So far in our three big security mistakes series, we have talked about not using a secure username and keeping unused themes and plugins. Now it’s time to address the last one, if you haven’t guessed already, failing to update and backup your WordPress website.
Why Is Updating Your WordPress Important?
Did you know 80% of websites that are hacked are hacked because they weren’t updated?
If your wordpress website isn’t updated, hackers know that they can get in without having to do much work on their end. They are able to find holes, or security threats because wordpress hasn’t fixed them yet for all users so why not take advantage? This doesn’t mean updating will completely stop someone from hacking into your site but this does cut down on their chances immensely!
Even though updating your WordPress site is critical to keeping it secure and bug-free, many people fail to do this regularly, which can leave their site vulnerable to attack.
Fortunately, we have an automatic solution for you, the Shield Security plugin! We wrote a full summary of this feature for you to read here.
Remember to not only update your WordPress core regularly, but your themes, plugins, and other add-ons as well.
How to Backup Your WordPress Website
As you probably know, failing to backup your website can result in lost data if your site is hacked or crashes. Some hosting providers take automatic backups of your site on a regular basis, others require you to do it manually or pay for that additional feature. If none of those options are appealing to you then a WordPress backup plugin is probably your best option.
There are several solutions out there that automatically back up all of the files in your WordPress site, including images and content – ensuring you never lose another post or page! You can also easily restore a previous version of your wordpress if needed.
We wrote out a list of our recommendation plugins and solutions for backups in this article, you definitely want to give that a good read and get yourself a scheduled backup system in place.
Unfortunately, there is no perfect solution that will work at all times, but with some savvy tools such as the Shield Security Free or Pro plugin and educational recourses such as this article you can keep your site up and information safe!
WordPress security is important to think about. When you install wordpress on your site, it comes with a built-in firewall that helps protect against malicious attacks, but usually, that’s not enough so you’d probably install a tool such as our Shield Security Free or Pro plugin. However, any unused themes or plugins will make your wordpress vulnerable. This blog post is going to go over 10 different ways to clean up and secure your wordpress site!
10 Tips and Tricks to Reduce Overload and Secure Your WordPress Website:
Delete any unused themes or plugins from your wordpress site in order to clean it up and reduce vulnerabilities from attacks on your site’s security.
Deactivate all unused themes and plugins instead of just deleting them so they’re still available if you ever need them again.
Remove spam comments that are clogging up your site and taking up valuable server space.
If you have any inactive users, delete their accounts to clean up your wordpress site.
Review the wordpress security settings on your website and make sure they’re as tight as possible.
Update wordpress, themes, and plugins regularly so that you’re using the latest versions which come with security enhancements.
Use a caching plugin to help speed up your website – this will not only improve user experience but also SEO performance.
Minimize the use of third-party scripts (such as social media sharing buttons) on your wordpress site as these can slow it down and make it more vulnerable to hacking.
Optimize your wordpress site for web performance by compressing images, minifying CSS and JavaScript files, enabling browser caching, etc. so that your website loads faster which is great for SEO purposes – install a wordpress backup plugin such as BackWPup (all plans) or VaultPress (paid plan).
It’s also important to review wordpress setup and make sure there isn’t any room for improvement
There’s a lot in this list, we know. That’s why we’ve included a checklist in our Free or Pro version with links to the settings you need to have for securing your site and applying most of the optimization listed above.
If you’re an admin of an account, then you should probably stop using admin as your username. It turns out that this is one of 3 big security mistakes that users make when it comes to WordPress security. In today’s post, we’ll go over why admin usernames are not a good idea and the best practices for choosing a new username in order to keep your site safe from hackers!
Why is choosing the admin username bad for my WordPress website’s security?
If you are the admin of an account, then you might think that using admin as your username is a great idea. However, this isn’t exactly true! When it comes to security on WordPress websites and choosing usernames for admin accounts, there are quite a few things that can go wrong if you use admin as your username.
