Today we are happy to announce that we are one of the first cpanel web hosting providers to provide free Let’s Encrypt SSL Certificates directly from your cpanel, on all our hosting services. Those of you that may now be familiar with Let’s Encrypt’s mission, the project aims to make encrypted connections in the World Wide Web free and available to all. By getting rid of payment, web server configuration, validation emails and dealing with expired certificates it is meant to significantly lower the complexity of setting up and maintaining TLS encryption.
So what does all this mean? Well, in layman’s terms, you can now install a free browser-trusted certificate on any domain or subdomain in your account with just a few clicks.… Read the rest
Wisconsin-based Web hosting provider MonsterMegs (www.monstermegs.com) announced today, that it upgraded all their web servers to utilize pure ssd hard drives. “Since our upgrade to pure ssd storage, we have noticed a load drop of about 60% across all servers.” said Kevin Kopp, MonsterMegs Owner “Not only have we seen the load drop on the servers, but client websites are now loading up to 300% faster than they did on previous standard SATA drives.”.
SSDs have lower access time, less latency and IOPS up to 100x more than normal drives. This leads to maximum performance with page load times up to 300% faster on our SSD platform compared to standard hard drives.… Read the rest
As a CloudFlare Optimized Partner, we are thrilled to offer the CloudFlare Railgun™ technology to all our customers FREE. Railgun is CloudFlare’s latest performance optimization technology that gives you significant improvements in site load times. To activate Railgun, log into your control panel and select Railgun “On”. Read on for additional details and instructions:
Railgun ensures that the connection between our network and the CloudFlare network is as fast as possible. Railgun achieves a 99.6% compression ratio for previously uncacheable web objects by using techniques similar to those used in the compression of high-quality video. The average website can expect a 1.43x performance increase.… Read the rest
There is a serious vulnerability in the WordPress Download Manager plugin that allows a remote attacker to upload malicious scripts to your website, gain administrative access and modify passwords.
The vulnerability exists in versions of WordPress Download Manager older than 2.7.5. The Changelog confirms this has been fixed as of version 2.7.5.
WP Download manager was allowing unauthenticated ajax calls to execute arbitrary functions. This would allow an attacker to upload arbitrary files and perform a variety of other malicious tasks.
What to do:
Upgrade to WordPress Download Manager version 2.7.5 which is the newest version at the time of writing.… Read the rest
About an hour ago researcher Walter Hop from Slik BV in the Netherlands disclosed multiple serious vulnerabilities in the InfiniteWP Admin Panel on the Full Disclosure and Bugtraq mailing lists. This admin panel is a standalone PHP application that is installed on a website and used as an interface to manage multiple WordPress websites.
The vulnerability includes several issues, the most serious of which appear to allow unauthenticated SQL injection. There is also a file upload vulnerability but only for certain web server configurations.
The issues were initially disclosed on November 26th and InifiniteWP has since released two fixes, the most recent of which were released yesterday, to fix these issues.… Read the rest