check

SOUTHFIELD, MICH. – Future Hosting, a managed VPS and dedicated hosting provider, has warned server hosting clients of the dangers posed by insecure Memcached instances. When configured incorrectly Memcached, a popular caching application, can be used by bad actors to launch massive Distributed Denial of Service attacks (as reported in CSO Online).

Memcached is used by millions of websites around the world. It is a key-value database that caches the results of database queries to accelerate the performance of web applications. Memcached can be configured to accept connections from arbitrary hosts on the open web. Bad actors can use insecure Memcached instances to launch amplified, reflected DDoS attacks against their victims, taking their websites and applications offline.


Memcached is one of many applications that can be used to amplify the bandwidth available to an attacker: open DNS servers and NTP servers are also common vectors. But Memcached is significantly more potent. It can be used to amplify the data in a DDoS attack by a factor of more than 50,000.

“Future Hosting provides server hosting for thousands of businesses, and we’re concerned that insecure Memcached instances pose a serious threat to our clients and other businesses on the web,“ said Maulesh Patel, VP of Operations of Future Hosting, “Memcached is ubiquitous on the modern web because of its usefulness, but less experienced system administrators are not configuring it securely, providing bad actors with a DDoS vector that threatens even the largest online businesses.”

Earlier this year, a popular version control platform was targeted by a record-breaking DDoS attack that peaked at 1.35 TB per second. Soon after, that record was broken by a DDoS attack that used insecure Memcached instances to send 1.7 TB per second to its victim. Few businesses can mitigate attacks of this magnitude.

Future Hosting urges server administrators to ensure that Memcached instances hosted on their servers are configured securely. Memcached should never be reachable from the open internet or configured to respond to requests from arbitrary hosts.

Developers and system administrators without the expertise to securely configure server software should consider hiring a professional system administrator or a managed server hosting provider that can configure a secure hosting environment.

About Future Hosting, LLC
Founded in 2001, Future Hosting is a privately held leading Internet solutions provider specializing in managed hosting, including Dedicated Servers, Virtual Private Servers, and Hybrid Virtual Private Servers. The company has built a strong reputation for its high-quality service, innovative pricing models, and 3-hour Service Level Agreement. Future Hosting is based in Southfield, Michigan.

Read more

Filed under Web Hosting News by on #

Rzeszow, Poland – HostBill, a popular billing and automation software for web hosting industry has recently launched a set of tools integrated with Plesk: Plesk Key Administrator module to resell Plesk licenses and two new extensions to their Plesk module: Plesk DNS Helper and Plesk Service Plan Sync tool.

Plesk Key Administrator
Plesk Key Administrator module for HostBill allows to resell Plesk Software licenses (such as Plesk, Virtuozzo and more) and add-ons. With HostBill the licenses are created, provisioned and terminated automatically, making the reselling process completely hassle-free. The users can also set automatic renewal that could significantly improve the license management process. The end-clients can display the license details, change license IP, check license keys, activation and content in HostBill’s user-friendly client area. The admin panel on the other hand gives full control over the billing information and account lifecycle. The admin can also choose which client area functions end-customers will have access to.


Plesk DNS Helper
Plesk DNS Helper is and extension to the Plesk module and was created to help connect Plesk installations with one of the HostBill-supported DNS services: Power DNS, Power DNS Slave Zones, OnApp DNS, cPanel DNS or any other DNS that HostBill supports.

As Plesk handles DNS really well, but it’s more suited for single-install deployments, HostBill created the extension for users who want to deploy multiple Plesk instances and manage single DNS server (master) rather than multiple ones. The extension also helps to hook up PowerDNS to store slave zones, while the Plesk would keep master zone records.

With the Plesk DNS Helper extension installed in HostBill, any time new DNS zone is created / updated / deleted in Plesk, the extension notifies HostBill about it and HostBill then “decides” what to do next. It can push this zone to real master nameserver, notify secondary nameserver to create/update slave zone and after exporting such zone, HostBill can assign it to the related customer

As a result slave DNS (any supported by HostBill) will be notified automatically about new zones in Plesk or Plesk DNS will not be used to handle DNS queries, but as a source of data for actual DNS server that handles requests.

