WordPress Login DDoS

Along with many other web hosts around the world we are currently seeing a DDoS attack targeting WordPress installations on shared hosting.

Some hosts have starting removing access to either the WordPress Admin or the “wp-login.php” script, but this then means you can’t update your site if you want to.

At this time we are adding extra security to try to prevent this, but may take further measures later today if this continues. Further updates for our clients will be available in our Network Status area of our Portal.

Non SSL content on SSL Pages will be blocked

It’s been a pet annoyance at BetterWebSpace in recent years to see secure websites (those protected by an SSL certificate) have insecure elements on them. Stylesheets, images and external references are the most common culprits simply because they haven’t been referenced securely.

Firefox 23 will block these elements by default (and it may only be a matter of time before other browsers follow suit!), so it’s time to start cleaning up those references…

(more…)

WordPress 3.5.1 – Upgrade now!

WordPress is our preferred blog/cms platform here at BetterWebSpace, as such we install it for a lot of clients and have it as an easy install in our control panel.  For these reasons we feel it’s only right that when a security update is released we comment on it here!

(more…)