Security Alert for CMS based Websites

Tweet

Your Immediate Attention Required! If your website runs on an open source Content Management System (CMS) installation such as WordPress, Joomla, Drupal or others, PLEASE UPDATE YOUR SOFTWARE NOW.

Recently we noticed an increase in compromised websites that have been built based on an open source CMS. "Open source" means that the code that your software and website runs on is open for everybody. Also, the popularity and large volume of users make WordPress, Joomla and Drupal the first and easiest targets for hackers.

The good news is that WordPress, Joomla and Drupal developers always release new patches when potential security threats arise. Users simply need to upgrade to the latest version to protect against the vulnerability. Upon releasing new versions of patches, WordPress, Joomla and Drupal places a notification on the dashboard of the admin panel. The installation of these new releases is as simple as a single click.

If you are running a very old version or if you would like more help with updating your CMS, please follow the instructions provided by the software developers:

• WordPress Update [ http://codex.wordpress.org/Updating_WordPress ].
• Joomla Update [ http://docs.joomla.org/Upgrading_from_an_existing_version ].
• Drupal Update [ https://www.drupal.org/upgrade ].

Please keep in mind that it is your responsibility to ensure the security of your website and CMS installation. If we detect an account compromise or receive 3-rd party reports about malicious content, we reserve the right to disable your hosting account to protect the integrity of our network. We also reserve the right to charge a Cleanup Fee before performing any scans and removing malware and malicious files from the account.

Here are some important tips that will help you keep your website and account secure:

1. Always KEEP UP TO DATE WITH THE LATEST VERSION of your CMS software, all related plugins and themes.
   
   
2. Make sure that any computers legitimately allowed to access your hosting account and admin area in your CMS have been updated (operating system updates, browser updates, application updates, anti-virus and malware scanners updates) and cleaned from viruses and malware. NO ONE CAN PROTECT YOU FROM COMPROMISES IF THERE IS A VIRUS OR MALWARE ON YOUR COMPUTER.
   
   
3. Use a strong password and protect your login form from a Brute Force Attack:
   • WordPress [ http://codex.wordpress.org/Brute_Force_Attacks ]
   • Joomla [ http://extensions.joomla.org/extensions/access-a-security/site-security/login-protection ]
   • Drupal [ https://www.drupal.org/project/login_security ]
   
   
   
4. Read and implement security recommendations from your CMS developer:
   • WordPress [ http://codex.wordpress.org/Hardening_WordPress ]
   • Joomla [ http://docs.joomla.org/Security ]
   • Drupal [ https://www.drupal.org/security ]

Additionally, we recommend activating the CloudFlare service for your hosting account. It will give you an additional and good layer of security, plus faster loading performance for your website. CloudFlare is located in the Software/Services section in your cPanel and you can learn more about it on this page [ http://www.skgoldhosting.com/cloud-web-hosting.html ].

If you require any assistance please contact us via a support ticket system.

Kind regards,
SKGOLD® Hosting
www.skgoldhosting.com