Category Archives: Tips

WordPress Sites Being Hacked Globally

As we are aware that many Huevia customers have wordpress installations across our web hosting environment, we want to make you aware of attacks targeting CMS (content management system) sites but more specifically wordpress sites. Over the past few days many hosting companies have reported massive wordpress installations hacked and used to attack other websites, including financial institutions.

It does not appear that any major security exploit is being utilized for these attacks, instead the attacks are targeted at wordpress sites that are using “admin” as username and commonly used passwords. Once the admin account is accessed various malicious scripts are injected into the wordpress install.

While we do our best to secure our network and servers from all types of attacks, this attack is happening at a global level and is highly distributable in nature (most of the IP’s used are spoofed), making it difficult for us to block all malicious data.

To ensure that your websites are secure and safeguarded from this attack, we recommend the following steps:

  1. Update and upgrade your wordpress installation and all installed plugins
  2. Install the security plugin listed here
  3. Ensure that your admin password is secure and preferably randomly generated
  4. Other ways of Hardening a WordPress installation are shared at http://codex.wordpress.org/Hardening_WordPress

These additional steps can be taken to further secure wordpress websites:

  • Remove README and license files (important) since this exposes version information
  • Move wp-config.php to one directory level up, and change its permission to 400
  • Prevent world reading of the htaccess file
  • Restrict access to wp-admin only to specific IPs
  • A few more plugins – wp-security-scan, wordpress-firewall, ms-user-management, wp-maintenance-mode, ultimate-security-scanner, wordfence, http://wordpress.org/extend/plugins/better-wp-security/. These may help in several occasions

Spring Sync your Calendars

The first day of Spring has arrived and it might be time for a little spring cleaning and organization. We couldn’t think of a better time to introduce some of our users to our SmarterMail calendar included with your webmail. Using a calendar is a great way to schedule tasks and events to help you fullfill your short and long term goals. Huevia’s calendar is a fully featured calendar and can sync with your MS Outlook or Apple iCal applications. Here is a quick rundown of Huevia’s calendar features

  • Fully configurable appointments with optional recurrence rules
  • Email notification and notification of upcoming appointments
  • Calendar Sharing
  • Task Integration
  • Attendee and invitation status tracking
  • Availability information about attendees
  • Configurable default views – either daily, weekly, monthly or all appointment views
  • Integration with Outlook and iCal and any Smartphone

We have added how to sync your applications with our Calendaring system. Click on the link below to take you to the support article for your specific application.

Apple iCal:

http://bit.ly/YpJk4N

Microsoft Outlook:

http://bit.ly/YZv2r0