There has been a Linux Platform hack gathering speed in the last few weeks which has already affected a couple of reputed Web Hosting companies in the industry. While there is no clarity on the exact method of the attacks, they seem to be targeting various plugins that might be part of the applications running on your Customers’ websites.
Much like the Gumblar attacks around the same time last year, we suggest that you warn your Customers and ask them to keep the Web Applications running on their websites up to date. This includes WordPress installations, or any other CMS which needs regular updates.
Here are a few things that you can ask your Customers to keep in mind:
- Always keep strong FTP Passwords (changing these from time to time is a good practice)
- Scan your local system with a good AntiVirus and Malware remover to make sure the system is infection free (Especially the machine used to upload data)
- Avoid 777 permissions on any file or folder
- Using SFTP will also help in preventing these infections
On our part, you can rest assured that we are taking all measures possible to avoid any such hack on our servers. We have various security mechanisms in place that block these malicious actions from taking shape and we have also implemented various automated and periodic scans which identify any such patterns and cut them out from the root.
Fortunately, we do not have any instances of such an attack on our servers yet. While we are doing everything we can to safeguard you from such an attack, we will need you to be vigilant and proactive in taking all precautionary measures.