XSS Vulnerability Affecting Many Popular WordPress Plugins

Many popular WordPress Plugins are found as vulnerable according to Cross-site Scripting (XSS) due to the misuse of the add_query_arg() and remove_query_arg() functions. These are popular functions used by plugin developers to modify and add query strings to URLs within WordPress. The official WordPress Official Documentation (Codex) for these functions was not very clear and […]

Website Security Becomes Important for Google

Great news! Today Google has officially announced that using HTTPS (HyperText Transfer Protocol) is a must-have for websites. Why HTTPS Matters for SEO In addition to an SEO-friendly website structure, unique content, quality internal and external links and site speed optimization, establishing HTTPS with Secure Socket Layer (SSL) now also increases your site’s search engine […]

Sunsetting SHA-1 and Moving to SHA-2

One of the most important parts of SSL certificates’ security is the signature algorithm. The SHA-1 cryptographic algorithm, created nearly 20 years ago, is one of the most commonly used hash function for websites that are protected with SSL. SHA-1 is getting weaker every day and is frequently exposed to collision attacks in which hackers […]

We have launched Comodo SSL Certificates For Sale

We are happy to announce that we have launched Comodo SSL Certificates for sale on our product site https://www.acewebworld.com/ssl-certificates.php. Comodo SSL certificates has features like 40-bit to 256-bit encryption, 2048 bit key-size, fast issuance, unlimited reissues, unlimited server licensing, Free site seal, 14 days refund policy, minimum $10,000 warranty, most mobile devices supported, 99.3% browser […]

We have launched Dedicated Servers For Sale

We are happy to announce that we have launched dedicated servers for sale on our product site https://www.acewebworld.com/dedicated-servers.php. All the Dedicated Servers are built on a solid network of robust servers based on highly redundant infrastructure. Our Dedicated Servers feature super-fast processing with full root access, all of which is backed by the best support […]

What you should need to know when you are thinking to switch your web hosting

The most important factors of web hosting are better server up-time, good data transfer rate/speed, high hardware configurations, data security and protection, regular backup, user-friendly control panel and support. Most of the hosting companies do these. But you still need to know something specials. (1) We love to deal with some one who can give […]

We have completely disabled SSLv3 support

We have completely disabled SSLv3 support and enabled TLS (1.0, 1.1, 1.2) only to work with SSL (Secure Socket Layer) encrypted communications on all shared hosting and re-seller hosting server to prevent poodle vulnerability. We also want to suggest our users to disable SSLv3 compatibility from web browser’s SSL settings if your web browsers aren’t […]

POODLE Attack

Introduction SSL 3.0 [RFC6101] is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0 [RFC2246], TLS 1.1 [RFC4346], and TLS 1.2 [RFC5246], many TLS implementations remain ackwardscompatible with SSL 3.0 to interoperate with legacy systems in the interest of a smooth user experience. The protocol […]

CryptoPHP – Analysis of a hidden threat inside popular content management system

INTRODUCTION While attacks using vulnerabilities on commonly used content management systems are a real threat to website owners not keeping up with updates, a new threat has been going around. Website owners are social engineered to unknowingly install a backdoor on their webserver. This threat has been dubbed “CryptoPHP” by Fox-IT’s Security Research Team and […]