avoid spending more money than needed, the enhanced speed of an effective hosting plan is an investment that will pay for itself over time.

 

Those who don’t take steps to optimize their website’s loading speed are likely losing more customers than they realize, and you don’t want to repeat the same mistake. Putting in a little effort can go a long way when it comes to keeping your prospects engaged and focused on what you have to say. Optimizing your website is a good place to start when you want to make your content load with enhanced efficiency. But if that step does not help, then upgrading your hosting plan is sure to get the job done.

When your website loads quickly, your customers’ experience will not be interrupted, and they will be that much more likely to make a purchase as a result. The speed with which your content loads is also a reflection of you and your products. When you prevent delays, you are also showing your customers that you care about your reputation, and you will start to earn their respect.

 

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on November 10th, 2016

Tagged with , , , ,

SSL: Protecting Your Website and Customers   1 comment

Posted at Sep 6, 2016 @ 8:47am Web hosting

SSLHero

SSL certificates are crucial for websites that offer anything for sale as they provide a level of privacy and security that is necessary to ensure that customers are comfortable shopping there. In fact, many people will simply leave their full shopping cart in your virtual aisle and refuse to purchase anything from your website if they realize that it does not have an SSL certificate.

Secure Sockets Layer (SSL) is used to transmit private information online in a manner that keeps it private. Customers will know that any information that they provide you is being kept safe from prying eyes if https:// precedes your website address, and a lock icon is located to the left of it. Banks and other major financial institutions have used SSL certificates, which were initially developed by Netscape in 1994, for some time.

 

How Does It Work?

The data that is being sent is immediately encrypted, causing somebody attempting to hack into it to not be able to read it as all they will see is an undecipherable list of letters and numbers. The information will then arrive on the recipient’s end after being unencrypted into its original form so that it can be read and utilized as was originally intended.

Data being sent without the use of SSL certificates could either be hijacked by a hacker and then used for their usually nefarious purposes or it could even be altered en route to its destination without the sender or the recipient realizing that any changes had been made to it.

These digital certificates also ensure that the personal and private data is being sent to the secure site it’s supposed to go to and not being diverted to one that could be malicious.

 

It Works Both Ways

Any information that those running a website send to interested parties is also encrypted when using SSL certificates. These can include newsletters, promotional codes and vouchers as well as any information that you send during the purchasing process that you want to ensure is not intercepted and stolen or altered en route.

 

Indirect Benefits

Using SSL certificates is a wonderful way to increase your website’s search engine optimization (SEO). In 2014, Google announced that it will be giving rankings boosts to websites using this layer of protection. Although having this level of trust in your website is not going to impact the search engine results as much as the quality of your content, it will give you a leg up as far as search engine results go when competing against otherwise similar websites. Google may also increase its importance down the line.

 

Differences

Single certificates cover one domain name. Wildcard certificates are valid for one domain name and any subdomains underneath it. Multi-domain certificates are good for multiple domain names.

Domain validation certificates offer the most basic level of protection; they cover basic encryption and verify that the person whose name or email address is associated with the website has control over it. However, they do not verify exactly who this individual or company is or how much control he or she has over the website’s content or where information sent through it actually goes.

Organization validation certificates provide a more thorough validation process by checking on the applicant’s credentials and doing things like making sure the individual or company’s physical address matches up with the application and that they have a legal right to own and run that website. Businesses should at the very least use this certificate as domain validation certificates just do not provide the safety and trust that is usually necessary.

Extended validation certificates are the ones that offer the most security as a thorough examination is conducted before it is provided, assuring visitors that the individual or company being represented is accurate and that the entity possesses the rights necessary to operate that website. These certificates should be used by any websites that ask customers to provide especially sensitive information such as credit card numbers.

 

Which Certificate to Get?

Websites that garner a low level of traffic and do not ask visitors for information more personal than usernames and passwords can use domain validation certificates. A couple of the main benefits of going this route is that these certificates are more affordable and issued much more quickly.

However, if you are or will be receiving a decent amount of traffic or asking your visitors for any financial information or other sensitive date such as addresses, telephone numbers or social security numbers, you should at least get an organization validation certificate.

The extended validation certificates do provide the most protection and trust, but they are also the most expensive and take the longest to receive. Medium to large organizations tend to be the ones most apt to purchase these, but you should definitely consider it if you are or plan to be in one of those categories.

