Googlebot Issues

There is a known issue with Googlebot right now in which Googlebots are resetting TCP connections before the handshake completes. This causes the bot to not connect and will leave an error message in some customer’s Web Master Tools interface that look like this:

/*Fetch Failure: The resource was unable to be fetched for some other reason. In general, this happens when the resource is either explicitly blocked by the server (for example, this is the case with the Google Analytics scripts) or if Googlebot’s request times out without a proper response from the server. We use a shorter timeout for the Instant Previews testing tool than we would for normal requests to make these issues more visible and to improve the user-experience when interacting with this tool. */

This issue is know to Google and they investigating as indicated in this thread:

http://productforums.google.com/forum/#!topic/webmasters/mY75bBb3c3c

Update WP Super Cache and W3TC Immediately

Remote Code Execution Vulnerability Disclosed

From http://blog.sucuri.net

Shame on us for not catching this a month ago when it was first reported, but it seems that two of the biggest caching plugins in WordPress have what we would classify a very serious vulnerability – remote code execution (RCE), a.k.a., arbitrary code execution:

Continue reading “Update WP Super Cache and W3TC Immediately”

Apache Binary Backdoors on Cpanel-based servers

From http://blog.sucuri.net

For the last few months we have been tracking server level compromises that have been utilizing malicious Apache modules (Darkleech) to inject malware into websites. Some of our previous coverage is available here and here.

However, during the last few months we started to see a change on how the injections were being done. On cPanel-based servers, instead of adding modules or modifying the Apache configuration, the attackers started to replace the Apache binary (httpd) with a malicious one. This new backdoor is very sophisticated and we worked with our friends from ESET to provide this report on what we are seeing.

Detection

Continue reading “Apache Binary Backdoors on Cpanel-based servers”

Restart Apache in all Linux distributions

From http://linuxapachemysqlphp5.blogspot.com

Restart Apache

Ubuntu
service apache2 restart
/etc/init.d/apache2 restart
apache2ctl restart

CentOS
/etc/init.d/httpd restart
service httpd restart
/sbin/service httpd restart

Debian
service apache2 restart
/etc/init.d/apache2 restart
apache2ctl restart

Suse
/usr/sbin/rcapache2 restart
apache2ctl restart

Fedora
apachectl restart
/sbin/service httpd restart

RedHat
/etc/init.d/httpd status
service httpd restart
/usr/local/apache2/bin/apachectl restart

Quick little ref guide there… good to know.

WordPress Login – Brute Force Attack

From hostgator.com

There is a worldwide, highly-distributed WordPress attack that is ongoing. This attack is known to be using forged or spoofed IP addresses. We are actively blocking the most common attacking IP addresses across our server farm. The following steps can be used to secure (by password protection) wp-login.php for all WordPress sites in your cPanel account:

Continue reading “WordPress Login – Brute Force Attack”