News & Blog

Keep up to date with the latest from the team

‹ Back to Blog

Blog Category: Security (3 posts)

Jon Matheson | 23rd April 2018 | General Articles
Email Issues.   For your security, WebBoss is updated to the latest Internet security standards, and recently there have been a number of Internet security updates that are affecting some older email clients and stopping them from connecting due to security vulnerabilities they suffer from.   If you are suffering from email problems, you need to update your email client to the latest version, or with old unsupported products you may need to replace it altogether.   Known issues:   Windows Live - is no longer supported by Microsoft and this will no longer function at all with the latest security protocols.                                 *A replacement email client will be required.                        Outlook 2010:   – Its encrypted connection is not up to the latest security protocols, so will not connect.                                 *THIS IS NOT RECOMMENDED BUT WILL ALLOW EMAILS TO WORK AND CAN BE USED AS A TEMPORARY FIX UNTIL YOU UPDATE YOUR EMAIL CLIENT – YOU DO THIS AT YOUR OWN RISK! In the email account settings advanced tab, changing the incoming server port number to 143 and the outgoing server port number to 25 should allow a connection, but messages will be unencrypted - USE AS A TEMPORARY FIX UNTIL YOU UPDATE YOUR EMAIL CLIENT – YOU DO THIS AT YOUR OWN RISK!   Apple products: To overcome any issues with Apple products, updating to the latest operating system should fix this.   In the meantime, you can access your email accounts via WebMail. To do so go to: www.yourdomainname/webmail and you can securely log into your email accounts there, where you can send and receive email.   If you are looking for a free email client, we recommend which is a secure system from Mozilla the organisation behind Firefox.   Contact us via chat if you need any further information....

Phil Mayne | 04th April 2018 | General Articles
The General Data Protection Regulation (GDPR) is the new regulation that anyone who has business within the EU has to comply with. As an ecommerce shop, customers will be inputting a lot of their data and it's important that this is done in a safe and secure environment. Customers can ask for this information to be deleted and you must act upon it. This will come into effect May 25th 2018, but don't worry as everyone at WebBoss has you covered. How does GDPR affect your clients? The customer must give consent for any data to be stored through your business including emails, account logins and store purchases to name a few. Your clients need to be able to access and modify this information if they are asked by a customer. This can get complicated if multiple third-party plugins are involved or if there isn't a dedicated team member in place to address these issues. As a developer, the ability to ensure your clients that you can be GDPR compliant within a secure and accessible environment is a great selling point. Reliable GDPR compliance with WebBoss CMS “A chain is only as strong as its weakest link” If you are using a platform reliant on third-party plugins then you may not be as compliant as you once thought. You may need to rethink your developer environment if certain plugins you have relied on aren't compliant or slow to the mark. Being ISO 27001 certified means that all data stored, using the CMS and any of its components, is secure and GDPR compliant. Customers who need data changed can do so within a safe and secure environment with no unreliable third-party to interfere. This means that you can safely use the development environment without worrying if a certain plugin or component is GDPR compliant. You as a developer can continue to build websites without having to worry and the client can control their ecommerce data safely and securely. Overall the GDPR is something that we will all have to worry about sooner rather th...

Phil Mayne | 05th March 2018 | General Articles
The world of CMS can be quite one-sided. With a market share of 60%, WordPress is the dominant force with lots of free or premium plugins and templates. This popularity has lead to a huge third-party plugin and theme development ecosystem creating a whole industry dedicated to the CMS. But what happens when you want to focus on security for your website? Having lots of third-party add-ons to rely on to be updated could be a potential risk. Being market share leader means that not only is it popular, the potential for a security risk is also a lot greater. Open sourced CMS and third-party plugin management In a report (seen here) we can see that in the third quarter of 2016 WordPress held a 74% lead on hacked websites, followed by Joomla (17%), Magento (6%) and Drupal (2%). It makes sense that WordPress would be at the top here as there are so many more users on WordPress than any other. And it isn't a surprise that a lot of these hacks are due to third-party plugins. The upside of having an open source CMS is that there is a lot of freedom to create new plugins and themes based on it. But the downside is that you are open for hackers to download the source material and find loopholes to exploit. Third-party plugins can be increasingly unreliable if the developers aren't regularly patching their product. If the plugins or CMS isn't updated regularly (either through the developer's side or relying on the client side) then this can mean that your client and their business are open to being hacked. Over 72% of all compromises are from PHP based backdoor incidents. Partnered payment gateways with WebBoss To deal with important aspects of an ecommerce site we have partnered directly with companies such as Allied Wallet, Barclaycard, and Worldpay who deal directly with the clients. These partnerships mean we bypass any need for third-party plugins which can be troublesome and work solely with their developers to package a secure payment gateway within the system. A ...