At TurnKey Internet we offer SSL certificates on all of our hosting plans as well as include a free SSL with every Reseller and SEO package. If you have any questions regarding which SSL solution is right for you or how to get started, feel free to email our support team (helpdesk@turnkeyinternet.net)

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on September 6th, 2016

Tagged with , , ,

Dedicated Server: 4 Reasons Why Your Business Needs One   no comments

Posted at Aug 16, 2016 @ 11:47am dedicated servers

dedicatedserverblog

Both large and small businesses are faced with a wide variety of choices and options when it comes to finding a server and hosting solution for their website, company email and data. One option is shared hosting, in which a single server’s resources are shared by a number of different websites and users.

However, if you’re a business looking for more power, control, and flexibility, the solution for you may be a dedicated server. With a dedicated server, your business has exclusive use of that server’s resources. You also have the flexibility of customizing the server’s CPU, RAM, and disk space based on the needs of your business.

Let’s take a look at 4 specific advantages of choosing a dedicated server:

 

No Shared Resources

When using a dedicated server, every bit of power, storage, and bandwidth is exclusive to you and no one else. Not only will this give your business more room to work with and expand, it will also prevent issues with your site caused by other websites. For example, if you’re site is hosted on a shared server where there is another website that is being attacked or hogging up resources, this can affect the performance of your company’s site.

 

Flexibility & Customization

A dedicated server allows your business to customize the hardware and software based on your company’s unique needs. Things like CPU, Memory, Hard Drive, even the speed of the server’s network port, can all be customized and upgraded on dedicated servers. With shared hosting, you are limited to the software already installed on the server, and sometimes it may lack a requirement or feature your business needs. But with a dedicated server, you have full flexibility over which software the server runs, even down to the Operating System.

 

Administrative / Root Access

Another downside of shared hosting is the lack of Administrative or root access to the server. This limitation affects what software you can install as well as the settings and options that you can configure on the server. This can greatly impact the potential of what you are able to do with your website. Another advantage of administrative/root access is the ability to better monitor and troubleshoot your website, with full access to the server’s logs.

 

Dedicated IP Address

Each dedicated server comes with its own dedicated IP address. With shared hosting, your site may be sharing an IP address with multiple websites. If your website happens to share an IP with a site that spams or contains malware, this can cause multiple problems. Your website can end up getting blocked, your email rejected as spam, even your search results can be affected. Another thing to consider is whether or not you’ll be running an e-commerce or selling things on your site. If so, you will need to have an SSL for your site, which in turn requires a unique dedicated IP.

 

Now if you’re worried that you’re not tech savvy enough to run your own dedicated server, consider the option of going with a Managed Dedicated Server solution, which will provide many additional benefits on top of what’s listed above. Also if cost is a concern, check out our latest ‘Best Value’ Dedicated Servers. There are countless other advantages to using a dedicated server, however the 4 above are some of the most notable. So before you decide to host your website on a shared server, consider the added flexibility, reliability, and performance that only a dedicated server can provide.

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on August 16th, 2016

Tagged with , , ,

WordPress, Joomla, Drupal – Which CMS is best?   1 comment

Posted at Aug 11, 2016 @ 10:32am Web hosting

CMS

In the world of Content Management Systems (CMS) there are 3 major contenders: WordPress, Joomla, and Drupal. If you are creating a new website, you may be asking yourself which one is best. All three have their own pros and cons, and all three are free to use, open-source software. Let’s take a brief look at each one to see which CMS is right for you.

 

WordPress

Created back in 2003 and currently running on more than 70 million websites, WordPress is by far the most popular CMS out there. It started out as just a simple blogging tool, but has evolved into a full, feature-rich, content management system. With it’s extremely easy to use interface, you can create a website in only a matter of minutes. Plus, with the endless amount of free themes and plugins available for WordPress, it’s easy to make your website look great. However, popularity does have it’s drawbacks. For instance, WordPress is one of the biggest targets for hackers. It is critical you keep it up-to-date to prevent attacks on your website. Regardless, with it’s intuitive design and countless number of free customizations, this easy to manage CMS demonstrates why it’s a popular choice.

