Top

Archive | Security

Joomla Security – Top 10 tips to secure your website

You might be familiar with JOOMLA!. It is a free and open-source content management system (CMS) for publishing web content. Behalf of its excellence JOOMLA had secured several awards. It is based on a model–view–controller web application framework that can be used independently of the CMS that allows you to build powerful online applications. The […]

Continue Reading

Free SSL a replacement for Paid ssl?

Today I am discussing the free SSL and its difference between the paid ones and is it replacing the paid SSL. SSL ( Secure Socket Layer ) will encrypt the connection between the client ( web browser ) and server ( web server ). Which means the people who sniffing the data traffic between server […]

Continue Reading

Drupal – Remote Code Execution (SA-CORE-2018-004 / CVE-2018-7602) nicknamed Drupalgeddon 3

This vulnerability discovered Drupal security team one weeks ago, a highly critical (20/25 NIST rank), (SA-CORE-2018-004 / CVE-2018-7602) nicknamed Drupalgeddon 3. This vulnerability continues Drupalgeddon 2 and allow an unauthenticated attacker to perform remote code execution. An exploitation method was published a few days ago for this vulnerability which allows attacker in the server execute […]

Continue Reading

Drupal – Remote Code Execution (SA-CORE-2018-002 / CVE-2018-7600) nicknamed Drupalgeddon 2

This vulnerability discovered Drupal security team two weeks ago, a highly critical (25/25 NIST rank), (SA-CORE-2018-002 / CVE-2018-7600) nicknamed Drupalgeddon 2. This vulnerability allowed an unauthenticated attacker to perform remote code execution. An exploitation method was published a few days ago for this vulnerability which allows attacker in the server execute any code with user […]

Continue Reading

Disable Theme and Plugin Editors from WordPress

This is a big problem, if customer using very weak password’s with default username’s like admin/administrator and etc. Even if you don’t use default username you can get it very easily. Get WordPress username https://wordpress.site/?author=1 This redirects your correct username author page and you can get easily correct username which is probably admin user. If […]

Continue Reading

Security is a false feeling

Server security is a highly concerned nowadays by website owners and server owners. And lots of companies providing hardening services at a high cost. While considering the server security or security of your site, don’t confuse true security with a false sense of security. In this article, I am mentioning some of the misconceptions or […]

Continue Reading

How to Securing Web Server

Here in this tutorial we are talking about the basics of the steps required when securing Web server. Hacking is regularly performed by automated scripts written to scour the Internet in an attempt to exploit known website security issues in software. Here are 8 basic tips to help keep your server safe secure and online. […]

Continue Reading

SSL Certificate For free – Let’s Encrypt

Let’s Encrypt is a new Certificate Authority (CA) that offers FREE SSL certificates that are just as secure as current paid certificates. The encryption within HTTPS is intended to provide benefits like confidentiality, integrity and identity. Your information remains confidential from prying eyes because only your browser and the server can decrypt the traffic. Integrity […]

Continue Reading

Securing Directadmin Server

ssh If possible, don’t allow user login ssh to the server. Also disable root user login and use sudo to gain root access. Change: Restart ssh server! Note: Make sure you installed sudo and sudoers to your user! Filesystem You can prevent and hide access certain folders and files. php.ini There are certain functions in […]

Continue Reading

How detect malware

When you scan server files with Clamdscan or Maldet your scanner give postitive result and Extra ClamAV signatures to better ratio detect malware. We using clamdscan scanner to scan files. Example user www files: Now we open content-none.php file to look better: The first looks, there is no anything, but if you look better first […]

Continue Reading