The first reason why having the admin username is bad for security purposes has to do with brute force attacks. Brute force attacks are when hackers try different combinations in order to gain access to passwords or private information about users on any given website. Because so many people choose admin as their password due to its simple structure (admin), these kinds of hacker attacks tend to be very successful because they essentially have everything they need to gain access to a site right from the start.
In addition to being vulnerable to brute force attacks, admin usernames are also very susceptible to social engineering scams. Social engineering scams are when hackers try to get unsuspecting users to give away personal information like passwords or log-in credentials by posing as someone that the user trusts. For example, if you receive an email from your bank asking for updated login information, and you’re not sure whether the email is legitimate or not, it’s best to call customer service and ask them about the message before taking any further action.
Since admin is such an easily guessed username, it makes it much easier for scammers to try and scam people into giving away their personal log-in details. So, if you’re using admin as your username, it’s not only bad for security reasons but also makes you more susceptible to scams.
Tips For Choosing A Secure Username
If you want to be extra careful with how you choose usernames moving forward, there are two things that we would recommend doing. The first thing is to check if any other accounts have been made on your website or blog with similar names (e.g., administrator, support, helpdesk ). If you find any, change them to something more unique, like a special term, a department name, a person’s name. That way, even if someone tries to hack into your account, they’ll be met with a login error.
The second thing you can do is use a password manager to create and store strong passwords for all of your accounts (including admin ). This will help make sure that no one ever gains access to your site by guessing or cracking your password. If you’re not familiar with password managers, I’d recommend checking out LastPass or Dashlane. They both offer free and paid versions, so you can choose the one that’s best for you.
What are some safer alternatives to using admin as my WordPress website username?
If you’re looking for a more secure alternative to the admin username, then there are quite a few options that you can choose from. Here are some of our favorites:
– Username: YourFirstName + YourLastName – This is a great option because it’s unique and easy to remember.
– Username: CompanyName_UserName – This is another good option if you want to use your company name as your login credentials.
– Username: Password123! – This might not be the most secure option, but it’s definitely better than using admin as your username.
– Username: randomword123 – This is a good option if you want to create a unique username that isn’t easily guessed by hackers.
Whatever username you choose, be sure to make it something that you can remember and that isn’t easily guessed by hackers. And, most importantly, never use admin as your login credentials! Choosing a more secure alternative will help keep your WordPress website safe from unwanted intrusions.
The holidays are a time for sharing, giving, and family. However, cybersecurity experts warn that cybercriminals also take advantage of this special time to spread malicious software or steal credit card information. In order to reduce the risk of becoming a victim during the holiday season, we’ve compiled cybersecurity tips you can follow to stay safe online.
P.S. This is not just any blog post on cybersecurity; it’s our top 10 list!
Tip #1: Be Cautious of Phishing Emails
One of the most common ways cyber criminals attempt to steal your personal information is by sending phishing emails. These emails often look like they’re from a legitimate company or organization, but in reality, they’re from cybercriminals trying to trick you into giving up your personal information. To protect yourself, be cautious of any email that asks for sensitive information such as your credit card number or password, and never click on links or open attachments in suspicious emails.
Tip #2: Use Strong Passwords
Another way cybercriminals can gain access to your personal information is by stealing your passwords. In order to protect yourself, use strong passwords that are difficult to guess. You can create strong passwords by using a combination of letters, numbers, and symbols. Also, be sure to never use the same password for multiple accounts.
Tip #3: Keep Your Devices Protected
One of the best ways to protect your devices from cybercriminals is by keeping them protected with antivirus software. Antivirus software can help protect your devices from malware and other types of malicious software. In addition, it’s important to keep your operating system and applications up-to-date as this can also help protect you from cybersecurity threats.
Tip #4: Be Cautious When Using Public Wi-Fi Networks
Public Wi-Fi networks are a convenient way to stay connected when you’re out and about, but they can also be a hotspot for cybercriminals. These networks are often unsecured, which means your data is vulnerable to being stolen by hackers. To protect yourself when using public Wi-Fi networks, make sure you use a VPN and be careful not to enter any sensitive information such as your credit card number or passwords.
