.

Blog

dropbox-hacked
Security Issue : Leaks of 68 Millions Dropbox Accounts

There is a current rumor of a leak of over 60 millions accounts details of dropbox users.

It is recommended to change the dropbox password as soon as possible to be on the cautious side.

We know how online marketers are loving the dropbox feature hence this post post to inform about a critical situation. It remains a solid way to transfer files from your computer to your Windows VPS for instance.

Dropbox is currently asking users to reset their passwords following a leak in 2012 as per a public statement this week.

However, some websites have analyzed a few data out of the breach and it sounds as the new encryption system they deployed in 2012 (bcrypt) has been breached.

Source : https://www.troyhunt.com/the-dropbox-hack-is-real/

Vulnerability panel wordpress
Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit
posted by: in Security

All in One SEO pack is a widely spread plugins used to set the meta description, keywords and titles for the WordPress posts.

A XSS exploit has been discovered on the plugin All in One SEO pack plugin for the version 2.3.6.1 and before.

You can immediately check the version from the plugin page and the current version should be v2.3.8.

The XSS has been discovered in the bad bot blocker feature and involve an exploit allowing to steal the administrator tokens through an altered user agent.

The vulnerability has been patched and a plugin update is strongly advised.

 

 

Changelogs March

This month came with its load of new features for which you can find the changelog below :

Shared Web Hosting

  • Curative and in Real Time Malware Detection to avoid acccount suspension upon mail spam + Automatic .htaccess Shield set up
  •  On the fly scans of malwares through HTTP upload (BETA)
  •  Upgrade Modsecurity to 2.9
  •  Automatic Kernel security patches upgrade without reboot
  •  Upgrade Apache to 2.4.18 (slight perf boost)
  •  XMLRPC Attacks Protection without blocking the WordPress Jetpack Module
  •  Default Apache Configuration Enhancement on PHP 5.5 – More modules prebuilt
  •  RAID 1 SSD Shared Server Standard
  •  Network Upgrade to 1 GBPS on all shared servers

To Come :

  • Personalized DDoS Mitigation Alert Email for Dedicated IP users
  •  Email Alert to users for Curative Malware Detection
  •  Email Alert to users upon XMLRPC Attack Detection
  •  Wordpress Labs Tests results to be set in production for massive performances enhancements

Reseller Web Hosting :

  •  Most of the Shared Web Hosting Enhancements
  •  Beta Test Of IP manager feature from WHM (Extra IP management paanel)

To Come :

  • -IP Manager to be set in production

SEO Web Hosting :

  • -Network Expansion to 40

To Come:

  • Network Expansion to 60 by the end of April
  • End of Beta for the 1st of May

Linux VPS :

  • RAID 10 SD VPS Node Standard
  • RAM DDR4 Standard
  • Mailing Offer Beta
  •  OS Templates Updated (Ubuntu all versions, CentOS all versions, Fedora all versions)
  •  CentOS 5.7 + cPanel set as End of life. Available in OS choice but not supported. Manual cPanel Configuration by our support instead on CentOS 6
  •  Beta Test CentOS 7 + cPanel
  •  Custom set up fees waived for cPanel configuration

To Come :

  • CentOS 7 + cPanel default cPanel template
  • New Mailing Offers

Windows VPS :

  • RAID 10 SSD Standard to replace SAS 15k drives
  •  Wide Network Enhancements
  •  Removal of a virtual network ACL which caused a downtime
  •  VPS Template upgrade
  •  Windows Server 2012 Available upon request

To come :

  • Upgrade network to 3 GBPS
  •  Windows server 2012 available from the order form

Dedicated Server :

  •  New dedicated servers available (limited stocks)

To come :

  •  Full Range of servers publicly available (unlimited stocks)
Shared Web Hosting : Ressources General Increase

Hello,

We have just increased the values for each packages of our web hosting offers. 
We have studied the usage of each packages and weight it against the server’s ressources usage and we concluded that all our users shall benefit from a ressources increase. 

For our starter users we have increased the number of processes from 20 to 50, while we intendede to lower the RAM at 512 Mb, we have kept it at 1024 Mb. 
For our premium users, we have increased the number of processes from 40 to 100 and the RAM rfom 1024 Mb to 2048 Mb. 
For our business users, we have increased the number of processes from 100 to 150 and the RAM from 2048 Mb to 4096 Mb. 

The IOPS limit is also align with the RAM for all packages. 

The upgrades are already effective.

We believe that according to our analysis it would match way more the usage of each packages and they purpose we have in mind, starter for fresh websites, premium for several established websites, and business for professionals. 

We sincerely hope that you’ll appreciate these free upgrades and enjoy the user experience of your reloaded accounts. 

Best Regards
Vincent Royant
HostStage CEO

Security Issue Exim : CVE-2016-1531 -> PATCHED!
posted by: in Security

On the 2nd of March an Exim vulnerability has been discovered and announced allowing any user to gain root privileges. 
This issue is affecting all its versions. 

