Category: Security
Cyberattacks, backups, data protection: Follow my expert advice to strengthen the security of your websites and online services.
-
ACF: CVE-2025-54940: why 6.4.3 is still a must-have update (even if the CVSS score is moderate)
An HTM injection flaw affects Advanced Custom Fields up to version 6.4.2. Moderate risk, but must be corrected quickly to avoid degradations, phishing or XSS.
-
The best free and open-source password manager in 2026 (KeePass)
Secure Your Passwords with an Open-Source, Self-Hosted Solution Managing passwords is a real headache! We all know that the security of our personal data depends on our passwords, but honestly, who hasn’t made a mistake when managing them? Let’s take a look at how to avoid the most common pitfalls and find the ideal solution for keeping our passwords secure. Common mistakes in password management Two simple questions to see where you stand with your password management: No…
-
A critical flaw in ASUS routers: thousands of devices compromised in a stealth campaign
Since March 2025, a highly covert hacking campaign has been targeting ASUS routers exposed to the Internet. The cybersecurity firm GreyNoise recently revealed that thousands of these devices had been infected without leaving any visible traces. The level of sophistication of the attacks suggests a highly experienced group, possibly even a state-sponsored one. The goal appears to be a classic one: to build a botnet. 🛡️ When it comes to websites, don’t forget the importance of hosting your web services with a secure provider, such as LRob, which protects your data far beyond the basic infrastructure. In summary: what you need to know 1. How the…
-
World Data Backup Day 2025 - Web data and collaborative clouds
How much would it cost you to lose your business or personal data? You don’t want to know. And yet, it’s a very real risk—one that affects both individuals and professionals every day, often due to negligence, forgetfulness, or a false sense of security. To mark World Backup Day, celebrated every year on March 31, LRob, your WordPress-specialized web hosting provider, helps you take stock of best practices, practical solutions, and pitfalls to avoid so you’ll never lose valuable data again. What is World Backup Day…
-
Performance and Security: LRob's strategy for optimal WordPress hosting
High-performance, secure WordPress hosting—no compromises. At LRob, our mission is clear: to provide fast and secure WordPress hosting, minimizing the impact of attacks while optimizing server performance. Unlike standard solutions that merely react to threats, we go a step further by actively preventing unnecessary server load. While some hosting providers fail to implement—or inadequately implement—attack blocking measures or offer no transparency, LRob can proudly showcase the measures we’ve put in place and the results we’ve achieved. In this article, we’ll explain our strategy, which is based on three layers of security…
-
Record attack: 2.8 million IPs compromised: What impact for WordPress hosts?
A new threat of unprecedented scale is rocking the web: 2.8 million compromised network devices are currently being exploited to flood the Internet with malicious requests. At LRob, as a web hosting provider, we have observed a dramatic increase in attacks over the past few days. We’ll explain how we’re effectively blocking them. These attacks aren’t just a nuisance—they can seriously impact the performance and security of your websites. How does the attack work? What impact does it have on your websites? How can you protect yourself? Here are the answers. Details of the cyberattack Discovery of the attack on…
-
Symfony: 8 new security vulnerabilities discovered - Analysis and recommendations
After a year without incident, Symfony disclosed eight vulnerabilities at once on its blog on November 6, 2024. They affect various versions of the Symfony framework. Here is a summary of these critical vulnerabilities, their potential impacts, and the solutions implemented by Symfony. This will help you understand the implications of these vulnerabilities so you can secure your applications. Introduction Even the most reputable frameworks, such as Symfony, are never completely immune to security vulnerabilities. Regardless of the application solution you choose, vigilance is essential. Security measures such as the ModSecurity application firewall and the automatic blocking of…
-
Blacklists (RBL): SPFBL.net's outrageous practices
Not all blacklists are created equal. And SPFBL is an example of what not to do. Do not use this blacklist, and do not give in to its pressure.
-
Critical security flaw in CUPS on GNU/Linux September-October 2024: What you need to know
A set of four critical security vulnerabilities has just been discovered in CUPS affecting all GNU/Linux systems. This article will be updated with new information to provide you with a simple and effective summary of what you need to know and the steps you should take. Update 09/29/2024: These vulnerabilities do indeed affect only CUPS, so very few servers are impacted—unless you have printers in a data center…! This article has therefore been rewritten accordingly. A Critical Vulnerability: What Do We Know? Security researcher Simone Margaritelli discovered this set of vulnerabilities in early September…
-
Apache web server vulnerability affects millions of servers
The Apache HTTP Server is one of the most widely used web servers in the world. However, like any software, it is not immune to vulnerabilities. And be careful—this is a double vulnerability. On July 4, a critical security vulnerability was discovered affecting version 2.4.60 of Apache. This vulnerability is tracked as CVE-2024-39884. The vulnerability allows the source code of PHP files to be disclosed. This is extremely critical because these files may, for example, contain database passwords or confidential proprietary code. A patch has therefore been released in version 2.4.61 of the server…