Liquid Web’s Account Management System has a robust API that allows for accessing your account from outside of the Manage interface. For example, the API can be used to integrate WHMCS directly to your Liquid Web account. To access the API, an API user must first be created for that account.
On an Ubuntu server the default firewall management command is iptables. While iptables provides powerful functionality it’s syntax is often seen as complex. For most users a friendlier syntax can make managing your firewall much easier.
The uncomplicated firewall (UFW) is an alternative program to iptables for managing firewall rules. Most typical Ubuntu installations will include UFW by default. In cases where UFW isn’t included it’s just a quick command away! Continue reading “Installing and using UFW on Ubuntu 16.04 LTS”
What Is PCI Compliance?
For any business that handles Credit Card data, in anyway, there is a set of rules and standards they must follow. These rules and regulations are called Payment Card Industry Data Security Standard. Or PCI-DSS for short, however this is often simplified to just ‘PCI Compliance’.
These standards were put in place by major Credit Card companies to ensure data security. These standardized rules greatly simplify securing credit card data as they allow businesses to track a single standard. In the past each credit card network had their own standard which made it hard for users to be compliant. Continue reading “What Is PCI Compliance?”
Lately there’s been a lot of speculation about Googles up-coming changes to how sites without an SSL are going to be treated. As January draws towards a close we have seen an increase in customers with concerns of how this will affect their site. Both in terms of people being able to see it and how it might affect their search ranking.
This article aims to clear up some of the confusion and to demystify the changes. If you are unfamiliar with how SSL/TLS or HTTPS works please take a look at our article on the subject.
If you aren’t interested in how these changes came about feel free to skip down to: How These Changes Affect Your Site
Continue reading “Will my site be marked unsafe in Chrome 56+?”
Every single day 100s of terabytes of data is being transferred across the internet. In fact, based on Intel’s 2012 report, nearly 640K Gb of data is transferred every single minute. That’s more than 204 million Emails, 47,000 app downloads, 1.3 million YouTube videos watched and 6 million Facebook views. We’re talking about a seriously massive amount of data here. So how do we know if that data is being transferred securely? Enter the SSL/TLS protocols.
Continue reading “How does an SSL work?”
One of the most important things you can do to ensure the security and stability of your Linux server is to keep the kernel updated. Some Kernel updates patch security vulnerabilities and other issues. Kernel patches are released as issues are discovered.
Unless you are regularly checking for kernel updates, or your notified of a security issue, you may not be aware when a kernel update is available. Additionally, since updating the kernel traditionally requires a reboot, the prospect of associated downtime often prevents the updates from being applied as quickly as they should be.
KernelCare changes all that. Continue reading “How KernelCare Protects Your Server”
The concept of ‘Kernel hotpatching’, sometimes called live patching, was introduced to the Linux community around 2008. Soon after groups began developing differing implementations of the concept. KernelCare, one of the more popular implementations, was originally released in March 2014 by Cloud Linux, Inc. Continue reading “What Is KernelCare?”
Information on CVE-2015-5154 was made public on July 27, 2015. The vulnerability is in QEMU, a generic and open source machine emulator and virtualizer that is utilized by Xen, KVM, and other modern hypervisors / virtualization platforms.
Specifically a flaw with how QEMU’s IDE subsystem handles buffer access while processing certain ATAPI commands, exploitation can allow for the execution of arbitrary code on the host with the privileges of the host’s QEMU process corresponding to the guest.
- Made public on July 27, 2015
- This flaw exploits QEMU, a generic and open source machine emulator.
- Allows for an attacker to execute arbitrary code outside of their own virtual machine.
A patch is available, and Liquid Web’s Heroic Support has proactively scheduled a reboot to patch all affected servers.
- These instructions are intended specifically for checking your version of cPanel or WHM via the command line or the WHM dashboard.
- I’ll be working from a Liquid Web Managed CentOS 7 server, and I’ll be logged in as root.
Step #1: Log In to WHM
First log in to WHM. You’ll arrive at your WHM dashboard:
This error relates to logging into phpMyAdmin, an open source tool used for the administration of MySQL.
Once in awhile, perhaps on a Development server, MySQL won’t be setup with a root password. The aforementioned configuration is generally thought of as against best practices however, if it is what you’re dealing with, then it could also interfere with phpMyAdmin.
- These instructions are intended specifically for solving the error: Login without a password is forbidden by configuration (see AllowNoPassword).
- I’ll be working from a Liquid Web Self Managed Ubuntu 15.04 server, and I’ll be logged in as root.
The error will read “Login without a password is forbidden by configuration (see AllowNoPassword)” as shown below.