Malware Infection Breaking WordPress Websites

There is a known malware infection caused by a serious vulnerability in the MailPoet WordPress plugin. This malicious attack attempts to slyly inject Spam into the hacked site, which is causing websites to break, and focuses predominantly on WordPress sites with outdated plugins or weak admin passwords.
What It Looks Like
The infected PHP code is very buggy and is corrupting legitimate website files, as well as themes and plugin files, which causes PHP errors to be displayed instead of website content:

Parse error: syntax error, unexpected ‘)’ in /home/user/public_html/site/wp-config.php on line 91

After removing the infecting malware, the only way to remedy the issues is to restore the corrupted files from a backup. This is what the malware code looks like:

<?php $pblquldqei = ’5c%x7824-%x5c%x7824*!|!%x5c%x7824-%x5c%x7824%x5c%x785c%x5c%x7825j^%xq%x5c%x7825%x5
c%x7827Y%x5c%x78256<.msv%x5c%x7860ftsbqA7>q7825)3
of:opjudovg<~%x5c%x7824!%x5c%x782421787825!|!*!***b%x5c%x7825)…

If you are running MailPoet, we recommend upgrading it to the latest version. If you do not have a firewall on your website, you have to upgrade the plugin or remove it altogether to avoid more issues.

Support
If you aren’t able to fix the issue on your end, please don’t hesitate to contact Support. We’re happy to help.

Get .uk Domains With HostNine for $15 a Year!

protected-smallWe are excited to announce that starting June 10th 2014 you can register .uk domains for just $15 a year!

Here’s what you need to know about the registration process:

  • If you have a unique .co.uk, .org.uk, or other similar domain, the equivalent .uk domain will be automatically reserved for you until June 10, 2019, as long as the domain remains registered.
  • You can check a registrant’s rights with this handy lookup tool: http://www.dotuklaunch.co.uk/rights-lookup-tool.
  • If you want to register a 2nd level .uk domain, such as ‘example.uk’, then the contact info for that domain must be an exact match to the existing equivalent third level .uk domain, like ‘example.co.uk’ or ‘example.org.uk’. If the information is not the same the registration will fail.
  • If there is no equivalent domain with rights already existing within the .uk domain family, by registering the .co.uk you will automatically have the right to register the new .uk domain.

protected-bigNote: if your third level .uk domain name resides at a registrar other than OpenSRS, Nominet will email the registrant to confirm the registration.

We think this new easier-to-use domain extension is a great addition to our current offerings and we’re pleased to be able to offer it to you!

Please contact our Billing department for assistance with registering a new domain name, or if you have any questions regarding the registration process.

Why You Should Update WordPress

I bet you’ve seen this warning at the top of your WordPress dashboard before.

WordPress update warning

It’s easy to ignore, but there are several really important reasons NOT to ignore it. WordPress, just like any other software on your computer, needs to be updated regularly. Unlike most software and programs though, WordPress is open source. Many many people are working feverishly to improve and fix old problems with WordPress, which means that updated versions are released pretty frequently.

Updating WordPress is very important, and really only takes a couple of quick steps. Don’t ignore the update warnings! WordPress will typically release updates for these reasons:

  • To improve features. New features that are released often help make WordPress easier to use. If you wait to update two or three versions of WordPress at a time it could cause problems with your site.
  • Safety reasons. WordPress updates may contain new security features that help prevent hackers and other bad-doers from breaking into your website and inserting malicious code or malware. Not only can this kind of activity harm your site, but it can also cause your site to lose it’s position in search engine results.
  • Bug fixes. New updates can fix bugs that you’re experiencing in your site. If something isn’t working correctly, you may just need to update WordPress.

Plugin Updates are Important Too

Plugins update

Updating your plugins is just as imperative as updating WordPress… and you should update the plugins BEFORE you update WordPress to prevent your plugins from breaking. Plugins that are outdated are super vulnerable to security attacks. To update your plugins:

  1. Navigate to the Plugins panel and click Update Available
  2. Update your plugins in bulk or individually with the Update Now link underneath each plugin

Old Software is Extremely Vulnerable

When a new WordPress or plugin update is released it comes with a bug fix report. Hackers can find the weaknesses of old WordPress versions just by looking at these reports. They target outdated sites by viewing the page source for a particular website to see what version of WordPress they are running. The simplest way to avoid being targeted is to keep everything updated.

Images courtesy of http://www.mayecreate.com/2013/04/why-you-should-update-wordpress/

Simplified Pricing for Domains

We’ve revamped our domain pricing structure to make things simpler, and to make our pricing more consistent across the board. These new changes impact all new domain registrations and renewals upon the standard renewal time.

The prices of domains fluctuate from year to year as the domain registrars raise their fees. We keep our prices as low as possible and make sure our support is top-notch so that we can provide the best and most comprehensive service to you, our customers. Check out our updated pricing:

$15 per year – .com, .net, .org, .info., .biz, .name
$18 per year – .nl
$20 per year – .mobi, .tel, .asia, .ca, .de, .in, .eu, .us, .be, .es
$25 per year – .ca, .dk, .fr, .com.co, .pl
$26 per 2 years – .co.uk, .me.uk, .org.uk
$30 per year – .at, .ch, .li, .me, .ws
$35 per year – .co, .com.au, .org.au, .net.au
$40 per year – .cc
$45 per year – .tv
$50 per year – .mx