Increased Application Security with Patchman

logoEnsuring the security of our customers’ web sites is a top priority for us at Kualo. In recent years we have been a dramatic increase in malicious attempts to compromise an innocent web site. Generally these “attacks” are by hackers or spammers, who aim to control a web site in order to send out spam, distribute malware or host phishing content, or to use the compromised site to launch attacks on other web sites or servers. Whilst we maintain excellent server-side security, often these attacks continue due to insecurities in customer code which leave a web site vulnerable to attack.

Today we are introducing a new solution, Patchman, to help protect you in the fight against malware, and this email aims to introduce you to the problem and how we are working to help protect the web sites we host.

Continue Reading →

EU VAT Changes 2015 – What does it mean for you?

vat2015EU VAT regulations are about to undergo a massive overhaul from 1st January 2015. The change relates specifically to companies that sell “digital services” – web hosting, domain registrations and other such intangible e-services are included in this category. In short, if you are based in the EU and sell digital services to customers who are located in the EU, you should read on!

Continue Reading →

Attack of the POODLE: Goodbye, SSL 3.0!

Goodbye SSL 3.0

Online security is a continuously evolving process, and security protocols are improved and developed continuously to keep your data and communications safe. Having been released some 15 years ago, SSL  3.0 is quite the dinosaur. It has been succeeded by TLS for some time now, but SSL 3.0 compatibility has been widely maintained. In the past few days, Bodo Möller of Google’s security team announced that they had discovered a vulnerability in the older SSL 3.0 protocol, codenamed POODLE (or Padding Oracle On Downgraded Legacy Encryption, if you’re not into acronyms). This vulnerability allows a hacker to view the plain text contents of secure connections over SSL 3.0. Continue Reading →

Even Faster Websites with Railgun™!

host-optimized-badge-250pxAs a CloudFlare Optimized Partner, we are thrilled to offer the CloudFlare Railgun™ technology to all our customers. Railgun is typically only included with CloudFlare’s $200/mo paid package, however we are pleased to be able to introduce it absolutely free of charge to all our customers. Railgun is CloudFlare’s latest performance optimization technology that gives you significant improvements in site load times. To activate Railgun, simply log into your control panel, click through to the CloudFlare administration screen, and select Railgun “On”. Read on for additional details and instructions.

Continue Reading →

Bash Vulnerability – “Shellshock”

On September 24, 2014 a Bash Vulnerability referred to as ‘Shellshock’ was announced. This particular vulnerability provided remote attackers the ability to execute code on the server, in certain conditions.  Our engineering team began quickly working on deploying a patch for this as soon as we became aware of the issue.  Currently all of our shared, reseller, and fully managed cloud/dedicated servers are patched against this.

Servers not directly managed by us under our fully managed service have not been patched by our team, since these servers are maintained by our clients. If you have a cloud dedicated server solution with us that is not fully managed and require assistance patching your server, please log into  our client portal at and raise a support ticket. Our support team will assist securing this for you.

PHP 5.5 Now Available!

We’re pleased to announce that PHP 5.5 has now been rolled out for our shared and reseller hosting clients. This means that in addition to PHP 5.3 & 5.4, you can now use the latest and greatest release from the development team over at In the future older releases will be removed, so we advise all clients to test their applications with this latest release. Continue Reading →

Protecting WordPress from distributed brute force attacks

As one of the most popular Content Management Systems (CMS), WordPress is frequently attacked to try and exploit vulnerabilities in outdated installations, as well as simply to try to gain access to the admin area to add posts to or deface sites. We’ve covered securing WordPress in one of our previous posts, however this one specifically aims to help you protect against brute force login attempts. Continue Reading →

WordPress Autosave: the silent crocodile.

wpAs a web host, our primary objective is to ensure that our servers, and consequently your websites, run optimally. Applications place an ever increasing demand on a servers resources as the software develops, and sometimes the ‘default’ settings of these applications need to be tweaked to ensure that they run happily on a shared web hosting environment. To ensure that we provide a stable service, our systems will detect when a web site hosted on our platform starts to use a disproportionate amount of a server’s resources. Recently one of of the main issues we have seen is with WordPress, one of the most commonly installed applications on our servers, and the very same software that’s running this blog. Continue Reading →

The 5 Basics of SEO

SEO on springsSEO – Search Engine Optimisation – is about making sure your web site is doing everything possible to rank well on search engines. The higher your site ranks, the more traffic you will get. SEO has become as much a part of online marketing strategy as advertising or social media, but it can be daunting to small businesses who can’t afford to employ SEO experts. To understand how SEO works, you must first understand how search engines rank pages.

Continue Reading →

Season’s Greetings from all at Kualo!

Santas working the night shift!

Continue Reading →