security

  1. Matt

    nginx 1.17.3

    https://community.centminmod.com/threads/nginx-1-17-3-security-update-for-http-2-vulnerabilities.18157/ I've kicked off the updates for all my managed customers who are using centminmod to upgrade nginx to 1.17.3
  2. Matt

    phpMyAdmin Security Release

    Thanks to easiii for the heads up phpMyAdmin Releases Critical Software Update — Patch Your Sites Now! If you are running phpmyadmin on your servers, please ensure you update you local install.
  3. Matt

    Security ATTENTION: LiteSpeed Servers Being Attacked

    For my managed customers running Litespeed, I've already upgraded your Litespeed to the new release.
  4. Matt

    Security Kernel Security Update: Local Privilege Escalation CVE-2016-5195

    I've applied the patched kernel to cp2.mattwservices.uk , and rebooted it just now. Dirty COW (CVE-2016-5195) Apologies for any downtime (less than 5 minutes),but this needed to be done. cpanel.mattwservices.uk will be done later today or tomorrow.
  5. Matt

    ImageMagick Remote Command Execution Vulnerability

    https://blog.sucuri.net/2016/05/imagemagick-remote-command-execution-vulnerability.html As per the thread, last night thanks to the heads up from eva2000 , I've already applied the patch to the policy.xml files for all servers that I manage for people where you have ImageMagick installed. eg...
  6. Matt

    Maintenance Completed CVE-2015-7547 Reboots Required

    Critical glibc Vulnerability Puts All Linux Machines at Risk Where automatic updated aren't applied, I'm manually running a yum update to get the latest patched versions. Once this is done, I need to reboot the servers / VPS to bring the new versions in, as this is used by a LOT of services.
  7. Matt

    Wordpress 4.4.2 Security Update

    If you are running Wordpress, it's highly recommended you upgrade ASAP as the new release addresses 2 security issues Full details can be found here WordPress 4.4.2 Security Release - Why you need to update immediately - Wordfence
  8. Matt

    Update cPanel Two-Factor Authentication

    With the update to cPanel 54, all servers now support Two-Factor Authentication. This feature has been enabled, and you can set it up inside cPanel, under the Security section of your account. I would highly recommend people enable this where possible, to add an additional layer of security...
  9. L

    Litespeed LSWS 4.2.24 and 5.0.2 Released to address OpenSSL secuirty vulnerability

    LiteSpeed Web Server 4.2.24 and 5.0.2 have just been released! Both versions have updated OpenSSL to address CVE-2015-1793. All LSWS users are recommended to upgrade ASAP. New release also improved mod_security engin to work better with OWASP core rule set and improved compatibility with Plesk...
  10. Matt

    Update Email Security

    I've had to enable a few extra option on the mail server this morning, after being on the receiving end of the brute force DDOS attack against a sites mail accounts You will need to ensure you are connecting to the server to receive your mails via the secure methods Secure SSL/TLS Settings...
Top