Archive for CMS

1021 results.

[20180503] – Core – Information Disclosure about unpublished tags

May22
by Ike on May 22, 2018 at 1:30 pm
Posted In: CMS, Joomla, security, Security Centre
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Moderate
  • Versions: 3.1.0 through 3.8.7
  • Exploit type: Information Disclosure
  • Reported Date: 2018-April-27
  • Fixed Date: 2018-May-22
  • CVE Number: CVE-2018-11327

Description

Inadequate checks allowed users to see the names of tags that were either unpublished or published with restricted view permission .

Affected Installs

Joomla! CMS versions 3.1.0 through 3.8.7

Solution

Upgrade to version 3.8.8

Contact

The JSST at the Joomla! Security Centre.

Reported By: Phil Taylor, JSST

└ Tags:
 Comment 

[20180502] – Core – Add PHAR files to the upload blacklist

May22
by Ike on May 22, 2018 at 1:30 pm
Posted In: CMS, Joomla, security, Security Centre
  • Project: Joomla!
  • SubProject: CMS
  • Impact: High
  • Severity: Low
  • Versions: 2.5.0 through 3.8.7
  • Exploit type: Malicious file upload
  • Reported Date: 2018-March-14
  • Fixed Date: 2018-May-22
  • CVE Number: CVE-2018-11322

Description

Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.

Affected Installs

Joomla! CMS versions 2.5.0 through 3.8.7

Solution

Upgrade to version 3.8.8

Contact

The JSST at the Joomla! Security Centre.

Reported By: Demis Palma, JSST

└ Tags:
 Comment 

[20180501] – Core – ACL violation in access levels

May22
by Ike on May 22, 2018 at 1:30 pm
Posted In: CMS, Joomla, security, Security Centre
  • Project: Joomla!
  • SubProject: CMS
  • Impact: High
  • Severity: Low
  • Versions: 2.5.0 through 3.8.7
  • Exploit type: ACL violation
  • Reported Date: 2018-March-08
  • Fixed Date: 2018-May-22
  • CVE Number: CVE-2018-11323

Description

Inadequate checks allowed users to modify the access levels of user groups with higher permissions.

Affected Installs

Joomla! CMS versions 2.5.0 through 3.8.7

Solution

Upgrade to version 3.8.8

Contact

The JSST at the Joomla! Security Centre.

Reported By: Matias Aguirre, JSST

└ Tags:
 Comment 

WordPress 4.9.6 Privacy and Maintenance Release

May17
by Ike on May 17, 2018 at 7:21 pm
Posted In: Backups, CMS, PHP, Releases, security, Wordpress

WordPress 4.9.6 is now available. This is a privacy and maintenance release. We encourage you to update your sites to take advantage of the new privacy features. Privacy The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25. The GDPR requires companies and site owners to be transparent about how they collect, […]

└ Tags:

Hi, I’m Phil. How can I help?

May17
by Ike on May 17, 2018 at 6:00 pm
Posted In: Apache, CMS, Community, cPanel, cpanel community team, cPeople, Events, helping, phil hodges, Releases, security, System

Greetings and Salutations! Hello everyone! My name is Phil, and I am the newest member of the Community team at cPanel! I’m very excited to join the Community Team and work with everyone who touches cPanel & WHM! I have worked in the web hosting industry for about 7 years. My roles have included frontline support, system administrator, and communications. I’ve been very lucky in taking two things that I love (arguing and the internet) …

└ Tags: , , ,
 Comment 

Git Version Control series: What is Git?

May16
by Ike on May 16, 2018 at 6:00 pm
Posted In: Apache, CMS, Community, cPanel, cpanel git integration, Events, GIT, Git Version Control, Products, Releases, security, System, version 72

This is the first in a series of blog posts around Git and a new feature coming in version 72, Git Version Control. Watch for a new one every Wednesday!  If you follow our feature request site, you already know about our upcoming feature, Git Version Control. We’re designing it to make hosting repositories as easy for developers as a “Hello World!” script. Before we send the feature your way, though, we want to …

└ Tags: , , , ,
 Comment 

Introducing mod_cpanel

May10
by Ike on May 10, 2018 at 6:18 pm
Posted In: Apache, CMS, Community, cPanel, ea4, easyapache, Events, mod_cpanel, optimize .htaccess, Products, Releases, security, System

As of the second cPanel & WHM Targeted Security Release of 2018 (TSR-2018-0002), the Optimize .htaccess feature was removed from all supported cPanel & WHM versions. This difficult decision was the result of some security concerns with its implementation. In its place, we have released the mod_cpanel Apache module. This module will begin to improve upon the features that Optimize .htaccess provided. What is Optimize .htaccess and why is cPanel replacing it? When we released it, …

└ Tags: , , , ,
 Comment 

Are you coming to cPConf 2018?

