Tag Archives: Security

SSLv3 and securing against Poodle

If you are using SSL in your web server, you probably want to read this. Google recently published details about an attack that targets SSLv3. The exploit first allows attackers to initiate a “downgrade dance” that tells the client that … Continue reading

Posted in Rimuhosting, Security | Tagged , , , , , , , , | 2 Comments

Two Factor Authentication

We have just added optional two factor authentication to the RimuHosting control panel. You can enable it at http://rimuhosting.com/cp/twofactor.jsp It uses Time-based One Time Password (TOTP) so you will need an application like Google Authenticator or Authy. To enable 2FA … Continue reading

Posted in Rimuhosting | Tagged , , | Comments Off on Two Factor Authentication

Preventing brute force WordPress login attacks

Over the last month or two we have seen an increase in WordPress brute force login attacks. The symptom is typically higher CPU usage on your server (often resulting in slower page load times). It can be particularly painful on … Continue reading

Posted in Rimuhosting | Tagged , | Comments Off on Preventing brute force WordPress login attacks

Identifying exploits and exploited websites

I have made posts before regarding how to find exploits, and what to do about those previously, however it has come to my attention that some people are not even realizing what the basics are to look for. In this … Continue reading

Posted in Rimuhosting, Security | Tagged , , , , | Comments Off on Identifying exploits and exploited websites

DNS amplification DoS attacks

If you are running a DNS server, then you need to check it is not being co-opted into 'DNS amplification attacks'. Random nasty servers (typically part of virus created bot-nets) send your DNS server a short request but use a … Continue reading

Posted in Rimuhosting | Tagged , , , | Comments Off on DNS amplification DoS attacks

WordPress mass update script 3.4

This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site … Continue reading

Posted in Rimuhosting | Tagged , , , , , , , | 5 Comments

Keeping your hosting panel updated

From time to time hosting control panels (Such as Plesk) get updated by their creators. Those updates may often include patches to critical vulnerabilities, so its a good idea to keep track of those. We try to keep our customers … Continue reading

Posted in Security | Tagged , , , , , , | Comments Off on Keeping your hosting panel updated

WordPress mass update script 3.3.2

This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site … Continue reading

Posted in Rimuhosting | Tagged , , | 3 Comments

Distrubution release support (CentOS4/Debian 5)

Linux distributions keep moving forwards, and as they progress older releases stop receiving security patches or updates. As part of our commitment to maintaining reliable and safe services, we would like to highlight the following announcements... CentOS-4 End Of Life … Continue reading

Posted in Rimuhosting, Security | Tagged , , , , , , , | Comments Off on Distrubution release support (CentOS4/Debian 5)