Web Hosting Resource

“It looks like sites which have not upgraded to 2.6.3 are being exploited in an interesting way whereby a hacker, probably using an automated script, is hacking into sites with the vulnerability and changing the settings of one of the dashboard modules to point to a different feed thereby encouraging people to go to a different site which is offering a dodgy upgrade.”

That was the response of Peter Westwood (one of the lead developers of popular blogging software provider Wordpress) upon news that some of its users with an outdated Wordpress installation may be prompted to download a more compromised version from a spoof website (wordpresZ.org).

It’s important that all customers verify the source, security and legitimacy of any software that they install to their Pipe Ten hosting accounts and pay special attention when upgrading.

Read more at The Register - Fake site punts Trojanised WordPress and additional analysis at the sources blog.

Quite a few of you have been asking what our new EV SGC SSL certificates do, and why they are “so expensive”. Hopefully we’ll explain in relatively simple terms below why these certificates are worth every penny…

(more…)

What is Mod Security?

ModSecurity is a web application firewall.

(more…)

We operate both inbound and outbound firewalls across all of our shared hosting offerings. We also have IDS (intrusion detection systems) on both the servers and routers to capture/track/prevent malicious requests where possible. This is all coupled with high frequency software patching and restricted user level functionality.

As you can imagine ensuring the security of our servers reduces the possible likelyhood of things going wrong which inturn lowers our long-term overheads.