Got an email from my hosting company about security....
I'll reproduce it below and omit the name of the company:
As you are aware your website is part of the Global Internet Community. With this comes great responsibilities and duties that every web site administrator must follow. It is crucial that you maintain strong passwords and that you rotate your passwords for both your cPanel and email user accounts. We suggest this is done at least every six months. Use passwords with at least 8 characters, both upper and lower case and a few special characters.
It also very important that you maintain your site files. Simply because you correctly installed WordPress two months ago does not mean that it is secure today. Third party scripts, including plugins and software must be updated and maintained on a regular basis. It is critical for us all to maintain our sites, this will allow us all to host on safe and secure servers.
Is this sort of email pretty common these days ? It's the first one I've ever gotten from them in 8 years. Thanks.
Steve
ManiacJoe
(10,136 posts)However, it is appropriate.
steve2470
(37,457 posts)I just hate updating my site's software. It's pretty tedious.
TygrBright
(20,756 posts)Crackers and spam merchants have become increasingly sophisticated at finding ways to exploit the smallest vulnerabilities to bust open whole nodes' worth of data and hijack vast arrays of computing power.
I'm just surprised you haven't heard from your host in 8 years. I get regular updates from my host on recommended security procedures, and what they are doing to make their servers more secure.
agreeably,
Bright
steve2470
(37,457 posts)This email was directly from the CEO of my company. I guess things finally got so bad that he felt he had to email all of us.
Drew Richards
(1,558 posts)Especially against wordpress and old unupdated java scripts. Everyone is is sending out notifications...
Our new rec is is minimum passwords of 10 characters upper lower symbol and no english words. Different pws for cpanel and sftp access and update your scripts and use correct permissions or we loc your site till its secure...
Currently we are hit by over a million probes a day from china taiwan and amsterdam. Guys we are in a cyber war and no one in gov is really doing anything about it.
I would block all international access to the sites cpanel and sftp my voice switches ect... but management says no...
IP tables and fail2ban work good but id rather just block the whole damn class A's...
All I can say is back up your stuff NOW before you get hacked and wiped out.
steve2470
(37,457 posts)wow !!!!