Recent Web Hosting Vulnerabilities

If you have a spare moment to go through your control panels and check your up-to-date status, here are some recent warnings you might want to check against:

Serious Vulnerability Warning For Parallels Plesk Issued – traxarmstrong.com


Serious Vulnerability Warning For Parallels Plesk Issued - traxarmstrong.com | How to Grow Your Business Online | Scoop.it
From traxarmstrong.com – End of April 2013

There is a serious bug in Plesk Panel one of the most widely used hosting control panel solution that contains multiple privilege escalation vulnerabilities…

This blog goes to list the specific operating version that puts you at risk of this security vulnerability. You are NOT at risk if you have Apache web server running Fast CGI (PHP, perl, python, etc.) or CGI (PHP, perl, python, etc.).

Lesson Re-learned: Backups !


Lesson Re-learned: Backups ! | How to Grow Your Business Online | Scoop.it

From accuweaver.com – 1 week ago

I just shot my blog in the foot, or more accurately, I didn’t follow IT 101 and back things up before making a change. I had moved my site to be completely WordPress based a while ago…

Rob Weaver goes on to explain his own experience of how he came about relying on a faultless Plesk Auto-installation. And while I couldn’t help but chuckle, I’ve also been there. He’s currently rebuilding his site from a lucky idea of downloading the html files generated from his WP Cache Plugin.

Not too long ago I made a similar mistake of failing to save website backups… I rebuilt pages from the Google Cache HTML files, and recent pages that were not indexed were (and I’m not sure how lucky this is) rebuilt from scraper site copies. Yes! Those SEO fraudsters and mimics had decided my writing had enough value to be indiscriminately copied!

 

Hackers Increasingly Target Shared Web Hosting Servers


Hackers Increasingly Target Shared Web Hosting Servers for Use in Mass Phishing Attacks | How to Grow Your Business Online | Scoop.it

From www.cio.com – End of April 2013

Nearly half of phishing attacks seen during the second half of 2012 involved the use of hacked shared hosting servers, APWG report says.

Mass phishing attacks are also dubbed “whaling”. They tend to rely on auto-installations of PHP databases, where the username or database label is numerically generated – and therefore more predictable for patient hacker attacks.

If you’re on a shared web hosting plan. It might be a good idea every now and again to go into PHPmyAdmin and change password access, or even the database name to make predictability of these combinations less likely.

 

byJuliana

Leave a Reply