Restore Archive.org sites directly into EBN!

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

One major annoyance for some EBN users has been the inability to easily restore sites from Archive.org into their EBN account. But with the help from people at Wayback Machine Downloader that has now been resolved!

Wayback Machine Downloader offers easy restoration from Archive.org of any website into your EBN account. And they’re offering a special 15% discount for all EBN users!

You can find the link to Wayback Machine Downloader discounted plans in the EBN app sidebar.

To order EBN-compatible files and install them to your EBN blog, follow the instructions on their website.

SaveSave

SaveSave

SaveSave

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

Security while traveling and using WiFi

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

I recently attended a conference where I had to stay in a not cheap hotel that had shared WiFi. Being a curious person (as any Mr. Robot fan would be), I wondered how secure accessing the Internet there really is. Well, as you might have guessed, it’s horrible. 

I could see every guest’s device on network, lounge printer and even some hotel guests’ printers. ::shocked::

In this configuration, anyone can inject ads to any page, sniff traffic (credit cards), or run at the moment very popular crypto mining in the browser on any page you visit.

You might be asking yourself at this point, how this affects you (the user), me (the developer) or Easy Blog Networks (the product)?

For starters, Easy Blog Networks staff cannot access the app without “Secure Endpoint”. So, let’s say the staff is traveling (either at a conference or sipping Margarita while watching dolphins swim) and using an insecure wifi, someone cannot just delete all servers or blogs, or get a list of emails from the app.

However, any user or a potential user can still be affected. Previously, everything relied on the user to be cautious. Browser vendors are slowly adding meaningful policies directly to the browser, but they are not enabled by default and each app vendor has to review and enable them.

And this is where Content Security Policy and HTTP Strict Transport Security come in place. As app developers, we can instruct the browser to use Content Security Policy to disallow loading any scripts on a page that are not approved by us.

Comcast injecting ads on a page? Denied.

Starbucks mining crypto coins on our page? Denied.

SEO conference attendee getting list of all your blogs via some clever advertising? You get the idea now. Denied.

And the second even more important one is HTTP Strict Transport Security. This will tell the browser to never load a page over an unsecured connection (HTTP).

I might have gotten you worried now and thinking how to actually verify that using Easy Blog Networks is really safe.

You can check any page using SecurityHeaders.io where Easy Blog Networks has “A” score. However, there is still space for improvement, and as always, we are working toward that goal – making users and staff safe.

Happy and worrisome New Year. :)

SaveSave

SaveSave

SaveSave

SaveSave

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

Easy Blog Networks System Update #23

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

There have been some major changes since our last system update post. The primary one that helps the most users is the new easy theme editing option. We have also been improving the security of the platform and the blogs.

  • Easy theme editing.
  • Blocking malware domains.
  • User Survey 2017 – we learned a lot about our users and their common frustrations, changing our development roadmap accordingly.
  • Domain field validator – we’ve improved the error reporting of the domain field when adding a new blog.
  • Updating login security – preventing legitimate users from being blocked (ongoing)
  • Blacklisting themes: we’ve seen a few blogs with active malware themes (impacting only the blogs where they were installed) that we removed and blacklisted.

Yashar Ghaffarloo has done another security audit for EBN. At the time of writing all found vulnerabilities have already been fixed. EBN is still the only PBN hosting platform that does regular third-party audits.

In the coming few weeks we’ll be focusing on adding a backup payment provider and an update to Mailboxes.

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

Easy Blog Networks now has easy theme editing!

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

Great news! We know that theme editing has been an often requested feature and we’re excited to announce we have implemented this feature.

To avoid manually creating a child theme we are now using a free plugin from WordPress.org that creates child themes and allows you to edit them. We needed to tweak our system a bit for the plugin, but it now works perfectly.

You now get the simplicity of using the default WordPress theme editor but with the security and safety of automated theme updates.

To find out more read the full instructions on how to use the theme plugin in our Help Center and let us know you what you think.

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

EBN is now blocking malware domains

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone

As another step toward better platform security, we’ve just added a new feature that removes and disallows adding of malware domains, listed by MalwareDomains.com. Malware domains are domains with a history of being used to propagate malware and spyware on the internet.

This greatly improves the safety and neighborhood of existing blogs on EBN.

This is the error you will see if the domain is listed in their database:

In the majority of cases, this is an issue of the previous owner so you will need to request removal from the database. You can do that by contacting them here.

We’ve also added this information to our Help Center article.

Share on FacebookTweet about this on TwitterShare on Google+Email this to someone