May09
by Ike on May 9, 2018 at 6:00 pm
Posted In: 2018 cPanel conference, Apache, CMS, Community, cPanel, cPanel Conference, cPConf, cpconference, cPeople, Events, Releases, security, System

The Annual cPanel Conference is a staple in the webhosting community. Last year’s conference was such a blast! We met so many new people and got to catch up with all our old friends. The details of this year’s cPanel Conference (October 1-3, in Houston, Texas) are falling into place, and we’re looking forward to having you join us! Who will be there? Companies and disciplines from every corner of the hosting industry will be represented.

└ Tags: , , , ,
 Comment 

Zero to WordPress

May08
by Ike on May 8, 2018 at 6:00 pm
Posted In: Apache, CMS, Community, cPanel, digital ocean, Events, Products, Releases, security, System, Wordpress, wordpress manager

Here at cPanel, Inc., we want to empower our users to take control of their own cPanel & WHM server. This can seem very daunting at first, but we are here to show you anyone can build a cPanel & WHM server with a WordPress site. We will be addressing some very technical topics, but have linked additional tutorials with more information. Let’s begin! Getting Started By the end of this tutorial, you will have purchased …

└ Tags: , , ,
 Comment 

Joomla 3.9 and Joomla 3.10

May08
by Ike on May 8, 2018 at 9:00 am
Posted In: CMS, Community, Joomla, Joomla! Official News, Releases
Joomla 3.9

As you most probably know, the General Data Protection Regulation (GDPR) will enter into force on 25 May, 2018.
Joomla, listening to its users, intends to integrate a Privacy Tool Suite in the Joomla CMS to facilitate the compliance of your sites and to make developers’ life easier to get their extensions compliant.

└ Tags:
 Comment 

Update on GDPR Progress

May07
by Ike on May 7, 2018 at 6:26 pm
Posted In: Apache, CMS, Community, cPanel, cPeople, Events, GDPR, general data protection regulation, Releases, security, System

It’s been just about two months since our last update. Our GDPR compliance efforts are moving quickly. We are in the final stages of preparing a privacy policy that meets the requirements of the U.S. / EU / Swiss Privacy Shield process. If are a customer, and you need an advance copy of our privacy policy to facilitate your GDPR efforts, please email gdprquestions [at] cpanel.net. Data processing agreements We will soon be updating our …

└ Tags: , ,
 Comment 

Hi, I’m Megan! How can I help?

May03
by Ike on May 3, 2018 at 4:00 pm
Posted In: Apache, CMS, Community, community manager, cPanel, cPeople, Events, Releases, security, System

Greetings! Hello everyone!  My name is Megan and I’m the newest Community Manager to join the team at cPanel.  I’m really excited to join the team and ready to hit the ground running. I have a background in community outreach and digital marketing. Over the last year and a half, I became involved in the startup and tech community by participating in hackathons, organizing events, and learning to code. I am also one of the curators for Houston Startup Digest. My hobbies …

└ Tags: ,
 Comment 

The Month in WordPress: April 2018

May02
by Ike on May 2, 2018 at 8:30 am
Posted In: Backups, CMS, Month in WordPress, PHP, Releases, security, Wordpress

This past month saw a lot of preparation for upcoming events and releases across the WordPress project. Read on to find out more about these plans, and everything else that happened around the community in April. The WordPress 15th Anniversary is Coming On May 27 2018, WordPress will turn 15 years old — this is […]

└ Tags:

The new and improved cPanel & WHM Version 70

May01
by Ike on May 1, 2018 at 5:09 pm
Posted In: Apache, CMS, Community, cPanel, Events, ProdDevSec, Products, release, Releases, security, System, v70