Tip #5: Avoid Shopping Online on Unsecured Websites
When shopping online, it’s important to only visit websites that are secure. Secure websites have a web address that starts with “HTTPS” instead of “HTTP” and they will usually have a lock symbol next to their web address. Cybercriminals often create fraudulent websites that look identical to secure websites in order to trick you into entering your personal information. When shopping online, always make sure the website is secure before entering any sensitive information.
Tip #6: Use a Password Manager App
Using strong passwords can be difficult when trying to remember them all. To help protect yourself, use password manager apps that are designed for this purpose. These apps create complex and unique passwords for every account on your devices so you don’t have to worry about it! Plus they automatically log you in with these saved passwords whenever needed, making it even easier too!
Tip #7: Turn On Two-Factor Authentication Whenever Possible
Two-factor authentication provides an extra layer of security by requiring two different forms of authentication before you can log in to your account. This could be something as simple as a code sent to your phone or a one-time password that is generated by an app. By turning on two-factor authentication, you can help protect yourself from cybercriminals who may try to steal your login credentials.
Tip #8: Check Your Credit Report Regularly
One way to help protect yourself from identity theft is by checking your credit report regularly. You can get a free copy of your credit report once a year from each of the three major credit reporting agencies. Checking your credit report can help you identify any suspicious activity and take action if necessary.
Tip #9: Be Wary of Social Media Scams
Social media scams are a common way for cybercriminals to steal your personal information. These scams often involve fake posts or messages from friends asking you to click on links or download files. Always be wary of any posts or messages that seem suspicious and never click on any links or download any files without verifying the source first.
Tip #10: Back Up Your Data
One of the best ways to protect your data from being lost or stolen is by backing it up regularly. By backing up your data, you can ensure that if your device is ever lost or stolen, you will still have a copy of all your important files. There are many different ways to back up your data, so find one that works best for you and stick with it!
These are just a few of the many cybersecurity tips that you can use to help protect yourself during the holiday season. Even though there are real risks out there, we wish you all the best during this festive time! Stay safe and enjoy your time with family and friends! 🙂
DNS tunneling is a technique that encodes data of other programs and protocols in DNS queries, including data payloads that can be used to control a remote server and applications. Because of this, DNS tunneling – and DNS exfiltration associated with it by threat actors – is of great concern to many IT and SecOps teams. Fortunately, new developments in the Cisco Umbrella DNS cache system allow for faster and more reliable detection of DNS tunneling and exfiltration events.
How Does DNS Tunneling Work?
DNS tunneling revolves around the transfer of data. So, if we have:
Input Data data – Name: Alice, Age: 25, SSN: 123-45-678
Using DNS exfiltration, we can encode and send this data placed in several subdomains of the domain under our control as a single entry:
Or, we can use multiple entries using multiple queries to large numbers of domains:
jzqw2.zj2if.my.tunnel.com
wgsy3.ffraw.my.tunnel.com
ozj2g.i2syu.my.tunnel.com
2tjy5.dcmrt.my.tunnel.com
Users can abuse this technique – as seen in Fig. 1 below – by installing a free DNS tunneling tool to bypass IT policies and/or monitoring. They can also use this technique to bypass network authorization to obtain free internet access in hotels and airports.
Fig. 1
Attackers can use outbound DNS requests to send encoded exfiltrated data to their infrastructure – as seen in Fig. 2 below – or use DNS responses to send commands to compromised systems and manage infected devices remotely.
Fig. 2
Improvements to DNS Tunneling Realtime Detection
Today, we’re thrilled to announce that organizations have a powerful new ally to protect against data exfiltration and unauthorized DNS tunnels in their networks. Cisco Umbrella has developed a new proprietary cache within our DNS resolvers to work alongside our machine learning modules. Our newest machine learning module is tuned to detect data exfiltration and DNS tunneling events.
This new module monitors DNS traffic for behavioral patterns and traffic exfiltrating data, efficiently building enough information to detect and block data exfiltration. And, in the event circumstances and domain reputations change, this module will correct itself and let traffic through.
