Author Archives: Quill

Over three-quarters of all installs are insecure, research shows

A recent article in the UK Register stated that more than 78 per cent of all PHP installations are running with at least one known security vulnerability, a researcher has found.

The researcher, Anthony Ferrara reached this disturbing conclusion by correlating statistics from web survey site W3Techs  against lists of known vulnerabilities in various versions of PHP.

What he found is that far too many PHP-powered websites (WordPress, Drupal,  Joomla, etc) are using insecure versions of the language. So much so he asserts it’s actually easier to find an insecure PHP setup on the internet than a secure one. “This is absolutely and unequivocally pathetic,” Ferrara wrote.

The two most popular PHP releases, according to W3Techs’ statistics, were versions 5.2.17 and 5.3.29. Together, they accounted for 24 per cent of the total – and both are insecure.

Curious to see how Darwin rated we submitted a considerable number of local companies’ Web sites through the  w3techs.com/sites interface.

We’re pleased to say that TheWebHostingMachine, Digital Mojo and Dash Media displayed up to date versions of PHP (above 5.3.29) across all their web sites that we submitted.

We’re not pleased to say that other suppliers’ web sites that we submitted unfortunately lined up with the global trend. Like Anthony Ferrara we found far too many web sites made by Darwin companies were running PHP 5.2.17 (four past its end of life date).

If you want to test your own web site, just go to w3techs.com/sites and enter in your domain name.

Contact us if you think we can help you with your web site security.

 

Telstra issuing ‘tainted’ Fixed IPs

Small businesses need tobe aware that Telstra is now issuing businesses Fixed IP Addresses that were formerly part of a block of 262,142 Dynamic IPs. These IPs are blacklisted for commercial use by several respectable RBLs (Real time Black Listers) such as SpamHaus.

Many organisations such as banks, government departments and other more secure web sites precheck IP addresses using SpamHaus and other RBLs and will block internet access from this range of Fixed IPs.

This has happened to 2 of our clients last week. Each of them wasted countless hours trying to explain to Phillipino call centre staff, firstly what the problem was and then how Telstra needed to fix the problem. The first client was lucky and was allocated a new Fixed IP outside the ‘tainted’ range. However the second client was told that there were no other Fixed IPs available from Telstra. Unfortunately, as of the time of writing Telstra has not been in contact with SpamHaus and the other RBLs, they are simply applying to SpamHaus, etc to have each individual IP removed from the black-lists on a one by one basis. Which means; (1) any new IP allocated from the block of 262,142 Dynamic IPs will have exactly the same issues; and (2) the same time wasting process is going to occur each time.

Why is this happening? There are two parts to that answer.

The first is that Telstra like all ISPs worldwide, is running out of available IP addresses and needs to ‘draw down’ on blocks that were previously allocated only for dynamic use.  This happens as more and more businesses and individuals need Fixed IPs for more secure internet connections.

The second part is that as far back as 2006 ISPs notified the RBLs (of which there are now in excess of 300) that certain ranges of their IPs were Dynamic and other ranges were Fixed. This is mainly to stop spammers using Dynamic temporary IPs for sending emails; so the underpining logic for this separation makes good sense. Unfortunately, many of these ISPs, like Telstra, have lost their corporate memory and now forget to go back to the RBLs to inform them to update their database Lists. And yes, regrettably the updating process is entirely manual. There is no standard automated way that the RBLs can check that the IPs have changed purposes. Telstra and iiNet (and possibly otehrs) put the word “fixed” into the name associated with the IP (the PTR record) but unfortunately this is not an industry standard.

What does this mean for you? If you have been give an IP by Telstra in the range 120.144.0.0 to 120.147.255.254 then you should first got to https://www.spamhaus.org/lookup/ and enter that IP into the “Enter an IP address” text area and click on the “Lookup” button. If you see a listing in red saying something like “120.147.255.254 is listed in the PBL, in the following records:” and if you take the blue hyperlink “PBL1552428” and see “120.144.0.0/14 is listed on the Policy Block List (PBL)“; then you have this problem.