It’s been almost two months since we announced the delay of cPanel & WHM Version 70. In that time, we’ve done a whole lot of work. We’re entering brand new territory for us, and Version 70 is at the center of it all. Why the Delay? In late January of this year, we found a performance issue in our backup system that we needed to address before v70 went to the RELEASE tier. Our research revealed …

└ Tags: , , ,
 Comment 

Celebrate the WordPress 15th Anniversary on May 27

Apr20
by Ike on April 20, 2018 at 9:07 pm
Posted In: Backups, CMS, Events, PHP, Releases, security, Store, Wordpress, wp15

May 27, 2018 is the 15th anniversary of the first WordPress release — and we can’t wait to celebrate! Party time! Join WordPress fans all over the world in celebrating the 15th Anniversary of WordPress by throwing your own party! Here’s how you can join in the fun: Check the WordPress 15th Anniversary website to see […]

└ Tags: , ,

The Death of SquirrelMail

Apr19
by Ike on April 19, 2018 at 6:45 pm
Posted In: Apache, CMS, Community, cPanel, end of life, EOL, Events, Products, Releases, security, SquirrelMail, System, webmail, Webmail Apps

As of cPanel & WHM version 74, we will begin to deprecate our support of SquirrelMail, one of our bundled webmail applications. We expect to stop shipping SquirrelMail for new installations of cPanel & WHM in version 76 and will remove our support with version 78. As this change will disrupt many users, we are taking this opportunity to explain the reasons behind our decision. We also are opening a dialogue with you, our community, about …

└ Tags: , , , , ,
 Comment 

Joomla 3.8.7 Release

Apr18
by Ike on April 18, 2018 at 1:45 pm
Posted In: CMS, Community, Joomla, Joomla! Official News, Releases
Joomla 3.8.7

Joomla 3.8.7 is now available. This is a bug fix release for the 3.x series of Joomla including over 70 bug fixes and improvements.

└ Tags:
 Comment 

GDPR Compliance Tools in WordPress

Apr12
by Ike on April 12, 2018 at 8:11 pm
Posted In: Backups, CMS, Features, PHP, Releases, security, Wordpress

GDPR compliance is an important consideration for all WordPress websites. The GDPR Compliance team is looking for help to test the privacy tools that are currently being developed in core.

└ Tags:

Prevent Outgoing Spam from Webmail Accounts

Apr12
by Ike on April 12, 2018 at 4:00 pm
Posted In: Apache, CMS, Community, cPanel, Events, Products, Releases, security, System

  We’ve added greater flexibility to how cPanel users can manage, protect, and administer email addresses on their mail server. You can now suspend or queue the outgoing mail from a single email account on your server. In case you’re not already familiar with the full administrative capabilities of Webmail, here’s a short run down. Receive Notifications of Send Limits Get alerts about accounts that are sending massive amounts of emails by entering Tweak Settings …

└ Tags:
 Comment 

Problem with Recent EasyApache Update

Apr04
by Ike on April 4, 2018 at 5:21 pm
Posted In: Apache, CMS, Community, cPanel, Events, Products, Releases, security, System

Last night, we pushed an update to EasyApache4 wherein after the update was installed Apache service may fail to restart properly. Upon checking the Apache error log, you may see error messaging similar to the following: Server xxxxxxx.com Primary IP Address xxxxxxxxxx Service Name httpd Service Status failed Notification The service “httpd” appears to be down. Service Check Method The system failed to connect to this service’s TCP/IP port. Reason Service check failed to complete …

└ Tags:
 Comment 

WordPress 4.9.5 Security and Maintenance Release

Apr03
by Ike on April 3, 2018 at 7:56 pm
Posted In: 4.9, Backups, CMS, PHP, Releases, security, Wordpress

WordPress 4.9.5 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented […]

└ Tags: ,

How and Why to Build an EDGE Server

Apr03
by Ike on April 3, 2018 at 4:00 pm
Posted In: Apache, CMS, Community, cPanel, edge-tier, Events, how to test cpanel, Products, Releases, security, System, testing cPanel server, Tips & Tricks, update cpanel