We made this update because, over the past couple of years, we’ve seen organizations more productive and more connected amidst the new reality of working digitally during the pandemic. The explosion of logins and bandwidth, though, has at times come with reductions in digital security. Data exfiltration has become a new reality, and one hole attackers punch is in the DNS.
Powering Improvements With a Revolutionary DNS Cache
The technology stack powering Cisco Umbrella’s DNS resolvers handles blistering loads of DNS traffic from ISPs, global organizations, municipalities, schools, and homes. Building on this, we’ve hacked the heart of the DNS resolver – the cache. And while we dig into the details of this new functionality in our DNS tunneling solution brief, we also want to provide you with an overview here.
The cache of a DNS resolver enables serving the swell of global traffic without fault, outage, and ease. It also insulates the backbone of the internet from being overwhelmed with identical queries. Caches store data locally so that it can be served quicker.
Tunneling Cache
The tunneling cache enables us to glue together a sequence of queries that are otherwise distinct atomic events. With proprietary key and data fields, we seamlessly incorporate rapid cache updates unbeknownst to web surfers. We maintain lightning speed throughout by merging incoming data fields using tricks found in probabilistic algorithms. Gluing together each individual’s DNS queries provides access to a rich amount of information, otherwise hidden. Organizations can now get personalized DNS tunneling monitoring, detection, and enforcement in real time.
Encryption Payloads
We pair the new DNS cache with a lexical engine highly trained at identifying encrypted messages. Our researchers dug into various encryption protocols and created a stateful algorithm capable of churning through every character transition in a domain name and identifying encryption payloads with high fidelity.
Take DNS-Layer Security to the Next Level
Cisco Umbrella analyzes internet activity to uncover known and emergent threats in order to protect users anywhere they go. Together, these capabilities power Umbrella to predict and prevent DNS tunneling attacks before they happen. Enabling this security category reduces the risk of DNS tunneling and potential data loss. Organizations can choose to block users from using DNS tunneling VPN services, or they can monitor the results in reports, providing flexibility to determine what is suitable given their risk tolerance.
Address your DNS blind spot by enforcing security over port 53 both on and off the corporate network. Request a personalized demo of Cisco Umbrella today to explore how this exciting new feature can help protect your enterprise.
Last year threw a lot at cybersecurity teams, from the emergence of several high-profile cyberattacks to the revelation of widespread vulnerabilities. As we all move into 2022, odds are your team is re-thinking your cybersecurity strategy to help make your organization more resilient and flexible. This should involve an evaluation of your cybersecurity solutions, as they impact the implementation and effectiveness of any strategies your team creates.
In our ebook 7 ways to strengthen your security in 2022 and beyond, we discuss the different ways you can amplify and extend your cybersecurity stack this year using Cisco Umbrella. But if you’re looking for some tips to get you started, here are three things to keep in mind as you plot out your cybersecurity strategy:
1. Make Sure Your Cybersecurity Solutions Don’t Impact Network Speeds
The use of internet resources and cloud services was on the rise before the COVID-19 pandemic. Now that employees have spread out – collaborating with coworkers and performing business-critical tasks from anywhere they have internet access – cloud-based tools have become more critical than ever.
This means that an effective cybersecurity strategy needs to balance the implementation of strong protections against the need for minimal latency on the company network. From a business perspective, cyber safety can’t come at the expense of speed.
In order to maintain this balance, take a look at your cybersecurity solutions and evaluate the following:
Routing Algorithms – Frequently, having fast and secure internet access comes down to a cybersecurity vendor’s data center network and routing algorithms. Make sure your cybersecurity solutions come backed by a robust global data center network and transparent routing protocols with automated failover to the fastest available servers. This minimizes latency, regardless of where users on your network are located.
Peering Relationships – Peering relationships allow cybersecurity vendors to minimize latency without compromising on security. As you reevaluate your cybersecurity strategy in the coming year, make sure your vendors have peering relationships with large cloud service providers your organization relies on. This allows employees to easily access the tools they need without introducing added latency.
