Everyday, around 30,000 websites are getting hacked (source Sophos Lab). You wouldn’t want your business to be one among them. With new malware and threats emerging on a daily basis, one should always be on a constant alert.
By hiring an expert server security services, you can prevent a security attack before it strikes your servers. Bobcares helps server owners protect their servers from all sorts of exploits.
Outgoing spam is a major head ache for many web hosts. Spammers use compromised websites or mail accounts to send thousands of spam mail within a few mins.
By the time the web host comes to know about it, the server IP would be blacklisted (eg. SpamHaus SBL), and legitimate mails would be bouncing left and right. (more…)
Secure transmission of data requires encrypting the data in many ways. Ciphers are the tools used for data encryption. RC4 is one such cipher.
RC4 generates a stream of pseudo-random bits. These bits are combined with plain text using ‘bit-wise exclusive-or’ pattern to produce the encrypted message, which is transmitted in TLS connections. (more…)
A log file can grow without bounds if it is not managed well. Larger log files are relatively harder to manipulate and also increase in the size of log file can result in file systems to run out of space. Opening, closing and manipulating data for very large file size consumes system resources and will therefore slow down the server.
An efficient solution to this problem is log rotation. It allows automatic rotation, compression, removal and mailing of log files. Log files can be rotated daily, weekly, monthly or when it grows too large. (more…)
On 28th July Internet Systems Consortium announced a critical vulnerability (CVE-2015-5477) in all BIND DNS server versions from 9.1.0 to 9.9.7-P1 and 9.10.2-P2. It allows a remote attacker to exploit an error in handling TKEY queries to launch a Denial of Service (DoS) attack which will cause the BIND DNS server to crash. If your cPanel/WHM, Odin Plesk or DirectAdmin servers are not patched, you should consider them vulnerable. (more…)
In cPanel, Plesk and DirectAdmin servers that have WordPress websites, high server load is sometimes reported with “xmlrpc.php” showing up as the top CPU hog. xmlrpc.php is a file in WordPress websites used for remote publishing and ping-back tracking. Botnets target this file to initiate brute force attacks to gain control of the targeted website. This causes high load in the server. (more…)
Qualys reported on 23rd July an important root privilege escalation vulnerability (CVE-2015-3246), and DoS attack vulnerability (CVE-2015-3245) for Linux servers using RedHat’s libuser package. Here’s how you can protect your cPanel, Plesk and DirectAdmin servers running CentOS or RedHat operating systems. (more…)
Are your cPanel, Plesk or DirectAdmin servers email blacklisted? Here’s how you can prevent spam block listing of web hosting servers
Spam block listing or IP address blacklisting happens when spam traps detect outbound spam mails from a web hosting server. Spam mails are primarily sent using:
1. Spam scripts uploaded to a hacked web site which has outdated and vulnerable web applications(WordPress, Joomla, Drupal, etc).
2. Stolen/leaked passwords to email accounts that allow spam mails through email authentication.
3. Un-secured email server that acts as an open email relay. (more…)
At one time or another, every shared web hosting company has had to deal with email blacklisting issues. Hacked web sites, stolen/leaked account login details, or improperly configured mail servers allow hackers to send out thousands of spam, raising red flags in IP reputation monitors across the internet.
Bobcares help desk support services has helped web hosts prevent getting listed in spam blacklists through adopting industry best practices. In this post, a brief rundown is given on the top effective solutions to prevent IP blacklisting. (more…)
Of the various support requests I have received recently, a few have been from customers wanting to upgrade OpenSSL on a cPanel server. The reason being the latest PCI compliance tests are reporting a vulnerability in the version of OpenSSL installed on their server. Well, depending on your setup, this may be a false positive.