Improving the Security of your Website: Rate Limiting

Digital Key

CU*Answers Web Services and Network Services employ several layers to keep our servers and websites safe. Starting this week, CU*Answers Web Services is adding an additional layer to your web security by turning on rate limiting on your website web application firewalls. This improves the security of your website by preventing drive-by bad guys from scanning your website for possible issues they could exploit. This is part of our ongoing dedication to ensuring the safety and security of your digital assets.

With rate limiting on your website, the server will begin throttling and slowing down requests and possibly blocking requests for IP addresses that make excessive amounts of requests to your website. We are following the vendor’s recommendations for these levels and monitoring it closely in our dashboards, however, there is always the possibility that regular users are blocked. If this happens, the block will automatically fall off after a short period of time or you can always contact Web Services with the IP address that was inadvertently blocked.

Finally, CU*Answers does not disable security features or whitelist vendors to perform scans or penetration assessments. While we understand these tests are likely to be benign, CU*Answers hosts sites for many clients. All penetration tests risk unintentional denial of service to our clients, no matter how careful the testing firm is in setting parameters.

CU*Answers does hire external audit firms to test our webhosting sites on a regular basis. In addition, CU*Answers also performs its own vulnerability scans on no less than a quarterly basis. While we do not make public the results of testing, all results are reported to the CU*Answers Board of Directors, as well as any plans for remediation. CU*Answers does make publicly available our control scheme through our SSAE-18 SOC 1 and SOC 2 reports, which can be downloaded from the CU*Answers Due Diligence page.

Network Maintenance – Tuesday, March 19

maintenance

On Tuesday morning, March 19<sup?th, from 12:00 AM – 8:00 AM ET, CU*Answers Network Services will be performing internal network maintenance. During this time, there may be brief network interruptions to our website and email hosting.

Critical Network Maintenance Project on Sunday, March 10, 2024

maintenance

Please note that all CU*Answers Web Services hosted websites and emails will be impacted by this critical network maintenance project on Sunday, March 10th 2024.

The window for the scheduled downtime is from Sunday, March 10th 2024, from 4:00 AM to 9:00 AM ET and all websites and hosted email will experience some downtime.

For more information on the project and the timelines, please visit CU*Answers Client News.

Website Accessibility and Color Blindness

Colors and Websites

Too often, website accessibility is seen as a checklist, but it’s much more complex than that.  Having standards like the Web Content Accessibillity Guidelines (WCAG) provide a metric that we can measure against, often with a pass or fail scoring.  But even with these guideliness, accessibility conformance cannot be automated.

Take for example, color blindness.   Your design or corporate colors might pass for WCAG AA contrast ratios, but that’s assuming your visitor has normal color vision.  What happens when your visitor is colorblind or colorweak.  And, like most disabilities, colorblindness is on a spectrum, so each visitor might have a different perception.

Smashing Magazine has a nice article about the challenges of making your site conform to the guidelines while dealing with colorblindness.  One big takeaway is this very cool tool:  whocanuse.

CU*Answers Web Services has an accessibility expert on staff.  Susanna is constantly staying up to date with guidelines and tools and educating our team.  If you need help or are concerned about the accessibility of your website, check out our Web Quality Assurance program.

Adding Xtend Web Chat to Your Website

Xtend

In January 2024, CU*Answers Web Services worked with Xtend to implement a new chat vendor for our credit union websites.  To accomplish this goal Web Services created a new WordPress plugin called Xtend Web Chat.

This plugin implements the Xtend Web Chat service on your WordPress based credit union website including customizations to allow Xtend Contact Centers to support your members.

Requirements

  1. Enrolled in Xtend Web Chat
  2. WordPress website hosted with CU*Answers Web Services
  3. CU*Answers Web Services SiteControl Plugin activated and configured

Download Plugin

Download Xtend Web Chat WordPress Plugin

Notes

Please note, this plugin is provided as is with no support or warranty. This plugin includes JavaScript on your website which may cause conflicts with other plugins and code. Your credit union must be WordPress-based and hosted at CU*Answers Web Services. Your credit union must be enrolled in the Xtend Web Chat service and have been provided configuration details for this plugin to function properly.

Network Maintenance – January 9

maintenance

On Tuesday, January 9th, from Midnight – 8:00 AM ET, CU*Answers Network Services will be performing internal network maintenance. During this time, there may be brief network interruptions to our website and email hosting.