moodLearning Wiki

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
why-moodlearning-hosted-site [2019/03/12 23:18]
serbizadmin [Security]
why-moodlearning-hosted-site [2019/04/12 17:22] (current)
serbizadmin
Line 1: Line 1:
 ====== Why moodLearning-hosted Site? ====== ====== Why moodLearning-hosted Site? ======
 +{{ ::​why_ml_site.png?​600 |}}
  
 ===== Security ===== ===== Security =====
 +~~NOTOC~~
 At moodLearning we take security seriously. If you don't take it as seriously as we do, At moodLearning we take security seriously. If you don't take it as seriously as we do,
 + 
   * your site could be an unwitting accessory to crimes. See this example of the search engine results for a compromised site with nefarious contents uploaded by a "​hacker":​ \\ \\   * your site could be an unwitting accessory to crimes. See this example of the search engine results for a compromised site with nefarious contents uploaded by a "​hacker":​ \\ \\
 {{ ::​googleresultsofhackedsite.png?​400 |}} {{ ::​googleresultsofhackedsite.png?​400 |}}
 +\\
 +\\
 +In the case of an organization whose site was recently compromised,​ we had to help rehabilitate their online reputation. moodLearning caused the removal of over a thousand pages of shady pages on gambling, antivirus, thesis and dissertation writing, mail-order brides, data rooms, viagra.
 \\ \\
 \\ \\
Line 10: Line 16:
 {{ ::​dashboardarticles.png?​400 |}} {{ ::​dashboardarticles.png?​400 |}}
 \\ \\
-* your site could be open for exploitation. This is a sample scanning result from an actual insecure site:+  ​* your site could be open for exploitation. This is a sample scanning result from an actual insecure site:
 <​code>​ <​code>​
 PORT     ​STATE ​   SERVICE ​     VERSION PORT     ​STATE ​   SERVICE ​     VERSION
Line 35: Line 41:
 </​code>​ </​code>​
 A number of ports here are open unnecessarily. For instance, Port 3306 is the open database port that can theoretically be exploited to inject unwanted contents to the site or, worse, the database can be erased altogether. A number of ports here are open unnecessarily. For instance, Port 3306 is the open database port that can theoretically be exploited to inject unwanted contents to the site or, worse, the database can be erased altogether.
 +\\
 +\\
 +  * Left unattended or just poorly maintained, your site could be vulnerable to various harms. Here's a vulnerability scan result on our client'​s site before we apply the risk treatment sought:
 +\\
 +{{ ::​vulnerabilityscan.png?​400 |}}
 +\\
 +Clearly this site has not been updated in a long time. moodLearning'​s support comes with periodic vulnerability assessments to address risks proactively.
 \\ \\
 \\ \\
Line 48: Line 61:
 \\ \\
 \\ \\
-