Tag Archives: security

12.29.22
by

Hostbillo Hosting Solution


Ananova has always recommended WordPress.com and Shopify as the best web hosting providers. You can look at the Ananova selected top hosting providers at: https://ananova.com/best-hosting-providers

The key players listed in the list include Liquidweb, WordPress.com, A2Hosting, GreenGeeks, Namecheap, Inmotionhosting, Resellerspanel, Hostgator, Interserver, Sitevalley, Webhostingpad, Bluehost, Hostmonster, Fatcow, IPower, Weebly, Shopify, Accuwebhosting, WPEngine, Cloudways, Hostens and many more.

Ananova.com empowers individuals, web developers, and businesses to make educated buying decisions when researching web hosting solutions.

An Indian-based web hosting Solution and Domain Name registration service provider. Located at 412, Angel Square, Near Royal Square, Utran, Surat, Gujarat, 394105, phone no. +91-6378789956 owned by Akshay Saini.

Wiseolution, is renamed and relaunched in February 2022. The company aims to deliver cutting-edge seamless services all over the globe at admiringly competitive prices. Its hosting plans include Shared Hosting, Reseller Hosting, VPS Hosting with SSD storage, and Dedicated Hosting. The hosting provider is gaining popularity among the top-notch and most-influential web hosting companies due to its impressive high-grade, best-in-class and hyper-scale services with essential features and benefits at the most affordable prices. Like other hosting providers it also offers discounts on all big occasions like Black Friday Sale and Christmas Sales.

Recently the company announced its new VPS Server with SSD storage @153.26$ For 1 Year in France for budget-concerned businesses. The company provides the best price without compromising features and benefits like dedicated hosting. Thus, allowing businesses to host resource-intensive applications and websites. Another VPS plan offered by the company is Billo V4 Plan, which costs 613.06$ per year with higher impressive tech specifications.

A customer can upgrade or downgrade resources easily, with great stability SNE security. The company keep customers’ website safe from cyber-attacks and malware threats and DDoS attacks. The SLA is 99.9% and the company claims to offer the best support via a professional tech team.

05.03.22
by

Salacious, Messy Anonymous Hacking


It has become the old story now; cybercriminals steal users’ information, and customers or members are notified by hosting or social media websites. The customer’s situation is a complete mess; they shared the details with complete trust, and how such big websites get compromised. Wasn’t their security enough to stop hackers? The situation becomes salacious when they know that the hacker’s group is anonymous.

The companies claim the complete security of their user’s data and promise that they won’t be sharing or selling with 3-party companies without the user’s consent. But what if hackers breach the data? Why don’t companies take security as the topmost priority to stop such breaches? After the data gets compromised, news often comes out from such companies that the cyber security team has taken remedial action and then starts assuring customers with high priority security and privacy. The worst is when companies don’t know about such leaks for even months.

The mysterious online hacker community Anonymous always remains in news headlines. In February, a Twitter account with 7.9 million followers named “Anonymous” declared a “cyberwar” against Russia and its president, Vladimir Putin. The group claimed responsibility for cyberattacks that disabled websites and leaked Russian government agencies, state-run news outlets, and corporations’ data.

The Anonymous hacktivists employ coordinated cyberattacks against various world governments, corporations, or other groups, often in the name of social or political causes. On March 6, 2022, Anonymous claims to have hacked into the Russian streaming services Wink and Ivi (like Netflix) and live TV channels Russia 24, Channel One, and Moscow 24 to broadcast war footage from Ukraine. But that doesn’t make them heroes. Let’s have a look at their past deeds.

On November 17, 2021, Godaddy, an Internet domain and web hosting company based in New York, revealed a hack on September 6, 2021, which exposed its 1.2 million customers’ emails and numbers, putting them at risk of phishing attacks. An attacker sends a fraudulent message designed to trick the victim into giving them sensitive information. The company filed an incident report with the Securities and Exchange Commission (SEC) stating that it had identified ‘suspicious activity in its Managed WordPress hosting environment by an unauthorized third party. They immediately began an investigation with the help of an IT forensics firm and contacted law enforcement. SSH File Transfer Protocol, a network protocol that provides file access, transfer, and management over a data stream, and database usernames and passwords got exposed for active customers. The company immediately blocked the unauthorized third party and reset both passwords.

