Bash Security Vulnerability CVE-2014-6271

  • September 26th, 2014
  • Posted in Security

securityA serious security vulnerability has been found in the GNU Bourne Again Shell (Bash) commonly used on many Linux and Unix systems. The vulnerability was found in the way that Bash evaluates certain environment variables and could allow a malicious attacker to execute shell commands. This vulnerability is being tracked under CVE-2014-6271.

At Simple Helix, we take this matter very seriously. We closely monitor security reports that would affect systems we host and take measures to ensure all systems are patched and up to date. As soon as we learned of this vulnerability, a plan was put in to place to get all servers patched as soon as possible. We are pleased to report that all servers we manage have been successfully patched as of September 25, 2014.

If you are not currently hosting with Simple Helix and are concerned that your server may be vulnerable, now may be a good time to request a hosting quote!

 

Google to Give Search “Edge” To Websites Utilizing Encryption (SSL)

SSLSecure

Google will soon begin using a new ranking signal based on the encryption utilized by websites (SSL and HTTPS). While this move is welcomed by site owners that already make use of encryption, it may serve as a wake-up call for those developers that still do not implement secure connections by default.

For Magento and e-commerce stores, we highly recommend using encryption to protect the checkout process. This is also required for PCI Compliance certification. If your site does not already have an SSL, fear not, you can purchase one directly from Simple Helix! It is also worth noting that many of our new e-Cart plans come with a free standard SSL by default!

Securing E-Commerce Emails with DMARC

Securing E-Commerce Emails with DMARC

2014-07-28_09-14-11

What is DMARC?

As E-Commerce sites have gained popularity in recent years, malicious activity such as spamming and phishing has also been on the rise. DMARC addresses these issues by providing a way for E-Commerce site owners (and mail senders) to protect their end users by securing and verifying communication channels. DMARC stands for “Domain-based Message Authentication, Reporting, and Conformance.”

How does DMARC work?

DMARC works by using both SPF (Sender Policy Framework) records and DKIM (Domain Keys Identified Mail) to inform the receiving server what to do with a message that fails either authentication pass. This helps to prevent fraudulent or harmful spoofing of domain emails and ensures that emails passing the authentication requirements are legitimately send from the actual store or domain.

(more…)

Secure Checkouts in Magento with SSL

An important upgrade that all Magento store owners should consider is the installation of an SSL certificate to provide the secure processing of sensitive information such as credit card data and login credentials. SSL stands for Secure Socket Layer and is used by web servers to encrypt data between the client and server to protect against a wide variety of malicious attacks. Not only will installing an SSL help you gain your clients’ trust and increase your SEO ranking, but it is also required for PCI DSS certification. If you do not already have an SSL, then you can purchase one from Simple Helix directly.

(more…)

Using Two-Factor Authentication with Magento

Magento TipsHumanity has three methods of implementing security and authenticating themselves to a system:

 

  1. Something you know: This refers to a password, PIN or some other knowledge that is kept secret from others that the system knows and can authenticate the user by.
  2. Something you have: The best example of this type of authentication is a debit card or ATM card. The card carries information that it shares with the system, but it must be present and readable for the user to interact.
  3. Something you are: This method refers to a distinguishing characteristic of the user themselves. A fingerprint is probably the most popular example, but other patterns unique from person-to-person include retinas and DNA.

(more…)

Share

  • Recent Posts

  • Archives