Singapore Host Advises Customers to Take Necessary Precautions Against 0-day TimThumb Security Vulnerability - WTVM.com-Columbus, GA News Weather & Sports

Singapore Host Advises Customers to Take Necessary Precautions Against 0-day TimThumb Security Vulnerability

Posted:

This article was originally distributed via PRWeb. PRWeb, WorldNow and this Site make no warranties or representations in connection therewith.

SOURCE:

Timthumb security loophole has plagued websites once again and Singapore Host customers are advised steps to take to protect their websites from possible attacks.

Singapore, Singapore (PRWEB) July 11, 2014

July 11, 2014. TimThumbs vulnerabilities were a perennial security headache that has affected thousands of Wordpress sites in the past years. Recently, a new vulnerability has emerged anew, promising an even more destructive outcome with the growing number of WordPress sites affected. TimThumb is a PHP script that allows users to zoom, resize and crop images for their websites. Despite its practical purposes, hackers are exploiting it to disable web servers by creating, deleting and editing files remotely when a command is left enabled within TimThumb.

Even after TimThumb was released a few years ago, security weaknesses in TimThumb were already detected, exposing websites to massive server-wide attacks. The Webshot feature in particular are affected by the latest vulnerability, named the TimThumb Remote Code Execution vulnerability. Most TimThumb plugins have the Webshot feature disabled by default, however some plugin installations may still leave it enabled. Even if not mentioned explicitly in disclosure agreements, some third-party plugins and themes may have integrated the TimThumb script as well.

To ensure that Timthumb Webshot features are disabled, Singapore Host customers are advised to manually disable it to block possible attacks on their websites. To do this, here are simple steps to follow: (1) visit plugins or themes and search for any TimThumb files, (2) open TimThumb file, (3) look for WEBHOST_ENABLED, (4) change it to false, (5) Final code must show: define (WEBHOST_ENABLED, false); .

Customers can rest assured that all Singapore Host servers are secured with the help of web application firewalls that automatically blocks all types of security vulnerabilities. They can also reach Singapore Hosts 24/7 Customer Support team to report issues with their websites.

About Singapore Host

A recognized web hosting leader, Singapore Host offers reliable web hosting solutions with features that include massive disk space and bandwidth, 99.9% uptime guarantee, user-friendly website builder for beginners, enterprise grade network for seamless connection, automatic file backup and recovery, domain privacy and friendly customer support assistance. Visit them at: http://www.singaporehost.sg/ for more information.

For the original version on PRWeb visit: http://www.prweb.com/releases/2014/07/prweb12008547.htm

Information contained on this page is provided by an independent third-party content provider. WorldNow and this Station make no warranties or representations in connection therewith. If you have any questions or comments about this page please contact pressreleases@worldnow.com.

Powered by WorldNow

1909 Wynnton Road
Columbus, Ga. 31906

FCC Public File
publicfile@wtvm.com
706-494-5400
EEO Report
Closed Captioning

All content © Copyright 2000 - 2014 Worldnow and WTVM. All Rights Reserved.
For more information on this site, please read our Privacy Policy and Terms of Service.