The company spokesperson said: ‘We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.’

Why are hackers so high? Can they impact thousands of websites and bring down businesses? Even with so many protections, firewalls, anti-malware, anti-viruses, and best security, how the hosting accounts get compromised still is beyond one’s thinking.

It’s not only Godaddy; almost every big company is the target of hackers. Amazon’s Twitch, a video streaming service, suffered a data leak after an anonymous hacker posted a computer file containing a vast amount of data for the public to access. Users Called ‘Disgusting Toxic Cesspool’ in a post on 4chan by a hacker. CNBC reported that the data leak included details on payments to content creators and an unreleased product from Amazon Game Studios.

Most companies use two-factor authentication (2FA), but not all their customers or members use the same. The companies always recommend changing passwords periodically. It’s time for users to know the difference between public and private information, ‘what to be shared and what not to be.’ Undoubtedly, the threats of cybercriminals will remain in the future also, but it’s the company’s and user alertness that can minimize hacking possibilities.

05.02.22
by

Importance of Website Security


Security researchers claim that hackers and cybercriminals attack big web hosting companies and domain registrars. There is an increase in backdoor payload attacks against the big hosting providers. Wordfence, a popular security service, analyzes that the WordPress hosting providers and resellers gets the most affected.

The hackers exploit the vulnerabilities, gain access to configuration wp-config.php, and modify parameters to have complete control. They get a template that refers users to pharmaceutical sector spam links and injects malicious pages into search engines results. The spam templates intend to incite victims to purchase fake products, exposing money and payment details to the threat actors. The hackers with complete control alter or modify website content like links, titles, menus, or images; thus, the site appears compromised instead of the original one.

Cybercriminals steal data, passwords, and users’ personal information. The hosting customers prioritize protection and want absolute and higher standards of security measures for their websites, emails, and other resources they host on servers. Thus, the website’s reputation is maintained. The user experiences get impacted, leading to a negative experience and losing trust with website downtime or affected vulnerabilities. The website security threat leads to potential financial losses; thus, hosting consumers want to strengthen digital presence security and take a longer-term view on protecting the investment.

Over 90% of GoDaddy APAC customers participating in its 2021 Global Website Security Survey consider cyber security important for small businesses. Nearly 80% of respondents agreed that small businesses are at risk of cyberattacks. At the same time, half said they had already experienced a security breach, and a third described themselves as unsure of how to deal with a cyberattack.

The hosting providers always advise their customers to keep everything updated and upgraded. Wordfence strongly recommends that users scan the wp-config.php file immediately to detect potential backdoor injections.

Last year in November 2021, up to 1.2 million users of Godaddy’s WordPress websites got affected by an unauthorized attack. GoDaddy In. empowers millions of entrepreneurs worldwide looking to expand their online presence. The hosting provider offers tools for domains, website creation, e-commerce, content creation, and online security capabilities like Firewall and malware protections, site cleanups, and secure backups to help safeguard your customers’ and business information.

08.04.15
by

Cloud Security – Guidelines for Enhanced Cloud Architecture


Data Center Knowledge

With bulk growth of cloud, it is clear that many organizations are giving some kind of cloud model to optimize their business. Big cloud service providers are doing great job around security, some areas are there for improvement within private data center. Smaller cloud providers ensure always integrity of client base. Three important points are there to consider:

  • Cost of data breaches increased : To break downward trend over past two years, both organizational cost of data failure or stolen record has increased. Cost of data breach for an organization represented in study increased from $5.4 million to $5.9 million.
  • Malicious attacks result in highest per capita data breach cost : Consistent with prior reports, ex filtration or data loss resulting from malicious attack produces highest cost at an average of $246 per compromised record. Both system glitches and employee mistakes results in much lower average per capita costs $171 and $160 respectively.
  • A probability of material data breach is shown by result over next two years involves minimum of 10,000 records is nearly 19 percent.

