A few days ago a long-term client received a suspicious email which threatened to remove their inactive email accounts. Naturally the first thing they did was notify us. We immediately smelled a rat and asked them to forward the email to us for further investigation.
Every so often something new is introduced designed to make things easier. But sometimes it also accidentally making things a bit harder. This is one of those times.
cPanel v58 introduced AutoSSL which automatically installs and renews SSL Certificates. All websites can use a Domain Validated SSL Certificate but AutoSSL can also be used to work with Let’s Encrypt. As a quick primer, SSL certificates allow a website to encrypt the communication between the web host and website visitors which is particularly important when you’re sending sensitive information like passwords and Credit Card details. Google also appears to be moving in the direction of recommending websites that use SSL. So if your webhost is using cPanel they can easily offer automated SSL Certificates to all their customers costing them practically nothing.
Great, right? Well, if you’re using a Content Distribution Network (CDN) or third-party Website Firewall, things may not be so great.
We were doing routine maintenance on a client’s WordPress website when we noticed that they’d installed a plugin. Installing plugins is something we don’t normally encourage (or even allow) our clients to do but there are of course exceptions to the rule. We wanted to learn more about the plugin so we could determine if it could safely be removed and to cut a long story short we ended up going through the code itself only to find the plugin displays, without permission, a hyperlink to an external website. This was ad injection.