Vulnerability in PGP mail encryption

PGP (Pretty Good Privacy) is an encryption mechanism which is often used by businesses to encrypt confidential email communication.

A serious vulnerability has been discovered which allows access to the plain text (unencrypted) messages sent using this encryption protocol.

You can read more at a dedicated website set up to give users information and advice about this vulnerability (click here).

If you are using this encryption method with any Anu products and want more advice, please feel free to contact us by emailing support@anu.net

PHP versions and our 3 anuhosting.net servers

Our original ams1-c5-1.anuhosting.net Direct Admin server runs CentOS 5 which became End of Life at the end of April 2017 and is powered by an older version of PHP (5.5).

In anticipation of this back in 2016 we commissioned two replacement servers. One is powered by CentOS 6 and PHP 5.5 designed to support legacy sites but supports secure protocols such as TLS 1.2 and still receives security updates. The other is a CentOS 7 / PHP 7.0 based server for newer sites who want the best performance and latest security updates. Many of our clients have migrated over and are enjoying the benefits.

We have had enquiries from customers who want to use PHP 5.6 – something that we didn’t support on our Direct Admin servers. PHP 7.2 was also recently released.

We now support a secondary version of PHP on both our ams2-c6-1.anuhosting.net and ams2-c7-2.anuhosting.net Direct Admin servers. By default you will be using PHP 5.5 on ams2-c6-1.anuhosting.net and PHP 7.0 on ams2-c7-2.anuhosting.net. However, if you wish, you can now use 5.6 on ams2-c6-1.anuhosting.net or PHP 7.2 on ams2-7-2.anuhosting.net. In order to change the PHP version per website, there is a setting in the “Domain Setup” section of Direct Admin.

CentOS 5 has been End of Life for almost a year now so we encourage everybody to migrate their website to one of our newer servers. We are always happy to deploy you a second account on our newer servers free of charge for you for a short period of time to allow you to test and migrate your website.

If you have any questions or need help planning a migration to one of our newer Direct Admin servers, do not hesitate to email us on support@anu.net.

Google Chrome soon to mark all HTTP traffic as insecure

Web browsers have been gradually encouraging websites to phase out HTTP traffic in favour of HTTPS traffic (secure encrypted browsing, usually associated with green padlocks / green bars). Some examples of this are displaying warnings if pages contain log in forms / credit card forms and are not served via HTTPS.

Google have announced that version 68 of Google Chrome, due July 2018, will flag up ALL sites served over the http:// protocol as insecure. This is likely to have substancial impact because Google Chrome is now used by over 50% of users and therefore other browsers (Mozilla Firefox, Microsoft Edge etc) will likely follow suit.

It is vital that by then your website is serving all traffic securely over https:// with a valid SSL certificate. We offer a range of SSL certificate options to achieve this and can assist you every step of the way by providing the certificate, installing, renewing and monitoring it for any problems.

If you have any questions or concerns please do not hesitate to reach out to us by emailing support@anu.net.