mobile2.tux

Your website must be mobile friendly by tomorrow!

Google has just changed their search algorithm and how it will be ranking websites. Starting today the websites that are not either responsive, or have an alternative mobile website version that displays by identifying mobile devices, will be penalized in their SEO ranking, the mobile-friendly websites equipped with big fonts and big clickable elements and set Viewports, responsive to resizes to fit the mobile and tablet screens will rank higher.

Google announced this algorithm change back in February. These changes are not small either, Google announced that they will “have a significant impact in our search results.” Google want to return relevant, high quality search results that are optimized for the viewer device.

With over 60% of search traffic pouring in from mobile and tablets, small businesses – especially ones dependent on local search – need to ensure they’ve made the necessary changes so that their sites aren’t penalized by Google’s new ranking system. Columbus Software clients have already been optimized as early as 2008 and all websites have been responsive since 2012. New customers however can be assisted, we can fix the issue by writing responsive CSS 3 Media based queries to create a mobile fit-able version of your website by the end of weekend for only $150. Act now before you sink down in search!

Google has provided companies with a guide to creating mobile-friendly websites as well as a test to see whether or not pages pass its mobile-friendly bar.

Comodo Web Application Firewall – Modsecurity Vendor Rules For cPanel/WHM

ColumbusSoft’s Free collection of multiple 3rd-Party and customer ModSecurity rule sets to add additional security with extra attention to WordPress, WHMCS, Joomla, Prestashop and etc.

In this release we have included the Comodo Web Application Firewall, a set of Free ModSecurity Rules from Comodo that provides powerful, real-time protection for your web applications, this is while cPanel/WHM has launched it’s own ModSecurity feature without the need to use ConfigServer to install mod_sec rules.

If you are running websites on Apache and Linux based web-servers with cPanel/WHM you might have seen the default OWASP Modsecurity Vendor that comes with cPanel.

But what if you need to add more security rules to address a wider range of exploits and vulnerabilities? While cPanel allow you to add other Modsecurity Vendor to WHM, you might have had a hard time finding any other Modsecurity Vendors that provide complementary rules. As of this writing we are the only 3rd Party Modsecurity Vendor providing rule sets to secure your server and web applications against SQL injection, XSS, file disclosure and other zero-day exploits that follow similar patterns.

Our Modsecurity Vendor rules are available publicly to be added to the Modsecurity Vendor Rules For cPanel/WHM  11.46 Release that includes a very eloquent feature to manage ModSecurity without the need of extra plugins such as the ConfigSever Modsecurity plugin.

3 Step Simple Installation
1) cPanel/WHM > Security Center > ModSecurity™ Vendors
 2) Click on "Add Vendor" and paste the following Vendor Configuration URL: http://columbussoft.net/api/modsecurity-rules/meta_ColumbusSoft.yaml
 3) Click Load and then Save!
 *) You can install and load these rules for Free, but then after you will need to pay a convenience fee to get a license for enabling automatic updates. ($9/month)
Legal Disclaimer: We do not claim any ownership of the rules and contents in this collection and in no way are charging you for the content, our service that you may choose to pay for is basically a convenience fee for collecting and maintaining the package and keeping them up to date.

This is our first and beta version, our collection is small now and other than some custom security rules, related to Wordpres, WPScan, Joomla and WHMCS, we have one major library from Comodo’s Free ModSecurity Rules which was the inspiration for this project. We waited several months for a COMODO Modsecurity Vendor to support the new cPanel/WHM ModSecurity Vendor feature, we were not able to find any third party ModSecurity Vendors other than the default OWASP ModSecurity Core Rule Set that ships with cPanel 11.46 Release and later.

The goal of this project is to utilize this great new features and interface by cPanel and add every useful rules that are out there and not shipped with cPanel.

