• Skip to primary navigation
  • Skip to main content

Managed WordPress Security for Pennies a Day. Call (619) 479-6637

Managed WordPress Security with Heart

MENUMENU
  • Why HackGuard.com? Why Choose HackGuard.com?
  • HackGuard.com WordPress Managed Services Rates WordPress Managed Services Rates
  • HackGuard.com Articles HackGuard Articles Library
    • Hack Guard Customer Testimonials
    • Top 20 WordPress Plugins to Avoid
    • Why Should I Maintain My Own WordPress Website’s Backups?
    • How to Improve Junk Email Filtering at Gmail
    • WordPress 6.0.3 Security Release – Updated?
    • About that “Weekly jQuery Migrate Status Update” email
    • How to Change a WordPress User from Subscriber to Administrator Role
    • WordPress 4.9.3 – Going into the tunnel and never coming out…
    • How Do I Migrate WordPress to a Different Domain Name?
    • Community Blogging: A Short Guide
    • WordPress Troubleshooting and How to Fix WordPress Errors
    • Is My Web Host Secure? Maybe not…
    • How to remove the subdirectory name from your WordPress website address
    • How can I improve the performance of my WordPress website?
    • How can I improve the performance of my WordPress blog (Part 2)
    • Protecting WordPress Against Brute Force Attacks
    • How do I reset my WordPress password?
    • How To Clear Cron Jobs in WordPress
    • xmlrpc.php and Pingbacks and Denial of Service Attacks, Oh My!
    • Free Website Monitoring Services, well, mostly free...
    • How to choose a secure web hosting company for a WordPress website
    • WordPress 404 Page Setup - Do You Have Five Minutes?
    • Can mod_pagespeed Improve Page Load Speed (external link)?
    • Yoast WordPress SEO Settings and Recommendations
    • Is Your Mom Missing Her BUMM?

Is My Web Host Secure? Maybe not…

Web server security is not automatedAfter running into a situation where a client’s web host was running years outdated software, I realized some of you might be operating under a false sense of security–about your security!

Many people believe that just because they set up their hosting account with a well-known shared hosting company that stuff magically updates on its own. This is far from the truth.

Same goes for folks who have their websites “self-installed” with cloud hosting providers. Suffice it to say, once “the installer” leaves the scene, the server software will not self-repair or auto-update itself…

  Server management is much more involved, and requires greater expertise than just clicking a button to install Linux and WordPress. Server management is not generally automated, and if someone doesn’t handle it, you may find your “server” is years behind in updates–and then it’s already too late. – Mike D., TVCNet Server Admin.

 

IMHO, A quality shared host presents “security” as their core feature. And security requires constant vigilance (using both human eyes and hands, 24/7). Web servers are not self-managed devices. And for this reason, many websites are hacked due to the above lack of hands-on management. Seriously, web hosting is a complex business.

Bottomline, if you don’t have a salaried server administrator on staff, it’s your responsibility to periodically check what’s been installed by your host both PHP and web server software wise. And it’s your responsibility to keep your host on their toes and demand currency of software, updates, and service responsiveness.

If your web host can’t handle the responsibility of maintaining regular updates, it’s a rather easy process nowadays to just move on to one that “gets it”. The top three hosting companies, with whom I’ve worked extensively, make customer website security an absolute top priority. These companies are TVC.Net, SimpleHelix, or AceNet

So complain with your wallet – it’s the secure thing to do.

 

How do I check the server software versions running at my web host?

The easiest method is to upload a one line PHP script to your hosting account and then view the script through your web browser. For this article, we’ll focus on the PHP version number.

How to create a PHP info script:*

  • Create a blank text file on your computer.
  • Name it something like serverinfo-x.php
    *Try not to name your script to something easily guessed at, like “phpinfo.php”
  • Add line of text and save:
    <?php phpinfo(); ?>
  • Upload the file to the same directory as your home page.
  • Then view your PHP information at:
    https://your-domain.com/serverinfo-x.php
Need help setting your site up for an SSL certificate (httpS://)?
I can help you with that today for a small one time fee.

 

Once you have the file open in your browser, look for the PHP version line, top of page.

PHP Version shown in PHP info file

  • You should be running  PHP version 5.6 or above.


On a cPanel server
, once you log in, look for a section on right or left named Server Information. An example below, with the two most important bits highlighted:

Web hosting account server infoNote the Apache version shown above (click to enlarge).

  • You should be running  Apache version 2.0 or above. 

 

If you are running WordPress, the WP System Information plugin may provide the same web server software installed information as well.

 

So that about covers the basics in regard to what you should check server software versions wise. A web host running outdated software can be as great a security risk as running a years old version of WordPress, Joomla or other content management system.

Jim Walker, The Hack Repair GuyIf  you need help or further explanation please feel free to call or chat with me anytime.

 

Share me:

  • Tweet
  • Email
  • Print

Like this:

Like Loading...

Filed Under: Call (619) 479-6637 Tagged With: apache, PHP, phpinfo, server security, server software, website software

Reader Interactions

Please feel free to comment via WordPress, Twitter, Facebook or Google+ Cancel reply

Proactive WordPress Security Management for Pennies a Day™

© Copyright 2022 HackGuard.com™, HackRepair.com™,
The Hack Repair Guy™, Hack Repair Guy™
Copyright and Trademark Statement | Privacy Policy

Call HackRepair.com for website security help, (619) 479-6637.
Content Approved By Jim Walker, The Hack Repair Guy
%d bloggers like this: