Login

Category: Errors

Topics

Mitigating the Symlinks Vulnerability

When Apache or nginx serve static files, they follow symbolic links even if a link points to a file owned by another system user (for example, one corresponding to a different subscription). This allows an attacker with access to a subscription to read files from another subscription, including files containing...

PCI DSS Compliance

The PCI Data Security Standard (PCI DSS)The PCI DSS is a security standard that helps organizations to proactively protect customer account data. The standard constantly evolves to remain viable in today’s rapidly changing Internet and computing environment. It is reviewed at least every 24 months, and can be updated at...

Protecting Against Open Redirect

Open redirect (also known as unvalidated redirects and forwards) is a URL redirection vulnerability. An attacker can exploit it to redirect users from a trusted to a potentially malicious third-party website and steal their credentials via a phishing attack. To protect against this vulnerability, we recommend configuring Plesk to restrict...

PHP error: Allowed memory size of x bytes exhausted

If you are getting an error like "Allowed memory size of... in file /directory/folder/yourscript.php", then you can use a .htaccess trick to resolve this problem. If this error does not go away even after applying this .htaccess code, you should contact us, and we will help you.Place this code in...

Protecting Against Clickjacking

Clickjacking (also known as a “UI redress attack”), a malicious technique, involves an attacker covering a button, a link, or a picture you intend to click with an overlay (transparent or opaque). The aim of the attack is to trick you into clicking the overlay instead of the desired webpage...