Important WordPress Security Update

posted by on 2013.04.16, under Stuff Related to Service, Uncategorized
16th
FacebookTwitterGoogle+LinkedInDiggEmail

If you’re a customer who uses WordPress, you have probably already noticed the issues concerning logging into your WordPress control panel.

We wanted to send out this notification to alert anyone who hasn’t been briefed on the situation, as well as give some additional explanation about what is going on, how we’re handling it, and why we’re handling it in this manner.

  • A global brute force attack on WordPress’ wp-login.php file began on April 11th. This attack affected WordPress users worldwide and was experienced by virtually every web hosting company.

    • A ‘brute force’ attack is when an automated program (sometimes referred to as a ‘botnet’) repeatedly attempts to log into a password protected site by trying different passwords over and over again until it finds the right one.
  • We implemented a server side check to reduce the number of wp-login requests, but found that the attack started to increase the time between login attempts.
  • On April 12th, we noticed the botnet activity ramped up dramatically, and we were forced to block all traffic to wp-login pages. This was a temporary solution that remedied the brute force attack in the following ways:

    • Customer WordPress sites were able to stay up and running
    • All incoming brute force requests were stopped
    • This also kept out any unwanted, malicious intrusions into our customers’ sites
    • By blocking the malicious incoming traffic, it also stopped the slowness issues we were having on our Linux servers.

In the meantime, we began collecting attackers’ IPs so we could start blocking them.

  • On April 13th, we began using the data we’d collected on the attackers’ IPs to begin blocking them from connecting to our servers. This was a slow process that took time to refine and put in place as a permanent solution.
  • On April 16th, we removed the block on each server for wp-login once the new system was implemented across all of our servers. Users should now be able to log into their WordPress sites. Once you log in, we recommend that you change your password to something very strong (e.g. a mixture of upper and lowercase letters, numbers, and special characters like #, $, and &). You can find instructions on how to change your password here: http://codex.wordpress.org/Resetting_Your_Password.

The tactics used in the attack are changing daily (sometimes even hourly), and we are responding with adjustments of our own. While we currently have the situation under control, we are still watching and reacting to the attack to make sure it doesn’t begin affecting our servers again.

Although we can’t announce too many details about our attempts to block the attack (because we don’t want to give too much information to the attackers), we still want you to know that we are aware of the situation, and are working on it. Keep an eye on the status blog for major updates as the situation progresses.

Thank you for your patience as we continue to defend against this attack.

Sincerely,

Lisa Grice

Director of Customer Operations

Host Excellence

FacebookTwitterGoogle+LinkedInDiggEmail

Take Your Eyes Off That Ball And Read This!

posted by on 2012.12.30, under Uncategorized
30th
FacebookTwitterGoogle+LinkedInDiggEmail

The New Year’s ball, that is.

 

It’s New Year’s!  A happy time?

 

It’s a time for remembering.  A time to celebrate.  For a lot of us, it’s also a time for making resolutions that seem to get harder and harder to keep every day past the day we made them.

 

So, in light of that, I’ve decided to focus less on correct grammar, and more on what makes happy times even more happier.  And no, it’s not drinking and getting all crazy…

 

It’s gratitude.

 

This year will bring us a slew of fantastic stuff; new products we’re excited about, like our money-saving Domain Club, or our brand new account control panel (which you may have already read about). And, as always, we will continue to expand and improve our hosting services (I’ve even heard rumors about a new hosting control Panel in the works).

  

 

Happy people make better partners, parents, business owners, thinkers, and overall, people. That’s why my goal for 2013 is, simply, to be happier!  You can do it, too!

 

Just be grateful for everything you have and to never stop searching for things in your life that make you happy.  If you spend your time concentrating on the good around you, your world will, in turn, be more positive toward you.



 

Hopefully, as you search for the positive things around you to be grateful for, you’ll get so good at it that the bad things just fade to the background.  It’s easy to lose sight of the fact that there’s plenty for us all to appreciate.

 

We’re extremely thankful to have you as our customer and our companion in doing better things with the Internet.

 

I hope 2013 will be a happy year for you.

 

What’s your resolution this year?  Anything specific involving your business or website? Leave your answer in the comments and we’ll try and respond to each one!

 




Fathi Said
Happy Host Excellence Leader

 



PS:  I thought you might find this interesting; this Christmas I got myself these neat “prism glasses.”  They’re kind of bizarre, but they’re also uber-cool and I love them.  Go ahead and check them out; you might like them just as much as I do!

  

 

PPS: Hey, if you want to read more about happiness and warm, fuzzy feelings (and who doesn’t?) I’d really suggest reading “The Happiness Advantage”.  It’s very insightful and has inspired me in many ways.  In fact, I will be using my new prism glasses to read it in bed!

FacebookTwitterGoogle+LinkedInDiggEmail

HE Is First!

posted by on 2009.05.18, under Uncategorized
18th
FacebookTwitterGoogle+LinkedInDiggEmail
first-place

First Place - Woo Hoo!

Well, we did it again folks!

HE is the first American web hosting company to introduce Alipay as a method of payment for our customers. “What is Alipay?” you ask. Alipay is the preferred method of payment for China. Think of it as their PayPal. It is well known and trusted, and gives the Chinese consumer peace of mind when it comes to online purchases. It makes buying from America much more attractive.


Next question you’re probably asking yourself is “Why am I reading about a service I will never need?” Promoting the use of Alipay is not the intention of this blog (Actually we rely heavily on messenger pigeons to do the bulk of our promotions). The real purpose of this blog is to show you HE’s flexibility and responsiveness to you, our customers.


One of our Chinese affiliates asked us to consider offering Alipay. According to an article in China Tech News , the number of members have grown from 57 million in 2008 to over 150 million as of April of this year. Alipay reaches more than half of the people who use the web in China. Also of interest are the demographics of Alipay members. They are young (83% are between 21 and 35) and their spending is increasing faster than other segments of the population.


So, a few weeks after the original request – we are the first American Web Hosting company to offer this payment method!

Thanks for taking the time to read this. Feel free to send your ideas or suggestions by responding to this post. We might not be able to adopt all your ideas but at least you know we listen!


Jeremy Fox

Affiliate Manager

FacebookTwitterGoogle+LinkedInDiggEmail

pagetop