Keeping network speeds in mind while you refine your cybersecurity strategy for the upcoming year can improve employee satisfaction, affect executive buy-in, and have an impact on your organization’s bottom line.
2. Strengthen Cybersecurity Infrastructure to Reduce Disruptions
Last year, we all experienced more than our fair share of network disruptions, outages, and downtime. Several of these events were impactful enough to make it into the news cycle. And while an outage isn’t the same thing as a cyberattack, your cybersecurity strategy should include finding solutions that are designed to reduce downtime instead of causing it.
Take some time to review the track record of your vendors. For example, do they have a proven record of resiliency and uptime? Better yet, can they handle infrastructure disruptions without passing those disruptions onto your users? For example, the unique DNS logging features included in Cisco Umbrella DNS-layer security can be used during certain events – like the 2021 Akamai outage – to keep users connected to business-critical cloud tools despite provider outages.
3. Make Sure Your Cybersecurity Strategy Includes Guest WiFi Considerations
Between the move to a hybrid work model and the gradual reopening of public spaces, odds are you’ll find more employees and clients using your guest WiFi in the coming year. So, it’s essential to make sure that both your private and guest WiFi networks have the speed users desire and the protection you need.
Does your suite of cybersecurity solutions provide your team with the ability to filter content and enforce security protocols over your guest WiFi network? Does your security stack allow you to maintain a single IP address for your entire enterprise, streamlining the management of guest WiFi security policies? Finally, can your cybersecurity solutions handle the uptick in user traffic that guest WiFi causes without increasing latency? If the answer to any of these questions is “no,” it may be time to think about adjusting your security stack.
Looking for More Ways to Strengthen Your Cybersecurity Strategy?
Outlook for Microsoft 365 Outlook for Microsoft 365 for Mac Microsoft 365 for home More…
Most email apps like Outlook are able to automatically configure email server settings. If you need server settings or help finding your server settings, click on one of the links below:
If you’re connecting to an Exchange mailbox and not using Microsoft 365 email, or if you aren’t sure if you’re using Microsoft 365 email, do the following to look up your settings:
In Outlook Web App, on the toolbar, select Settings > Mail > POP and IMAP.
The POP3, IMAP4, and SMTP server name and other settings you may need to enter are listed on the POP and IMAP settings page.
What server settings do I need from my email provider?
To help you get the info you need, we’ve put together a handy chart of the email server settings you should ask for. You will most likely have to set up your email as an IMAP or POP account as well. What are POP and IMAP? Check with your provider if you’re not sure which to use.
Note: When you use an IMAP or POP account, only your email will sync to your device. Any calendar or contacts associated with that account will be stored only on your local computer.
Follow these instructions to get your email settings:
Print out this page and keep it within reach.
Call your email provider and ask them about the settings in the chart below.
Write down the corresponding email server settings in the empty column.
Return to your email app and enter the information to complete your email setup.
Note: You may only need some of the settings on this list. Find out from your email provider what you will need to access your email on your mobile device.
General Email Settings
Setting
Description
Write Your Setting Here
Example
Email Address
The email address you want to set up.
yourname@contoso.com
Password
The password associated with your email account.
——–
Display Name
The name you want your email recipients to see.
Mike Rosoft
Description
Add a description of your email account.
Personal, work, etc.
Incoming Mail Server Settings
These settings are for sending email to your email provider’s mail server.
Setting
Description
Write Your Setting Here
Example
Host Name
Your incoming mail server name.
outlook.office365.com
Username
The email address you want to set up.
yourname@contoso.com
Port
The port number your incoming mail server uses.
Most use 143 or 993 for IMAP, or 110 or 995 for POP.
Server or Domain
This is your email provider.
yourprovider.com, gmail.com, etc.
SSL?
Is your email encrypted using SSL?(SSL is enabled by default in the Outlook mobile app)
SSL Enabled
Outgoing Mail Server Settings (SMTP)
These settings are for sending email to your email provider’s mail server.