With this approach you can benefit from flexible & automated DNS templates built into Plesk on any central DNS server you wish to use with it.

Plesk Service Plan Sync tool
Plesk Service Plan Sync tool was developed to help manage service plans and addons changes across unlimited Plesk installations with ease. This extension is a real problem-solver especially for hosting companies that use more than one Plesk installation. This automated tool will help to keep multiple service plans and addons in sync between different installations.

The tool allows to create multiple configurations (for separate Windows/Linux Plesk installations or different installations for different purposes) that consist of Plesk servers. In each configuration you can select source server, that will serve as a source of actual plans & addons configuration. Other Plesk servers within configuration will have plans updated, and missing plans created according to the source plan with a single click of a button.

The Plesk Service Plan Sync tool will track what plans/addons/plan settings are missing or different compared to the source server and show those differences. You can then run a synchronization process and as a result all plans and addons missing will be added to target server and plansand addons with matching names but conflicting configurations will have their configurations updated to match those in source Plesk. Moreover, if you’re syncing Plesk with minor configuration/version/extensions differences you can setup overrides that will be prevented from overwritting when creating/updating plans and addons on this server, as well as when comparing it with target server.

Plesk Service Plan Sync Tool can be of use to you if you want to update your plans in bulk, add new plan to all your installations or add new Plesk installation.

About HostBill
HostBill is a powerful and flexible, all-in-one automation, billing, client management and support platform for online businesses. HostBill handles all aspects of running a successful online business, from client acquisition, through invoicing and payment collection, automated service provisioning and management, to customer service and support. Extensive range of advanced features, multitude of modules and apps and integration with various various control panels, domain registrars, payment gateways, order pages, client panels and more, make it the most comprehensive solution on the market for Hosting, Cloud/IaaS/VPS Solutions Providers, Domain name and SSL Resellers around the globe to automate and manage their online businesses.

Read more

Filed under Web Hosting News by on #

Leading cybersecurity firm Trend Micro has unveiled a new security solution called Deep Security Smart Check, enabling DevOps teams to continuously scan the container images before deployment. Trend Micro already provides Deep Security solution to protect the Docker hosts and containers that run on Linux distributions. The new solution will complement the Deep Security, said Trend Micro. Deep Security Smart Check can scan the container images in private and cloud registries even before they are deployed to production. It detects the malware, assess the vulnerabilities and notifies the users. DevOps teams can visualize the scan results through a dashboard and resolve the security issues in the development cycle itself, rather than after releasing the application. “Container platforms are enabling organizations to achieve faster software development release cycles, and they do not accept slowing down for additional security measures,” said Bill McGee, SVP and GM of Hybrid Cloud Security…
Read more

Filed under Web Hosting News by on #

SOUTHFIELD, MI – Future Hosting, a managed VPS and dedicated server hosting provider, advises Drupal hosting clients who have not patched their site recently to check for signs of compromise or malware infection. Drupal sites that have not been patched against the “Drupalgeddon2” vulnerabilities may have already been compromised.

The Drupal project released a series of patches to fix a remote code vulnerability at the end of March. Further patches will be released on April 25 and sites should be upgraded when the new patches are available.

“Future Hosting is home to thousands of Drupal sites and we’re seeing a constant flood of attacks using this vector,“ said Maulesh Patel, VP of Operations of Future Hosting, “The attacks are so widespread that it is unlikely that any unpatched Drupal site on the web will escape being compromised.”

More than a million websites are based on Drupal. The vulnerability can be used to gain complete access to a Drupal site’s code and data by sending a payload to a known URL — a process that is easy to automate. Patched sites are safe, but unpatched sites are being hacked by automated botnets.

Hosting clients with sites based on Drupal 7 should upgrade to at least Drupal 7.58. Sites based on Drupal 8.5.X should be updated to Drupal 8.5.3. Patches have been released for Drupal 8.4, but earlier 8.X versions are unsupported. Patches are available for Drupal 6 via the Drupal 6 LTS project.

