-
PolicyKit security hole
A security problem was recently announced that affects the linux distributions that we support. This is being called “PwnKit” (a.k.a. CVE-2021-4034). Most distributions have provided updates, so now is a good time to check and load outstanding OS security updates for your VPS, using apt for Debian and Ubuntu and yum for CentOS 7 and…
-
Exploits on Webmin 1.8xx and earlier
Developers have just announced the release of Webmin 1.930. This includes some important security fixes. If you have an older Webmin version please update urgently to insure your server remains secure. In particular they described an exploit that is fairly major. Should your install be too old to update, you can fix the bug by…
-
“Sad SACK” network protection
Netflix has identified several vulnerabilities in the TCP networking stack that affects all Linux users with un-patched kernels. The vulnerabilities have been assigned CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479. All three issues have already been mitigated for all our VPS customers. The original advisory says… The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP…
-
Letsencrypt with Zonomi and Rimuhosting name servers using hooks
SSL is good, you should use it everywhere! Letsencrypt it is a project that allows you to obtain signed certificates for free (you should consider donating though) to secure your website. Big efforts have been done to make this accessible to anyone. In order to issue SSL certificates Certificate Authorities will check that you can control…
-
Whitelist your own computer in fail2ban
Fail2ban is a great “dynamic” firewall for servers that is installed by default on many of our VPSs, and we can install it on your VPSs at your request. It protects against brute-force attacks, where an attacker is trying to guess a password or exploit certain classes of vulnerabilities on servers. One potential problem with…
-
ClamAV: mpool_malloc and disk space
ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. The most common use we see is to check emails for bad content. Some of our users have recently been seeing errors from “freshclam” processes that look like the below entry. These will occur quickly and will often cause…
-
Using Fail2ban on wordpress wp-login.php and xmlrpc.php
A fair few customer of ours use wordpress and occasionally notice that there are people hammering on a few URLs This can cause high load, slow websites and a number of issues, espoecuially when you have more than a single IP hammering away at that. The solution is simple, and it involves using fail2ban. Here…
-
How to get an A pass SSL rating for your SSL website
Everyone wants security, and its ideal that your SSL certificates are also secure. With this in mind, websites like SSLLabs have a testing tool that is used to grade the SSL certificate installed on your server. Often people get a low ranking when its fairly easy to get an A. I could make this post…
-
Monitor sites for exploits
We dislike dealing with exploited websites. A common cause is “the long forgotten outdated install from a web developer who left years ago. hoping works forever”. Public facing services need to be kept updated in order to remain secure, so script-kiddies can’t use your server for abuse, like selling dodgy medicinal products. One would always…
-
Keeping WordPress secure
According to Wikipedia, “WordPress is the most popular blogging system in use on the Web, at more than 60 million websites.” It’s also the most commonly installed blogging system on our customers’ servers, and we use it to run the blog you’re reading right now. One factor that has contributed to WordPress ‘s popularity is…