Nexcess
Nexcess Blog Logo
Category : Security
July 25, 2014

WordPress Vulnerability: Update WPtouch As Soon As Possible

We’ve discussed WPtouch before — it’s a useful plugin for easily equipping a WordPress site with a mobile theme and touch functionality. It was recently reported by the folks over at Sucuri that the plugin contains a vulnerability that could be exploited by users without administrative privileges to upload PHP files to a server. It’s […]

June 06, 2014

Security Vulnerability: All In One SEO Pack WordPress Plugin Users Should Update Immediately

Vulnerabilities have been discovered in the popular All In One SEO Pack WordPress plugin that could allow privilege escalation and cross-site scripting attacks. The plugin has been patched and users should ensure that they immediately update to the most recent version or there is a real risk of their WordPress site being compromised. In a […]

June 05, 2013

More Tips To Keep Your WordPress Site Secure

Update, Update, Update! Everybody has seen this over and over again, and with good reason. WordPress is one of the most widely used Content Management Systems (CMS) for blogging and the security patches provided in their updates can help keep your site secure. The older your WordPress version is the more time there has been […]

July 05, 2012

Important Magento Security Update

Magento recently posted an important security update that affects all versions prior to CE 1.7.0.2 and EE 1.12.0.2. The vulnerability is specifically in the Zend Framework’s Zend_XmlRpc module, which means that any application built on the Zend Framework is potentially vulnerable. See: ZF2012-01 Nexcess implements a Web Application Firewall that should offer protection from this […]

March 30, 2012
By Brad

PCI, Magento, and Storing Credit Card Information

The question of whether you can store credit card information within Magento comes up a lot here at Nexcess. The answer to this question is unfortunately not very clear when looking for an answer elsewhere including on the Magento website. To clarify the answer to this question, there are a few things that need to […]

March 05, 2012

Keeping WordPress Secure

Being one of the most widely-deployed blogging engines around, it’s no surprise that WordPress holds the interests of a wide audience. Unfortunately, not everyone is out to become the next rockstar blogger or tech pundit; the sad truth is that many WordPress installations exist simply to generate revenue through AdSense or other advertising platforms, and […]

December 06, 2010

Securing Magento File & Directory Permissions

By default most software packages are installed with the most lenient file/directory permissions and ownership. This is normally done for the sake of the software developer given that their software must be installed on a range of diverse systems with varying configurations. This article is meant to give you an overview of how to setup […]