Setting
Description
Write Your Setting Here
Example
SMTP Host Name
Outgoing mail server name. Most often smtp.yourprovider.com
smtp.office365.com
SMTP Username
The email address you want to set up.
yourname@contoso.com
SMTP Password
The password associated with your email account.
——–
SSL?
Is your email encrypted using SSL?(SSL is enabled by default in the Outlook mobile app)
If you have a work or school account that uses Microsoft 365 for business or Exchange-based accounts, talk to your Microsoft 365 admin or technical support.
If you value your security and privacy, then a VPN is an absolute necessity. A VPN, or virtual private network, stops others (even your internet service provider) from snooping on your online activity by routing all your internet traffic through a secure, encrypted tunnel. VPNs work especially well for guaranteeing that you’re protected even when using unsecured public Wi-Fi networks, too.
And nowadays, with all of us using our mobile devices more than ever before to get online, it is essential that our cell phones are equipped with a VPN so we can be fully protected on the go.
How can I set up a VPN on my iPhone?
There are two ways to accomplish this. The first method — and the one that will be most suitable for the majority of people — is to choose a VPN provider and then download and install its app from the Apple App Store. In general, the process will be super easy and the installer will guide you through any settings that you may need to configure.
Take VPN Proxy One Pro for example. The setup process simply couldn’t be any easier. Within minutes of downloading the app from the App Store (click here to do this, by the way), your iPhone will be protected by world-leading encryption and you’ll be free to connect to the internet safely, even on public Wi-Fi networks.
The second method, which is outlined below, is only recommended for those who are a little more tech-savvy. This option is perfect for people who want more control over their VPN experience and don’t mind putting in the extra time and effort to get it. This method allows you to choose which protocol you use as well as customize other settings, but it does require some additional knowledge.
But before we explain the second method, we need to quickly talk about VPN protocols…
What are the VPN protocols natively supported by iOS?
Before you can manually set up a VPN on your iPhone, you’ll need to select which VPN protocol you wish to use. Here are the ones that natively work with iOS:
L2TP
L2TP (Layer 2 Tunneling Protocol) is a type of tunneling protocol. Because L2TP does not offer any encryption on its own, it is normally paired with IPSec (see below). The two technologies form an excellent partnership and together provide great security. It is not as fast as some other options, however.
IKEv2
Just like L2TP, IKEv2 (Internet Key Exchange version 2) also doesn’t offer any encryption of its own, so must also be paired with IPSec. It is faster than L2TP and works particularly well with mobile devices because it can easily move between connection types (Wi-Fi to a cellular network, for example). Although it was jointly developed by Microsoft and Cisco, it is still natively supported by iOS.
IPSec
IPSec (Internet Protocol Security) is also natively supported by iOS and can be used on its own as a VPN protocol.
How to manually set up a VPN on iPhone
Once you’ve decided on which protocol to use, to manually configure a VPN on iOS, go to Settings > General > VPN > Add VPN Configuration > Type. From here, you can select either IKEv2, IPSec, or L2TP (which actually comes with IPSec, even though it isn’t made clear).
After selecting the VPN protocol type, you will need to fill out the other details. Most of the additional information should be available on the VPN provider’s website, either in your account settings or in the online documentation, but if you are unsure of where to find anything, it is best to contact them directly.
Once you’ve filled in all the required information, click Done in the right-hand corner and you’re good to go!
Stay connected, stay secure
If you, like most of us, rely on your mobile device to stay connected, then the value that a VPN offers simply cannot be understated. With everyone using their mobile devices for so much these days — email, social media, online shopping, etc. —when it comes to protecting our sensitive data and safeguarding our privacy, VPNs are effectively essential.
Regardless of how you go about setting up your VPN on your iPhone — whether you choose to just quickly download and install the app or configure each of the settings individually, VPN Proxy One Pro is a truly excellent choice. Click the button below to read more about it.
Blue and White status LEDs apply to all our UniFi access points, routers, switches and the UDM (base model) with the exception of the legacy devices: UAP, UAP-LR, UAP-Outdoor5.
