Cpanel change PHP handler error

There appears to be a bug somewhere  in the cpanel EA4 upgrade process. When changing the php handler after the conversion, you may see an error like this: API failure: (XID ntgxgd) Provide the “type” parameter for the “Cpanel::WebServer::Supported::apache::make_handler” function. I found that this error was caused by the yum-plugin-universal-hooks package, not being installed properly at the time of the conversion. To correct this and be able to change php handlers in Easy apache 4, you will need to do the following: yum reinstall yum-plugin-universal-hooks /scripts/migrate_ea3_to_ea4 –reinstall –run These commands will reinstall the  yum-plugin-universal-hooks and then recompile EA4 to include the correct hooks.   If you are using cloud linux,… Read More

Continue Reading

Security Question Issues

The issue with Security Questions A lot of online enterprises these days use security questions as a safety net in the event you get locked out of your account. You can answer the security questions to recover access to the account and update your password. Sound familiar? Most people see these as a blessing to make sure they always have access to their accounts because they are not going to forget answers like “Who is your youngest sibling?” Or “What High School did you go to?”. Though a safety net to you, these security questions open your account up for any attacker that knows how to get the correct answers. There are… Read More

Continue Reading

Social Engineering

Social Engineering? What is that? The basic way to explain Social Engineering is when a person is able to do nothing more than ask you questions and get answers needed to gain access to your accounts. Without realizing it, you can give crucial information to an attacker while just talking to them. An example of a phone conversation, where social engineering happens, would be, “The Gas company” calls, and says there is an issue with the billing on your account, and they give you some simple verification information, the name of the local company, your name, and address,  maybe even the balance due, and start to request vital information, such as social… Read More

Continue Reading

How to force SSL with .htaccess

Making sure your site is using SSL is important. Below are some simple lines of code to add to nearly any site to get it to redirect. Rememeber that setting this redirect within your site, likely means that it is using php for the redirect. Adding a redirect in php can slow your site down, where as the apache or nginx redirect will be much faster.    You can force an HTTPS connection on sites that run on a server that uses Apache, by adding these rules to the top of the .htaccess file: RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] If your server uses Nginx, add this to the top of the… Read More

Continue Reading

SSL certificates

SSL certificates encrypt the traffic between your server and your customers. This traffic can include credit card information, usernames and passwords, and any other critical information that your site receives or sends. There are Multiple types of SSL certificates: Free LetsEncrypt/AutoSSL certificates Domain Validation DV SSL Organization Validation OV SSL Extended Validation EV SSL   At their base, They all do the same thing…Encrypt traffic. The differences between them is what causes the wide range in prices. For Free SSL certificates, and DV SSL’s, The only checks run by the Certificate Authority, or CA, Is that the domain is controlled by the person that is generating the order. OV and EV… Read More

Continue Reading

What is SSL? And why is it important

An SSL is an encryption method used for securely transferring data over a public network. When you visit a domain that is using https:// as the protocol in front of the domain name, it means you are using an SSL connection to the site. Any data you enter into the site will be transferred back to their server encrypted and secure. SSLs are a very important security feature that makes buying online a secure thing. Without some form of encryption in the transfer, credit card numbers, passwords, and other sensitive data would easily be obtained by attackers. When you browse to a site that you want to buy something from, … Read More

Continue Reading

Reverse DNS or PTR records, How they work and what they do.

Normally when we do a DNS lookup, we check a domain for an associated IP. Reverse DNS is used to check an IP for an associated domain name. For this to work, you need a PTR record in the  IP address zone file. These records do not go in your domains zone file. PTR records are generally maintained by the owner of the IP, most likely your hosting provider or whoever you may be leasing your IP address from. On a server, the mail server relies heavily on RDNS to verify the sender of a message. If the sending hostname does not match the PTR record, then your message may… Read More

Continue Reading

Why Are Backups Important?

Backups are protection, from any and all disasters. If you don’t have backups of your data, it could be gone in an instant. All that time and money that you have poured into your work, gone. A lot of people say, “oh, that will never happen to me, my stuff is in the cloud. I don’t need to waste money on backups.” They couldn’t be more wrong! People seem to think that the cloud is this magical place where nothing can go wrong. The cloud is made up of a large number of machines that could fail at any moment in a multitude of different ways. If you don’t have… Read More

Continue Reading