Treewind Music and Technical Services

Anahata's Music recording, Web site hosting and design

Hosting and Web Site Design

hosting
sites
news
Update Sep 21

News

September 2021 - Site migration For Software Updates

Migration of all sites to enable system software update.

Details on this page: Update Sep 21

June 2020 - Security Improvements

Two WordPress sites were found to have been hacked, in the same way. I have restored them, one by restoring from a backup and the other by editing the database as by then I had discovered where the rogue code was and it was reasonably easy to remove.

This prompted a security review on the whole server.

  • I found that a reboot (for a system upgrade) a week earlier had come up with the firewall inoperative. I have fixed this so the firewall starts automatically on reboot. Though the exact attack mechanism is still unknown, I think it's no coincidence that the web site damage occurred a few days later.
  • Both sites that were hacked were using the WP "Duplicator" plugin. I have read reports that at least an older version of that plugin has a security weakness. It's not clear whether that was the problem in this case but I'll be watching out for that possibility if it happens again.
  • A great deal of traffic to the server was being caused by repeated login attempts to WordPress sites. This comes from hackers' automated scripts trying thousands of passwords in the hope of finding one that worked. I have installed on each WP site a plugin lalled "WP fail2ban redux" that logs failed login attempts on Wordpress, where another system (that was already in use) can make the firewall block the IP addresses of repeat offenders. I believe that passwords I created for WP admin users were secure enough that this kind of brute-forcing would not have succeeded, but I have no control over the passwords created by users themselves, and anyway the volume of password attempt traffic was so high that it sometimes affected server performance.
  • I had already started installing a feature called Content Security Policy to all sites. This has to be tailored to each site, and controls access to resources to reduce or disable the activity of some common types of web site attack. This work continues.
  • The mechanism (fail2ban) that blocks IP addresses that are trying to brute-force passwords only worked on IPv4 addresses. Some attempts are coming in from IPv6 addresses now, so fail2ban is now configured to block both address types.

Older news (summarized)

News - November 2019

The migration of all sites to a new server as explained here is complete. (still with BitFolk but running Sympl management software.)

News - October 2019

  • Brief downtime of server provider in the middle of the night, for a planned upgrade, completed without problems
  • SSL certificates (to enable "https:" URLs ) were not always being renewed in time. This turned out to be a legacy from the recent site move and certificates are being renewed normally now.

    • News - June 2019

    Migration of all sites from a Bytemark server to one provided by BitFolk is now complete.

    For the reasons behind this move, read Migration of web sites to a new server.


News - December 2018

(Happy Christmas!)

This is the first of a series of occasional newsletters for customers.

New Customers

In 2018 the hosting business has picked up a respectable number of new customers, including some that are quite prestigious:

Improvements to the Service

  • New offsite backup provider, cheaper than the previous one who had changed their pricing structure. Helps to keep your data safe and my price low!
  • Speed improvements: I could afford a memory upgrade on the server
  • A software upgrade from PHP5.6 to PHP 7.0 in November will also have produced a speed improvement for most sites.
  • WordPress Updates: my manual updates are now scripted for much quicker and easier updates
Tel: 01535 501017 email: anahata@treewind.co.uk