All our forward facing servers were patched and TLS1.0 disabled as per PCI compliance guidelines.

As always you can put your Trust in DNI to provide you fast response to your PCI Compliancy issues.

After our vendors released OS patches we patched all servers immediately after. This includes all clients on our bi monthly patching service.

What is glibc?

The glibc library is a core part of the Linux operating system based on the standard C library. This is a critical library and without it Linux will not function.

If you would like to learn about the details of this vulnerability please visit https://community.qualys.com/blogs

We immediately began patching all managed servers on 4/8 as soon as OS vendors published their patches. Any virtual and dedicated server clients on Centos6.5,Redhat6.5,Cloudlinux6.5 are patched and notified about the security concern. If you did not get a notification from us this is because your server was not found to be vulnerable meaning your OS and Openssl version were listed as being safe from the HeartBleed bug.

All our shared hosting domains were not vulnerable at the time of the HeartBleed bug disclosure as our systems did not run the versions that were vulnerable.

If you have any questions. Please put in a support ticket and we will be happy to answer any of your concerns.

Validating a registrant’s email address

• Effective immediately, the registrant contact needs to be validated upon the purchase or transfer of a domain name, or if the registrant’s first name, last name or email address have been modified.

• Reminder emails will be re-sent on days 5, 10 and 13 within the 15-day validation window; messages on days 10 and 13 of this process are sent to the Admin, Tech and Billing contacts as well.

• The same process takes place if a WHOIS Data Reminder Policy (WDRP) notice, 30 day expiration notice or 5 day expiration notice bounce. It’s therefore crucial to ensure that your WHOIS data information is correct.

• Failing to receive a response within 15 days requires us to suspend the domain name. As a result, the name will be placed on ClientHold, rendering the domain name inactive.

• This process applies to all gTLDs. There is no impact to existing names as long as they are not modified, and WDRP/expiration notices do not bounce.

ICANN’s Registrant’s Benefits and Responsibilities.

ICANN’s site for registrant education.

On csf and apf firewalls add to the /etc/csf/csfpre.sh or /etc/apf/preroute.rules

#Attack on wordpress:

/sbin/iptables -I INPUT -p tcp –dport 80 -m string –string “Log+In&testcookie=1” –algo kmp -j DROP

Add this to your modsecurity2 rules:

<LocationMatch “/wp-login.php”>
SecAction initcol:ip=%{REMOTE_ADDR},pass,nolog,id:313371
SecAction “phase:5,deprecatevar:ip.counter=2/30,pass,nolog,id:313372”
SecRule IP:COUNTER “@gt 1” “phase:2,pause:300,deny,status:406,setenv:RATELIMITED,skip:1,nolog,id:313373”
SecAction “phase:2,pass,setvar:ip.counter=+1,nolog,id:313374”
</LocationMatch>

And if all else fails you can block all wp-login.php in the main apache config :

<Files wp-login.php>
order deny,allow
Deny from all
</Files>

or chmod 000 all wp-login.php files:

For clients wanting to secure their wordpress login edit your .htaccess in your ftp folder and add the below with the ipaddress that need to connect to your wordpress login:

<Files wp-login.php>
deny from all
allow from xxx.xxx.xxx.xxx
</Files>

#note this command is for Hsphere clusters change the path to where your web files are located.

find /hsphere/local/home -type f -name ‘wp-login.php’ -print0 | xargs -0 chmod 000

If you have any further questions please dont hestitate to contact us.

He brings in a vast knowledge of hosting, servers, Hsphere, and security management since 1999. His abilities include the ability to troubleshoot Hsphere to a code level with full source access. No more contacting Parallels support for Hsphere problems. Updating packages outside of Hsphere to keep your system far after Parallels drops Hsphere.

Jeffery has produced a number of Hsphere Addons that many hosts use on a day to day basis like Hsphere Stats, Mailfoundry and SpamExperts integration, many different Hsphere skins, Xenserver and many java fixes to the direct code of Hsphere.

Jeffery has worked in a datacenter environment managing over 200 servers, advanced network setups, securiy and monitoring of servers, cloud environment with xenserver and the advanced troubleshooting of os related issues. He helped grow a company from 2 employees to with 2 servers to a 12 employees and cage of 12 racks before the consulting for that contract ended.

Prior to the above Jeffery worked in the credit card industry repairing credit card machines to the component level overseeing 10 technicians. The company had 1 pc and no online presence. He wired a computer in every office all tied to backend server and storage. He built the system to track the repair from entering the door till it left.

There will not be any changes to your services and no migrations to a new facility. The same services you have and the quality and level you expect from DNI will continue. Dec 3rd and future patching will continue as planned. DNI timezone for support hours phone calls will change from EST to CST which should benefit clients on the west coast.

Many clients will be concerned as they have come to love Peter and Laura for the long commitment of service to DNI. Peter and Laura will be in the background for a while to help with business continuity. From Peters own words: “I can’t thank Jeffery enough as he has taught me a lot of what I know about Hsphere and you couldn’t be in better hands to take DNI to the next level.”

Please note DNI address has changed:

Dynamic Net, Inc.
2445 Graystone Drive
Little Elm, TX 75068