U7 Networks

Many wordpress sites are under attack by a botnet using brute-force methods to obtain their passwords. The attacks seem limited to only users who kept the default “Admin” username for their websites, however, these attacks are only the beginning. Analysts and companies fear that the attackers are attempting to build a massive botnet that is much more powerful than any botnet seen before.

Currently, there are over 90,000 IP addresses being used to launch these brute-force attacks. These IP addresses are using thousands of passwords to hack into the WordPress sites. Right now, the botnet is limited to just using home PCs, however, the attackers could soon use the powerful servers that run these WordPress sites to launch a much stronger botnet. Matthew Prince, CEO of CloudFlare, wrote,

“These larger machines can cause much more damage in DDoS attacks because the servers have large network connections and are capable of generating significant amounts of traffic.”

Prince references to the “itsoknoproblembro”, or “brobot”, botnet that launched DDoS attacks against many major US Banks, including Bank of America, U.S. Bank, Wells Fargo,and more. Ars Technica reports that there is already some evidence that a massive botnet is being developed. ResellerClub, a web host, stated that they are undergoing an “ongoing and highly distributed global attack.” HostGator is a major target, with its WordPress machines being targeted by over 90,000 IP addresses.

So what can you do right now? Right now, if you have Admin as your default username, you should go ahead and change your password. You can also sign up for CloudFlare, which is rolling out a fix to prevent your site from becoming a victim to this botnet attack. CloudFlare will be using its data retrieved from these attacks and giving them to its partners so that they can come up with a solution to stop this botnet in its tracks. Also, in the future, if you plan on using the WordPress platform for your site, be sure to change the default “Admin” username to something unique.

U7 Networks is happy to announce our latest cloud product, SiteGuard.

SiteGuard is a unique solution covering site monitoring, intrusion detection, offsite backups, and more. Website owners and server administrators alike find themselves faced with some very scary disaster recovery scenarios. Topping this list is website uptime, offsite backups and network intrusions. U7 SiteGuard protects your site and gives you a piece of mind from all of these things and more.

• SiteGuard will remotely backup your entire site via ftp either nightly, weekly or monthly. We know that some webhosts allot a certain amount of bandwidth and that the space to store backups can add up, so to save on your bandwidth and expense we only backup files that have been added or changed after the initial backup.

• SiteGuard can also do a dump and remotely backup your MySQL database and back that up nightly, weekly or monthly.

• Go back and review what files have changed for any previous backup from the control panel.

• One click download of any given backup since the beginning.

• SiteGuard will alert you if files are added, removed or if files have changed in your site, Protecting you from malware and phishing infections. Why is this important? Here is one webmaster’s account of one of his clients sites hacked, the attacker was hoping the hack would go unnoticed ( http://searchtempo.com/htaccess-redirect-hack-and-google-malicious-code-warning/ ). SiteGuard will help you discover these sort of issues before they become a problem.

• SiteGuard will check your site nightly against the google safe browsing database. This is the database that most browsers use to determine if your site has been a deemed a phising site or is responsible for infecting users with malware. If your site turns up on this list, we’ll alert you immediately and offer some advice on getting delisted.

• SiteGuard can monitor your site every 10 minutes to be sure it is online and available to the general public. If it goes down, we’ll tell you. Many times a site can be responsive but throwing an error. SiteGuard can optionally avoid false positives by checking your page for specific text or source code so that you can be sure that your site is loading correctly without errors. If enabled, we will send alerts when our monitor does not see this text in your html code.

• Get alerts via SMS text message, email or both.

• Have multiple server administrators or webmasters? No problem! You can add an unlimited number of additional users who get notifications of problems, again via email or SMS text message or both.

Read more at the SiteGuard site, Existing customers will see SiteGuard available from the Applications menu on their dashboard.

We are happy to announce the launch of our new Support Center. We feel that this will greatly enhance our ability to serve our customers and respond in a more concise, timely manner. If you have questions for Support, Sales or Billing you can now login and visit http://my.u7net.com/support and submit a support ticket.

