Most Wanted Web Services Blog

Most Wanted Web Services hosting, web design, and Real Estate website blog.

Protect Your WordPress Install Against “Yoast” SQL Injection

At Stallion Online Services, WordPress hasn't been our software of choice, maintaining that WordPress has some SERIOUS sercurity issues. If you are running a WordPress site, please read the following, as a serious security issue has been discoved in Yoast. If you’re using a version of the popular WordPress SEO plugin Yoast prior to 1.7.3.3, you and your site are vulnerable to a blind SQL injection attack. What damage can the vulnerability cause? The issue with Yoast can lead to a database breach and exposure of confidential information. “The orderby and order GET parameters are not sufficiently sanitised before being used within a SQL query.” Read the full security  advisory  here. A particular GET request causes the SQL query to execute and sleep for 10 seconds if clicked on as an authenticated admin, editor or author user. What can I do to protect myself, my site and my customers? If you’re...
Continue reading
0
  1823 Hits
  0 Comments
1823 Hits
0 Comments

Server Upgrades - Stallion Online Services

In our continued effort to provide fast, reliable, business centered web hosting, we will be making some updates to our server software beginning March 1, 2015. Below are the updates that we will be performing, in 3 phases: 1. Upgrade the Apache web software from version 2.2.29 to 2.4.12. This newer version provides performance improvements over the older version. 2. Upgrade PHP from version 5.3.29 to 5.5.21. We opted to completely bypass the PHP 5.4 series due to improvements in 5.5 over 5.4. 3. Upgrade MySQL from version 5.5 to 5.6, which provides performance improvements. We opted to not install the new MariaDB, which is a new option now available on the servers, which provides major performance improvements, but hasn't been fully tested and certified by our data center. We have wanted to perform some of these upgrade for quite some time, but we held off due to some clients who...
Continue reading
0
  1500 Hits
  0 Comments
1500 Hits
0 Comments

Linux GHOST and Stallion Online Services

January 27th, 2015 a severe GHOST vulnerability affecting Linux systems was discovered in the C library of GNU / Linux (glibc) that gives control to attackers without requiring system credentials. GHOST creates a buffer overflow that affects all the gethostbyname*() functions in the glibc library. These functions change a hostname into an IP addresses. A hacker exploiting this can gain complete access of the Linux machine. Researchers from website security research firm Sucuri said Wednesday that they have good reasons to believe the flaw can be exploited through Web applications written in PHP that use gethostbyname() function wrappers. This has the potential to significantly expand the attack vectors. One clear example of such a PHP application is WordPress, which uses a function called wp_http_validate_url() to validate the URLs of pingback posts. “It does so by using gethostbyname(), so an attacker could leverage this vector to insert a malicious URL that would...
Continue reading
0
  1506 Hits
  0 Comments
1506 Hits
0 Comments

Google Chrome is a Greedy RAM Hog. Here’s How to Fix It.

RAM.png.pagespeed.ce.W QLFLtN2P
Screen-Shot-2015-01-13-at-1.30.47-PM-e1421173894841
Screen-Shot-2015-01-13-at-1.52.04-PM-e1421175207139
Screen-Shot-2015-01-13-at-2.13.53-PM-e1421176470130
Google Chrome may be most people’s favorite browser, but it’s far from perfect. One of its biggest flaws is how much of your computer’s RAM it eats up. Most laptops don’t come with a huge amount of RAM; once the allotted memory is full, the computer can’t process any more actions. Each new tab that is opened in the browser will consume more RAM. In Chrome, 15 tabs can range from 1 GB to 2 GB of memory used, depending on the media content. Take a look at how much memory your Chrome tabs and extensions by copying  chrome://memory-redirect/  in your browser. After doing a few tests with the same 15 tabs open in Mozilla Firefox, memory usage is 35 to 45% lower. Firefox appears to be a far more lightweight browser, a drastic improvement over older versions. If you don’t want to switch from Chrome, try downloading one of the...
Continue reading
0
  4601 Hits
  0 Comments
4601 Hits
0 Comments

Real Estate Listing Data 101: What's Difference Between IDX and RETS

Incorporating MLS listing data on a real estate agent’s website can be fairly complicated, or it can be simple, depending on the process that's chosen IDX, RETS, framed, direct import, etc. Fefore we get into that, a brief vocabulary lesson is in order to understand the various terms and processes. Don’t worry: We’re leaving out as much of the tech speak as we can. First, let’s define some of the relevant terms: IDX (Internet Data Exchange) – This refers to the data exchange between an MLS board’s database and a realtor’s website. Sometimes, IDX is used to refer to a specific method of data exchange, most of which are outlined below. IDX has to do with public MLS search, and is viewed as a form of advertising. The listings that are displayed here are only those allowed by other participants, but almost always includes the vast majority of the MLS database....
Continue reading
0
  1427 Hits
  0 Comments
1427 Hits
0 Comments

Call us

1-888-732-7893