Legacy UAPs have Amber and Green LED on the front of the unit. See this section for legacy AP LED patterns.
The animations are for illustrative purposes – the speed of the flashing or strobing patterns below might differ slightly with that of the device.
While the LED patterns below are shown for Access Points, the rest of the UniFi device LED patterns have the same meaning.
Flashing White / Off every 1/2s
The device is initializing and booting up
Steady White
The device is awaiting Adoption
Slow flashing Blue (UDM only)
A client device is connected to the UDM via Bluetooth
Steady Blue
The device is adopted and is in normal operating mode
The device firmware is currently being upgraded – do not interrupt the process!
(UDM will flash only white during an upgrade)
Blue and flashing Off every 5s
Access Point has lost network connectivity and is searching for wireless uplink
Rapid flashing Blue / Off
The device “Locate” feature was activated in the UniFi Network application
Flashing White-Blue-Off
The device is in TFTP mode.
To enable this mode:
Hold the reset button before applying power
Continue to hold the reset button until this LED sequence appears
If this wasn’t intentional, please check if the device’s reset button isn’t jammed (it should click when pushed).
LED Off
The device is offline.
Verify the Power, POE, and Ethernet cables to troubleshoot.
UniFi Bridge to Bridge (UBB)
Aside from the statuses described above, the UBB has two additional ones:
Red with Circulating Blue LED
The 60 GHz link cannot be established or has dropped due to bad weather. If the UBB fails over to 5 GHz, the LED will remain red. When the 60 GHz link is re-established, the LED will turn blue or the custom color you selected in the UniFi Network application.
Note: If the other bridge device is within range and the UBB LED is red, we recommend adjusting the UBB’s position to enhance the signal strength.
Green
If the Alignment Tool enabled in the UniFi Network application, a green LED means the UBB devices are properly aligned.
Note: If the other bridge device is within range and the UBB LED is green and red, we recommend adjusting the UBB’s position until the LED is green.
Legacy Amber and Green LED patterns
Applies to: UAP, UAP-LR, UAP-Outdoor5.
Flashing Amber / Off every 1/2s: The AP is initializing and booting up
Steady Amber: The AP is awaiting adoption
Steady Green: The AP is adopted and is in normal operating mode (AP is broadcasting SSIDs)
Strobing Amber / Off: If this happens, power cycle the AP and reach out to our support team if it doesn’t change the LED pattern
Quickly flashing Amber / Green: The AP firmware is currently being upgraded – do not interrupt the process!
Green and flashing Off every 5s: AP has lost network connectivity and is searching for wireless uplink
Rapid flashing Green / Off: The device “Locate” feature was activated in the UniFi Network application
Flashing Amber-Green-Off: The device is in TFTP mode. To enable this mode, hold the reset button before applying the power and continue to hold it until this LED sequence appears. If this wasn’t intentional, please check if the device’s reset button isn’t jammed (it should click when pushed).
LED Off: The device is offline. Verify the Power, PoE, and Ethernet cables to troubleshoot.
LED patterns for ports
The ports of UniFi Security Gateways and UniFi Switches have a different type, number, and location.
Please make sure to reference your specific device model’s Quick Start Guide (QSG) for the exact location and description of its ports.
Console Port’s right LED (in the applicable devices):
LED Off: Power Off
LED Green: Power On
Speed/Link/Act (right LED ports other than Console):
LED Off: No Link
LED Amber: Link Established at 10/100 Mbps
LED Flashing Amber: Link Activity at 10/100 Mbps
LED Green: Link Established at 1000 Mbps
LED Flashing Green: Link Activity at 1000 Mbps
PoE (left LED on ports of applicable devices):
LED Off: No PoE
LED Amber: IEEE 802.3af/802.3at
LED Green: 24V Passive
SFP (in the applicable devices):
LED Off: No Link
LED Green: Link Established at 1 Gbps
LED Flashing Green: Link activity at 1 Gbps
See specific port LED information in the Hardware Overview section (between pages 5 and 6) of the Quick Start Guides (QSG). You can find the QSGs in the Documentation section of our UniFi Downloads page, by searching for the device in question in the left hand menu.
