Nexcess
Nexcess Blog Logo
Category : Security
July 16, 2015

WordPress' New Security Czar Is Good News For The WordPress Community

WordPress is a complex software ecosystem. Its huge userbase and an active developer community numbering in the tens of thousands make for a potential security nightmare, but, in fact, it functions surprisingly smoothly. For users who hear only about the most recent security vulnerability, it might not appear so, but the widespread publicity of security […]

July 14, 2015

New Magento Community Edition Security Patch Released — Immediate Patching Is Advised

Magento has made available a new patch bundle that addresses several serious security vulnerabilities. Magento CE & EE users should update immediately to ensure that their eCommerce store and its users are not put at risk. Among the vulnerabilities addressed are the potential leaking of customer information and cross-site scripting vulnerabilities. The patch bundle — […]

May 22, 2015

Magento Releases New Patch Bundle To Address Multiple Security Vulnerabilities

Magento has released a bundle of patches that fix several vulnerabilities. The vulnerabilities addressed by the patch can be exploited by attackers to disclose confidential information and execute code remotely. The bundle (SUPEE-5994) can be downloaded here and should be applied as soon as possible by users of Magento Community Edition and Magento Enterprise Edition. […]

May 20, 2015

Backing Up Your WordPress Database The Right Way

One of the most heartbreaking experiences I’ve had when advising people about WordPress was with a friend of mine who had spent weeks setting up her site, writing content, and posting images, only to lose everything just as she was about to launch because she mistyped a command on her VPS’s command line. Of course, […]

April 27, 2015

Magento Shoplift Vulnerability – Download Patch Now

A patch has been released to fix a remote code execution vulnerability in both Magento Enterprise and Community Editions. In February, Check Point researchers announced that they released details of the critical RCE (remote code execution) vulnerability in the Magento platform. Checkpoint originally found this exploit back in February and contacted Magento privately regarding the […]

April 21, 2015

We’ve Brought Two-Factor Authentication To Magento!

We’re happy to announce that we’ve brought two-factor authentication to Magento in partnership with Magento development agency Human Element. This new plugin, named Sentry, will allow Magento retailers a solution for secured, two-factor authentication. Two-factor authentication offers enormously enhanced security for Magento eCommerce stores. Passwords alone have never been a great way to handle secure […]

December 17, 2014

Why Is It So Important To Keep A WordPress Site Updated?

If you don’t update your WordPress site, it may be vulnerable to hackers. Updating a WordPress site is one of those tedious tasks that has to be done, but doesn’t usually confer any obvious benefit. Sometimes you’ll get a new feature, but most of the time, you hit the update button, the site prints out […]

September 24, 2014

Protect Your WordPress Sites With Two-Factor Authentication

The Heartbleed bug was one of the worst online security vulnerabilities in recent memory, allowing an attacker to read chunks of a server’s memory that might contain private keys, authentication credentials, and other sensitive data. In the wake of Heartbleed, it’s a good time for WordPress site owners to audit their security procedures and implement […]

September 10, 2014

WordPress Users Should Ensure Theme-Bundled Slider Revolution Plugins Are Up-To-Date

Most WordPress users knows that WordPress plugins should be updated. Updates frequently include patches that fix security vulnerabilities. Part of every WordPress user’s routine should include regular plugin and core updates. But there’s another source of potential vulnerability that WordPress users may not be aware of: many themes include bundled plugins and those plugins are […]

July 25, 2014

Recent Exploit using Fake Magento Extensions

We are publishing this post in the hope that all Magento users can utilize this information to determine if their site has been compromised and take the steps required to correct the problem. We were recently contacted by a client regarding a Common Point of Purchase Investigation that was initiated by a credit card issuer. […]