We wanted to let you know in advance of a new development that we will be rolling out to the ‘manage’ control panel from the 15th February 2010.
Over the last year there has been a substantial increase in the number of sites on the internet that have been hacked due to viruses that steal FTP credentials from user’s home computers. The hackers then use these credentials to insert hidden code within your website.
Please see http://en.wikipedia.org/wiki/Gumblar for more information on this type of attack.
To reduce the significant threat from these viruses, our server hosts have been working with a focus group of administrators and direct customers to come up with a solution that protects websites. The solution is to lock FTP when it’s not in use, making it extremely difficult for the hackers to infect your site via this route.
To unlock FTP, customers will simply log into their ‘manage’ control panel and click one button to unlock FTP for a period of time. FTP will then automatically lock again after the time period has expired.
Customers will also be able to nominate an IP address that has permanent FTP access, customers FTPing from that IP address will not have to unlock FTP. Resellers will also be able to add an IP which will give them access to all their FTP accounts without having to unlock. Nor will you have to unlock FTP if you use the File Manager within the ‘manage’ control panel.
These security measures will ensure that the majority of sites have FTP locked, greatly reducing the risk of having your websites infected.
Please remember that this change will go live on the 15th February 2010. Of course to help further reduce the chances of these types of attacks, always ensure your computer is kept up-to-date with anti-virus, malware, and spyware protection. Similarly, try to ensure that you have the most up-to-date software from the different manufacturers.
There’s a good chance our customers using ‘Cushy CMS’ to manage their websites will also need to log into the ‘manage’ control panel to release the FTP access, prior to making updates through cushy.
We expect the same will also be true for those trying to make updates to their blog through ‘Blogger’.
We’re sorry for the inconvenience this may cause you, and are looking for a way to work around this particular problem as soon as possible.