 U7Networks is happy to announce high availability WordPress cloud instances. No worries about installation, with just a few clicks you can be up and running with your wordpress site within minutes.  Running WordPress on our cloud infrastructure ensures speed and availability.  Pricing is the same as our iWeb instances.

WordPress is a free and open source blogging tool and content management system (CMS) based on PHP and MySQL. It has many features including a plug-in architecture and a template system. WordPress is used by over 14.7% of Alexa Internet’s “top 1 million” websites and as of August 2011 manages 22% of all new websites. WordPress is currently the most popular CMS in use on the Internet.

WordPress was first released on May 27, 2003, by Matt Mullenweg as a fork of b2/cafelog. As of December 2011, version 3.0 had been downloaded over 65 million times.

With this new offering we have also revamped our control panel for our iWeb instances, look forward to more enhancements as we continue to move out of our Beta offerings.  Below is a screenshot of the new iWeb (and wordpress) control panels.

Click To Enlarge

We are happy to announce that we have opened up our system with a limited number of public invites.   These invites entitle new customers a $25 credit.  Existing customers can issue invites to friends through the dashboard, if your friend redeems the invite you get a $5 credit on your account, your friend gets a $25 credit.

We are still in beta but are planning on rolling out version 0.6 shortly.

Starting today new instances of Bugzilla will now be launched using version 4.0.2 stable.

For those who wish to upgrade see the release notes here: http://www.bugzilla.org/releases/4.0.2/release-notes.html

Changes Include:
This release fixes several security issues. See the Security Advisory for details.

• In addition, the following important fixes/changes have been made in this release:
• The Bug.create WebService method now throws an error if you pass a group name which doesn’t exist. In Bugzilla 4.0 and 4.0.1, this group name was silently ignored, leaving your bug unsecure if no other group applied. (Bug 653341)
• Moving several bugs at once into another product displayed the same confirmation page again and again, and changes were never committed (regressed in 4.0). (Bug 663208)
• Marking a bug as a duplicate now works in Internet Explorer 9. (Bug 656769)
• importxml.pl no longer crashes when importing keywords (regressed in 4.0). (Bug 657707)
• Data entered while reporting a new bug could be lost if you had to click the “Back” button of your web browser. (Bug 652427)
• WebServices methods will return undefined bug fields as undefined instead of as an empty string. This change is consistent with how Bugzilla 4.2 behaves. (Bug 657561)
• The XML-RPC interface now works with SOAP::Lite 0.711 and 0.712 under mod_perl. (Bug 600810)
• LWP 6.00 and newer require Perl 5.8.8 and above. When installing this module using install-module.pl on a Perl installation older than 5.8.8, LWP 5.837 will be installed instead. (Bug 655912)
• Viewing a bug report should be significantly faster when your installation has many custom fields. (Bug 634812)

We are happy to now offer a daily allotment of free bandwidth for instant website instances.  Each instance you launch will be allotted 10GB per day of free bandwidth (or 300gb per month).

U7Networks is happy to offer ProjectPier. For many, ProjectPier offers a more cost effective alternative to project management platforms like BaseCamp. ProjectPier gives you a flexible system for managing projects involving multiple organizations by providing a central place for all project activity and information while integrating with users’ existing tools and workflow. Thousands of people all over the world, from study groups organizing a school project to large universities managing hundreds of international research projects, are using our software to get a grip on their project’s tasks, communication, files and more! You pay 0.12 per day for the instance plus normal bandwidth and disk space usage. Options to point your own domain name to the instance are also included.

ProjectPier Pricing

Like all U7 Networks applications ProjectPier pricing is based on usage. The breakdown is as follows.
Daily Instance Cost: $0.12/Day
Disk Space Usage: $0.06 Per GB Per Day.
Bandwidth Costs: $0.03 Per GB Per Day.