Category: Hosting Security

Hosting Security and related news

Protecting Apache Server From Denial-of-Service Attacks

Protecting Apache Server From Denial-of-Service Attacks Denial-of-Service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. A distributed denial-of-service (DDoS) is where the attack source

Install and Configure CSF ConfigServer Firewall

Install and Configure CSF ConfigServer Firewall About CSF Firewall ConfigServer Security and Firewall, also known as CSF, is an opensource software firewall application. It is working based on iptables. Firewall configuration script created to provide better security for your server while giving you an easy to use, advanced interface for managing

Configure FirewallD in RHEL/CentOS 7 and Fedora 21/22

In a previous post I’ve showed how to disable firewalld and roll back to our favorite post-systemd iptables firewall. In this post we gonna see how to Configure FirewallD in RHEL/CentOS 7 and Fedora 21/22. Firewalld is a dynamic daemon to configure and manage firewalls (iptables rules typically) with support

Google Apps Bug Exposes Personal Data Belonging to More Than 200K Domain Owners

A Google Apps bug has publicly revealed 282,867 hidden WHOIS records. Domains registered with eNom with WHOIS record protection renewed through Google Apps in 2013 were affected, Cisco announced in a recent blog post. Of the over 300,000 domains registered with eNom through Google, 94 percent were affected, with full

CloudFlare Virtual DNS Shields DNS Infrastructure from Advanced DDoS Attacks

CloudFlare’s new Virtual DNS service lets web hosts, registrars and enterprises protect themselves from an emerging type of Distributed Denial of Service attack that targets the application layer without having to change their nameservers. Launched last week, the new service lets an organization point their nameservers to a CloudFlare IP

Dutch Court Throws Out Data Retention Law After Pressure from ISPs, Privacy Rights Groups

Internet service providers in the Netherlands will no longer have to retain customer metadata. The District Court of the Hague axed the law earlier this week that required telecommunications providers and ISPs to store customer metadata for a year to aid in law enforcement investigations. According to a report by

Millions of WordPress Installations at Risk of Blind SQL Injection Through Popular SEO Plugin Yoast

All versions of the popular WordPress SEO plugin Yoast prior to 1.7.3.3 are vulnerable to a blind SQL injection attack. In an advisory published Wednesday, Ryan Dewhurst, developer of the WordPress vulnerability scanner WPScan announced the flaw which he first noticed on Tuesday. This type of attack can lead to

One-Quarter of WordPress Users Would Pay “Almost Anything” to Restore Website: CodeGuard Report

More than three-quarters of WordPress users are currently not using backup plugins, according to a report by website backup service CodeGuard on Tuesday. CodeGuard surveyed 503 WordPress users last month to understand how often they backed up their websites and the tools they used to do so. CodeGuard found that 24