 

Joomla

Considered the second most popular CMS out there, Joomla is also easy to use, but is a bit more complex and requires a higher skill level than WordPress. It has less free customizations when compared to WordPress, however when it comes to E-Commerce sites, Joomla excels and tends to be a favorite choice. It is also considered to have one of the strongest developer communities. Joomla is based on PHP and MySQL, giving more advanced developers the ability to create a powerful web application. With a minor amount of effort into learning Joomla’s terminology and structure, you can go on to create a fairly complex website. If you are looking for something still fairly easy, but with more flexibility than WordPress, Joomla might be the one for you.

 

Drupal

Drupal is ranked as the third most popular CMS in the world. It is regarded as the most complex, with the highest learning curve of the three. Drupal has a greater amount of free customizations and themes available when compared to Joomla, but less than WordPress. It is considered to be one of the most versatile and robust content management systems available today. When it comes to websites that contain a large amount of complex data with heavy visitor traffic, Drupal is an excellent choice due to the speed and strength from its advanced structure. However, all of this comes at the cost of needing more experience and expertise to truly utilize this powerful, developer friendly CMS. If you are looking for an enterprise-ready CMS that will scale with your growing business, look no further than Drupal.

 

Whether you are a beginner looking to start a blog, an expert developer creating a complex, versatile site, or somewhere in between, one of these three CMS applications will definitely get the job done. Best of all, they are free to use and support simple one-click installations. So if you are currently hosted on TurnKey Internet’s cloud platform, getting started couldn’t be any easier! The question then becomes not which one is best, but instead, which one is best for you.

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on August 11th, 2016

Tagged with , , , ,

TurnKey Internet 2016 Expansion – Sneak Peak   no comments

Posted at Aug 3, 2016 @ 11:53am New York Datacenter

Ever wondered what goes inside those state of the art datacenters that run ‘the cloud’? Here is a sneak peak on day 1 as TurnKey Internet (https://turnkeyinternet.net) is expanding its New York Datacenter servicing the Capital Region with Colocation, Cloud Services and Disaster Recovery backup solutions.

More videos and pictures coming soon… Stay tuned!

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on August 3rd, 2016

Tagged with , , , ,

TurnKey Internet is EXPANDING!   no comments

Posted at Jul 29, 2016 @ 10:23am New York Datacenter

expansion2016

We are excited to share with you a sneak preview of the latest expansion to our New York Data Center.

Today we begin construction on our newest POD as we expand to meet the high demand for Cloud Hosting and colocation services.

We’d love to share more with you however there are still multiple tractor-trailers full of equipment, and unfortunately they won’t unload themselves.

However please stay tuned… there will be more information, photos, and even videos to come!

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on July 29th, 2016

Tagged with , , ,

No not Pokemon, teenage bugs are attacking your website server   no comments

Posted at Jul 26, 2016 @ 9:36am Web hosting

httpoxyblogimagepokemon

Unfortunately, despite the trend, the bugs I’m referring to are not Pokemon.

Instead, they’re easily exploitable security bugs, discovered 15 years ago, that have reemerged, leaving your website or server potentially open to hijackers.

It’s being called the “httpoxy flaw” and it exists in a variety of server software, including PHP, Go, Apache HTTP server, Apache TomCat, and Python. If exploited, it can potentially be used to seize control of your website and access sensitive data.

Httpoxy is a set of vulnerabilities that affect applications running in CGI, or CGI-like environments. Essentially it comes down to a simple namespace conflict. This, in turn, can be exploited to configure outgoing proxies, allowing attackers to remotely execute malicious code.

Red Hat, Microsoft, The Apache Software Foundation, Ngnix, CloudFlare and others have released security advisories in an attempt to warn users of the httpoxy flaw.

Based on the affected software, specific CVE (Common Vulnerabilities and Exposures) numbers have been assigned: CVE-2016-5385 in PHP; CVE-2016-5386 in Go; CVE-2016-5387 in Apache HTTP server; CVE-2016-5388 in Apache TomCat; CVE-2016-1000109 in PHP-engine HHVM; and CVE-2016-1000110 in Python. Researches expect more CVEs coming for httpoxy as less common software is inspected.

Luckily if your website is hosted on TurnKey Internet’s cloud hosting platform (https://turnkeyinternet.net/linux-cpanel-web-hosting/) you are already protected. If you have any questions or additional concerns, feel free to email our support team (helpdesk@turnkeyinternet.net) and we would be more than happy to assist you.

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on July 26th, 2016

Tagged with , , , , ,