Domain Name System Security Extensions or DNSSEC signs DNS Record Sets (RRsets) at each DNS zone level. This allows one to verify the DNS record they are receiving has not been altered.
For example, manage.liquidweb.com has these zone levels:
- Root (.)
- com, org, net
DNS Record Set (RRsets) is a group of records with the same record type, for example all DNS A records are one RRset.
Continue reading “What is DNSSEC?”
Basic Firewall Rules
In a firewall rule, the action component decides if it will permit or block traffic. It has an action on match feature. For example, if the traffic matches the components of a rule, then it will be permitted to connect to the network. It is essential to consider the potential security risks when modifying a firewall rule to avoid future issues. Following best practices for configuring firewalls can help you maximize the effectiveness of your solution.
Continue reading “Best Practices for Firewall Rules”
What is a DDoS, Really?
With all the talk about cyber attacks, cyber terrorists general security across the internet, I thought I’d take a few moments offer some insight into one of the least understood and most prevalent cyber threats on the web, the DDoS.
Continue reading “What is a DDoS?”
If you run WordPress sites you likely know it is critical to make sure that your software is up to date. In fact, you may have automatic updates enabled, so your site updates as soon as WordPress updates are available. If you are running WordPress sites on a Liquid Web product such as our Storm VPS or Dedicated servers, please read on. This article contains critical information for you regarding WordPress 4.9.4 updates and action is required.
For customers on our Managed WordPress or Managed WooCommerce Hosting platforms, we’ll make sure your WordPress install is automatically updated; you do not need to take any action.
WordPress 4.9.4 is now available and addresses a bug in 4.9.3, which will cause automatic updates from WordPress 4.9.3 to fail. This means your site needs to be manually updated to 4.9.4.
Fortunately, updating your WordPress install is pretty simple (We do suggest that you take a site backup before updating, as with any software update.)
- Log into your WordPress admin page (www.yourdomain.com/wp-admin). Once logged in you should see a prompt in the WordPress dashboard, as shown below:
- Click on the Please update now text, which will take you to the WordPress Updates page. You can also click on Dashboard → Updates, where you will be taken to the same WordPress Updates Page.
- Click the Update Now button. The WordPress update will run, and after it completes, you’ll see the page below:
As always, our Helpful Human Support team is standing by to assist you with any questions or concerns, just open a chat, ticket, or call us and we’ll be ready. You can also find more information about this maintenance release on the WordPress.org site.
Liquid Web’s Account Management System has a robust API that allows for accessing your account from outside of the Manage interface. For example, the API can be used to integrate WHMCS directly to your Liquid Web account. To access the API, an API user must first be created for that account.
Continue reading “Creating an API User in Manage”
On an Ubuntu server the default firewall management command is iptables. While iptables provides powerful functionality it’s syntax is often seen as complex. For most users a friendlier syntax can make managing your firewall much easier.
The uncomplicated firewall (UFW) is an alternative program to iptables for managing firewall rules. Most typical Ubuntu installations will include UFW by default. In cases where UFW isn’t included it’s just a quick command away! Continue reading “Installing and using UFW on Ubuntu 16.04 LTS”
What Is PCI Compliance?
For any business that handles Credit Card data, in anyway, there is a set of rules and standards they must follow. These rules and regulations are called Payment Card Industry Data Security Standard. Or PCI-DSS for short, however this is often simplified to just ‘PCI Compliance’.
These standards were put in place by major Credit Card companies to ensure data security. These standardized rules greatly simplify securing credit card data as they allow businesses to track a single standard. In the past each credit card network had their own standard which made it hard for users to be compliant. Continue reading “What Is PCI Compliance?”
Lately there’s been a lot of speculation about Googles up-coming changes to how sites without an SSL are going to be treated. As January draws towards a close we have seen an increase in customers with concerns of how this will affect their site. Both in terms of people being able to see it and how it might affect their search ranking.
This article aims to clear up some of the confusion and to demystify the changes. If you are unfamiliar with how SSL/TLS or HTTPS works please take a look at our article on the subject.
If you aren’t interested in how these changes came about feel free to skip down to: How These Changes Affect Your Site
Continue reading “Will my site be marked unsafe in Chrome 56+?”
Every single day 100s of terabytes of data is being transferred across the internet. In fact, based on Intel’s 2012 report, nearly 640K Gb of data is transferred every single minute. That’s more than 204 million Emails, 47,000 app downloads, 1.3 million YouTube videos watched and 6 million Facebook views. We’re talking about a seriously massive amount of data here. So how do we know if that data is being transferred securely? Enter the SSL/TLS protocols.
Continue reading “How does an SSL work?”
One of the most important things you can do to ensure the security and stability of your Linux server is to keep the kernel updated. Some Kernel updates patch security vulnerabilities and other issues. Kernel patches are released as issues are discovered.
Unless you are regularly checking for kernel updates, or your notified of a security issue, you may not be aware when a kernel update is available. Additionally, since updating the kernel traditionally requires a reboot, the prospect of associated downtime often prevents the updates from being applied as quickly as they should be.
KernelCare changes all that. Continue reading “How KernelCare Protects Your Server”