Future Hosting advises that Drupal sites that have not already been patched should be checked for the presence of malware using a reliable malware scanning tool.

About Future Hosting, LLC
Founded in 2001, Future Hosting is a privately held leading Internet solutions provider specializing in managed hosting, including Dedicated Servers, Virtual Private Servers, and Hybrid Virtual Private Servers. The company has built a strong reputation for its high-quality service, innovative pricing models, and 3-hour Service Level Agreement. Future Hosting is based in Southfield, Michigan.

Read more

Filed under Web Hosting News by on #

Washington, D.C. – Any business collecting, storing, processing, or otherwise handling data containing personally identifiable information on European Union citizens needs to plan for the General Data Protection Regulation (GDPR) which comes into effect May 25, 2018.

Open-i Advisors’ new GDPR preparation service makes it easy and affordable to assess how web hosting and cloud computing providers collect, store, and use customer data. Our data consultants are experts on mapping the way your organization uses data, finding possible risks, and determining what steps you can take to mitigate risks. You’ll be presented with a document that can be either assessed by our partner lawyers or your own legal team.


We work with you to create a report that includes:
• A summary of risk points
• A map of data flows by department
• A list of suppliers and other third parties with whom the client may share data (or who may share data with the client) with their GDPR statements included as relevant
• A list of all found public privacy or disclosure statements, ready for review

“By working with Open-i Advisors, you can save time and money by packaging up everything you will need to hand off to legal counsel so that they can address your needs in as low cost a manner as possible,” says Open-i Advisors Co-Founder Christian Dawson. “Our legal partners are experts on GDPR compliance, so if you’re looking for a holistic solution we can provide that as well”.

GDPR preparation from Open-i Advisors provides data expertise when you need it, with a data-consultant led discovery process, to analyze how data is used across your organization. Our process is straightforward and simple:

Initial Compliance Check: We speak with key people at your company to assess your data privacy risks and measure your current privacy controls against the GDPR.

Data Discovery – Internal: An extensive register of your organization’s current data processing activities will be produced, along with a comprehensive visualization of the organizational data life-cycle in its entirety.

Data Discovery – External: Open-i Advisors will do a public search of statements made by your organization, including privacy policy, email submission forms, white paper submission forms, client sign-up forms, etc.

Final Compliance Check: Open-i Advisors will highlight areas of anticipated concern to consider business process changes where necessary, and to discuss with legal counsel.

This GDPR preparation service is offered for a reasonable hourly fee, which will result in a low cost for your company to gain all the insights you need to identify internal changes needed by your organization.

Find out more about GDPR Preparation for Hosting & Cloud Companies here: http://openiadvisors.com/consultancy/gdpr-preparatory-consulting/

About Open-i Advisors
Open-i Advisors is a consulting company focused on Internet-related industries. Its hands-on approach helps organizations manage their customer data and determine their optimum market focus using next-generation industry segment data gathering and analysis. Open-i Advisors industry-expert consultants offer their experience and leverage a process that includes the power of quantitative data to better understand and actualize client goals. For more information, please visit www.openiadvisors.com.

Read more

Filed under Web Hosting News by on #

When it comes to starting your online business, choosing the best domain name, picking a robust website builder and selecting a reliable web hosting are 3 important factors that you need to get right at all costs if you want to achieve success and grow in the online business. Without getting these basic foundation right, you will simply disappear in the sea of other online businesses out there. Thus, today, we’ll tackle one of these factors, which is web hosting and to assist you in making the right choice. One of the major warning signs of a low-quality web host is frequent and unplanned downtime. The result of which is a loss of potential customers, leading to decrease in sales, which could ultimately affect your ROI. Also, a sub-standard hosting provider doesn’t invest in the kind of a robust infrastructure that is essential to keep your website safe from all potential harms and cyber threats. If you are planning on getting a hosting for your site then do check out this infographic…
Read more

Filed under Web Hosting News by on #