- These instructions are intended specifically for transferring files between servers via rsync and SSH on Linux.
- I’ll be working from a Liquid Web Core Managed CentOS 7 server, and I’ll be logged in as root.
Two-factor authentication (also known as 2FA) means that instead of just a password (one factor), you will need two factors (password, plus a rotating authentication token) to login to your Manage account. Only the correct combination of the first and second factors will allow you to log in. Two-factor authentication is more secure than one-factor authentication.
VENOM, or Virtualized Environment Neglected Operations Manipulation, was made public on May 13, 2015. The vulnerability is in QEMU, a generic and open source machine emulator and virtualizer that is utilized by Xen, KVM, and other modern hypervisors / virtualization platforms.
Specifically a flaw with how QEMU handles out-of-bounds memory access, exploitation can cause the entire hypervisor to crash and may allow an attacker to access other virtual machines outside of their own.
A patch is available, and Liquid Web’s Heroic Support has proactively scheduled a reboot to patch all affected servers.
The popular WordPress plugin WP Super Cache has been found to have a cross-site scripting (XSS) vulnerability in versions prior to 1.4.4. On sites with outdated versions, it is possible for an attacker to take complete control of the WordPress site. Please note: this vulnerability only affects users which have installed WP Super Cache. However, if you are unsure if you use the plugin or not you should still take precautions to protect your site.
Thankfully, this is vulnerability is simple to address; version 1.4.4, available now, contains a patch.
Hopefully, you’re already well-versed in logging into your WordPress site as an administrator!
If there is an update for a plugin or a theme, then you’ll likely have a number in the top bar and next to Updates as shown below (the number 5). Click on
Check the box for
And at the end of the update process you should receive something similar to,
Trying a new server is a breeze, and it’ll be up and running in only a few minutes...
Updating glibc on Fedora Linux is a very simple process. Most commonly you will use the following command in the case of a security vulnerability, or perhaps just to verify that you’re running the most up-to-date library:
A vulnerability found in the glibc library, specifically a flaw affecting the gethostbyname() and gethostbyname2() function calls, that allows a remote attacker to potentially execute arbitrary code. CentOS 5, CentOS 6, and CentOS 7 are potentially affected, thus we want to highlight the following information.
Liquid Web package repositories have been updated. Many servers (barring those with updates disabled) have received an update that patches this vulnerability, however, a reboot will still be required in those cases.
Updating glibc on Red Hat Linux or CentOS Linux is a very simple process. Most commonly you will use the following command in the case of a security vulnerability, or perhaps just to verify that you’re running the most up-to-date library: