Top

RBL – Fight SPAM With Postfix

Using RBL is really efficient and pretty lightweight. All it take is some DNS queries and if you were going to receive a lot of spam email from the same client, this DNS entries will be cached in your (local) DNS. To get some figures on how many emails get caught through, on a server […]

Continue Reading

Critical Exim Flaw Opens Millions of Servers to Open-door

A critical vulnerability found in Exim servers which can enable a remote and unauthorized attacker to execute arbitrary code with root privileges. Exim is the most widely used MTA today, deploying more than half of the Internet-facing mail servers. Exim is a widely used open source mail transfer agent (MTA) software developed for Unix-like operating […]

Continue Reading

Howto detect malware’s with WP-CLI

WP-CLI is the command-line interface for WordPress. You can update plugins, configure multisite installations and much more, without using a web browser. This tool need ssh access to server using it. More information for this tool found their homepage. This tutorial we show how you can detect malware’s in WordPress installation. WP-CLI Installation Depend your […]

Continue Reading

cPanel ModSecurity v2.9.3 results in apache service failures

The following update to the ea-apache24-mod_security2 RPM was included as part of the initial May 29 EasyApache 4 Release: EA-8081 – Update Mod_security2 to 2.9.3 Upon the publication of this update, we observed reports of Apache service failures stemming from ModSecurity segmentation faults. kernel: [123456.123456] httpd[12345]: segfault at 9 ip 0000000000000000 sp 0000000000000 error 4 […]

Continue Reading

cPGuard licenses has reached 500+ servers

OpsShield announces the growth of cPGuard licenses has reached 500+ servers last week. After publically releasing the product in 2017 last quarter, cPGuard is making progressive growth every month. Several major hosting companies now trust cPGuard to secure their servers and user accounts. Since the initial release, cPGuard is adding more features into the product […]

Continue Reading

How to pick a secure WordPress theme

When it comes to choosing a WordPress theme, most website creators look for two things in particular: looks and functionality. However, another arguably more important factor that most people overlook is security. Picking a secure WordPress theme is one of the best ways to protect your website from hackers. There are, of course, many ways […]

Continue Reading

What makes a safe password generator and how to get started with one

Countless password generators exist in the market, and they all promise to deliver unique, secure and random passwords. However, according to an Andrea Rock study, consumers should be cautious and examine a password generator more closely before using it. That is because some password generators are less secure compared to others. To fully understand this, […]

Continue Reading

What is ModSecurity and why do we need it ?

For time being, the internet growth and the accompanying vulnerability are very much. So we have to implement something special security for servers. So at the current state plugin like ModSecurity is a very good option to use. To learn more about it, Lets go down.. ModSecurity is an open source web based firewall application […]

Continue Reading

WordPress Easy WP SMTP plugin <= 1.3.9 - Unauthenticated arbitrary - wp_options import vulnerability

Last week, two cybersecurity companies found a Zero-Day vulnerability in WordPress SMTP Plugin. The vulnerability is located in the new import/export functionality added in v1.3.9 of Easy WP SMTP. It lets attackers exploit the lack of capability checks in the plugin’s admin_init hook to alter any values in the wp_options table. Additionally, since the admin_init […]

Continue Reading

Remote File Inclusion (RFI)

Remote File Inclusion (also known as RFI) is the process of including remote files through the exploiting of vulnerable inclusion procedures implemented in the application. This vulnerability occurs, for example, when a page receives, as input, the path to the file that has to be included and this input is not properly sanitized, allowing external […]

Continue Reading