Managed hosting provider
Future Hosting has reminded Drupal users to check their websites for compromise or malware infection. Future Hosting has headquarters in Southfield, Michigan, United States and offers hosting services that include dedicated servers and Virtual Private Servers (VPS) options. Established in 2001, the company provides cost-effective prices for reliable hosting that benefits from superior customer service. Its notice to Drupal users comes in the wake of what has been dubbed “Drupalgeddon2”.
Drupal is a popular Open Source Content Management System (CMS). Available as a free download, Drupal isn’t as popular as solutions like WordPress and Joomla, but around 5% of all websites that use a CMS use Drupal (around 1 million sites). It is easy to use, highly scalable, and benefits from a wide range of features and additional modules that add functionality to sites. As a result, it is particularly popular with businesses and government agencies. However, a vulnerability in the Drupal code is being exploited by automated botnets.
The vulnerability gives hackers the ability to completely take over the server a website is hosted on. Future Hosting is advising Drupal users to use patches released by the Drupal project to fix the vulnerability in March and earlier in April. According to the company attacks on the vulnerability are “so widespread that it is unlikely that any unpatched Drupal site on the web will escape being compromised”.
“Future Hosting is home to thousands of Drupal sites and we’re seeing a constant flood of attacks using this vector,” explained Future Hosting’s Vice President of Operations, Maulesh Patel. Future Hosting has recommended its customers with Drupal 7 websites upgrade “to at least Drupal 7.58”. Customers with Drupal 8.5.X sites should update to Drupal 8.5.3. “Patches have been released for Drupal 8.4, but earlier 8.X versions are unsupported. Patches are available for Drupal 6 via the Drupal 6 LTS project,” suggested Future Hosting’s press release.
Do you know of any other companies advising customers to upgrade sites? Let us know the details. Add your comments below.