What's New in Version 1.25:
 - WPScan default user-agent blocker
 - Multiple vulnerabilities in pfSense
 - CVE-2014-5115
 - CVE-2014-4852
 - CVE-2014-4533
 - CVE-2014-4552
 - CVE-2014-4554
 - CVE-2014-4555
 - CVE-2014-4556
 - CVE-2014-4557
 - CVE-2014-4563
 - CVE-2014-4564
 - CVE-2014-4565
 - CVE-2014-4566
 - CVE-2014-4594
 - CVE-2014-4595
 - CVE-2014-4596
 - CVE-2014-5183
 - CVE-2014-5184
 - CVE-2014-5187
 - CVE-2014-5194
 - CVE-2014-5186
 - CVE-2014-4575
 - CVE-2014-4584
 - CVE-2014-4585
 - CVE-2014-4587
 - CVE-2014-4604
 - CVE-2014-4605
 - CVE-2014-4606
 - CVE-2014-4939
 - CVE-2014-4940
 - CVE-2014-4941
 - CVE-2014-5180
 - CVE-2014-5190
 - CVE-2014-5196
 - CVE-2014-5022
 - CVE-2014-5181
 - CVE-2014-5182
 - CVE-2014-5193
 - CVE-2014-5199
 - CVE-2014-5201
 - CVE-2014-5202
 - Extra WHMCS protection rule
 - Extra WordPress protection rule
  • CVE-2013-3727 [SQLi] Kasseler CMS
  • CVE-2013-3728 [XSS] Kasseler CMS
  • CVE-2014-1222 [Dir.Traversal] Vtiger CRM before 6.0.0 Security patch 1
  • CVE-2014-4002 [XSS] Cacti 0.8.8b
  • CVE-2014-4524 [XSS] WP Easy Post Types plugin before 1.4.4 for WordPress
  • CVE-2014-4526 [XSS] efence plugin 1.3.2 and earlier for WordPress
  • CVE-2014-4527 [XSS] EnvialoSimple: Email Marketing and Newsletters plugin before 1.98 for WordPress
  • CVE-2014-4534 [XSS] HTML5 Video Player with Playlist plugin 2.4.0 and earlier for WordPress
  • CVE-2014-4537 [XSS] Keyword Strategy Internal Links plugin 2.0 and earlier for WordPress
  • CVE-2014-4538 [XSS] Malware Finder plugin 1.1 and earlier for WordPress
  • CVE-2014-4549 [XSS] WooCommerce SagePay Direct Payment Gateway plugin before 0.1.6.7 for WordPress
  • CVE-2014-4560 [XSS] ToolPage plugin 1.6.1 and earlier for WordPress
  • CVE-2014-4574 [XSS] WebEngage plugin before 2.0.1 for WordPress
  • CVE-2014-4581 [XSS] WPCB plugin 2.4.8 and earlier for WordPress
  • CVE-2014-4582 [XSS] WP Consultant plugin 1.0 and earlier for WordPress
  • CVE-2014-4583 [XSS] WP-Contact (wp-contact-sidebar-widget) plugin 1.0 and earlier for WordPress
  • CVE-2014-4586 [XSS] wp-football plugin 1.1 and earlier for WordPress
  • CVE-2014-4591 [XSS] WP-Picasa-Image plugin 1.0 and earlier for WordPress
  • CVE-2014-4593 [XSS] WP Plugin Manager (wppm) plugin 1.6.4.b and earlier for WordPress
  • CVE-2014-4942 [Information] The EasyCart (wp-easycart) plugin before 2.0.6 for WordPress
  • CVE-2014-4944 [SQLi] BSK PDF Manager plugin 1.3.2 for WordPress
  • CVE-2014-4600 [XSS] WP Ultimate Email Marketer plugin 1.1.0 and earlier for WordPress
  • CVE-2014-4601 [XSS] Wu-Rating plugin 1.0 12319 and earlier for WordPress
  • CVE-2014-4602 [XSS] XEN Carousel plugin 0.12.2 and earlier for WordPress
  • CVE-2014-5192 [SQLi] Sphider
  • CVE-2014-5337 [Information] The WordPress Mobile Pack plugin before 2.0.2 for WordPress
  • CVE-2014-5343 [XSS] Attack in Feng Office
  • CVE-2014-5344 [XSS] Mobiloud plugin before 2.3.8 for WordPress
  • CVE-2014-5345 [XSS] Possible XSS Attack in Disqus Comment System plugin before 2.76 for WordPress
  • CVE-2014-5347 [CSRF/XSS] Disqus Comment System plugin before 2.76 for WordPress
  • CVE-2014-5368 [Dir.Traversal] WP Content Source Control plugin 3.0.0 and earlier for WordPress
  • Possible Shell Upload Vulnerability in extplorer plugin for Joomla!
  • Blocking execution of an uloaded shell in Joomla!
Mobile Detected
Tablet Detected
Desktop Detected
Large Screen Detected
Retina Display Detected