Articles

Recent Security Breach and RSFirewall Updates 2014

 

To view this email as a web page, go here.

 

RJ Web Builder 2.0 - Header
Website | Subscribe | Donate

Dear Webmasters:

Two weeks ago, a handful of sites (6) were impacted by a redirect from their homepage. This is the second time in two years that such a "hack" has taken place. Both incidents of attacks originated overseas by a politically motivated hacker group that targets the websites of Jewish institutions in the United States. In this case, it was only a redirect. No database or user information or other data was accessed. In response, we immediately notified our hosting company, and they were able to find the cause and remove the offending code.

Deflecting attacks is a regular course of business for all websites, and our servers routinely protect our sites against thousands of attempts by automated malicious processes daily. As has been reported in the media lately, internet security risks are universal and protecting sites from attacks is a big business.

If you would like to add some additional security settings to your site, you have access to the RSFirewall! component in the administrator control panel. A firewall is a system designed to prevent unauthorized access to or from a private network. RSFirewall! actively protects your Joomla! website from intrusions and hacker attacks. For more information on the features of RSFirewall! and how they work, please review this tutorial.

Over the next two weeks, I will be updating the RSFirewall! software on every site. I will also be adding a new plugin that will allow you to block all IP addresses that appear to be coming from a specific country. An IP address is a numerical label assigned to each computer, therefore if you block an IP address, you block one's access. Once installed, this component can be accessed from Components > RSFirewall! > Configuration > Country Blocking. You should then see a country checkbox list where you can allow/disallow access. Since the two previous attacks against URJ websites originated overseas, we highly recommend that access to sites are restricted to North America only.

Attacks can come in many forms. When loading your site in a browser, it may not be there, or it redirects you to a different page, or suddenly your site is full of advertisements. You may notice new usernames or multiple attempts from the same IP address to access the admin. If it's the former, you may want to lockdown your site . This will prevent any new installations or the creation of other users with admin rights. However, this will make it riskier for you to login if you forget your password since you could also get blocked out if you attempt it incorrectly too many times. We would need to reset your access in that case.

In any case, if you do notice your site has been hacked, please don't panic. Notify us, or we will notify you. Either way, all congregations affected will be notified in a quick and timely manner upon resolution.

Thank you for your attention to this important matter.

Joel Emerman
Congregational Websites Manager


Support Reform JudaismJoin us on FacebookFollow us on Twitter

© Union for Reform Judaism
212.650.4000
633 Third Avenue • New York, NY • 10017-6778

You received this email because you are listed as Webmaster of your congregation. If you are not serving in this position, please have your congregation contact This email address is being protected from spambots. You need JavaScript enabled to view it. to update our records.

Manage Subscriptions | Update Profile

Please know that the Union for Reform Judaism does not sell, market or distribute e-mail addresses (see the privacy policy at urj.org/privacy).

UA-370524-15