WordPress 4.4.1 Security & Maintenance Release

wp-vulnerabilityfixed

A new WordPress security update 4.4.1 was announced yesterday. The latest version fixes a cross-site scripting vulnerability that allows a site to be compromised as well as some minor issues.

All WordPress sites at SiteGround with enabled autoupdate service have been updated to the new version 4.4.1 last night and are safe and sound. For all WordPress sites that do not have the autoupdate option on, we have applied a rule in our WAF (web application firewall) that will block possible hacking attempts. As our firewall rule is not covering all possible hack scenarios, we are additionally patching WordPress sites on versions 3.7 to 4.4 at a website level.

Regardless of the security shields we have placed, we still recommend all websites that have not been autoupdated to upgrade to the newest version 4.4.1 or to the latest version within their current branch as soon as possible.

 

SiteGround Adds a Free Website Builder

free website builder

As many of you know, we work with various CMS’s - WordPress, Joomla, Magento being some of the top favorites of our customers. No matter how straightforward we think these CMS’s are though, many customers have difficulties working with them. This is why we spent some time looking for the easiest website builder that we could integrate into our platform and offer to our customers as a solution to their hassles. We are happy to say that we found it in Weebly - a powerful yet simple drag & drop website building tool.

Read More

Critical Vulnerability in Joomla Fixed on Zero-day

joomla-vulnerability

Yesterday, a serious vulnerability that affects all major Joomla versions was disclosed. Using this security breach a hacker could do a full remote command execution on the targeted site. We have worked together with the Joomla Security teams and came up with a rule in our WAF (web application firewall) that would block hacking attempts using this vulnerability and we don't have reports for hacked accounts through this exploit.

Read More