If you’ve performed a fresh cPanel & WHM installation recently, you may have noticed how much faster the process is. Aside from a lot of under the hood magic (no, not really), an impressive amount of work and planning over multiple years of cPanel & WHM was required. Currently, the time to install cPanel & WHM on a brand new server is averaging between 3 and 15 minutes. That’s a pretty drastic reduction from the 60-90 …
Read this article in English La bijouterie en ligne française CLEOR, active dans 136 bijouteries, a été infectée d’un skimmer JavaScript. Le code malveillant injecté est conçu pour envoyer les données bancaires aux criminels sur le formulaire de paiement en ligne légitime de Cleor. Skimmers sur les boutiques en ligne Cette attaque compte de nombreuses […]
WordPress 5.2.1 is now available! This maintenance release fixes 33 bugs, including improvements to the block editor, accessibility, internationalization, and the Site Health feature introduced in 5.2. You can browse the full list of changes on Trac. WordPress 5.2.1 is a short-cycle maintenance release. Version 5.2.2 is expected to follow in approximately two weeks. You can download […]
Both PHP 5.6 and PHP 7.0 reached End of Life at the beginning of the year, and are no longer receiving any security patches from PHP. With cPanel & WHM Version 80 moving to the current tier, we are also encouraging users to upgrade to supported PHP versions in EasyApache 4. To help with that, we are removing PHP 5.6 and 7.0 from our default EasyApache profiles. This change only impacts servers running our default …
The fourth edition of WordPress translation day is coming up on Saturday 11 May 2019: tomorrow! Get ready for a 24-hour, global marathon dedicated to localizing the WordPress platform and ecosystem. This event takes place both online and in physical locations across the world, so you can join no matter where you are! The WordPress […]
In Joomla 3.9.3, the vulnerability of insecure deserialization when executing Phar archives was addressed by removing the known attack vector in the Joomla core. In order to intercept file invocations like file_exists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling. The used implementation however is vulnerable to path traversal leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file.
Joomla! CMS versions 3.9.3 through 3.9.5
Upgrade to version 3.9.6
The JSST at the Joomla! Security Centre.
Version 5.2 of WordPress is available for download or update in your WordPress dashboard. New features in this update make it easier than ever to fix your site if something goes wrong. There are even more robust tools for identifying and fixing configuration issues and fatal errors. Whether you are a developer helping clients or you manage your site solo, these tools can help get you the right information when you need it.
The debug views of com_users do not properly escape user supplied data, which leads to a potential XSS attack vector.
Joomla! CMS versions 1.7.0 through 3.9.5
Upgrade to version 3.9.6
The JSST at the Joomla! Security Centre.
The second release candidate for WordPress 5.2 is now available! WordPress 5.2 will be released on Tuesday, May 7, but we need your help to get there—if you haven’t tried 5.2 yet, now is the time! There are two ways to test the WordPress 5.2 release candidate: try the WordPress Beta Tester plugin (you’ll want […]
This past month has been filled with anticipation as the community builds up towards a big new release, plans some important events, and builds new tools to grow the future of the project. WordPress 5.2 Almost Due for Release WordPress 5.2 is due for release on May 7 with many new features included for developers […]
The post Cloudflare Releases New Warp VPN appeared first on Plesk.
