Over the last few weeks we have been receiving a number of support tickets of websites that have been ‘hacked’ or ‘compromised’. In all cases theses sites have been attacked due to software not being kept up to date / security patches not being applied or incorrect CHMOD permissions set on files.
All customers are responsible for ensuring that all scripts installed on their domains are kept up to date/patched; including scripts installed via the auto-installers we previously made available inside the hosting control panels (Helm/Plesk).
It would be appreciated if all customers could check scripts installed on their websites to avoid any chance of the website being compromised and data loss occurring. These scripts may include:
- Joomla / Mambo
- phpBB
- vBulletin
- Invision Power Boards
- PostNuke
- PHPNuke
- osCommerce
- Zencart
- Cubecar
- Wordpress
If you are not sure if your scripts are up to date or require assistance upgrading to the latest versions of your scripts please contact us via our web based helpdesk for assistance.
CHMOD Security
If you have any files or folders that you have CHMOD to mode 777 (which allows any user to read/write not just the owner (you), we suggest you change these to the following should your script or website allow it;
- 644 for files
- 755 for folders
This may not always be possible as some scripts to require the use of ‘777′ permissions.
Keeping scripts up to date & setting these permissions will further improve the security of our hosting environment.
Recent Comments