SYSTEM STATUS AND HOSTING NEWS
|24 Aug 2017|
Thu 2:00 PM
| ||Cedar server issues|
The Cedar server has been having short periods of instability recently. The server admins found a few IPs causing hits to the Apache service and a bad drive in the raid array, together caused sudden spikes. The abusive IPs were blocked and we will be replacing the bad drive so that the server performance will be optimal after the array rebuild is complete. Our monitoring team is keeping a close eye on the server in the mean time.
W2-S Internet Services wishes to thank you for your patience in this matter while it is being resolved.
|21 Dec 2015|
| ||Important Security Note for Joomla users|
The team at Joomla has released a new version of their software to address a critical vulnerability in versions 1.5 to 3.4. If you have Joomla installed on your hosting account you need to update Joomla as soon as possible to protect your site and the server.
You can read more about this vulnerability at the following URLs:
|24 Jul 2014|
Thu 11:00 AM
| ||WordPress Malware|
Please be aware, we have seen a recent increase in the following attack, detailed at http://blog.sucuri.net/2014/07/malware-infection-breaking-wordpress-sites.html
Please ensure all plugins, themes and core installations of Wordpress are up to date.
For anyone using WordPress who has been a victim of hackers - this plugin could help with the cleanup: http://blog.sucuri.net/2013/10/cleaning-up-your-wordpress-site-with-the-free-sucuri-plugin.html
Please note, we don't offer any support for it, and we haven't extensively tested it. Use it at your own risk.
Update: Sucuri have posted some information regarding what could have possibly caused this.
To clarify, it's not possible for an account on the same server on our systems to compromise another account, unless it's all hosted under the same cPanel username (example, addon domains, subdomains, etc).
This is however a plugin to consider updating immediately.
|14 Apr 2014|
Mon 10:00 AM
| ||Heartbleed Bug Security Threat|
As has been widely reported in the media, a vulnerability was discovered last week in OpenSSL (Version 1.01 and beta 1.0.2), the software that is used for encryption across much of the Internet.
We want to reassure you that the majority of the servers we use where not affected by this issue as they did not use the version of the technology that was affected. The server that was affected was patched last week.
While we have no indication the vulnerability was taken advantage of, we always encourage regular password changes.
|10 Jul 2013|
| ||WordPress Exploit - Please check your sites|
If you have WordPress installed on your website, please go check you are running the latest version of WordPress (currently version 3.5.2). It is important that you do this RIGHT NOW.
There is an attack taking place and it is affecting a LOT of WordPress installations across multiple servers because people have not been keeping their WordPress installations up to date.
If you find your site has already been hacked please contact support.
|12 Apr 2013|
| ||WordPress/Joomla Admin Access|
We are seeing increased traffic to a large number of WordPress sites on our shared hosting platform. The attack is not unique to ourselves and is affecting many hosting providers worldwide. When accessing your WordPress Admin Area you may find that you are prompted for a username and password not previously required. The credentials for this login are:
As soon as normal service is resumed, this prompt will be removed and the above credentials will no longer be required. We appreciate your patience during this time, and we will update this page once this has been resolved.
In addition it is recommended that you make sure you have a very secure password using letters, numbers, upper and lower case letters, and special characters such as )@!, etc. It is also recommend to NOT have a username of "admin."
More info from this TechCrunch article
Update: We are currently seeing further attempts from a large scale botnet targeting Joomla/Wordpress Administration areas. This attack has recently increased its hit rate and we have taken action to protect the targeted areas from these attacks. As a result of this you may now find you are prompted to pass a CAPTCHA check when attempting to login to your Wordpress / Joomla website.
|26 Aug 2011|
| ||Domain Renewal Group letters|
The Domain Renewal Group (and various similar companies such as Domain Registry of America) have been sending out a lot of letters recently to our clients with .com, .net and .org domains. Their "courtesy" letters are made to look like renewal invoices or bills but are actually forms for transferring the domains away from your current supplier. Our clients are free to move their domains away from us at any time but you should be aware that the renewal fees charged by these companies are usually much higher than what we would charge so we wouldn't recommend it. You also have to question their unethical methods to have you transfer your domain to them.
If you bought your domain through W2-S Internet Services then you can safely bin these domain notices. Just google "Domain Renewal Group" if you want to see what other people think of these letters. If in doubt please contact us.
|11 Feb 2011|
| ||Fake mails alert|
We're seeing an increase in fake mails again from criminals trying to steal your web hosting passwords. These emails should be ignored and deleted.
Subject: Your your-domain.com account information has changed
New secret questions were added to your your-domain.com account.
To ensure that your account information remains accurate and secure we notify you whenever this information changes.
This change request was made on [a random date]
If the changes described above are accurate, no further action is needed. If anything doesn't look right, follow the link below to make changes:
[link to a fake site requesting your login details]
your-domain.com Account Services
All genuine emails sent by W2-S Internet Services come from w2s.net and usually refer to you personally by name and will have the proper contact details in the email's signature. Keep your login details secure.
|13 Jan 2010|
| ||Spoof "mailing service" emails alert|
Please be aware that recently there has been a sharp increase in fake emails suggesting that your "mailing service" has had a security upgrade. These emails then usually ask the user to click on a link to apply the new settings. The link itself is spoofed to look like it is from your own domain (or ours), usually in the form of http://firstname.lastname@example.org, but is actually linking to an externally compromised host that we have no control over. The emails usually end along the lines of "Best regards, your-domain.com Technical Support," where your-domain.com is your actual domain.
Please note these emails are fake and designed to trick the user into logging on to a phishing site or compromise your computer. Please delete these emails and DO NOT click on the link or submit any login information to a 3rd party. If you think you have submitted your login details via one of these emails please change your email and FTP passwords as soon as possible via your site's control panel and contact us.
All genuine emails sent by W2-S Internet Services come from w2s.net and usually refer to you personally by name and will have the proper contact details in the email's signature.