-
28 April 2025
1C-Bitrix Virtual Machine Updated to Version 9.0.6
In March 2025, 1C-Bitrix released a new version of the Virtual Machine — 9.0.6. The key change in this update is the fix of a critical vulnerability that allowed elevating the privileges of the bitrix user to root level. According to the CVSS assessment, the risk level was 8.0 points.
-
11 April 2025
Vulnerabilities in third-party modules for 1C-Bitrix: a threat to website security
Recently, critical vulnerabilities were discovered in a number of third-party modules installed on the 1C-Bitrix platform for data import, export, and bulk editing. These modules are not part of the 1C-Bitrix core and are often not updated in a timely manner, which makes them an attractive target for hackers.
-
12 March 2025
Why is a VPS better suited for 1C-Bitrix than virtual hosting?
1C-Bitrix is a powerful and resource-intensive CMS that requires high performance, flexibility, and security. Virtual hosting, where a single server is shared among many users, cannot always provide stable operation. Problems with speed, configuration, and data protection may occur.
-
10 February 2025
Website Hacks on Aspro: Protection Measures and Recommendations
Cyberattacks on businesses and users continue to rise. Websites running on various CMS platforms, including Bitrix, are also at risk. In the fall of 2024, numerous publications reported newly discovered vulnerabilities, and requests for technical support due to hacks increased significantly.
-
5 November 2024
Migrating Bitrix to PHP 8
Upgrading to current PHP versions on your own is not an easy task and requires specialized knowledge and experience. Mistakes can cause Bitrix to malfunction, as well as break modules and customizations. As a result, the site owner may lose revenue and part of their audience.
-
29 August 2023
10 arguments explaining web resources hacking by cybercriminals
Every day, websites and blogs fall victim to attacks from cybercriminals. Let's try to understand the objectives and gains that malicious actors can derive from such actions.
-
12 December 2022
Bitrix is in trouble. Malware code has been uploaded to the website
In early July 2022, the hosting technical support team discovered that the client's website contained malicious code. The email reported the presence of malicious functionality on the website. The initial information was obtained through the channels of the National Coordination Center for Computer Incidents. In particular, it was about the JS code on the site, which, after execution, redirected users to a phishing site controlled by attackers, i.e., an XSS attack was carried out.