SSLv3 and securing against Poodle

If you are using SSL in your web server, you probably want to read this. Google recently published details about an attack that targets SSLv3. The exploit first allows attackers to initiate a “downgrade dance” that tells the client that the server doesn’t support the more secure TLS (Transport Layer Security) protocol and forces it… Continue reading SSLv3 and securing against Poodle

Two Factor Authentication

We have just added optional two factor authentication to the RimuHosting control panel. You can enable it at http://rimuhosting.com/cp/twofactor.jsp It uses Time-based One Time Password (TOTP) so you will need an application like Google Authenticator or Authy. To enable 2FA scan the QR code to your TOTP application then enter the 6 digit token your… Continue reading Two Factor Authentication

Preventing brute force WordPress login attacks

Over the last month or two we have seen an increase in WordPress brute force login attacks. The symptom is typically higher CPU usage on your server (often resulting in slower page load times). It can be particularly painful on servers running php through fast CGI (like Plesk server setups). For a good summary of… Continue reading Preventing brute force WordPress login attacks

WordPress mass update script 3.4

This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites… Continue reading WordPress mass update script 3.4

Keeping your hosting panel updated

From time to time hosting control panels (Such as Plesk) get updated by their creators. Those updates may often include patches to critical vulnerabilities, so its a good idea to keep track of those. We try to keep our customers informed. One example is a recent notification from Parallels affecting some older versions of Plesk.… Continue reading Keeping your hosting panel updated

Distrubution release support (CentOS4/Debian 5)

Linux distributions keep moving forwards, and as they progress older releases stop receiving security patches or updates. As part of our commitment to maintaining reliable and safe services, we would like to highlight the following announcements... CentOS-4 End Of Life The CentOS-4 distribution (current version 4.9) will be at End of Life on February 29,… Continue reading Distrubution release support (CentOS4/Debian 5)