2mhost blog

23 June 2009

Important security update!

Posted by admin under: Guides .

As many of you know there has been a large surge of hacking activity targeted websites that use open source software (Specially Joomla, PHPBB and more), The attackers are using various exploits in older versions of this open source software to gain access to whole hosting account and use the hosting account to send spam or distribute malware, we even have seen attacks that

install full software like Wikis and Forums to spam search engines and this “planned” attacks is impossible to recover and we have to terminate the infected hosting accounts.

Fortunately, %99 of this attacks can be avoided by following very easy steps:

1. If you installed (or installing) PHP or CGI software to try it out (Like PHPBB forum, Joomla CMS,..etc) and you no longer use this software then simply delete it and delete its DB, if you used Fantastico installer to install the software, then use Fantastico to delete the installation.

 

2.  Same thing apply to Software plug-ins and themes, if you no longer use a theme/template then remove it, if you no longer use a plug-in then delete it

 

3. When Installing software, always choose user name and password for software administration different than your main hosting account user name and password, if your software compromised, the attacker will not able to gain access to whole hosting account or email.

 

4. When Installing software, Avoid using easy to guess logins like username: test and password: test

 

5.  6, 7, 8, 9, 10: If you installed software and want to continue using it, then keep it up to date (including any themes, plug-ins, widgets), subscribe in the software mailing lists or RSS feeds to get any security updates and batch/upgrade your copy of this software as soon as possible.

As usual, feel free to contact us using the helpdesk if you have any questions.

One Comment so far...

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website