As with the beginning of every new year we were excited about the prospects that 2020 would bring. But those thoughts were soon shattered with news of a rapidly spreading disease that ultimately turned into a full-blown pandemic.
Stay-at-home orders soon followed, and we took quick action to shift to a remote workforce. We were fortunate since we were already set up with the ability for our system admin staff to work remotely, so the transition to remote work for all our staff was relatively smooth.
To get through this new reality, we knew our customers would increasingly rely on their online presence so it was important for us to be able to maintain and enhance our hosting infrastructure and services while continuing to provide excellent customer support. It was a tough 2020, but I’m extremely proud that our team delivered on our hosting promises.
Highlights from 2020
At the end of most previous years, I usually reviewed the past year and posted Top 10 lists of things that we accomplished. In this post, I’ll just highlight a several things we accomplished in 2020.
We installed PHP 7.4.x and PHP 7.3.x for our PHP users. (We also deprecated PHP 5 which had reached its end-of-life and posed serious security issues.)
We kept up with Microsoft’s .NET initiatives. We launched support for .NET 5 (ASP.NET Core 5.0) and .NET Core 3.x for Framework-Dependent Deployment (FDD). Please note that we maintain a list of .NET Core versions that are installed on our servers in our knowledge base. (If you do not see a .NET Core version that you want to use listed, we also support Self-Contained Deployment (SCD) – so you can always deploy your applications on our platform.)
We also kept open source applications updated in our Control Panel Web App Gallery.
Security Solutions at Everleap
We launched an Email Cloud Backup solution at Everleap that allows customers to securely backup email and attachments from virtually anywhere – email hosted at DiscountASP.NET or Everleap, email hosted at other hosting providers, and even Gmail and Office 365. Search tools are available as well as tools to restore emails. We offer a 30 day free trial so you can test out the service.
We launched an Office 365 Cloud Backup solution at Everleap that will automatically backup your Office 365 email, attachments, tasks, calendars, contacts as well as SharePoint, OneDrive, Groups and Teams. The higher level Office 365 Cloud Backup plan includes an Email Archiving solution that securely preserves the email archive for auditing and ensures the email archive is searchable, discoverable, and accessible should the business be subject to a third-party audit or legal motion. We offer a 30 day free trial, if you want to test out the service.
As we put 2020 behind us and usher in the start of a new decade, we continue to be hopeful. Even though our team is still working remotely, we will continue to strive to offer our customers a great hosting experience – one that you can count on.
We want to say big THANK YOU to all our customers and we wish all of you and your family a Happy New Year.
On November 10, 2020, Microsoft officially released .NET 5.0. What is it exactly? If you’re confused, so am I, mainly because for a while we’ve been disciplined to accept the .NET #.# nomenclature to mean .NET Framework then we were getting used to the .NET Core #.# naming convention.
But things are changing again with .NET 5.0. .NET 5.0 is the beginning of Microsoft’s journey to unify everything in the .NET world which includes Framework, Core, Mono, etc. and provide cross-platform compatibility. Microsoft plans to release a new version of .NET each year in November and offer Long Term Support (LTS) for every even version.
In essence, .NET 5.0 appears to be ASP.NET Core 4.0 but Microsoft is skipping v4.0 and going with ASP.NET Core 5.0. According to Microsoft, they are skipping the 4.x version numbering to ASP.NET Core to lessen confusion and solidify that there will be only one .NET unified platform moving forward.
ASP.NET Core 5.0 has a lot of feature updates and performance improvements along with a few technologies (or I’d rather say programming paradigms) that WILL NOT be ported over – Web Forms, Windows Communication Foundation (WCF), and Windows Workflow (WF). Instead, Microsoft recommends that you use their alternative counterparts – ASP.NET Core Blazor/Razor pages, gRPC, and Open-source CoreWF, respectively.
Below are some of new features and improvements: – Updates to C#, F#, and Visual Basic – New features of System.Text.Json – Single file apps – App trimming – Performance improvements to Garbage Collection (GC), System.Text.Json, System.Text.RegularExpressions, Async ValueTask pooling, Container size optimizations, etc.
.NET 5.0 also introduces a preview for .NET MAUI (Multi-platform App UI) which is a framework for developing user interfaces. Microsoft calls it an evolution of Xamarin.Forms and hopes to complete support for it when .NET 6.0 is released next year. So, just like Star Trek movies, look forward to every even numbered release (just kidding).
Now that you have a broad overview of what .NET 5.0 is, you can read a more comprehensive list of changes here (https://devblogs.microsoft.com/dotnet/announcing-net-5-0/). And because we know a lot of developers are eager and excited to start working with .NET 5.0, we officially support it here at DiscountASP.NET.
In an effort to unify .NET, Microsoft has recently released a major update they are calling .NET 5.0. If you recall, the last .NET Core version was 3.X, so you may be asking what happened to .NET Core 4.X? Microsoft decided to skip that version and go straight to .NET 5.0 and drop the “Core” naming convention. They did so to avoid confusion – but they are retaining the ASP.NET Core 5.0 name. In any case, these kind of moves are always confusing even if you try to diffuse the confusion so it will probably take another version or two to iron things out.
