Web Hosting News
Written by Sean Valant
Friday, August 23rd, 2013
Yesterday (August 22nd, 2013) a massive number of IP addresses used for email gateways on virtually every webhost in the world became blacklisted on multiple networks. This resulted in a global inability for email to be received (any time the email originated from one of the blacklisted IPs and was “received” on one of the blacklisting networks).
The issue is on-going at the time of this writing, and some customers are still being affected at this moment, however HostGator was one of the first companies to successfully mitigate the situation and we have since been assisting other companies with this issue. As it stands, we are presently working to now get our IP’s removed from the blacklists and restore full worldwide email deliverability from our network.
This situation resulted from a combination of multiple factors stretching back a few months. Before we explain the circumstances, we want to once again stress the importance of keeping all scripts on all hosting accounts updated. Failure to update scripts, as well as not exercising basic security practices, is what allows situations like this to continue to occur. An out-dated script on a hosting account is akin to an unlocked car left in a parking lot… it’s an invitation for maliciousness by unscrupulous individuals.
Unlike the situation back in April that affected WordPress, this time the target was Joomla. Back in May, there was a string of exploits against known vulnerabilities in Joomla. These vulnerabilities, related to a component called JCE, had been previously addressed via certain mod_sec rules. However, a workaround was discovered that allowed malware to be installed, and later activated, to allow the uploading and execution of mailing scripts.
These mailing scripts were activated en masse yesterday, beginning a massive spamming campaign resulting in the blacklisting of email gateway IPs worldwide. One of the largest networks with users reporting issues initially was AOL, resulting in us creating this forum post.
As with all issues of this nature, there are lessons to be learned. The most important lesson here is to (again) keep all scripts on your hosting account up-to-date. Most scripts have a one-click feature to update them anytime a new version is released. Keeping scripts up-to-date is paramount in ensuring a secure hosting account.
HostGator has now added additional monitoring capability to our systems which will alert us to situations like this even faster than yesterday. Our work is on-going, though we should have the majority of the blocks resolved by tomorrow (spam lists move slow, with good reason). But remember, there is no better way to keep your car safe than to lock it. Please take this moment to log into your hosting script back-ends and ensure they are up-to-date. Don’t give the bad guys an open door to walk through.
Written by Sean Valant
Wednesday, April 17th, 2013
We at HostGator have always vehemently opposed any piece of legislation that contradicts the idea of a free and open Internet. If you haven’t read our prior blog posts about CISPA and it’s earlier incarnation SOPA, then please do so now in order to bring yourself up to speed:
The problem with legislation such as these is not what it appears to do on the front end, rather it’s the back end implications that make it frightening. Cyber security is serious business, and it is a realm that could use some tightening up. However, this tightening up cannot come at the expense of your privacy due to a circumvention of existing privacy laws.
Why are we mentioning CISPA now? Well, it has reared its head once again and is being voted on by the House of Representatives today. It seems this piece of legislation refuses to die. Unfortunately, the longer something like this sticks around, the less attention the media at large will pay attention to it.
Truth be told, we’ve outlined in great detail what is wrong with this piece of legislation in our previous blog posts. We don’t want to be redundant, but we didn’t want to let this day pass without mentioning again this issue that truly affects us all.
Fortunately, President Obama maintains that he would veto this bill were it to pass in the House. Hopefully, it won’t come to the necessity of a veto. Let’s put this legislation to sleep, once and for all, and let it not awaken until it has matured into a form that would actually benefit the people as opposed to slowly eroding your right to online privacy.
Written by Sean Valant
Thursday, April 11th, 2013
As I type these words, there is an on-going and highly-distributed, global attack on WordPress installations across virtually every web host in existence. This attack is well organized and again very, very distributed; we have seen over 90,000 IP addresses involved in this attack.
At this moment, we highly recommend you log into any WordPress installation you have and change the password to something that meets the security requirements specified on the WordPress website. These requirements are fairly typical of a secure password: upper and lowercase letters, at least eight characters long, and including “special” characters (^%$#&@*).
You have now changed your WordPress password, correct? Good.
The main force of this attack began last week, then slightly died off, before picking back up again yesterday morning. No one knows when it will end. The symptoms of this attack are a very slow backend on your WordPress site, or an inability to log in. In some instances your site could even intermittently go down for short periods.
We are taking several steps to mitigate this attack throughout our server farm, but in the same breath it is true that in cases like this there is only so much that can actually be done. The servers most likely to experience service interruptions will be VPS and Dedicated servers hosting high numbers of WordPress installations, due to the incredibly high load this attack has been seen to cause.
If you are hosted on a VPS or Dedicated server and you would like for us to take a more severe, heavy-handed approach to mitigate this attack, we can do this via means such as password-protecting (via .htaccess) all wp-login.php files on the server. If you would like our assistance with this, please contact us via normal support channels.
Again, this is a global issue affecting all web hosts. Any further information we could provide at this moment would be purely speculation. Our hope is that this attack ends soon, but it is a reminder that we must all take account security very seriously.
We will update this blog post when we have further information.
If you have just a few WordPress sites, you can add the additional layer of security mentioned above, as well as block this attack, by following the instructions outlined in this article from our KnowledgeBase: http://support.hostgator.com/articles/specialized-help/technical/wordpress/wordpress-login-brute-force-attack
Written by Sean Valant
Tuesday, September 25th, 2012
Blogging.org, a well-respected site in the blogging community, recently conducted a comprehensive survey of 5,600 bloggers in order to determine the “Top 25 Hosting Companies” for bloggers. HostGator took first place, with 1907 out of 5600 votes; just shy of 900 more votes than 2nd place received. This is an honor that we at HostGator do not take lightly, and we are very happy to be able to share this news with you.
The voting criteria was based on which host the aforementioned 5,600 bloggers used and which host they would recommend to their peers. With over 203 million blogs online today, blogging is an undeniable online presence these days. There are 31 million bloggers in the US alone, with 43% of the total bloggers using WordPress, including this HostGator blog.
It is worth noting that this survey was completely unbiased and affiliate payouts were not a factor in this survey; it truly is simply the honest opinion of the blogging community.
Please visit http://blogging.org/blog/top-25-hosting-companies/ in order to see a further breakdown of the related statistics as well as the other 24 hosts that made the cut.
Now is the perfect time to start your blog with (or move your existing blog to) HostGator. Take advantage of our 1-click installs of WordPress and have your blog online today. Use coupon code BLOG to receive 25% off your first invoice on any new sign-up*!
*this coupon expires on October 9th, 2012.