PCI Compliant Web Hosting and Managed Service Provider
Hosting Solutions since 1995

Hacker Attack Vectors

Author: ; Published: Oct 29, 2012; Category: Managed Hosting, Managed Services, PCI Compliance, Security, Small Business; Tags: , ; No Comments

Repeat after me, “hackers most often target vulnerabilities, not specific people or companies.” Now, say that over and over again.. and shortly you should come to the conclusion that every single device and application typically has vulnerabilities which makes everyone a target. That’s right, everyone is a potential target — not just the big names,…

WordPress Brute Force Attacks

Author: ; Published: Oct 15, 2012; Category: Managed Hosting, Security, WordPress; Tags: , , ; 7 Comments

If you asked me from September 2012 forward, the answer would change dramatically with WordPress Brute Force Attacks now exceeding 50% of all attacks being reported.

If you review your or your hosting provider reviews your web site’s access logs on a regular basis, you can tell if there are Brute Force attacks being attempted on your WordPress site by seeing multiple requests to access the file wp-login.php from the same IP address over and over again. Sometimes it might be a single request every x period of time; other times it might be scores of requests from the same IP address. By the way, are you or your provider regularly checking your web site access logs for abuse?

How can you protect yourself against WordPress Brute Force attacks?

Extending Linux Socket Monitor

Author: ; Published: Sep 28, 2012; Category: Managed Hosting, Managed Services, Security; Tags: , ; No Comments

Linux Socket Monitor by R-fx Networks is a good, automated, tool to let you know if an application is creating TCP and UDP sockets.

The caveat we’ve experienced over the years is that when you receive an LSM alert that might involve malicious malware or hacker activity on the server running LSM, you sometimes have milliseconds to log onto the server to hopefully catch the application opening sockets red handed. If you are delayed or the application just runs that fast, by the time you are on the server, the port closed and the application is now in hiding.

I often agree necessity is the mother of invention, and I would like to share what we’ve done to extend the Linux Socket Monitor (LSM) to provide running process information, not just the netstat lines.

SSL Beast and RC4-SHA

Author: ; Published: Sep 19, 2012; Category: Managed Hosting, Managed Services, PCI Compliance; Tags: , , , ; 3 Comments

What if your PCI Compliance authorized scanning vendor wants you to only allow RC4-SHA as a SSL CipherSuite in order to pass PCI Compliance against the SSL BEAST Attack? Here are the tested settings.

Trust and Security

Author: ; Published: Aug 27, 2012; Category: Managed Hosting, PCI Compliance, Security, Small Business; Tags: ; 3 Comments

Fiduciary is not a word you hear or read often as a small to medium business (SMB) owner.

Yet if you are the steward of any size business, fiduciary should be an active word in how you manage your business.

How does this relate to trust, security, and your business on the Internet? Let’s see.

The Security Dance – Part 2

Author: ; Published: Jul 30, 2012; Category: Managed Hosting, Managed Services, PCI Compliance, Reseller Hosting, Security, Small Business; Tags: ; 2 Comments

Welcome back!  Last week’s article, There are no wallflowers at the security dance! Get to know your dance partners covered getting to know your security dance partners: If you are the business steward or a part of the management team, you already know the burden of responsibility for having a secure web site where your…

The Security Dance – Part 1

Author: ; Published: Jul 23, 2012; Category: Managed Hosting, Managed Services, PCI Compliance, Reseller Hosting, Security, Small Business; Tags: ; No Comments

f you have your business on the Internet, you are a part of a line dance.

You can chose to be a wallflower, and face the consequences of doing nothing.

Or you can get to know your fellow dance partners (maybe picking replacements for ones that no longer fit), and be an active member of the security dance.

PCI Compliance Scans and Small Business Gripes

Author: ; Published: Jul 20, 2012; Category: Managed Hosting, PCI Compliance, Security, Small Business; Tags: , , ; 5 Comments

Just as more government regulations tend to strangle a small business to death (worse case) or slow its growth (best case), so goes for PCI Compliance standards which add little to no practical value to security.

Making WordPress more secure

Author: ; Published: Jul 2, 2012; Category: Security, WordPress; Tags: , ; 2 Comments

An ounce of prevention is worth a pound of cure.

Let me share steps you can take to make your WordPress site more secure against hackers.

Find the hacker

Author: ; Published: Jun 29, 2012; Category: Managed Services, Security, Small Business; Tags: ; 2 Comments

Sharing some tips on tracking down vulnerable web sites whose 1st impression looks safe.

DDoS and the SMB Hosting Provider

Author: ; Published: Jun 15, 2012; Category: Managed Services, Security; Tags: ; 4 Comments

Sharing an experience and tips of tracking down a site under DDoS on a server in Europe for a customer in Spain.

Can you find high value web hosting?

Author: ; Published: Jun 14, 2012; Category: Customer Support, Managed Hosting, PCI Compliance, Security, Small Business, WordPress; Tags: , , , ; No Comments

Quality hosting is probably harder to sell than the design services, which are more up front and obvious.

Web site design is very visual. Designers can white board, story board, and show you successful sites they have created in the past.

What can a web hosting company show you, visually, that they are unique as well as the being the company for you?