The first release candidate for WordPress 5.2 is now available! This is an important milestone as we progress toward the WordPress 5.2 release date. “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.2 is scheduled to […]
One of the more popular topics talked about amongst the cPanel Community is AutoSSL, a tool that automatically installs domain-validated SSL certificates for cPanel services and users’ websites. Since we haven’t touched on AutoSSL on our blog for a bit, some of the recent changes added to cPanel & WHM have created an opportune time to revisit one of cPanel’s most popular features. What is AutoSSL? AutoSSL is the solution for one of the most prominent SSL pain points for cPanel & …
Arguably, one of the most requested and popular feature requests submitted for cPanel & WHM has been the addition of the NGINX web server as an alternative to Apache. We have good news for those of you that have been asking: NGINX is coming. Note: as NGINX support on cPanel & WHM servers is still experimental, it will not be available in the WHM graphic user interface right away. Be advised that this is a representation of …
We’ve talked about SSL (secure socket layer) certificates both on the cPanel blog and at the 2018 cPanel Conference in Houston, Tx as well as many other avenues at length. The importance of having an SSL for services and websites on your server cannot be understated. One of the most common support requests for both hosting providers and end-users is: once an SSL certificate is installed for your website, how do you redirect traffic to …
Netcraft has found that Halifax has been left vulnerable to convincing impersonation attacks for five years. The operator of a website promoting Spanish hotels is able to send and receive emails on the official Halifax online banking domain, and get legitimate security certificates issued for the same domain.
WordPress 5.2 Beta 3 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site to play with the new version. There are two ways to test the latest WordPress 5.2 beta: try the WordPress Beta Tester plugin (you’ll want […]
The post Your Automatic Server Update to Plesk 17.8 appeared first on Plesk.
The $.extend method of JQuery is vulnerable to Object.prototype pollution attacks.
Joomla! CMS versions 3.0.0 through 3.9.4
Upgrade to version 3.9.5
The JSST at the Joomla! Security Centre.
The “refresh list of helpsites” endpoint of com_users lacks access checks, allowing calls from unauthenticated users.
Joomla! CMS versions 3.2.0 through 3.9.4
Upgrade to version 3.9.5
The JSST at the Joomla! Security Centre.
The Media Manager component does not properly sanitise the folder parameter, allowing attackers to act outside the media manager root directory.
Joomla! CMS versions 1.5.0 through 3.9.4
Upgrade to version 3.9.5
The JSST at the Joomla! Security Centre.
Last year, we shared “7 Ways We’ve Improved Email Hosting on cPanel & WHM” and we looked at some cool features for email accounts. After much improvement, we felt that Plus Addressing was an interesting enough feature to include as a blog post! So what is plus addressing? Known officially as subaddressing, plus addressing delivers mail in a particular way so that you can better organize incoming mail. Additionally, plus addressing is used as a method to …
WordPress 5.2 Beta 2 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site to play with the new version. There are two ways to test the WordPress 5.2 beta: try the WordPress Beta Tester plugin (you’ll want to […]
The post “Cybersecurity is changing; We need new protection strategies” – Say CloudLinux (Imunify360) appeared first on Plesk.
WordPress 5.2 is targeted for release at the end of this month, and with it comes an update to the minimum required version of PHP. WordPress will now require a minimum of PHP 5.6.20. Beginning in WordPress 5.1, users running PHP versions below 5.6 have had a notification in their dashboard that includes information to […]
WordPress reached a significant milestone this month. With some exciting developments in Core, an interesting new proposal, and the return of a valuable global event, March was certainly an interesting time. WordPress Now Powers One-Third of the Web WordPress’ market share has been steadily increasing, and as of halfway through this month, it powers over […]
WordPress 5.2 Beta 1 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site to play with the new version. You can test the WordPress 5.2 Beta two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge […]
“Eating your own dog food” is a popular practice amongst companies where the employees are encouraged, and often do, use their own product in real life scenarios. The phrase “eating your own dog food” was purported to have been coined in the 1970s when television advertisements for Alpo Dog Food. Spokesman Lorne Greene pointed out that he had fed Alpo to his own dogs. Another possibility, even stranger, was a story of the president of …
In 2018, cPanel, with their longterm partner CloudLinux, began offering Imunify360 as a featured security product. With cPanel & WHM Version s82 or 84, we are integrating ImunifyAV into all cPanel & WHM servers. Imunify360 is a product set from our industry partner CloudLinux and will provide all customers with the most effective malware detection solution in the industry. We have spent years working extensively with the development teams at CloudLinux on a variety of …
53 queries. 9.75 mb Memory usage. 0.992 seconds.