Jika ada sebarang salah dan silap, tersilap kata, terkasar bahasa, terponteng “post” sehingga anda tertunggu-tunggu, tersalah ejaan yang menyakitkan mata, dan apa sahaja kesilapan yang seorang blogger boleh lakukan, kami memohon maaf zahir dan batin.

Selamat Hari Raya! :)

Sabri & Syazwan,

Untuk feel raya lebih maksimum, saya nak share gambar Raya family saya lah. :)

(Kepada yang tengah tersengih-sengih tu, :razz: Ya, ini gambar 3 tahun lepas. Saya akan KURUS kembali, jangan bimbang! :grin: Bagi saya beberapa tahun lagi sebelum bersanding, hehe…)

========================================
Public Service Announcement from ECM
========================================
Over the past few weeks, there have been countless reports of increase in hacking, spam and phishing activities coming from all over internet. As your hosting provider, it is our responsibility to educate everyone on these matters, and we will do just that.

There are many ways spam can be sent out, account be hacked and phising sites uploaded. For those of you who do not know what phising is, it is a site that is made to impersonate another site, usually its purpose is to steal credit card and account information that would then be used for malicious purposes. I will outline the most common methods below and how to prevent them:

1) Outdated Scripts – It is very easy to upload and/or install a script, and then simply forget about it months, or even years later. What difference does it make if I never use it anymore? Simply put, a lot. There is no such thing as a 100% secure script, regardless of the developer, regardless of the nature of the script, and the list just keeps on going. It is the developer’s responsibility to keep updating the script every time a security exploit is found. If you do not keep up to date with these patches, then you risk having your account exploited. So please remember to keep track of all scripts that are installed and/or uploaded, and update them constantly!

Delete ALL UNUSED and UNWANTED files & folders

2) Directories & Files that are have their permissions set to 777 – There is absolutely no reason why a directory or a file should be chmodded (having its permissions set) to 777. If any installation tells you to do so, just try 755. Almost always, 755 will work in place of 777 without allowing anyone to write to the directory. What 777 does is allow anyone the ability to upload any type of file (which could be a mass mailer or a phishing site) without any sort of notice to you, where 755 only allows the user and group to upload such files. So please, go through each and every single file and folder that is in your account to ensure that you have no 777 directories, if you do, just change it to 755. From our research, this is what is causing the most phishing attacks and spam. So please check and re-chmod if needed!

ECommerceMastery.com has always been lenient with the phishing and mass mailer attacks, as we understand that issues do arise. However, effective today, we will be more harsh when dealing with these issues. Keeping your scripts up to date and making sure no directory/file is chmodded to 777 should prevent almost any incident. From this day forward, we will be forced to suspend accounts that are exploited due to user negligence. However, we will be more than happy to work with you to determine whether or not your scripts or directories are secure.

(Joomla users, take note of this.)

We will be considering implementing the use of suPHP over the next few days. If we decide to implement it, we will send another email out with additional details.

As always, if you ever have any questions, or issues, relating to this or anything, then please feel free to contact us (2 weeks after Raya if possible) :mrgreen: . We will be more than happy to help in any way possible.

But still, enjoy your Raya. Selamat Hari Raya & Maaf Zahir Batin.

EcommerceMastery.com Team