Security
SSLs Explained!
With Apple’s Safari and now Google Chrome actively warning users if a site is not encrypted now is a good time learn about SSLs. Fortunately the folks at ManageWP have put together this great article which goes into detail about the differences between SSLs. The article covers the differences between free and paid certificates and…
Read MoreMeltdown and Spectre Vulnerabilities: On it.
This week a web vulnerability was discovered that impacts virtually every processor manufactured since 1995. The vulnerability is being referred to as “Meltdown” and “Spectre”. Of course, we want you to know that we’ve got you covered. Most of our servers run a variant of the RedHat Linux operating system which released patches for the…
Read More[nginx/php-fpm] curl: (56) SSLRead() return error -9806: how we fixed it
tl;dr: Back up /etc/nginx, uninstall nginx, install the latest version of nginx, restore your /etc/nginx backup. Recently our own site was experiencing SSL connection issues. We first noticed it in Safari when connecting to wavemotiondigital.com and another site we host on the same server, both using SSLs. Oddly enough, another site hosted on the same…
Read MoreCodeinWP: Are Maintenance Companies worth the Money or DIY?
Since we launched SononaCare we have noticed an uptick in companies offering similar plans. This is a solid indicator of the growing demand for WordPress security. WordPress has always touted itself as being simple to use and it is — until something goes wrong. Nobody dreams of getting a WSOD (White Screen of Death) with no or outdated backups and…
Read MoreUse rsync & WP-CLI to painlessly move a WordPress site without plugins
Moving a WordPress site from one domain to another has always been a pain, since WordPress stores hashed information based on the length of the domain name in the database. Not being bound to a single domain name is one of the things that Drupal and Joomla get right and makes it easy for developers…
Read MoreSurprise! WordPress 4.7.5 is here!
On the evening of May 16th, 2017 around 6:30 PM notifications began rolling in that WordPress 4.7.5 update was available. There have not been many details about the update but this is not the first time WordPress has released an update with an undisclosed patch included. WordFence, also released a statement about the release which we encourage…
Read More5/12/17: Massive Global Windows Ransomware Attack Underway
WordFence sent the following alert today: A massive global ransomware attack on machines running the Windows operating system is underway and spreading quickly. We have published a public service announcement that gives you a high level overview of the attack along with advice on how to protect yourself. Please be vigilant when opening attachments from…
Read MoreSononaCare, PHP7, CentOS 7, Free SSLs, Piwik and more!
Today we dropped quite a few announcements for our customers. In this blog post we will break down each point individually and go a bit more in-depth on the topics covered. SononaCare We previously performed maintenance and updates to client sites as a courtesy to our customers. The update process, however, has become complex requiring constant attention…
Read MoreWordFence: 5 Security Questions For Your Hosting Company
The folks at WordFence have a new blog post that caught our attention titled 5 Security Questions For Your Hosting Company. We read it with interest and can would like to take this opportunity to answer all of their questions: The first question is a multi-part question so we are going to break it down…
Read MoreBIG WordPress Vulnerability Patched in 4.7.2
The release of WordPress 4.7.2 fixed 3 issues which were made known a fourth critical issue with the WordPress REST API which could result in an unauthorized privilege escalation (in normal-people terms: “somebody could post to your site who did not have permission to do so”). The guys at WP Tavern have an in-depth article on the vulnerability. As…
Read More