9 Feb

2015

Building The Joomla.com Hosting Platform

joomla_blog_pic

When SiteGround was chosen by OSM to be the official hosting provider for Joomla.com – the new free website service by Joomla, we were really excited. We knew that creating an infrastructure that needs to host hundreds of thousands of sites will not be an easy task. This was a huge and complicated project, but our passion for complex technical challenges was what made us participate in the RFP in the first place. Of course, we were additionally motivated by our love for Joomla and by our previous long-year experience of hosting thousands of Joomla sites on our own servers. Many people from SiteGround and from the Joomla! community have done some amazing job on the different aspects of this new service like creating the website, designing the templates and developing the extensions. However, in this blog post I will concentrate especially on the technical challenges that our DevOps team encountered while designing, developing and implementing the hosting platform for Joomla.com.
Read More…

 

25 Nov

2014

The CryptoPHP Infection – A Story About Getting Paid Themes and Plugins for Free

php2
A few of our email servers went wild sending spam this weekend. After quickly fixing the spam issue, we started the longer process of identifying the cause for the spam. It turned out to be the CryptoPHP infection (check out the official whitepaper), activated through a few WordPress themes and plugins.
Read More…

 

31 Oct

2014

WP eCommerce Plugin Vulnerability Fixed

bash

Yesterday Sucuri reported a new vulnerability in WP eCommerce – a popular WordPress plugin for online stores. The vulnerability allows attackers to obtain private information from websites. All versions of the WP eCommerce extension before 3.8.14.4 are vulnerable and attackers may export all user accounts, addresses and other information related to people, who used your site and the plugin to purchase any products from your site.
Read More…

 

15 Oct

2014

Time to Say Goodbye to SSL Version 3.0

ssl-farewell

It is no secret that securing your client’s data is an ongoing process and not something that you can simply install on a server/platform. That is why security solutions and protocols evolve all the time and developers frequently release new versions. The two cryptographic protocols that provide communication security over the Internet are TLS and SSL. The latest version of Secure Sockets Layer (SSL version 3.0) is the predecessor of TLS and is nearly 15 years old. So it was only a matter of time for someone to find the next big issue related to the SSL protocol. Yesterday Bodo Möller from the Google Security Team wrote a blog post about a new vulnerability in the design of SSL version 3.0. The vulnerability allows attackers to calculate the plain text of secure connections.
Read More…

 

25 Sep

2014

Major Bash Vulnerability Fixed on All Servers

bash

A major security flaw was discovered in the most popular shell (Bash) which is used by default in many Linux and Unix distributions. A shell is a program that takes your commands (accessing folders, listing files, etc.) that you type and sends them to the operating system to be executed. The Bash vulnerability, also known as Shellshock, allows attackers to issue arbitrary commands via crafted environment variables.
Read More…

 
Page 1 of 3123

Favorite Tweets

Facebook