Areas need for improvement in cloud security aspects in terms of creating cloud platform:

Checking for port openings : If its a small organization, will be bit easier. But in case of large cloud organizations, if anyone has multiple data center points and different firewalls to manage. How well anyone keep his eye on port controls, policies and resources are distributed? Network, port and security policy mis-configurations are causes for failure. If anybody has heterogeneous security architecture, there are some tools help in monitoring security appliances from different manufacturers.

Improper position of Hypervisors and VMs outside-facing : In many cases, a VM should face externally facing or in DMZ a hypervisor needs to be positioned. It is difficult to take extra care by these kinds of infrastructure workloads. Other internal resources are interacted or not. Network policies are controlling access to Hypervisor and VMs. Hypervisor of user has access to lot of critical components within his data center. If it will not be locked down properly then host-level access can be dangerous.

Portals, databases and applications not locking down properly : User can have best implicit server, hypervisor and data center architecture but if some holes are there in application then they have other problems as well. Some big failures may happen because an application was not patterned and database was not locked down properly. These applications are proved via cloud so this can’t be overlooked especially.

What users are monitoring externally vs internally : Monitoring and visibility are important to keep secure cloud and data center architecture. Management and Log correlation allow user to catch subject quickly and isolate them to network segments, VMs or physical server. Users are allowed to control flow of information granularly by security tools within own ecosystem. So that user can specify one server communicates over a particular vLAN pointing to a specific port on a unique switch. Data can be encrypted internally and externally. This key is capable to monitor all process and automate responses. Not only better visibility is created but also security model will be more proactive.

Lot of moving parts is there in cloud. Like gears, complex workloads are allowed to be delivered by all these parts, work together for variety of users spanning the world. Cloud adoption will be growing continuously. By testing and monitoring own cloud and data center environment and applying best practices of security, users will be prepared for anything that comes in way.

08.26.13
by

Groklaw Shuts Down In Face of NSA


http://www.ananova.com/groklaw-shuts-down-in-face-of-nsa/

Technology legal news site, Groklaw, has officially closed its doors today. The site has shut down due to email security issues. This is the third website to go offline because of government surveillance within the United States. The closings began with Lavabit, followed by Silent Circle, and now Groklaw.

groklaw logo

08.18.13
by

SEA Hacks US Media Sites Via Third-Party Service


SEA Hacks US Media Sites Via Third-Party Service

Are you a regular reader of the Washington Post? Then you may have noticed things didn’t look quite right earlier in the week. Hackers were able to breach the dedicated hosting sites for The Washington Post, CNN, and Time by breaching the site for third-party service relied on by all three sites, Outbrain.

syrian electronic army logo

08.07.13
by

Hackers Sending Illegal Images to Harmless Sites


Hackers Sending Illegal Images to Harmless Sites.

ITsecurity
Filters or not, hackers will find a way. Nothing demonstrates that better than a recent story out of the UK, on the heels of the mandatory ISP filters for pornography their government is talking about imposing.

08.04.13
by

Do Your Terms of Use Hold Up In Court?


Do Your Terms of Use Hold Up In Court?

Terms of Use are something that every website must have. Even if you’re just running a cheap hosting company, chances are that you have a ‘Terms of Use’ blurb on your page. What you might not realize is that many sites boast Terms of Use jargon that is completely illegal.

internet law

07.29.13
by

Support Logic Helpdesk


The process of installing the Support Logic Helpdesk

Support Logic Helpdesk is an application that Fantastico provides. This application has many useful features and easy-to-use tools that permit you to do many activities. Fantastico is a company that has been providing very reliable services in the field of web hosting for many years now. The applications provided by Fantastico are straightforward to use as they have very user-friendly interfaces. These applications are also specific to install. The good news is that all the applications are compatible with cPanel.

Now, Fantastico gives its users specific scripts that allow them to install the applications quickly. Now, if you are looking for a tutorial on installing the Support Logic Helpdesk on your computer, you are looking in the right place. This tutorial will teach you how to install this fantastic application through easy-to-follow steps.

Let us now look at the steps to install the Support Logic Helpdesk.

1. First, you must look for a tab that says Support Logic Helpdesk and then click on it.

support logic helpdesk

2. Once you click on the above link, you will be directed to an installation screen; now, you will notice a connection there that says new installation, and you have to click on it.