* This post was originally posted on September 27, 2016, and has been updated for accuracy.  The Tiered Release System The tiered release system was introduced early in the development of cPanel & WHM. We knew it would be important to appeal to all types of users, from the risk-taking early adopters to the stability-seeking delayers. Each tier represents a different risk vs reward ratio, and today we’re here to talk …

└ Tags: , , , , ,
 Comment 

The Month in WordPress: March 2018

Apr02
by Ike on April 2, 2018 at 8:00 am
Posted In: Backups, CMS, Month in WordPress, PHP, Releases, security, Wordpress

With a significant new milestone and some great improvements to WordPress as a platform, this month has been an important one for the project. Read on to find out more about what happened during the month of March. WordPress Now Powers 30% of the Internet Over the last 15 years, the popularity and usage of […]

└ Tags:

Training Your Employees in cPanel & WHM: Best Practices

Mar27
by Ike on March 27, 2018 at 4:00 pm
Posted In: Apache, CMS, Community, cPanel, cPanel University, cPeople, Events, Releases, security, System, training

  There are multiple factors that contribute to your hosting company’s success. One undeniable factor that separates good hosting providers from great hosting providers is the level of technical support they provide their customers. Providing customers with easy, fast solutions when they need it is the best way to increase loyalty, retention, as well as promote evangelism for your business. We want to make sure your technical support staff is at …

└ Tags: , ,
 Comment 

Conferences, cPanel, and CloudFest 2018

Mar20
by Ike on March 20, 2018 at 7:36 pm
Posted In: Apache, cloudfest, CMS, Community, cPanel, cPConf, cpconference, cPeople, Events, Releases, security, System

Last week was the annual CloudFest conference (previously WHD.global) in Rust, Germany. cPanel, Inc. was a Diamond Sponsor, and we showed up in force! Twenty-seven eager cPanel employees from four departments came along. We all got to meet with existing and potential customers and to pass out some pretty handy gloves. Celebrate the Cloud! Most of us in the technology industry have a love/hate relationship with …

└ Tags: , , ,
 Comment 

[20180301] – Core – SQLi vulnerability User Notes

Mar13
by Ike on March 13, 2018 at 1:45 pm
Posted In: CMS, Joomla, security, Security Centre
  • Project: Joomla!
  • SubProject: CMS
  • Impact: High
  • Severity: Low
  • Versions: 3.5.0 through 3.8.5
  • Exploit type: SQLi
  • Reported Date: 2018-March-08
  • Fixed Date: 2018-March-12
  • CVE Number: CVE-2018-8045

Description

The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the User Notes list view

Affected Installs

Joomla! CMS versions 3.5.0 through 3.8.5

Solution

Upgrade to version 3.8.6

Contact

The JSST at the Joomla! Security Centre.

Reported By: Entropy Moe

└ Tags:
 Comment 

Joomla 3.8.6 Release

Mar13
by Ike on March 13, 2018 at 1:45 pm
Posted In: CMS, Community, Joomla, Joomla! Official News, Releases
Joomla 3.8.6

Joomla 3.8.6 is now available. This is a security fix release for the 3.x series of Joomla addressing one security vulnerability and including over 60 bug fixes and improvements.

└ Tags:
 Comment 

General Data Protection Regulation and cPanel

Mar06
by Ike on March 6, 2018 at 6:30 pm
Posted In: Apache, CMS, Community, cPanel, cPeople, Events, Partners & Customers, Releases, security, System

As the internet evolves — so do the policies that govern the way we store and share information. One of the latest policies to come into effect is the General Data Protection Regulation. This policy, also known as GDPR, comes out of the European Union and its goal is to protect certain types of personal information.  We began preparing just over a year ago for this regulation, which comes …

└ Tags: ,
 Comment 

The Month in WordPress: February 2018

Mar01
by Ike on March 1, 2018 at 8:41 am
Posted In: Backups, CMS, Month in WordPress, PHP, Releases, security, Wordpress

Judging by the flurry of activity across the WordPress project throughout February, it looks like everyone is really getting into the swing of things for 2018. There have been a lot of interesting new developments, so read on to see what the community has been up to for the past month. WordPress 4.9.3 & 4.9.4 […]

└ Tags:

53 queries. 10 mb Memory usage. 0.370 seconds.