But the point of this blog post is to announce that we support .NET 5.0 or ASP.NET Core 5.0 on our Windows 2012 and Windows 2016 servers. So feel free to experiment, learn, update and deploy your .NET 5 apps.
We have seen a few of our customers experience malicious bots making repeated efforts to break into their WordPress login page. There are a few issues that arise from this activity. Not only is it annoying but this can eventually crash your site by using up your server resources. It can also lead to your WordPress site getting hacked since that’s what the bots are trying to accomplish.
To prevent experiencing these issues, you can use Cloudflare‘s Firewall rule feature.
Let’s get started:
Assuming you have a Cloudflare account, log into your Cloudflare account.
Click on the Firewall icon
Click on the “+ Create Firewall rule” link on the upper right corner.
In the “When incoming requests match…” section select “URI” in the drop-down menu under Field. For the Operator field, select “Contains“. In the Value field, enter “/wp-login.php” as shown above.
In the “Then…” action select “Challenage (Captcha)“.
Now when someone goes to your wp-login.php page they will be met with a Captcha challenge they must enter first in order to log into your WordPress site.
The best part of using this firewall rule on your Cloudflare account is that it generally stops the bad guys from getting into your WordPress site. And, as a bonus, your server resources are also protected.
Over the past few months, we have seen a large number of hacking attempts against our customer sites using an old Telerik component vulnerability. More specifically, the Telerik Web UI component, widely used in different applications like DotNetNuke, Sitefinity and custom built ASP.NET sites, is being targeted. One codename given to this hack is Blue Mockingbird. Hackers are finding success in compromising sites using this exploit because many site owners never patched their websites. Telerik has even recently blogged about the increase in hacking activity and provides some guidance.
What hackers are doing with compromised sites There appears to be different individual hackers and hacker groups that are using this exploit and they are doing different things. In our experience, we have seen the following:
Hacker attempts to compromise the website/database. The hacker
Uploads phishing/malware site which can result in the site getting blocked by anti-virus software and browsers.
Gains access to the database which could contain sensitive information.
Installs scripts that attack other systems (e.g., brute force attacks)
Modifies scripts to skim sensitive information, like credit card numbers.
Hacker attempts to compromise server in order to
Install a cryptominer and use the server resources
Compromise the hosting infrastructure
Hijack the server and use the server for other attacks
Hacking activity mitigation Mitigating this vulnerability has proven to be difficult, but we have been observing and learning from all the hacking activities. Now, along with our intrusion prevention detection system, we’ve made security tweaks on our webservers, and trained a diligent team. As a result, we have been able to protect our customers and our infrastructure.
Hacking activity background We first noticed there was an issue when our intrusion detection system indicated a potentially malicious process being started on one of our servers. Our team immediately investigated and after some work we pinpointed the site that was compromised, determined how the site was compromised, and addressed the hack.
We soon started to notice similar incidents and after further investigation some of the flagged activities turned out to be false positives (legitimate activities), while others were hacking attempts. The attempts started to increase to almost daily at its peak.
Why the hack is nasty What makes this hack nasty is that it uses built-in functionality of the Telerik control to upload a payload to the compromised site. The control functionality is used by the website so it is extremely difficult to tell which use case is legitimate and which activity is a hacking attempt.
To make things harder to detect, much of the hacking activity uploads a payload that does not interfere with the website and many times the payload appears to do nothing but sit there. Presumably, the payload will “wake up” when the hacker decides to activate it at a future time. Therefore, the website owner would never know they got hacked and the host will never know unless specifically looking for this type of activity.
Another thing we’ve seen recently is a site being compromised but the hacker did not upload anything. The hacker is just probing and logging which sites are “hackable” for some future plan. It’s like if someone breaks into a home using a key, looks around but doesn’t move anything or take anything and leaves. How are you to know someone who should not have access had entered the home?
Windows hosts beware Windows hosting providers really need to pay attention to this hacking activity going forward. This vulnerability may be old but it’s still very much alive and hackers are exploiting it to compromise Windows servers and leaving virtually no footprint.
What website owners should do In order to stop this attack from occurring in the first place, website owners must patch the Telerik Web UI component within their application which is typically found within the /bin folder.
You can check the table below on what actions to take depending on the application using the Telerik Web UI Control and where you host your website.
Website hosted with DiscountASP.NET
Website hosted elsewhere
Contact our technical support team and we can check if your site is vulnerable and our staff can apply a patch to secure your DNN instance.
Contact our technical support team and we can check if your site is vulnerable and provide you with guidance on the next steps.
Check if you are using the insecure Telerik Web UI versions listed here. Check your website files on the server and make sure there are no weird files (that you did not upload). If you own the Telerik license, contact Telerik and patch your site. If your developer owns the Telerik license, have them contact Telerik and patch your site.