SpireTech Blog - Category: Web
Topics related to web hosting, design, wordpress, SEO, etc.
You may have heard about a recent vulnerability that has affected Cloudflare, and therefore certain sites that use cloudflare services. Cloudflare is a “Content Delivery Network” or CDN, and is used to speed up websites by acting as a “cache” that sits between your web browser and the certain sites you may visit.
SpireTech does not use Cloudflare services, so none of our data or customer data would have been exposed. However, some customers that host websites with us use Cloudflare – typically this is setup and managed by your web developer. If you fall into that category, you should contact your site developer or SpireTech for advice, which would vary depending on the function of your website.
Despite this not affecting our data directly it may effect many of the sites you frequently visit. If you have accounts with Uber, Yelp, Fitbit, OKCupid, 4Chan, or sites listed at the end of this bulletin, it would be a good idea to go and change those passwords now. Read more...
At Spire, we’re constantly on the lookout for new technology that gives us or our clients the competitive edge. While we don’t want to be bleeding edge, we do want to be ahead of the mainstream. We take vendor and technology selection very seriously, and only a few carefully chosen ones make the cut.
Why are we telling our clients this? We want you to know we aren’t sitting around waiting for technology to pass us by. Investing the time and money to attend conferences like HostingCon regularly is an important part of keeping up with the fast pace of change in our industry.
Many Managed Service providers (MSP’s) are attempting to get into the hosting business, and many Hosting/Cloud companies are trying to enter the managed services space. The lines are getting blurred as technology converges into more “as a service” and cloud. We’re already there, and have been for many years – and while our competitors are trying to figure it out, we’ve already got a solid foundation to build upon. Read more...
used with permission from Norton by Symantec, by Nadia Kovacs
Numerous laws in the U.S. cover Internet, data security, and privacy in the United States, with the 1974 Privacy Act arguably being the foundation for it all. The Privacy Act passed to establish control over the collection, maintenance, use, and dissemination of personal information by agencies in the executive branch of the U.S. government.
The invention of the Internet changed the definition of privacy, and made it necessary to enact new laws concerning electronic communications and security.
Let’s review some of the laws currently in place to provide a more solid idea of your rights as a consumer or businessperson:
Electronic Communications Privacy Act (ECPA)
The Electronic Communications Privacy Act was passed in 1986, and while technology has changed significantly since then, the act has remained the same. The law allows the U.S. government to access digital communications such as email, social media messages, information on public cloud databases, and more with a subpoena. Read more...
by Jeff Graber, Media Services Specialist, Network Management Group, Inc.
One of the big things on business owners’ minds when it comes to their website is making it usable on mobile devices like smartphones and tablets. Here are some ways to make it easier for your viewers to get valuable information from your website while using a mobile device.
Enlarge clickable elements
It is important to keep in mind that nobody’s index finger is as accurate as a mouse pointer. To make it easier for your visitors to use your site, make clickable features like navigation, buttons, and form fields large enough to press.
Though usable on non-mobile devices, dropdown navigation can be the most annoying feature of a website when viewed on a mobile device. This is because there is no way to “hover” over items on a touch screen. Some devices have made it possible to show hover events when an element is pressed and held for a couple seconds, but not everyone has this capability. Read more...
A couple of days ago a new vulnerability was uncovered called “POODLE”. This vulnerability potentially places all web servers at risk that allow lower forms of encryption (SSL version 3). If exploited, data that should be secure could be compromised. There are a couple of things that need to be done to ensure you and your organization are protected.
- If you have a server that is hosting a website of any kind, it should be secured by disabling SSLv3. This includes but is not limited to Microsoft Exchange – Web servers – Small business servers.
- Your computers/devices are also at risk if you connect to a website that has not disabled SSLv3. It is strongly encouraged that you configure your web browser not to allow SSLv3. Please see information below on how to do that.
Windows XP Machines
It is important to note that Microsoft Windows XP machines running Internet Explorer 6 are unable to support any encryption level higher/newer than SSLv3. Read more...
Google announced that websites that use SSL (https) encryption will now be rewarded with better search engine ranking. Right now, the effect is minimal, but over time this will become more important to your SEO efforts. The message is if you aren’t using SSL now, time to start getting your site ready for it.
The Internet search engine Shodan has made a splash by getting a spotlight on multiple blogs and sites like CNN this month. There is a lot of sniffing and crawling that happens on the internet; Shodan’s niche is the darker side of the internet – sites that aren’t meant for public consumption. Major search engines like Google and Bing will not show this type of content when they come across it, but Shodan does.
Some examples of content available through this search engine include results for – networking equipment and printers open to the internet; malware infected tablets and computers that may be exposed without the user’s knowledge; and, on the more unsettling end, control and maintenance systems for public utilities and industrial equipment.
Internet security is a topic we take very seriously. Sometimes it’s difficult to explain that security comes at the cost of convenience and how users would like to work. The knowledge that the internet is paying close attention to small details does well to highlight the impact we weigh in our recommendations. Read more...
Ensuring that your website is protected against hackers is no longer a difficult task. With the fast growth of WordPress sites, protecting yourself from outside intrusion is very important, and is as simple as clicking the update button. WordPress is frequently updated with new feature sets and security patches that protect websites from hackers.
The newest WordPress release, version 3.5.1, fixed several security vulnerabilities that affected all previous versions of WordPress. This vulnerability allowed hackers to remotely scan WordPress sites to search for information that would allow them to deface your website, and upload spam advertisements onto your page. Many sites that are still running older versions of WordPress are at risk of falling prey to these types of attacks simply because their site has not been updated.
We advise all WordPress users to update their site as soon as possible to ensure your website remains in your control.
However, hackers are not simply limited to software vulnerabilities, they can sometimes exploit simple passwords to gain access to your website. Read more...
Google was caught with their hand in the cookie jar, raising a lot of ruckus concerning privacy on the internet. Google claims it sidestepped privacy settings in an attempt to make its “+1” Google+ system work across different browsers. The part where it gets hairy is that the cookies it saved to mark the click could also be seen by their ad agency, DoubleClick, which they can use to track what pages you go to. The research paper that detailed the methods and code behind this practice also found dozens other companies doing the same thing.
There have been a lot of claims and blame going around. Curious about what it all means? We’ll try and break it down for you. Cookies were meant as a way for websites to save a bit of info on a user’s computer to store user preferences and login session data when you log into a site. It can also use this info to see what pages on their site you’re going to. Read more...