Category Archives: Security

Security related things, scripts, firewalls, updates and other goodness

Exploits on Webmin 1.8xx and earlier

Developers have just announced the release of Webmin 1.930. This includes some important security fixes. If you have an older Webmin version please update urgently to insure your server remains secure. In particular they described an exploit that is fairly … Continue reading

Posted in Security | Tagged , , , | Leave a comment

“Sad SACK” network protection

Netflix has identified several vulnerabilities in the TCP networking stack that affects all Linux users with un-patched kernels. The vulnerabilities have been assigned CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479. All three issues have already been mitigated for all our VPS customers. The … Continue reading

Posted in Security | Tagged , , , , , , , | Leave a comment

Letsencrypt with Zonomi and Rimuhosting name servers using hooks

SSL is good, you should use it everywhere! Letsencrypt it is a project that allows you to obtain signed certificates for free (you should consider donating though) to secure your website. Big efforts have been done to make this accessible to … Continue reading

Posted in HOWTO, Rimuhosting, Security | Tagged , , , | Comments Off on Letsencrypt with Zonomi and Rimuhosting name servers using hooks

Whitelist your own computer in fail2ban

Fail2ban is a great "dynamic" firewall for servers that is installed by default on many of our VPSs, and we can install it on your VPSs at your request. It protects against brute-force attacks, where an attacker is trying to … Continue reading

Posted in HOWTO, Rimuhosting, Security | Tagged , , | Comments Off on Whitelist your own computer in fail2ban

ClamAV: mpool_malloc and disk space

ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. The most common use we see is to check emails for bad content. Some of our users have recently been seeing errors from "freshclam" … Continue reading

Posted in Security | Tagged , , , , | Comments Off on ClamAV: mpool_malloc and disk space

Using Fail2ban on wordpress wp-login.php and xmlrpc.php

A fair few customer of ours use wordpress and occasionally notice that there are people hammering on a few URLs This can cause high load, slow websites and a number of issues, espoecuially when you have more than a single … Continue reading

Posted in Rimuhosting, Security | Tagged , , | Comments Off on Using Fail2ban on wordpress wp-login.php and xmlrpc.php

How to get an A pass SSL rating for your SSL website

Everyone wants security, and its ideal that your SSL certificates are also secure. With this in mind, websites like SSLLabs have a testing tool that is used to grade the SSL certificate installed on your server. Often people get a … Continue reading

Posted in Security | Tagged , , , | Comments Off on How to get an A pass SSL rating for your SSL website

Monitor sites for exploits

We dislike dealing with exploited websites. A common cause is "the long forgotten outdated install from a web developer who left years ago. hoping works forever". Public facing services need to be kept updated in order to remain secure, so … Continue reading

Posted in HOWTO, Security | Tagged , , , | Comments Off on Monitor sites for exploits

Keeping WordPress secure

According to Wikipedia, "WordPress is the most popular blogging system in use on the Web, at more than 60 million websites."  It's also the most commonly installed blogging system on our customers' servers, and we use it to run the … Continue reading

Posted in HOWTO, Rimuhosting, Security | Tagged , , , , | Comments Off on Keeping WordPress secure

Debian Squeeze (6) ends support – time to upgrade

February 29th, 2016 marks the end of LTS Support for Debian Squeeze, which is still used by many of our customers.  This means that updates for known security issues will no longer be produced and over time, a server running … Continue reading

Posted in HOWTO, Rimuhosting, Security | Tagged , , | Comments Off on Debian Squeeze (6) ends support – time to upgrade