Ransomware On Your Website – Is It Possible?

fware ransomware

Ransomware on a website?

Ransomware is popularly thought to affect only PCs, mainly containing older versions of Microsoft Windows, through phishing of login details. Actually, nothing is farther than the truth.

In fact, ransomware can be introduced even into Linux-based web servers / websites without using any phishing techniques, and even if they are behind a firewall.

The above image displays the new homepage of a website on cPanel shared hosting recently locked by ransomware. The image below is a listing of the ransomware-encrypted website files as seen via an FTP client.

fware ransomware file listing

How did the ransomware get in?

Servers are computers available on the public Internet and are required to serve information via multiple protocols such as HTTP/HTTPS, FTP, SSH, etc. This also creates multiple points of entry for attackers in addition to poorly secured entry points in web apps.

In this case, the website had allowed file uploads into directories that (carelessly) had execute file permissions enabled for everyone. In Linux this is the 777 permission. This allowed an attacker to upload the fware encryption PHP code to the website and then cause the code to execute via a web browser call.

What would you do if this happened to you?

How would you be affected if you woke up one morning to see your website that wasn’t available anymore? Even after paying the ransom there is no guarantee of receiving the decryption key and getting back your website files and data.

Luckily, in this case, the webmaster (website manager) for this website had already enabled automated website backups and was able to restore the website quickly. Most webmasters agree frequent automated backups are the best defense against total website loss. So does your website have automated backups?


Avoid Email Spam Blocking

Sometimes shared hosting server IPs and VPS  IPs are blacklisted by Spam blocking services. Here are a few steps you can take to ensure your account does not cause you and others sharing your hosting server to stop being able to send emails.
If you notice any of your email accounts or scripts are sending spam mails, please perform the following steps immediately:
  •  Reset the passwords for email accounts with more complex and secure passwords.
  • If a CMS (WordPress,Joomla etc.) is involved, please check for vulnerable plugins and upgrade the plugins/CMSs as soon as possible.
  • Refrain from sending emails via scripts and mass mailing via scripts.
  • If a mail client is being used to send/receive emails (Outlook, Thunderbird etc), please scan the entire PC where the email account is setup. The PC may be infected with malware operated by spambots.
g suite logo

G Suite launched – new, improved Google Apps for Work

G Suite is the new and improved Google Apps for Work

G Suite is now offered by iWebz

iWebz℠ is proud to bring you G Suite from Google Cloud at fantastic rates. This is an improved version of the Google Apps for Work program previously launched by Google. 

G Suite is a set of intelligent apps including Gmail, Docs, Drive and Calendar to connect the people in your company, no matter where in the world they are.

And why should you pay for G Suite when Google offers similar products for free? With G Suite, you get a number of additional business-grade services not included in the free consumer product, including:

  • Professional email @yourdomain,
  • Additional storage across Gmail and Drive,
  • Interoperability with Microsoft Outlook,
  • Enhanced security features, and
  • Full administration of all user accounts.

Teams can now efficiently communicate and seamlessly collaborate while on the go.

Efficiently Communicate

Now use Gmail with your own domain name with 30GB of ad-free inbox storage. This also includes spam protection and backups. It even has a mailing list feature with the option to set a moderator.

The Google Calendar in your account will also sync with Gmail, Drive, and Hangouts to auto-suggest & schedule the best meeting options.

The Hangouts feature lets you conduct video calls with anyone anywhere and even share screens without them having to download / install any plugin.

Seamlessly Collaborate

Using G Suite teams can effortlessly store or backup files on the Google Drive. Once stored these files can be easily shared with other team members with file-level permissions.

Teams can also work together on complex data calculations using Google's own machine intelligence via Google Sheets.

Google Docs lets team collaboratively edit documents in real-time without having to even be in the same room!

Why G Suite from Google Cloud

Help Your Team Work Smarter

G Suite for your organisation makes more sense at the price we offer.
.eu domain in flag

Renewal Grace Period changed for .EU domains

23rd November 2016

Revision in Renewal & Restoration Policy

A Renewal Grace Period is the time during which a domain owner can renew an expired domain at the regular renewal price. Most domain extensions offer a renewal grace period of up to 40 days.