LED patterns for PoE Adapters
LED is Off: PoE is Off.
LED is On and steady: PoE is functioning as it should.
LED is blinking: this is not a configured state, this may indicate that the device is not connected properly, or that something is wrong with the cable.
How to disable device LEDs
The device status LEDs can be disabled for all the site, or only for specific UniFi devices.
To enable/disable status LEDs throughout a site, go to to Settings > Site on the UniFi Network application and edit the LED feature in the Services section.
To configure specific devices individually:
Go to the Devices section and click on the device you wish to edit to bring up the Properties panel
Go to Config > General > LED and switch the Site Settings to On or Off.
This article describes how to access the emergency recovery user interface (UI) and recover a UniFi Cloud Key or a UniFi Cloud Key Gen 2 (UCK-G2-PLUS and UCK-G2 models). From this recovery UI you can reset it to factory defaults, reboot it, power it off and upgrade the firmware.NOTES & REQUIREMENTS:
To upgrade the firmware, you will need to download a firmware file (.bin) for the Cloud Key found in our Downloads page. Use the left hand menu to select the correct Cloud Key model and find the newest firmware available.
To access this interface you will need to know the IP address of the Cloud Key (visible in the device screen).
For second generation Cloud Keys (UCK-G2 and UCK-G2-PLUS) follow these steps to access the Emergency Recovery UI:
Power off the system.
Press and hold the reset button and then power on the Cloud Key by connecting it to the power source.
Cloudkey G2:
CloudKey G2 Plus
Keep the reset button pressed for about 10 seconds, or until you see the recovery LED pattern in a loop (blue – off – white). The LCD screen on the front panel will also read “RECOVERY MODE.”
Once the LED is flashing in the recovery mode pattern, open your browser and type the IP address for the Cloud Key, visible on the device’s screen. The IP address comes from your DHCP server, if you can’t access DHCP, the fallback IP will work: 192.168.1.30. However, keep in mind that if your Cloud Key does have a IP address assigned by the DHCP server, the fallback IP will not work.
You should be taken to the Recovery Mode screen. From here you can reset, reboot, power off and most importantly you can upload an updated firmware bin file.
To update the firmware, go to the Downloads page, find the correct Cloud Key model on the left hand menu and then click on the download button, read and accept information, and then download the firmware file to your computer to upload in the Recovery Mode UI. Once it is uploaded you will have to reboot the Cloud Key to complete the firmware upgrade.
The LED will flash white while upgrading and then a steady white when it is ready.
Cloud Key Gen 1 Emergency Recovery
For first generation Cloud Keys follow these steps to access the Emergency Recovery UI:
Power off the system.
Press and hold the reset button and then power on the Cloud Key by connecting it to the power source.
Keep the reset button pressed for about 10 seconds, or until you see the recovery LED pattern in a loop (blue – off – white).
Once the LED is flashing in the recovery mode pattern, open your browser and type the IP address for the Cloud Key. The IP address comes from your DHCP server, if you can’t access DHCP, the fallback IP will work: 192.168.1.30. However, keep in mind that if your Cloud Key does have a IP address assigned by the DHCP server, the fallback IP will not work. If you are using a Gen 2 Cloud Key you will see its IP address on the device screen.User Tip: If you don’t know your Cloud Key’s IP address, you can use thearp -a SSH command or software such as nmap to find the IP address.
You should be taken to the Recovery Mode screen. From here you can reset, reboot, power off and most importantly you can upload an updated firmware bin file.
To update the firmware, go to the Downloads page, find the correct Cloud Key model on the left hand menu and then click on the download button, read and accept information, and then download the firmware file to your computer to upload in the Recovery Mode UI. Once it is uploaded you will have to reboot the Cloud Key to complete the firmware upgrade.
Once it is uploaded you will have to reboot the Cloud Key to complete the firmware upgrade.
The LED will flash white while upgrading and then a steady white when it is ready.
> Mail > POP and IMAP.
