In this article we’re going to provide a breakdown of each of the components you need in order to have a website on the Internet. When you register a whole new domain and host it all in the same place, it’s not always obvious that the service being provided is actually broken up into multiple…

Read More

This article was originally written in Feb 2014 and receives regular updates as tactics change. Tip: If your website is currently hacked, this isn’t the guide you want. Check out our guide to cleaning a hacked WordPress site. Then come back here to harden it after the website has been cleaned. How and why do…

Read More

While most of these guidelines will help you with any eCommerce application, there will be specific mentions for WooCommerce related plugins as it has (arguably) become the standard for eCommerce on WordPress. Fraud and Website Security The first thing to understand about managing fraudulent transactions is that they don’t directly have anything to do with…

Read More

Heads up for our Divi users (theme and builder plugin) as well as Extra, Bloom, and Monarch plugins. The following alert was sent out on Monday March 11th: Today some of our products were updated to patch a security issue. This issue was patched after being privately disclosed to our team by an independent security…

Read More

Have you ever had an email message bounce back with a cryptic response like “5.7.1 Command Rejected”, or had someone email you only to get a similar message? What’s causing that? Why is it rejected? The answer, more often than not, is that there’s an issue with the sending domain’s SPF Record. So, what is…

Read More

Although we haven’t seen any major reporting on it yet, as of 2017 our servers have detected a massive botnet attacking WordPress installations in an attempt to exploit weak passwords. Our typical firewall rules are configured to allow at most 15 login attempts prior to immediately blocking the IP at the network level. This works…

Read More
How to fix a hacked website

If your WordPress site has been hacked, don’t panic! Just like everything else IT related, solving this is simply a matter of following the right steps. The following guide will help you to fix your hacked WordPress website. About WordPress Hacks It’s important to keep in mind that most WordPress hacks are not targeted: it’s highly unlikely…

Read More

Solution #1: inotify vs gamin If you don’t have it installed already, get python-inotify installed. Fail2ban should then automatically start using that library rather than gamin for log file updates. This is very helpful when it comes to servers with *many* log files. Details on how this is done here. If that doesn’t cut it,…

Read More