28 apr

[Global] Critical cross-site scripting vulnerability detected in WordPress [Update]

Time: April 28, 2015 10:00:00 (CEST)
Dear LeaseWeb Customer,

We would like to inform you about a critical cross-site scripting vulnerability detected in WordPress open-source blogging tool and content management system (CMS).

This vulnerability could allow an attacker to send a comment long enough to force the backend MySQL database to truncate what is stored.

We strongly advice you to push the latest update (WordPress 4.2.1) if you are running an older WordPress version.

For more information on this bug, please refer to the following website: https://wordpress.org/news/2015/04/wordpress-4-2-1/

12 sep

Vulnerability found in WordPress 3.6 and lower: Upgrade necessary

One of the most popular CMS'es around the world is WordPress, a powerful PHP-based blogplatform. This popularity comes at a price however: WordPress is a popular choice for abuse and exploits.

The most recent version 3.6 was released last August, but contains a vulnerability allowing hackers in certain circumstances to gain unauthorised access to the system. A couple of weeks ago there was a storm of brute force attacks on the WP password page, now a vulnerability is discovered that exploits on of its plugins.

The vulnerability itself is not directly exploitable; lax user input checking in plugins however does allow this vulnerability to be exploited.

At least one popular plugin exists that elevates this vulnerability to Remote Command Execution. The name of the plugin is unknown and will not be disclosed at this time, as there are too many vulnerable WordPress installations online.

However, it is just a matter of time before the vulnerability can be exploited, so upgrading WordPress to version 3.6.1 is highly advisable.

More information and technical details regarding this vulnerability can be found here: http://vagosec.org/2013/09/wordpress-php-object-injection/

If you have any questions regarding this posting or would like additional support from us, please send an e-mail to support@.

23 aug

WordPress sites vulnerable to bruteforce attack

Sites around the world based on WordPress, one of the most successful Open Source CMSes, are currently experiencing abuse in the form of a bruteforce attack on the login page.

This attack consists of an overload of login attempts on the site, thereby slowing down or even disabling the site under attack.

In order to prevent your site from becoming unavailable we strongly advise you to pay attention to good security measures such as keeping up with WordPress updates as well as theme updates and plugin updates.

Next to keeping up with updates we would like to advise you to look into additional measures for improving security such as deploying plugins like Better WordPress Security, which can be found on http://wordpress.org/plugins/better-wp-security/

A temporary measure to reduce the risk level straightaway is to limit the addresses from where the loginpage can be reached to only your own IP-addres or IP-addresses.

For setups using the Apache webserver one would edit the file .htaccess which can be found in the root folder of the WordPress install and add the following lines:

<Files ~ “^wp-login.php”>
Order Deny,Allow
Deny from all
Allow from 172.16.12.1
</Files>

The line 'Allow from 172.16.12.1' indicates the address from which it is possible to reach the login page, all other addresses will be denied access. Multiple lines are allowed, one for each address you wish to grant access.

Please note: Replace the IP-address in the above example with your own when copying these lines.

If you're unsure what your current IP-address is please visit http://www.whatismyipaddress.com/. This page will show you your current IP-address.

If you have any questions regarding this posting or would like additional support from us, please send an e-mail to [email protected].

15 okt

[ Storing (Update)] Netwerkproblemen

Helaas hebben we op dit moment netwerkproblemen, waardoor sites verminderd bereikbaar zijn. We werken keihard aan een oplossing.
Op dit moment werken de Magento App servers niet. PHP sites (Joomla/Wordpress e.d.) in segment 1 zijn wél bereikbaar.
Bekijk via het Service Panel van welk cluster uw site gebruik maakt: https:/service.byte.nl/protected/export/clusters.cgi?type=html