Support logic helpdesk

3. The next screen will require you to submit more details, such as a directory name in which you want to install the application.

Support Logic Helpdesk

4. On the same screen, you must assign a name for the admin and submit a password.

Support logic helpdesk

5. Once you have submitted all the details, click Install Support Logic Helpdesk.

support logic helpdesk

6. To complete the installation process, click on finish.

Support Logic Helpdesk

With that, we have come to the very end of the tutorial on how you may install the Support Logic Helpdesk on your computer. After completing the installation, you can look around and explore the application. This application has sophisticated tools that will let you perform various activities quickly. There are a ton of things that you can learn. It is best when you do not rush the learning process. You can consult other tutorials on how to use the various tools in the application.

Initially, you may feel that the application is challenging, but if you take a little time and go through the interface, you will get used to it quickly. The best part about this application is that it has certain features that can be configured per the client’s client’s requirements. You can consult several tutorials on configuring these applications, too. Just try to be patient, and you can use this application quickly. As a user, you will soon understand that you have benefited from this application for some time. So start using the Support Logic Helpdesk today without any hesitation at all.

Go to the top of the page. Back to the tutorial

05.28.13
by

Password Protect a directory in cPanel


Password Protect a directory in cPanel.

Password-protecting a directory limits the right of entry to specific components of your website by compelling incoming visitors to enter a valid username and a password. This password process is also known as an “Authentication” procedure.

When using this feature, steer through the directories by clicking the folder icon adjacent to the directory name. By clicking the name guide, you will choose the guide for password protection. In the same way, any other subdirectories that are inside the selected directory will also be Password-protected by this process.

Steps to Password protect a directory in cPanel.

To log in to your cPanel account, just enter the website ‘URL’ and add “/cpanel” at the end of the ‘URL’. Now, you will be taken to the login screen. Here, enter your web hosting username & password to access your cPanel.

The demo here assumes that the user has already logged in to his cPanel. So, let’s move on to Password-protecting a directory, as visitors require passwords to view web pages inside.

1) Once inside the cPanel, scroll down the page to spot the “Password Protect Directories” icon under the Security section. Click on the “Password Protect Directories” icon. A dialogue box for “Directory Selection” appears.

Password Protect a directory in cPanel

2) Pick the directory with which you want to begin and click the ‘Go’ button. Now, you will be taken to the “Password Protect Directories”.

protect-02

3) Choose the directory you wish to password-protect by clicking the name of it. In our case, we are choosing the “newfolder” directory. You will be taken to the section that’s titled “Security Settings”.

protect-03

4) Now, check the 1st check box titled “Password protect this directory”. Now, go to the “Name the protected directory” entry box and enter a name for the directory. In our case, the name “newfolder” is entered. This is the name all visitors will notice. The term can appear as anything, regardless of the directory’s name.

protect-04

5) Click the ‘Save’ button. The directory is protected; a password is needed to enter it through a browser.

protect-05

6) Since a confirmation page follows this, Click the “Go Back” button whenever you are ready. We should generate one or more users and allocate passwords to access the directory. Obviously, all users can use the same username & password. However, you may add additional users, which you can do whenever possible.

protect-07

7) Now, scroll down to the section that’s named “Create User”. In the Create User section, enter your visitors’ username to access the directory contents. In our case, the username is given as “newuser”. This new user’s name will be added to the list box under the heading “Authorized Users”, where it can be taken away later on.

protect-08

8) After that, enter the new PPassword in the space given and confirm the new PPassword once more. Pay heed to the password strength meter and always attempt to achieve a Very Strong result.

protect-09

9) Click the ‘Add/modify authorized user’ button to add the username & password. Now, the protected directory has 1 user who has access to it. A confirmation page follows, finely pointing to the username & Password you just added. Repeat the same process for all the other users you wish to grant access to.

protect-11
protect-14

10) Click on the “Go back” button now to add more users (if needed). In the PpPassword-protect directories page, you can view the active users for this directory and add or delete users from this page whenever you wish.

protect-07

Okay!! We have reached the end of the tutorial. Now, you know how to password-protect directories and assign users to passwords from this video tutorial.