Articles tagged "Security"

This weblog brings you news on Greenhost and recent developments in the areas of sustainability, privacy, web hosting, Internet and anything else we think is relevant.

Page 1 of 2

Next page

Basic firewalling on your VPS

By default we do not filter traffic. However, if you have a VPS, you maybe want to block unwanted traffic or you would like to only allow traffic from specific sources. This blog explains a bit the basics of firewall configuration on a Greenhost VPS. This document assumes a Debian or Ubuntu based system, however, the basics are similar on all Linux based operating systems

What is a firewall

A firewall controls traffic flowing into, leaving or going through your VPS. This manual will discuss only traffic going into your VPS and does not focus on filtering outgoing or forwarding/routing traffic...


Unencrypted connection closed for POP, IMAP and FTP

From now on it it's no longer possible to make an unencrypted connection with our servers (POP, IMAP and FTP). As mentioned in our newsletter about the GDPR we had to close the unencrypted connections with our mail-server and ftp-server for security reasons.

This means that email programs with incorrect settings are no longer able to fetch email from our server. This is for both POP3 and for IMAP connections. Also email programs on smart phones and tables need to have an secured connection with our servers from now on.

FTP programs who still use an unencrypted connection for FTP, can't reach...


PHP 7.2 available

From today, PHP 7.2 is available in our Service Centre. Log in as webmaster in the Service Centre and go to Hosting, Management and adjust the PHP version to PHP 7.2 for your entire hosting package.

On our helpdesk pages you will find a manual on how to change this setting.

After switching the PHP version, we recommend to check for any problems immediately. There is a small chance to experience problems due to deprecated functions on your site(s). We also advise to immediately update your CMS (Content Management System, for example WordPress or Joomla) and all plug-ins you may have installed...


Spam bomb, powered by your website?

Mainly by using WordPress sites and newsletter sign up forms a huge amount of unwanted email is being sent. In most cases the owners of these sites don't know they are contributing to this problem.

In the rest of this blog post we will look at the reason for this abuse, how you can see if you are contributing to this problem too and how you can prevent it.

Unwanted email sent from hosting packages

Recently we've been getting more complaints (via Feedback loops) about unwanted emails being sent from the web hosting packages of our customers. We always look into these complaints seriously.


Time line update severe CPU Intel bugs

As you may have read or heard, the Register announced several severe security problems with Intel processors, which are affecting nearly all computers with modern Intel processors (link below). This means an emergency maintenance window is scheduled from tomorrow onwards (January 4th), which can lead to downtime for your website or Virtual Private Server(s) outside the normal maintenance window. Please see below for more details.


From now on you can't send any unidentified e-mails from a non-existing email address

To meet the standards we did a necessary update on our SMTP mail server on the 21th of December. This means that from now on you can't send any unidentified emails from a non existing email address. The exceptions to this are the following types of addresses: webmaster@…, noreply@…, no-reply@…, wordpress@…, cron@…, and root@….

Do you still want to use a non existing e-mail address you can simply add a wildcard/catch-all email address. When that is set, all the emails to addresses on this specific domain will be accepted and email can be sent from all possible addresses.
You can create a wild...


Watch out for domain fraud!

Already in June 2016 we posted a blog about domain fraud (in Dutch). Lately we are again receiving several phone calls from customers because scammers are trying to sell them a domain. Don't buy it!


Six mobile device security tips

Your smart phone contains a lot of your private data. But do you know how and where your data is stored? Who has access to it? How do you protect your data from third parties that are trying to collect it?

Smart phone operating systems do not give you much control over your data by default, but with minimal effort you can gain control over your data and your mobile device's behaviour. Following up the six tips below will make it a lot harder for data hoarding advertising networks to get to your private data and helps protect you against dragnet surveillance.


TLS certificates, for everyone!

As you could read in our blog post from a couple of months ago we have been working on incorporating Let's Encrypt's free TLS certificates in our hosting environment.

TLS certificates are needed for a safe and good website. With it, you will have improved security, more privacy and higher search engine rankings. Please read our previous blog post for a detailed summary of how TLS certificates work. Green lock icon in URL bar

Today (December 19, 2016), we are pleased to announce that these certificates are now available for everyone in a public beta. Using TLS makes your website more secure. You can recognise that TLS...


Deprecation old PHP-versions

Several versions of PHP will be deprecated soon. This may mean that you will have to change your PHP-version as well. For those readers wondering what PHP is and what this may mean for you, I will briefly explain in this post.


Page 1 of 2

Next page