The .EU Registry has announced a change in its policy with respect to Domain Renewals as a result of which .EU domains will no longer enjoy any Renewal Grace Period. This change will come into effect from 23rd November, 2016.

A domain name that is not renewed before the expiry date will now directly expire and be only be available for restoration at the stipulated restoration price.

If you have any .EU domain names coming up for renewal on or before 23 November, please ensure that you renew or transfer your .EU domains as soon as possible.

Renew or Transfer now

You can renew or transfer .eu domains on these websites.

iwebz wallet payments india

Digital Wallet Payments Now Accepted – India Only

Wallet Payments For Indian Small Businessmen and Individuals

iWebz aims to enable small businesses and individuals with affordable web-based technologies. Payments via Cards & NetBanking were a pain point for several small businessmen & individuals as they needed details on-hand to make payments. We are glad to report that we now accept digital wallet payments from a variety of Indian service providers as listed below.

freecharge logo
mobikwik logo
jio money logo
ola money logo

UPDATE 16th Nov 2016: We have just been informed by our payment gateway vendor that PayTM wallet will no longer be supported.

Wallet Payments Made Easy

Making wallet payments in India is easy! Simpy select Wallets as your payment source followed by selecting the specific digital wallet to charge to make your payment. Thereafter your payment will be processed via your selected option. All you need to do is login to authorise fund transfer. Currently there is a limit of ₹10,000 per month per digital wallet.

wallet payments selection
wallet payments wallet selection

Wallet Payments Accepted Here

iWebz℠ now accepts wallet payments for India (only) for various product & services on the following websites:


icann logo

ICANN IRTP-C impact on Domain Transfers

icann logoICANN Domain Transfer Policy Updates

ICANN has mandated certain updates to the Domain Transfer Policy for enhanced verification when either the Registrant or the Registrar change occurs. This will be effective from 1st of December, 2016.

Here are some of the key aspects that are part of the new Transfer Policy :

Impact on Inter-Registrar Transfers

A Form of Authorization, or FOA, is the email that is sent to the registered name holder when a domain transfer is initiated to approve the request. The FOA will now expire after 60 days if the transfer is not completed, unless we allow an automatic renewal and the registrant has expressly opted in to an automatic renewal.

● The FOA is void if the domain name expires before approval.

Impact on Inter-Registrant Transfers

● If a material change is made, we must collect consent from both the Prior Registrant and the New Registrant, prior to making the requested change, even if you represent both parties. A “material change” is a change in the name, company or email address listed for the registrant contact.

● If the Prior Registrant and New Registrant do not confirm the change within 60 days of the request, the change implementation will not proceed.

● Once both Prior and New Registrant parties agree to the requested contact changes, the information will be updated within 1 day after.

Impact on Privacy Protection

The Registrar on Record will act a designated approver for the Registrant. So no approval is needed from the Registrant listed on the domain. An email will be sent to the registrant whenever the status of Privacy Protection is changed. This email is merely for notification purposes.


We hope this was helpful. To know more about the policy please refer to the ICANN website.


Cloud Hosting For Websites & Web Apps

cloud vs. regular hosting

What is Cloud Hosting?

Cloud hosting services provide hosting for websites on virtual servers following the utility model of computing in that it is available as a service, rather than as a product, and is therefore comparable with traditional utilities such as electricity and gas.

It exists as an alternative to hosting websites on single servers (either dedicated or shared hosting servers), and is also referred to as Infrastructure as a Service (IaaS).

Why is Cloud Hosting better?

Cloud hosting services provide hosting for websites on virtual servers which pull their computing resource from extensive underlying networks of physical web servers and often pulled from different data centers in different locations. This leads to improved fault-tolerance & availability.

The client can tap into their service as much as they need, depending on the demands of their website, and they will only pay for what they use leading to optimizing expenses.

Being a service the resource limits can be increased or decreased at will and resource usage can be dynamically allocated within these limits. This type of hosting is therefore even better than a fixed configuration VPS.

iWebz℠ Cloud Hosting

2X Faster load times, 4X Scalable cloud hosting with rock-solid stability - perfect for rapidly growing websites & web applications.

Already hosted with AWS?

Select a Web App server. We will setup, backup & schedule it within your AWS account.