Magento Security Alert Updated on May 18, 2015 by InMotion Hosting Contributor Who is affected? – Users of Magento Community Edition and Enterprise Edition. Have these issues been addressed? – The SUPEE-5994 Patch Bundle covers eight different issues that are listed in the article below. SUPEE-5994 Patch Bundle On May 14, 2015 Magento released a bundle of eight patches that addresses the following issues: Admin Path Disclosure Read More >
MS Outlook Security Updates Updated on May 14, 2015 by InMotion Hosting Contributor Issue: It has come to our attention that Microsoft has pushed out a Security update to some Outlook users. This has changed the way Outlook communicates with the mail servers, which may affect your email settings. Status: This has currently been addressed on all servers. (You may have adjust your settings as described below) Who Read More >
Security Announcement: Sucuri XSS Vulnerability Updated on August 12, 2021 by InMotion Hosting Contributor Sucuri has recently announced a WordPress vulnerability regarding XSS script attacks. While this would have affected all WordPress sites using JetPack or the 2015 theme, we have already patched our servers to prevent any attacks regarding this nature. The attack leaves any plugin or theme that uses genericons vulnerable. Server? Patched? Further Action? All Servers Read More >
Security Alert – 4/30/2015 – Magento code execution vulnerability Updated on April 30, 2015 by Scott Mitchell Magento Critical Vulnerability Issue: Magento has discovered a code-execution hole in both the community and enterprise editions. Status: Update has been released. Who is impacted? Community and Enterprise editions of Magento. Why was this update released? The web security firms Incapsula and Sucuri have discovered that malicious users are exploiting the bug to create new Read More >
Important iThemes Security Update Alert Updated on April 14, 2015 by InMotion Hosting Contributor A security release for ithemes Security was released last night (April 13) that immediately affects versions 4.6.13 and 1.14.18 (Pro). What was patched? iThemes fixed a stored XSS (Cross Site Scripting) issue that could have allowed dangerous Javascript to run when viewing 404 logs. When the 404 detection feature is enabled, the list of non-existent Read More >
Security Alert – 4/14/15 – BuddyPress Plugin for WordPress Updated on August 16, 2021 by Scott Mitchell Issue: BuddyPress has released a security update (version 2.2.2). They are recommending to update to this latest version. Status: Update has been released. Who is impacted? Websites running the WP REST API Plugin for WordPress. Why was this update released? BuddyPress version 2.2.2 was released to address two potential security issues and has a few Read More >
Security Alert – WP Rest API plugin for WordPress Updated on August 16, 2021 by InMotion Hosting Contributor Issue: WP REST API plugin has released a critical security update (version 1.2.1). They are urging everyone to update to this latest version. Status: Update has been released. Who is impacted? Websites running the WP REST API Plugin for WordPress. Why was this update released? WP REST API plugin version 1.2.1 was released to address Read More >
Security patches to OpenSSL on all servers Updated on March 24, 2015 by InMotion Hosting Contributor Issue: Critical security patches to OpenSSL on all servers. Status: Our System Administration team is applying critical security patches to OpenSSL on all servers. As the patch is applied, a brief restart of the apache service will result in a temporary unavailability of websites housed on the server being patched. Who is impacted? Customers on Read More >
How to Modify Max User Connections on VPS and Dedicated Servers Updated on August 21, 2023 by InMotion Hosting Contributor Occasionally, you may find yourself in a situation where you need to allow additional simultaneous connections to your MySQL database server. You may need to add more connections in order to accommodate an increased load from your database server or handle increased web traffic caused by search bots, By default, all InMotion Hosting servers allow Read More >
WordPress Critical Security Announcement Updated on August 16, 2021 by Jeff Matson As of today, several vulnerabilities were discovered and patched within WordPress. The most critical of these is a cross-site scripting vulnerability which allows malicious comments to be left, and when seen, can execute unauthorized code as the administrator user in versions 3.0-3.9.2. Although 4.0 is not affected by this particular vulnerability, several other vulnerabilities were Read More >
Prevent WordPress brute force attacks with BruteProtect Updated on June 9, 2023 by Jeff Matson When running a website, especially with the increase in brute force attacks against WordPress sites, it is important to protect yourself. Thankfully, BruteProtect will allow you to easily and automatically block attacks. As BruteProtect stores known attack sources in its database, many attacks are stopped before they even begin. In this article, we will show Read More >
ModSecurity Multipart Request Body Failed Strict Validation Error Updated on May 19, 2022 by Jeff Matson In this guide, we’ll discuss what causes and how to fix the multipart request body failed strict validation ModSecurity error. When uploading images (or other files) to your website you may see that there is an error within your site that is preventing your content from uploading. This will typically come as a 406 error Read More >
Avoiding Phishing Scams Updated on August 5, 2022 by InMotion Hosting Contributor Over the past few years, malicious internet and e-mail activity has increased exponentially. Included in this malicious activity are phishing scams. The following article discusses the definition of “phishing” and provides information and best practices on how to avoid being taken in by these scams. Phishing is the attempt to gather private information, such as Read More >
Resetting your admin password in PrestaShop 1.6 Updated on July 14, 2020 by Scott Mitchell If you happen to forget your admin password (you know, the one that you made so complex no one including yourself can remember it?) never fear! PrestaShop has an easy way to reset it so you can access your admin dashboard once again. How to reset your admin password Visit your PrestaShop admin dashboard login Read More >
All About File Permissions Updated on August 16, 2021 by Scott Mitchell In this tutorial: User Types Permission Types The Mode Understanding how permissions work when you set them within your cPanel or using SSH (Shell) access is very important. If permissions are too lax, they may be accessed by unwanted users who may alter or remove them. If the permissions are too strict, then they may Read More >
OpenSSL 1.0.1 and 1.0.2-beta1 security upgrades Updated on August 16, 2021 by InMotion Hosting Contributor Back on April 7th there was something called the Heartbleed Open SSL bug that caused some security issues for servers running certain versions of OpenSSL. There was a new OpenSSL security advisory posted earlier today disclosing seven additional security flaws found in OpenSSL 1.0.1 and OpenSSL 1.0.2-beta1. There was also a new OpenSSL 1.0.1h patch Read More >
Heartbleed 0-day OpenSSL security bug Updated on August 16, 2021 by Jeff Matson On Monday, April 7th, 2014, a critical bug in OpenSSL was discovered which allows attackers to read memory information from servers with OpenSSL installed. As many of InMotion servers run OpenSSL, our system administrators have diligently patched the exploit on all affected systems. Update: Mashable has released a list of possibly compromised sites that you Read More >
Increase in Joomla Brute Force Attacks Updated on June 12, 2023 by Brad Markle What’s happening? Over the past several weeks, our System Administration Team has identified an exponential increase in brute force attacks against Joomla driven websites. Question What is a brute force attack against a Joomla website? Answer A brute force attack against a Joomla website involves bots repeatedly trying to login to your Joomla /administrator by Read More >
IP Changed Due to DDoS attack Updated on January 12, 2022 by InMotion Hosting Contributor A DDoS attack recently affected the server that houses your account. In order to mitigate the attack, we are changing the IP address of your account. What is a DDoS? Was I hacked? How does this affect my website? Help! My site still isn’t working! What Can I Do While I Am Waiting for Propagation? Read More >
Password Strength and Security Updated on May 4, 2023 by InMotion Hosting Contributor These days on the Internet all of your important information could be just a website request away. This is why it’s important as ever to ensure that you’re using a secure password to restrict access to your private information. You should keep your AMP, cPanel, and Email passwords secure, as well as any CMS such Read More >
