PHP7 Vulnerability that allows hackers to hijack web servers

The PHP programming language that powers most of the Internet based appications. It is used in the popular content management systems like WordPress, Joomla and Drupal, so it’s a big issue  whenever someone identify a security vulnerability within it.

A few days a ago, Emil ‘Neex’ Lerner, a Russian security expert, published a remote-code execution vulnerability in PHP version 7.

With this vulnerability,  an attacker could force a remote web server to execute their own random code just by entering a crafted URL. The attacker only needs to add “?a=” to the website address, followed by their code payload.

This attack makes it very easy to  start hacking a website,  so that even a non-technical user could abuse it.

Fortunately, the vulnerability only affects servers using the NGINX web server with the PHP-FPM extension. PHP-FPM is a modded version of FastCGI, with a several additional features intended for websites with high traffic.

Due to the availability of public sample ( POC) code and the extreme simplicity of exploiting this bug, website owners are advised to check server settings and update PHP as soon as possible if they run the vulnerable configuration.

Read More at : ZDNET

All About Site Kit by Google WordPress Plugin

Site Kit by Google is a plugin that brings all the Google related services for any WordPress website under a single dashboard.  It is so well made that it is extremely easy to install, configure and use.

It allows following Google Products and Services to be accessed from within your WordPress dashboard in a very intutive user interface.

Google Search Console

Google Search Console is a web service by Google which allows webmasters to check indexing status and optimize visibility of their websites.

Google AdSense

Google AdSense is a program run by Google through which website publishers in the Google Network of content sites serve text, images, video, or interactive media advertisements that are targeted to the site content and audience

Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic, currently as a platform inside the Google Marketing Platform brand

PageSpeed Insight

PageSpeed Insights (PSI) reports on the performance of a page on both mobile and desktop devices, and provides suggestions on how that page may be improved.

Tag Manager

Tag Manager creates an easy to manage way to create tags on your site without updating code.

Optimize

Create free A/B tests that help you drive metric-based design solutions to your site.

Installing Site Kit by Google WordPress Plugin

Installation is as easy as any other WP Plugin.

Confuguring Site Kit by Google WordPress Plugin

Just have to login to your Google Account when prompted to do so, and allow relavant permisions for your website. Then thats it!