You can try and contact Telstra and ask them to fix the issue, but unless you are talking to a senior technician they simply won’t understand what you are saying. So on the same page that indicated you had the a problem click on the “Remove IP from PBL” button. But be aware that that has only fixed your new IP at SpamHaus and you may encounter issues accessing other sites at organisations that reference different RBLs.

 

How secure is your website?

It’s a risky world  for all of us when  web site security is not maximised. We have dealt with some doozies of attacks on our servers hosting your websites and managing your email in the past three or four months.

And its not just us and Web24 – it’s a global phenomenon. Here is a great non techo article about the types of recent big hacks through web application vulnerabilities, from botnets and malware etc. When Microsoft cloud service 365 gets done – and Macquarie University – and  Billabong – you know its serious https://www.zdnet.com/it-security-is-not-an-optional-extra-7000025991/

Here are a few basic ways you can protect  your WordPress site.

1. Install a wordpress security plugin – OR ask us to! :

2. Avoid using ‘admin’ or anything obvious as your login name.

3. Use a strong password, (eg verb color animal number) . Test your password at: https://howsecureismypassword.net/ Change it often.

4. Keep your plugins and theme up to date.- or we can do it for you

5. Backup and download your site through c panel regularly. –  we can do this too

More on this later …..

WordPress; I make changes and nothing happens!!

The Problem: Over the past week we have been battling with “I cant see that change here”. 99% of the time this appears to be a caching issue.

“What is Caching?” you ask, well:  CacheInternet browser cache is used to improve how fast data loads while browsing the Internet. In most cases, each time you open a web page the page and all its files are sent to your browser’s temporary cache on your hard drive. If that page or file contained on that page (e.g. a picture) needs to load again and has not been modified, the browser opens the page from your cache instead of downloading the page again. Cache saves you lots of time, especially if you use a modem, and can also help save the website owner on bandwidth.

The Solution(s):
Clearing the Browser Cache
Normally, to see the changes on your page, you click the Refresh button on the browser toolbar or press the F5 key on your keyboard. In many cases, this simply reloads the page without clearing the browser’s cache. Here are some techniques to wipe clean the browser’s cache so you will see the changes when your page reloads.

Microsoft Internet Explorer 

  1. Hold down SHIFT and click on the REFRESH button in the toolbar under the menu.
  2. For Serious Clearing: If you are having problems clearing out the cache, then force it by choosing from the menu TOOLS > INTERNET OPTIONS > TEMPORARY FILES. Click on Delete Temporary Files. You can choose the checkbox to delete allInternet files, but you might not want to as that will also clear all your passwords and cookies, but if you are having trouble viewing the changes on your page, go all the way.

Mozilla Firefox 

  1. Hold down CTRL+SHIFT+R.
  2. If you are using Chris Pederick’s Web Developer Extension, click Miscellaneous and then Clear Cache.
  3. For Serious Clearing: From the browser menu, Tools > Options > Privacy > Cache and select Clear.

Google Chrome

  1. Hold down CTRL+H.
  2. Click the “Clear Browsing Data” button
  3. select the “Cached images and files” checkbox and click “clear browsing data”

Netscape
From the menu, click Edit > Preferences > Advanced. Choose “Cache” and click both “Clear Memory Cache” and “Clear Disk Cache”.

Mozilla 1.x and up
From the browser menu, Edit > Preferences > Advanced and click “Cache” and “Clear Cache”.

Opera
From the browser menu, Edit > File > Preferences > History and Cache and click “Cache”.

Safari
From the browser menu, Safari > Reset Safari and click Reset to confirm OR Safari > Empty Cache.

If this does not help, you may have LAN caching or your ISP may have caching (if you’re in a  remote area) in which case patience is your best option.

Thanks for some tips –  https://codex.wordpress.org/I_Make_Changes_and_Nothing_Happens

WordPress Beginner Videos – Free WordPress Video Tutorials

The team at WP Beginners produce awesome, high quality video tutorials for WordPress newbies – from logging in to your site, creating pages and posts, editing menus and customising your site’s appearance. You need to create a login account, but the videos are all free:

Don’t waste your time on boring tech books or searching YouTube. WPBeginner’s WordPress 101 video tutorials will teach you how to create and manage your own sites for FREE.

via WordPress Beginner Videos – Free WordPress Video Tutorials.