Recent Blog Updates
- New Offering - GoogleDrive Integration Written on Monday, 20 June 2016 08:38
- The beauty of Open Source Written on Thursday, 17 September 2015 22:43
- Do we do WordPress? Written on Tuesday, 21 July 2015 10:06
- On the naming of Governors Written on Tuesday, 30 June 2015 20:12
- Statutory Information for school websites Written on Tuesday, 23 June 2015 14:29
- Parrot needs your help! Written on Friday, 19 June 2015 09:14
- What's a decent school blog page like? Written on Tuesday, 12 May 2015 10:08 Read more...
- The fastest Google result ever? Written on Saturday, 15 November 2014 10:05 Read more...
- Shellshock bug and your Website Written on Sunday, 14 September 2014 10:07 Read more...
- Social Networks - thoughts for Schools Written on Monday, 06 January 2014 10:06 Read more...
- Ditch paper-based newsletters? Surely not? Written on Tuesday, 19 February 2013 10:04 Read more...
Shellshock bug and your Website
25th September 2014
This past week has seen much important news concerning a bug termed "Shellshock" that affects a massive number of web sites around the world, including those that we provide for schools and businesses. Spme security experts have warned that it is significantly worse than Heartbleed, a different web vulnerability which caused huge panic this year because Shellshock theoretically allows attackers to take over websites remotely.
We won't go into the technicalities of the whys, whats and hows of Shellshock, suffice to say it is very serious and of not correctly managed by web hosting companies can expose the servers where websites are hosted to all manner of compromise.
At Tapiochre, we build websites which we host on servers at one of four hosting environments. We use different hosting sites to not only build some resilience into our service offerings, but also to accommodate specific requirements that particular companies provide in comparison to others. Also, from time to time, our customers will choose the hosting company for their websites before approaching Tapiochre.
We wish to reassure our web customers that we work closely with and monitor the way our hosting partner delivers their shared hosting services and below we outline how they are responding to the Shellshock issue.
Heart Internet reports:
"We have kept on top of the exploit and security issues since the vulnerability was first highlighted earlier in the week within the Linux community. If you have a shared hosting account with us, you do not need to take any action.
All Heart Internet infrastructure and shared web hosting servers were patched on 24.09.2014 as soon as the initial vulnerability CVE-2014-6271 was announced. Furthermore, all Heart Internet infrastructure and shared web hosting servers were patched on the morning of 26.09.2014 as soon as updates for CVE-2014-7169 were available.
Please rest assured that Heart Internet will be keeping even closer watch on the situation and will implement any further security patches as needed; any updates will be added to the bottom of their blog post at this link."
Leave a comment
Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.