Exim is the default mail transporter for all cPanel based servers. 

cPanel has included an emergency update which was patched overnight. We did a manual update on all our critical infrastructures using cPanel (mainly our shared and reseller servers) a few hours after the security issue. 

You can check whether your server has been updated by running the following command : 

rpm -q –changelog exim | grep CVE-2016-1531

Which should give the following output : 

– Fixes CVE-2016-1531

It doesn’t return anything and if you are running cPanel you would only need to type the following SSH commands : 

/scripts/upcp
/scripts/check_cpanel_rpms –fix –long-list
**UPDATE : 4th March 2016

The update has broken a feature to detect mailing script which now returns cwd=/ instead of cwd=/path/to/script

We have notified cPanel which has notified Exim and a patch is on its way since our custom malware script detection relies on returning the full path of a script sending emails.

**UPDATE : 5th March 2016

A work around is being worked on, we are waiting for its official release. 

https://bugs.exim.org/show_bug.cgi?id=1805

What is a top level domain
What is a domain name ?
posted by: in Domain Names

A domain name is a way to qualify a network , an authority or an infrastructure which translates an IP address to a name. A domain name is used to access the internet in browsers to facilitate the user experience since we can memorize words easier than numbers.

A domain name is the unique way to identify a website. It allows to translate one or several IP addresses to a name through the rules of the Domain Name System (DNS).

Dealing with web hosting services a domain name is assigned to a web server.

We call Bulk Register the possibility to register and check the availability of several domains at the same time.

We call TLD (Top Level Domain) or also an extension the last part of the domain following the last dot which is a specific descriptor for a kind of website, a localization, or a sign of authority. Recently, you are now able to purchase register your own TLD which costs $185 000

Nowadays, there is a wide range of TLD available which could describe your websites activities such as (.mobile, .media, .career and so on)

How to choose a domain and a TLD ?

How to Choose a Domain Name ?

Choosing a domain name is one of the most important factor which has a straight impact to the success and popularity of your website.

At least, you have two strategies dealing with your choice either you will “brand-communicate” or you will “content-communicate”

“Brand-Communication” is easy as you just have to pick the name of your company, brand, business or the name of your website

“Content-communication” is little harder because the domain name has to be relevant enough to let visitors or customers know about your content without hidding a different part of your content.

It is important to quote that, the “Content-Communication” is the easiest way to rank a website in a short term timeline, as your keywords are already in your domain name. But finding a relevant domain name with some popular keywords becomes more and more difficult.

Dealing with long term, people would rather remembering a catchy brand name than a long tail query, so the long term popularity of your website would be the Brand-Communication

How to Choose a TLD ?

Choosing a relevant TLD is also very important because it has a direct impact the image of a website.

Here is the list of different TLD and what they are meaning :

  • .us, .be, .de, .fr, .au, .eu …. : provides a country indication of your website. It would be easier to rank a website in the country targeted.
  • .com : is the easiest to remind for a customer and the most spreaded TLD in the world and fits well for any kind of website.
  • .net is mostly used for a website dealing with an internet theme.
  • .org is mostly used for non-commercial companies or businesses.
  • .info is mostly used for websites dealing with news
  • .biz is mostly used for e-commerce websites
  • .name is mostly used for personal website
  • .cc was dedicated to Cocos Island’s website but nowadays it is used for any kind of websites.
  • .tv is mostly used for any website dealing with television.
  • .ws was dedicated to Somoa but nowadays it is used for any kind of websites
  • .mobi is mostly used for a website designed for a mobile device.
  • .co was dedicated to Columbia but nowadays it is a subsitute to “.com”

You can check the best prices for each TLD and pick your domain name to start your own website here

Windows VPS : REVOLUTION

Today, we are proud to announce our next and wonderful lines of Windows VPS. 
These Windows VPS will become standard for all our users and we are starting to migrate the current VPS owners.

The gain of the new hardware is insanely significant as detailled below : 

SSDs, and SSDs and SSDs again ! That’s right, we have decided to swap over full SSD Intel DC3500 800 Go as standard. 
The SSDs are of course set in RAID 10 with a brand new hardware RAID Card MegaRAID 9271. This RAID card is configured with another PCI Express based SSD as Caching system which brings an amazing performance gain in reading / writing operations for your VPS. 

If you have ordered a VPS over the last 6 months, be assured that actually SSD became the standard already and your VPS is already SSD based. 

DDR4 ECC stepped up in the game as well making us one of the first world wide to provide DDR4 based VPS. The frequency has drastically improved making your VPS far more responsive. (From 1333Mhz to 2133 MHz!!) 

We haven’t neglected the CPU of course, which from our older version introduce a 25% gain with an extra 100 Mhz gain as clock based frequency and a far better architecture. (Dual E5-2687w v3)

We have also upgraded our network infrastructure massively by increasing the available bandwidth on a per node basis from 1 GBPS to 3 GBPS making us the world wide leader of the VPS network speed. 
But, we have also improved the POPs by introducing some new to decrease the latency throughout the world. 

