<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">This type of stuff can even happen with
managed hosting providers, Web Hosting Talk the global / US
version got hacked a few months ago and its hosted by Liquidweb. <br>
This is why you need professional Indemnity insurance as a managed
services provider. <br>
Regards Chad. <br>
<br>
<br>
On 1/30/2017 11:04 PM, Nathan Brookfield wrote:<br>
</div>
<blockquote
cite="mid:ME1PR01MB16013CD47D72D6DAB819233CDE4B0@ME1PR01MB1601.ausprd01.prod.outlook.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
<div id="divtagdefaultwrapper"
style="font-size:12pt;color:#000000;font-family:Calibri,Arial,Helvetica,sans-serif;"
dir="ltr">
<p>After <span>Macquarie Media apparently had 2GB.com and
4BC.com hacked this morning, also on WordPress it seems
there is a big lack of knowledge on this stuff out there.</span></p>
<p><br>
</p>
<div id="Signature">
<div id="divtagdefaultwrapper" style="font-size:12pt;
color:#000000; background-color:#FFFFFF;
font-family:Calibri,Arial,Helvetica,sans-serif">
<p class="x_MsoNormal" style="margin:0cm 0cm 0.0001pt;
font-size:12pt; font-family:'Times New Roman',serif;
color:rgb(33,33,33)">
<span style="font-size:10pt;
font-family:Calibri,sans-serif; color:rgb(31,73,125)">Kindest
Regards,</span></p>
<p class="x_MsoNormal" style="margin:0cm 0cm 0.0001pt;
font-size:12pt; font-family:'Times New Roman',serif;
color:rgb(33,33,33)">
<span style="font-size:10pt;
font-family:Calibri,sans-serif; color:rgb(54,95,145)">Nathan
Brookfield (VK2NAB)</span></p>
<p class="x_MsoNormal" style="margin:0cm 0cm 0.0001pt;
font-size:12pt; font-family:'Times New Roman',serif;
color:rgb(33,33,33)">
<span style="font-size:10pt;
font-family:Calibri,sans-serif; color:rgb(54,95,145)"> </span></p>
</div>
</div>
<div style="color: rgb(0, 0, 0);">
<div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="x_divRplyFwdMsg" dir="ltr"><font
style="font-size:11pt" face="Calibri, sans-serif"
color="#000000"><b>From:</b> Chad Kelly
<a class="moz-txt-link-rfc2396E" href="mailto:chad@cpkws.com.au"><chad@cpkws.com.au></a><br>
<b>Sent:</b> Monday, 30 January 2017 10:44 PM<br>
<b>To:</b> Nathan Brookfield<br>
<b>Cc:</b> <a class="moz-txt-link-abbreviated" href="mailto:ausnog@lists.ausnog.net">ausnog@lists.ausnog.net</a><br>
<b>Subject:</b> Re: [AusNOG] Borrowed addresses, data
retention, court orders</font>
<div> </div>
</div>
</div>
<font size="2"><span style="font-size:10pt;">
<div class="PlainText"><br>
I should of provided the following link with my previous
post but <br>
Sucuri.net offer a paid service for cleaning Malware and
they offer a <br>
free scan for websites as well.<br>
<a moz-do-not-send="true"
href="https://sitecheck.sucuri.net/results/theispguy.com"
id="LPlnk770587" previewremoved="true">https://sitecheck.sucuri.net/results/theispguy.com</a><br>
It looks like a bit of a mess.<br>
<br>
Regards Chad.<br>
<br>
On 1/30/2017 6:48 PM, Nathan Brookfield wrote:<br>
> Schooled!<br>
><br>
> Nathan Brookfield<br>
> Chief Executive Officer<br>
><br>
> Simtronic Technologies Pty Ltd<br>
> <a moz-do-not-send="true"
href="http://www.simtronic.com.au" id="LPlnk319819"
previewremoved="true">http://www.simtronic.com.au</a><br>
><br>
> On 30 Jan 2017, at 18:45, Chad Kelly
<a class="moz-txt-link-rfc2396E" href="mailto:chad@cpkws.com.au"><chad@cpkws.com.au></a> wrote:<br>
><br>
>> On 1/30/2017 10:34 AM,
<a class="moz-txt-link-abbreviated" href="mailto:ausnog-request@lists.ausnog.net">ausnog-request@lists.ausnog.net</a> wrote:<br>
>> Apparently so... screw Wordpress... bloody
nightmare to manage.<br>
> Not if you have the right tools in place.<br>
><br>
> Generally now a days you can automate the security
updates for Wordpress so you don't even need to think
about it.<br>
><br>
> Plus you should be using other security measures
such as Mod_security and things like Fail 2 Ban.<br>
><br>
> <a moz-do-not-send="true"
href="https://modsecurity.org/about.html"
id="LPlnk11242">https://modsecurity.org/about.html</a><br>
><br>
> and fail2ban.org<br>
><br>
> Those two tools alone with decent configs will nuke
anything that tries to hack in.<br>
><br>
> For extra security on top of that you can use CXS,
which will scan for things like scripts containing
malware and quarantine them so that if something does
manage to get in it doesn't affect your online presence.<br>
><br>
> <a moz-do-not-send="true"
href="https://configserver.com/cp/cxs.html">https://configserver.com/cp/cxs.html</a>
i've been using the Config Server tools for years now.<br>
><br>
> With those tools and Mod_security configured
properly you don't need the extra security plugins for
Wordpress specifically.<br>
><br>
><br>
> When I checked a few hours ago the ISP Guy site was
still infected and was redirecting to another site.<br>
><br>
> Regards Chad.<br>
><br>
><br>
><br>
<br>
<br>
-- <br>
Chad Kelly<br>
Manager<br>
CPK Web Services<br>
web <a moz-do-not-send="true"
href="http://www.cpkws.com.au">www.cpkws.com.au</a><br>
phone 03 9013 4853<br>
<br>
</div>
</span></font></div>
</div>
</blockquote>
<br>
<p><br>
</p>
<pre class="moz-signature" cols="72">--
Chad Kelly
Manager
CPK Web Services
web <a class="moz-txt-link-abbreviated" href="http://www.cpkws.com.au">www.cpkws.com.au</a>
phone 03 9013 4853</pre>
</body>
</html>