Select Page

Server reputation Blogs


Eitest infection – Why your servers maybe at risk!

One of the world’s longest lived malware networks, Eitest network is offline now. But the infection is still active and can affect servers running malicious and vulnerable code.

When the EITest infrastructure was discovered in 2011, it was not foreseen that cyber criminals would start using it as a TDS botnet. Today, we’ll see what is Eitest infection, and how your server can get affected by it. (more…)

Email blacklist removal – How to stay off blacklists for uninterrupted mail service

Email blacklist removal – How to stay off blacklists for uninterrupted mail service

Getting listed in a spam blacklist is a dreadful experience for server owners. Users end up facing email delivery failures and bounces, which can take your business reputation for a toss.

As a security measure, mail from blacklisted IPs are rejected by most mail servers. So, if you want uninterrupted mail services, you’ll need to stay clear of blacklists.

(more…)

Is your cPanel firewall causing frequent connection timeout issues for your customers?

Web hosts lose thousands of dollars to server attacks. Data loss and downtime badly affects hosting credibility. Securing web servers from attacks is crucial for business success.

In our role as Outsourced hosting support specialists for web hosts, ensuring fool-proof server security is a major task we do to protect servers from hacks.   (more…)

Secure your Windows 2003 and 2008 servers from WannaCry ransomware

Secure your Windows 2003 and 2008 servers from WannaCry ransomware

WannaCry ransomware is all over the news now, causing the internet world to shake in doubt and fear. With over 200,000 computers in 150 countries being affected, the damage is really wide-spread.

For businesses and servers that are affected by this malware, the impact of this attack is huge and can lead to loss of business. As a result, it is important to secure your servers for ensuring their normal functioning. (more…)

A complete 14 point guide to secure cPanel servers

Security is one of the major concerns we tackle in our Outsourced hosting Support for web hosting companies. Server compromises can lead to financial loss and affect the business credibility.

With our expertise managing hundreds of cPanel servers for web hosts, we have been able to identify and address all the security loop holes that can happen in a cPanel server. (more…)

SWEET32 Birthday attack : How to fix TLS vulnerability (CVE-2016-2183) in OpenSSL, Apache, Nginx and IIS in RedHat, CentOS, Ubuntu, Debian, OpenSUSE  and Windows

SWEET32 Birthday attack : How to fix TLS vulnerability (CVE-2016-2183) in OpenSSL, Apache, Nginx and IIS in RedHat, CentOS, Ubuntu, Debian, OpenSUSE and Windows

Over 80% websites in the internet are vulnerable to hacks and attacks. In our role as hosting support engineers for web hosts, we perform periodic security scans and updates in servers to protect them from hacks.

A recent bug that affects the servers is the SWEET32 vulnerability. By exploiting a weak cipher ‘3DES-CBC’ in TLS encryption, this bug has caused many server owners to panic about their data security.

If you see that your website is failing security scans with this message, that means your server is vulnerable to SWEET32 attacks.

“SSL/TLS server supports short block sizes (SWEET32 attack)”

(more…)

How to fix Amazon EC2 IP blacklisting in Spamhaus PBL and other email RBLs

How to fix Amazon EC2 IP blacklisting in Spamhaus PBL and other email RBLs

Amazon claims to have a system to white-list all their IP addresses at Spamhaus regularly. But we still see Amazon EC2 users reporting mail issues due to IP blacklists by Spamhaus.

IP blacklisting occur when your mail server gets compromised due to any malware or open vulnerabilities. Attackers can hijack your mail server and send spam mails from it. (more…)

How to block DROWN attack – Fix SSL vulnerability in Linux, Apache, Nginx, Exim and other servers

How to block DROWN attack – Fix SSL vulnerability in Linux, Apache, Nginx, Exim and other servers

On March 1, 2016, a new SSL vulnerability called DROWN (Decrypting RSA with Obsolete and Weakened Encryption) was disclosed by security researchers.

This vulnerability (aka CVE-2016-0800) allows attackers to decrypt even strong TLSv1.2 connections, if the server supports the obsolete SSLv2 protocol.
(more…)

Are your cPanel/WHM or Plesk servers infected with CryptoPHP?

CryptoPHP is a well developed backdoor malware that is spread through themes for popular CMS like WordPress, Joomla and Drupal, etc. It runs a bot in your server, and allows remote control for the attacker controlling the botnet. The attacker can then use your server for a slew of malicious activity like spammnig, DDoS, blackhat SEO, etc. This could lead to your web servers to be blacklisted by DNSBLs / RBLs, and thereby loss of service reputation.

The threat was first published over 10 days back, but we see web servers still getting affected by this malware. Engineers at our Proactive Server Management Service mitigated this threat early on using multiple layers of protection. Here we go over the basics of detecting and mitigating this threat. (more…)

Fix Bash vulnerability in CentOS, RedHat, CloudLinux, Ubuntu Servers

[UPDATE 1st Oct] – More vulnerabilities were reported since this post was originally written on Sep 26th. See the notes at the bottom.

Highly critical Bash code injection vulnerability CVE-2014-6217 was declared on 24th Sep, and a patch is now available for all popular Linux web hosting servers such as CentOS, RedHat, Fedora, CloudLinux, Ubuntu, Debian and OpenSuse.

 

Hire Bobcares Linux Server Administrators
Get super reliable servers and delighted customers

See how we do it!

 

If you have a Linux web hosting server, it has Bash, and if you haven’t expressly patched it, assume that your server is vulnerable to hack. Linux web hosting servers are typically enabled with CGI modules, and they could allow commands to be passed on to Bash, thus opening the gates to hackers. (more…)