Of course, the Windows VPS are still based on a Tiers 4 Certified infrastructure which means that all redundant components (network, electrical, cooling system) are still redundant. 

Last and not least, Windows 2012 R2 is now available fully licenced for your VPS. You can request to benefit from it at any time you please. 

We would also like to thank you for all suggestions that made everything possible! We went further for you to bring such a revolution in the Windows VPS market for intensive usages. 

Sincerely Yours and Merry Christmas to you all!
Vincent Royant
HostStage CEO

Windows VPS: Control Panel Available for ALL our users

We are thrilled and finally pleased to announce that after weeks of development we have finally released the Windows VPS control panel for all our users. 

Since, we have upgraded our new nodes to Windows Server 2012, we faced issues with the control panel which wasn’t available. 
We have made it work and even upgraded the design of the control panel. 
You can now request an access simply by opening a support ticket. 

We sincerely hope that you are as pleased as we are about this release! 

As usual, we are more than pleased to hear about your feedback, suggestion, and features requests.
Sincerely Yours, 
Vincent Royant
HostStage CEO

Security Issue Adobe Type Manager : CVE-2015-2426 -> PATCHED!
posted by: in Security

A few days, the hacking team released a few unknown exploits that are affecting all systems.
The security alert CVE-2015-2426 is dealing with all windows version and it involves elevated privileges through the Adobe type manager library’s DLL : atmfd.dll.

The DLL provides support for OpenType fonts and the exploit consists in a memory corruption that would give a full and hidden access to the hacker.

It is warmly recommended to perform the latest windows updates available in your update center from your control panel.

All the windows version are affected from Windows XP to Windows server 2012. As Windows XP and Windows Server 2003 aren’t currently supported any longer by Windows no updates will be patching the security issue.
At HostStage, we don’t have such versions running on our servers, but if your computer is based on an outdated Windows version it is highly recommanded to upgrade to a newer Windows.

We have patched our Windows servers on our end even though it is generally involving computers using a web browser.

Security Issue Glibc : CVE-2015-0235 -> PATCHED!
posted by: in Security

Hello,

48 hours ago a new security vulnerability has been discovered affecting most of the linux distribution running the GNU C Library. 
It is announced as very easy to exploit. You can find accurate details of the security threat quoted below : 

“A heap-based buffer overflow was found in __nss_hostname_digits_dots(), which is used by the gethostbyname() and gethostbyname2() glibc function call. A remote attacker could use this flaw to execute arbitary code with the permissions of the user running the application.”

At HostStage, we have taken actions immediately throughout all our infrastructure and patched all our servers (Shared Web Hosting, CentOS linux VPS managed and not managed, Reseller Web hosting, and all structural servers). 
We have also contacted all Debian / Ubuntu based users mentionning the steps to patch their server, as far as the patch requires a restart, we couldn’t take the liberty to apply it. 

You can find the steps below to patch your servers : 

CentOS : 

You can test whether you are vulnerable by typing the command below : 

rpm -q –changelog glibc | grep CVE-2015-0235

If it returns nothing, you must proceed with the glibc update with the following command : 

yum update glibc -y

Otherwise, it would return the line below : 

– Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183533).

Debian / Ubuntu :

You can test whether your OS is impacted by running the following script 

/* ghosttest.c:  GHOST vulnerability tester */
/* Credit: http://www.openwall.com/lists/oss-security/2015/01/27/9 */
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
 
#define CANARY "in_the_coal_mine"
 
struct {
  char buffer[1024];
  char canary[sizeof(CANARY)];
} temp = { "buffer", CANARY };
 
int main(void) {
  struct hostent resbuf;
  struct hostent *result;
  int herrno;
  int retval;
 
  /*** strlen (name) = size_needed - sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/
  size_t len = sizeof(temp.buffer) - 16*sizeof(unsigned char) - 2*sizeof(char *) - 1;
  char name[sizeof(temp.buffer)];
  memset(name, '0', len);
  name[len] = '';
 
  retval = gethostbyname_r(name, &resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno);
 
  if (strcmp(temp.canary, CANARY) != 0) {
    puts("vulnerable");
    exit(EXIT_SUCCESS);
  }
  if (retval == ERANGE) {
    puts("not vulnerable");
    exit(EXIT_SUCCESS);
  }
  puts("should not happen");
  exit(EXIT_FAILURE);
}


Then, you would need to compile it and run it as shown below : 

gcc ghosttest.c -o ghosttest
./ghosttest

The scripts will return either of the 2 following values : vulnerable or not vulnerable. 

If you are vulnerable you would need to run the following : 

sudo apt-get clean
sudo apt-get update
sudo apt-get upgrade
reboot
 
Sincerely Yours,
Vincent Royant
HostStage CEO 
Result 1 - 10 of 27