Recent Posts

    Authors

    Published

    Tag Cloud

    Important notice about the Heartbleed bug for stSoftware customers

    Overview

    The Heartbleed Bug is a recently discovered vulnerability in the OpenSSL cryptographic software library used by many of the world’s web servers to secure information using TLS. If the web site is vulnerable then a hacker could expose 64k of the server's memory without any trace in the server's logs. The server's memory exposed could include the server's private encryption key or other information such as usernames and passwords. 


    by:Tina Odling - 11 Apr 2014
    What are the security, back-up, disaster recovery and firewall services?

    Security

    Industry standard best practice for passwords for both the web server and Linux machines. Site designers do not have direct access to the underlying Linux server, the raw database or files. All changes are done within sandbox of the system. 


    by:Tina Odling - 26 Nov 2013
    Block hack attempts from all foreign & unknown locations.

    The file /etc/hosts.deny on Unix/Linux can block login attempts based on counties. The below is a simple host.deny file to block all countries but your own ( in my case Australia), sure this is not the whole answer to securing a system but it sure cuts down the number of hack attempts.

    sudo vi /etc/hosts.allow

    #
    # hosts.deny This file describes the names of the hosts which are
    # *not* allowed to use the local INET services, as decided
    # by the '/usr/sbin/tcpd' server.
    #
    # We will block *all*

    by:Nigel Leck - 25 Jul 2013