Since we initially released jHackGuard back in 2010, it has been shipped with all the Joomlas installed on SiteGround servers and has additionally been downloaded more than 86,000 times from our download pages. What started as an internal tool for protecting Joomla sites under attack has turned into a really successful plugin that has helped thousands. Today we are happy to announce the release of a major jHackGuard update which greatly extends its functionality.
Yesterday Sucuri reported a new vulnerability in WP eCommerce - a popular WordPress plugin for online stores. The vulnerability allows attackers to obtain private information from websites. All versions of the WP eCommerce extension before 188.8.131.52 are vulnerable and attackers may export all user accounts, addresses and other information related to people, who used your site and the plugin to purchase any products from your site.
Site speed has always been a priority for SiteGround. As you know we carefully choose our hardware, we do a lot of customizations on the server software and we have added Varnish and Memcached support within our SuperCacher plugin. All this is done to provide you the fastest possible environment. However, the speed of your site depends not only on the environment it’s hosted on but on the way it’s built and handled by browsers too. This is why we’re happy to announce our partnership with the creators of the WP Rocket plugin for WordPress which can further optimize the speed of your WordPress by improving the way it is opened by the browsers.
The second webinar of our Affiliate Series aims to help people who recommend SiteGround be well prepared for the question: what makes SiteGround different from all the rest? We have done detailed real-life tests with 12 hosting companies we consider close competitors and in the webinar we will show some real numbers about:
- How much faster exactly a website is on SiteGround servers
- How our reaction to security issues is the most efficient out there
- How much faster we resolve our customer support requests
You will also learn how do we achieve such great results and how to use this information to convince easier your referees that SiteGround is the best choice.
It is no secret that securing your client’s data is an ongoing process and not something that you can simply install on a server/platform. That is why security solutions and protocols evolve all the time and developers frequently release new versions. The two cryptographic protocols that provide communication security over the Internet are TLS and SSL. The latest version of Secure Sockets Layer (SSL version 3.0) is the predecessor of TLS and is nearly 15 years old. So it was only a matter of time for someone to find the next big issue related to the SSL protocol. Yesterday Bodo Möller from the Google Security Team wrote a blog post about a new vulnerability in the design of SSL version 3.0. The vulnerability allows attackers to calculate the plain text of secure connections.
For the last few months there have been times that I wasn't present at the office, I could not attend some of the weekly SiteGround meetings and I have neglected a lot of the internal mail communication, that needed my attention. But it was all for a great reason -- I was lucky and honored to be part of the core organizing team of what turned out to be one of the most successful WordCamps. With 2 conference days, a packed Contributors Day and almost 800 people in attendance, I dare to say that WordCamp Europe was one of the best and most rewarding experiences I’ve ever been part of.
As firm believers in educating and empowering all our clients and affiliates, we extended our webinars tradition and last week started a new webinar series for SiteGround affiliates. I was honored to present the first webinar which was focused on the tools and features available in our affiliate area. As the tradition goes, we're making the video reply and slides publicly available, so feel free to watch here and download!
A major security flaw was discovered in the most popular shell (Bash) which is used by default in many Linux and Unix distributions. A shell is a program that takes your commands (accessing folders, listing files, etc.) that you type and sends them to the operating system to be executed. The Bash vulnerability, also known as Shellshock, allows attackers to issue arbitrary commands via crafted environment variables.