WHMCS exploits and how we deal with it
-
Tuesday, 22nd October, 2013
-
22:15pm
Due to the many WHMCS exploits the past days we have installed an additional layer of security and upgraded/updated existing security layers already in place.
One of the many changes is i.e. a 2factor authentication for our support staff as well a special PCI certified Web Application Firewall which compliments to our internal Web Application Firewall and Network Firewall.
The following events will be now stopped:
SQL Injections
Cross-Site Scripting (XSS)
Illegal Resource Access
Remote File Inclusion
Comment Spam
OWASP Top10 instant updates
And many more ; this is to keep our customers data safe ! and gives us a peace of mind.
Due to this change the SSL certificate on our site has been changed, it should not give any warnings as its a fully valid SSL but some browsers may show its a new certificate, this is normal as its a newly created certificate.
Of course we will keep monitoring the situation closely and update our local security measures when needed as well as of course updating and patching our system as soon as the patches come available.
