Profile cover photo
Profile photo
photonhosting
2 followers -
Web Hosting | Reseller Hosting | VPS | Dedicated Servers
Web Hosting | Reseller Hosting | VPS | Dedicated Servers

2 followers
About
Posts

Post has attachment
cPanel and Comodo announced the launch of an automated SSL encryption integration on Thursday to address the 90 percent of all websites which do not have it. The companies quietly began the rollout of AutoSSL in November, and secured 240,000 websites a day, to reach 5.8 million certificates issued.

AutoSSL is an automation feature of cPanel and WHM version 60 and later, which discovers and deploys Domain Validated (DV) cPanel SSL certificates to all websites, logins, and endpoints on the server, according to the announcement. It also automatically renews expired certificates. The service is now generally available to 72 million active cPanel domains.

“We’re providing encryption through Domain Validated cPanel certificates at no additional charge to the cost of our software because we think it’s that important to secure the internet,” cPanel CEO J. Nick Koston said in a statement. “Our goal is to help build a more secure internet, and to get there, we’d like all of our existing customers to enable AutoSSL. We encourage anyone, not currently using cPanel & WHM version 60 or later, to switch or upgrade in order to take advantage of AutoSSL.”
Photo
Add a comment...

Post has attachment
Animated Photo
Add a comment...

Post has attachment

SSL V 3.0 POODLE Vulnerability Discovered
**************************************
First of all, this vulnerability does not affect SSL certificates themselves. It impacts SSL protocol functionality. There is no need to reissue and revoke your current certificates.

The Poodle vulnerability affects servers running SSL 3.0. It centers on cipher block chaining (CBC) encryption implementations that can allow attackers with a Man-in-the-Middle (MITM) position to view the content of an encrypted transmission.

You should be Glad as all users on PhotonHosting server are safe. We have taken all necessory steps to protect your server from this Vulnerability.

However if you are using dediacted server / VPS please take immediate action with regard to SSL 3.0.

1) Disable SSL 3.0 support or disable SSL 3.0 CBC-mode ciphers. Use this SSL Toolbox to determine if SSL 3.0 is enabled on a web server.
2) Implement the proper use of TLS_FALLBACK_SCSV, to remediate the forced downgrade issue that is part of the vulnerability.
Here are some additional resources for assistance with remediation:

    Microsoft - https://technet.microsoft.com/library/security/3009008.aspx
    Apache - http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#msie
    Tomcat - http://tomcat.apache.org/tomcat-6.0-doc/apr.html#HTTPS
    Nginx - http://nginx.com/blog/nginx-poodle-ssl/
    F5 Big IP - https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip
    Red Hat - https://access.redhat.com/articles/1232123
Photo
Add a comment...

Post has attachment
Special Offer ! 50% discount for the first month of subscription . Coupon Code : F50
Photo
Add a comment...

Post has attachment
A new vulnerability, known as “Shellshock”, was recently discovered within Bash.  This security hole needs to be patched immediately to avoid potential exploits of Linux servers.

If you want more information on the vulnerability itself here are a few articles with more information.

http://www.cnet.com/news/bigger-than-heartbleed-bash-bug-could-leave-it-systems-shellshocked/
http://www.troyhunt.com/2014/09/everything-you-need-to-know-about.html?m=1
http://money.cnn.com/2014/09/24/technology/security/bash-bug/index.html

You should be glad that our all servers are safe from this vulnerability .

However if you are using dedicated server or VPS please follow as below

Test:

    Test for the vulnerability by running the following command at shell:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

    If the output of the above command looks as follows:

vulnerable
this is a test
then your system is vulnerable.

Update Bash (If cent 5/6/7 run):

yum clean all
yum update bash
Photo
Add a comment...

Post has attachment
This is an alert for you to a serious vulnerability in the WordPress Slider Revolution premium plugin. The developer behind the popular plugin patched the vulnerability silently, meaning that, if you are running WordPress Slider Revolution, you have probably not yet heard that you must update as soon as possible.
Photo
Add a comment...

Post has attachment

We are now more close to you at Google+ !
Commenting is disabled for this post.
Wait while more posts are being loaded