Security News

SSL 3.0 Protocol Vulnerability and POODLE Attack (CVE-2014-3566)

Posted on October 27, 2014 by Jamie

All Ecological Hosting web hosting servers have been updated to disallow SSLv3 to help mitigate the SSLv3/POODLE vulnerability. US-CERT Report: https://www.us-cert.gov/ncas/alerts/TA14-290A “The POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which … Continue reading

Posted in News, Security News | Tagged , , , , , | Leave a comment

Bash ‘Shellshock’ Vulnerability (CVE-2014-6271 & CVE-2014-7169)

Posted on September 25, 2014 by Jamie

A very serious flaw in a critical piece of software that runs on almost all Linux operating systems has been found. BBC news story: http://www.bbc.co.uk/news/technology-29361794 Dubbed ‘Shellshock’ the flaw allows attackers to potentially take control of a vulnerable system and … Continue reading

Posted in News, Security News | Tagged , , , , | Leave a comment

Modern Anti-Spam and E2E Crypto Article

Posted on September 6, 2014 by Jamie

Nice write up of the long drawn out war against spammers and protecting email services from abuse: https://moderncrypto.org/mail-archive/messaging/2014/000780.html Written by Mike Hearn, a very smart/savvy ex-Googler Found via tweet by Matt Cutts: http://twitter.com/mattcutts/status/508108603253743616 As mentioned in the above article, a … Continue reading

Posted in External News, News, Security News | Tagged , , , , , | Leave a comment

WordPress Attack on UK Systems 24th August 2014

Posted on August 25, 2014 by Jamie

We are sorry to have to report that on the 24th August there was a significant security event on our UK based shared hosting systems. As at the time of writing I have already personally spent over 20 hours straight … Continue reading

Posted in News, Security News | Leave a comment

OpenSSL ‘Heartbleed’ Vulnerability (CVE-2014-0160)

Posted on April 10, 2014 by Jamie

There has been a lot of coverage concerning the following vulnerability: https://www.us-cert.gov/ncas/alerts/TA14-098A We are pleased to be able to report that none of our systems are affected because we are currently running OpenSSL version 0.9.8 across the board. During the … Continue reading

Posted in News, Security News | Tagged , , , , , | Leave a comment

Sucuri Blog – Unmasking “Free” Premium WordPress Plugins

Posted on March 31, 2014 by Jamie

Sucuri (a web monitoring and malware clean up service) have posted an excellent article about WordPress plugins and their security implications: http://blog.sucuri.net/2014/03/unmasking-free-premium-wordpress-plugins.html If you don’t realise the security threat to your website, other sites in your FTP area and potentially … Continue reading

Posted in External News, News, Security News | Leave a comment

Nominet’s Knowthenet launches The Social Age campaign

Posted on February 6, 2014 by Jamie

Nominet’s Internet advice site, knowthenet.org.uk has launched a campaign aimed at supporting parents so they can keep up with their kids and help them stay safe online. Knowthenet’s ‘The Social Age’ survey of parents and 8-16 year olds found that … Continue reading

Posted in External News, News, Security News | Tagged , , , , , , , , , , , | Leave a comment

WordPress wp-login Attacks

Posted on October 18, 2013 by Jamie

Please click here if you wish to skip the document updates section and jump to the start of the article. Updates: News article first published: 23 May 2013 19:02 26 June 2013: Server automated defences improved with a system that … Continue reading

Posted in News, Security News | Tagged , , , | Leave a comment

WordPress 3.6.1 Security Update

Posted on September 12, 2013 by Jamie

WordPress 3.6.1 has been released. This is a critical security update that resolves several security vulnerabilities, including one that could result in remote code execution on your site. If your website is running WordPress, in order to help keep your … Continue reading

Posted in News, Security News | Tagged , , , | Leave a comment

24 hours in the life of an email server

Posted on August 2, 2013 by Jamie

I was looking at our main email server statistics for the last 24 hours and thought I’d share a few: The server blocked 55% of all connection attempts immediately before they even got to trying to send, all thanks to … Continue reading

Posted in News, Security News | Tagged , , , , , | Leave a comment

Planned Maintenance for US Shared Web Server Spot

Posted on July 26, 2013 by Jamie

Update: 8th August 2013 12:15 The planned upgrade described below has now been completed. Server side everything went smoothly with absolutely no issues at all. The current PHP version is now 5.4.17. A random selection of web sites have been … Continue reading

Posted in News, Security News | Tagged , , , , , | Leave a comment

Password Security

Posted on May 17, 2013 by Jamie

The ability to generate strong unique passwords for each and every website you have an account with has never been more important. It’s not just basic personal information that is at risk, routine use of online banking and shopping sites … Continue reading

Posted in Articles, News, Security News | Tagged , , | Leave a comment

phpMyAdmin 3.5.8 released

Posted on April 8, 2013 by Jamie

phpMyAdmin 3.5.2 was released on the 8th April 2013. This is a bugfix release. If you have a Dedicated Server or Linux vserver with us that has phpMyAdmin installed, we strongly recommend that you upgrade to the latest version available … Continue reading

Posted in Security News | Tagged , | Leave a comment

phpMyAdmin 3.5.2 released

Posted on July 12, 2012 by Jamie

phpMyAdmin 3.5.2 was released on the 7th July 2012. This is a bugfix release. If you have a Dedicated Server or Linux vserver with us that has phpMyAdmin installed, we strongly recommend that you upgrade to the latest version available … Continue reading

Posted in Security News | Tagged , | Leave a comment

phpMyAdmin 3.4.10.1 released

Posted on February 20, 2012 by Jamie

phpMyAdmin 3.4.10.1 was released on the 18th February 2012. This is a minor security release. If you have a Dedicated Server or Linux vserver with us that has phpMyAdmin installed, we strongly recommend that you upgrade to the latest version … Continue reading

Posted in Security News | Tagged , , | Leave a comment

phpMyAdmin 3.4.10 released

Posted on February 15, 2012 by Jamie

phpMyAdmin 3.4.10 was released on the 15th February 2012. This is a bugfix release. If you have a Dedicated Server or Linux vserver with us that has phpMyAdmin installed, we strongly recommend that you upgrade to the latest version available … Continue reading

Posted in Security News | Tagged , , | Leave a comment

phpMyAdmin 3.4.9 released

Posted on December 23, 2011 by Jamie

phpMyAdmin 3.4.9 was released on the 21st December. This is a bugfix release with minor security fixes. If you have a Dedicated Server or Linux vserver with us that has phpMyAdmin installed, we strongly recommend that you upgrade to the … Continue reading

Posted in Security News | Tagged , , | Leave a comment

TimThumb.php Malware attacks affecting WordPress sites

Posted on September 13, 2011 by Jamie

During the last two weeks of August we started seeing an alarming increase in the number of WordPress based websites that had been broken into. Within days we had handled more of these than we had seen in 12 years … Continue reading

Posted in News, Security News | Tagged , , , , | Leave a comment