security

LiteSpeed Cache for WordPress Security Update: Your Site is Protected

At NoFrillsCloud, we’re committed to keeping your website secure. We recently became aware of a vulnerability in older versions of the LiteSpeed Cache for WordPress plugin. We’ve taken immediate action to protect our customers, and we’ll guide you through any…

Elevating your Website Security with Imunify360

In the dynamic and often perilous landscape of the internet, security is not just an option; it’s a necessity. At NoFrillsCloud, we recognize this imperative and have embedded Imunify360 as a cornerstone of our defense strategy. Imunify360, an all-encompassing security…

We’re Protected from the Log4Shell Vulnerabilities

All of our servers and services are protected from the Log4Shell Vulnerabilities (CVE-2021-44228 and CVE-2021-45046). Apache Log4j is a library for logging functionality in Java-based applications. A flaw was found in Apache Log4j, allowing a remote attacker to execute code on the…

HTTPS is No Longer Optional in 2017

As we usher in the new year, there are major changes coming to the industry which will make SSL Certificates a necessity for every website. These changes are spearheaded by Google and will be rapidly adopted by other web browsers…

We’re Protected from the Dirty COW Vulnerability

All of our servers are fully protected from the Dirty COW Vulnerability (CVE-2016-5195). Dirty COW is a privilege escalation vulnerability in the Linux Kernel which can allow a local user (like a web hosting account) to gain root access to the…

We’re Protected from the HTTPoxy Vulnerability

All of our servers are automatically protected from the HTTPoxy Vulnerability. HTTPoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments which may allow an attacker to proxy outgoing HTTP requests made by your web application, API…

SSLv3 Disabled Due to POODLE Bug

Engineers at Google found a new vulnerability in SSL version 3.0 (SSLv3) and they call it POODLE (Padding Oracle On Downgraded Legacy Encryption). The vulnerability allows an attacker to add padding to a request in order to then calculate the plaintext of…

SSL Transition: SHA-1 to SHA-2

Most, if not all SSL Certificates today are running the SHA-1 cryptographic hash algorithm, which is getting weaker and easier to be attacked.  Google and Microsoft announced SHA-1 deprecation plans that may affect websites with SHA-1 SSL Certificates expiring as early as…

We’re Protected from the Heartbleed Bug

All of our servers are fully protected from the Heartbleed Bug (CVE-2014-0160). The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to…