Multiple security issues were found in libvpx multimedia library which could result in denial of service and potentially the execution of arbitrary code if malformed WebM files are processed.
Tim Düsterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections.
In the November 2019 survey we received responses from 1,308,343,327 sites across 243,734,379 unique domain names and 9,274,744 web-facing computers. This reflects a gain of 7.46 million sites, 2.18 million domains and 230,000 computers.
Amongst the largest web server vendors, Microsoft, nginx, and Google all gained sites this month, increasing by 19.41 million (+10.59%), 10.17 million (+2.38%), and 1.33 million (+3.83%) sites respectively, whilst Apache lost 13.56 million (-3.64%) sites.
While Microsoft gained substantially the most sites overall, this translated to a relatively small increase of domains (+13,000). As a result, it saw the largest loss of domain market share, dropping by 0.18pp. Apache similarly lost market share, with a drop of 0.16pp, despite a large increase in domains (+268,000).
nginx fared better, with an increase in domains (+522,000) almost double that of Apache’s leaving its market share largely unchanged. nginx also saw large gains in web-facing computers (+113,000) and amongst the top million busiest sites (+1,000) giving it the largest market share increases in those metrics.
All of the largest web server vendors were however outpaced this month in domain gains by both Cloudflare and OpenResty, which increased by 1.06 million and 558,000 domains. While the survey tracks these products separately, OpenResty makes uses of the nginx core, integrating it with additional Lua-based modules, while Cloudflare’s own server software was originally based on nginx. The survey now finds a total of 18.22 million domains for the Cloudflare web server software, and 7.10 million for OpenResty.
| Developer | October 2019 | Percent | November 2019 | Percent | Change |
|---|---|---|---|---|---|
| nginx | 427,719,289 | 32.88% | 437,886,327 | 33.47% | 0.59 |
| Apache | 372,604,250 | 28.64% | 359,048,240 | 27.44% | -1.20 |
| Microsoft | 183,224,187 | 14.08% | 202,633,184 | 15.49% | 1.40 |
| 34,861,968 | 2.68% | 36,196,549 | 2.77% | 0.09 |
On Wednesday, November 13th, a contingent of the cPanel team volunteered at the Houston Food Bank. Over the course of three hours, we managed to assemble 4800 boxes of food and prepare 60 pallets for delivery to families in need. These boxes of food will serve families throughout 18 different counties across the greater Houston area. Founded in 1982, the Houston Food Bank is a 308,000 square-foot warehouse and is the largest Feeding America food bank in the …
The post Jumpstart Your WordPress SEO with Yoast & Plesk SEO Toolkit appeared first on Plesk.
An out-of-bounds write vulnerability was discovered in php-imagick, a PHP extension to create and modify images using the ImageMagick API, which could result in denial of service, or potentially the execution of arbitrary code.
The post How Simplyyourself.online Found More Time For Their Clients appeared first on Plesk.
Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-13723
DSA 4571-1 updated Thunderbird to the 68.x series, which is incompatible with the Enigmail release shipped in Debian Buster. For the stable distribution (buster), this problem has been fixed in
Hoger Just discovered an SQL injection in Redmine, a project management web application. In addition a cross-site scripting issue was found in Textile formatting.
The post Duetsoft Profits Grow by 25% Using Plesk WordPress Toolkit & DigitalOcean appeared first on Plesk.
Late-breaking news on the 5.2.4 short-cycle security release that landed October 14. When we released the news post, I inadvertently missed giving props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where path traversal can lead to remote code execution. Simon has done a great deal of work on the WordPress […]
Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization.
It was discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system did not escape strings when importing an archive file into the accounting_storage/mysql backend, resulting in SQL injection.
The post Why WordPress Admins Need More Than One SEO Tool appeared first on Plesk.
Version 5.3 of WordPress is available for download or update in your WordPress dashboard. The new editor continues to become more refined with intuitive interactions, a focus on accessibility, and a more consistent look & feel. A fresh new default theme is shipping with this release too, that puts blocks to good use and lets all users have more control over how their content appears.
The post How to manually remove website malware – when an antivirus can’t appeared first on Plesk.
You’ve probably heard that WordPress is open-source software, and may know that it’s created and run by volunteers. WordPress enthusiasts share many examples of how WordPress changed people’s lives for the better. This monthly series shares some of those lesser-known, amazing stories. Meet Kim Parsell We’d like to introduce you to Kim Parsell. Kim was […]
Rank Performance Graph OS Outage
hh:mm:ss Failed
Req% DNS Connect First
byte Total 1 Rackspace Linux 0:00:00 0.000 2.081 0.005 0.012 0.012 2 Hyve Managed Hosting Linux 0:00:00 0.000 0.146 0.084 0.168 0.168 3 ServerStack Linux 0:00:00 0.000 0.207 0.084 0.168 0.168 4 EveryCity SmartOS 0:00:00 0.005 0.223 0.074 0.149 0.149 5 Swishmail FreeBSD 0:00:00 0.005 0.210 0.084 0.167 0.167 6 Pair Networks Linux 0:00:00 0.
The fourth release candidate for WordPress 5.3 is now available! WordPress 5.3 is currently scheduled to be released on November 12 2019, but we need your help to get there—if you haven’t tried 5.3 yet, now is the time! There are two ways to test the WordPress 5.3 release candidate: Try the WordPress Beta Tester plugin (choose the “bleeding edge […]
Missing access check in the phputf8 mapping files could lead to an path disclosure.
Joomla! CMS versions 3.6.0 – 3.9.12
Upgrade to version 3.9.13
The JSST at the Joomla! Security Centre.
A missing token check in com_template causes a CSRF vulnerability.
Joomla! CMS versions 3.2.0 – 3.9.12
Upgrade to version 3.9.13
The JSST at the Joomla! Security Centre.
Joomla 3.9.13 is now available. This is a security fix release for the 3.x series of Joomla which addresses two security vulnerabilities and contains over 15 bug fixes and improvements.
The post Getting Plesk support for your HTTP/2 appeared first on Plesk.
It’s time for our annual user and developer survey! If you’re a WordPress user or professional, we want your feedback. It only takes a few minutes to fill out the survey, which will provide an overview of how people use WordPress. We’re excited to announce that this year, for the first time, the survey is […]
October has been a busy month with preparations for WordCamp US as well as the next major release of WordPress. Read on to find out about all that work and more. WordPress 5.2.4 On October 14, WordPress 5.2.4 was released as a security release fixing 6 security issues. The fixes were backported to earlier versions […]
58 queries. 9 mb Memory usage. 1.470 seconds.