Web Hosting and Digital Marketing Blog .

Blog

Windows Server 2016 Finally available on Windows VPS

Today, we are following up on a one of the most asked query which was to see Windows Server 2016 or Windows 10 as an OS of choice for your Windows VPS installation.

Today, we have finally released a fully licensed Windows Server 2016 choice for all our Windows VPS location:

  • France
  • Canada
  • USA

You’ll now see the Windows Server 2016 option during the installation of your VPS and it is even available upon reinstallation from your control panel as well.

The Windows version comes with its full and unrestricted license as well which was the reason of the delay for the roll out of such upgrade.

As you can see from the screenshot below, the Windows Server 2016 is extremely close GUI wise from Windows 10 so close that you can’t even tell the difference.

And it comes with more features..

Windows 2016 Milestone is past, now, we are working on Windows 2019 on which we have no ETA at the moment and also a free 3 GBPS upgrade for all active Windows VPS (no ETA either but it is coming).

We sincerely hope that you’ll be pleased with such release even though we noticed already a lot of users who swapped already to Windows Server 2016.

 

PHP 5.6 & PHP 7.0 EOL, Hello PHP 7.3

Throughout this announcement, we are informing our Shared Web Hosting Clients that starting from September 2019, all new shared web hosting servers will not include the PHP version 5.6 nor the PHP version 7.0. 

These PHP versions are currently not being updated and are the less performant among the PHP version we have. 

All current clients will keep benefiting from the PHP versions as long as there is no request for a server change and it will be guaranteed for both versions. 

That being said, we have rolled out the new PHP version 7.3 with all the required PHP modules for all our clients and all the servers. 

The PHP version 7.3 is now available from the Multi PHP Manager and can be activated within a couple of clicks. 

Please make sure to perform a dry test before changing the PHP version to make sure your website supports it. 

If you have a development version of your website then it is all pointed to conduct the experiment on such version. If not, clearing cache, changing the PHP version and browse the websites / logs to make sure it is behaving properly. 

If you have any question regarding such transition, we are at your entire disposal through support ticket.

Finally, the PHP 7.3 version will be the default version upon new accounts creation.

As a point of comparaison according to our benchmarks, PHP 7.3 brings a 300% increase in parallel web server requests over the PHP 5.6 version.

CVE-2091-0709-remote-desktop-access-min
Microsoft Critical Security Vulnerability CVE-2019-0708

As you may have already heard, there was a severe Windows vulnerability revealed recently.
Microsoft estimated the criticity of this exploit at 9.8 out of 10.

The vulnerability concerns the following version of Windows:

  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 for Itanium-Based Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

It is very important to patch this vulnerability giving.

The exploit allows a remote attacker to execute codes, and install Programs without any user login through the Remote Desktop protocol.

In order to patch the security exploit, you would just need to run and install the Windows Updates.

If you are using a Windows VPS with us running Windows Server 2008 R2 installed before May, 15th 2019 you would need to run the Windows updates.

Or you may also install the following packages onto your VPS to permanentely fix your Windows VPS:

https://www.catalog.update.microsoft.com/Search.aspx?q=KB4499175

For your Windows VPS the package name is Windows Server 2008 R2 (non Itanium version).

Shared Web Hosting Huge Jump in Features

Today, we are announcing the release of many asked features on your shared web hosting account.

 

Python / Ruby Applications

We have upgraded the Python and Ruby manager which was reserved to a selected few giving the complexity it took to run Python / Ruby based applications on your cPanel accounts.

You should now see a python and ruby application builder inside your cPanel account which would allow to quickly deploy your scripts and application from cPanel directly.

 

 

You can quickly deploy an app directory and setting the Python and Ruby version you need for it.

NodeJS

Second and not least, we have enabled NodeJS for all Shared web hosting plans which would allow you to roll out NodeJS based websites on a shared web hosting account. Here again, we took down the complexity to run Node.JS based projects to its absolute minimal.

You are able to select among different NodeJS version (6,8,9,10,11) and set the directory and URL / Domain  for you application. Your nodeJS deployments are going to be ergonomic and intuitive.

 

Composer Preinstalled

At last, you may now run composer directly inside your shared web hosting environment as it is now reactivated for you without the need to install it yourself.

You may pull / get any scripts you please with all its dependancies in order to take your activities to the next level.

For exemple you may install Laraval which is a famous PHP framework engine for web development:

php /bin/composer.phar create-project laravel/laravel {directory_name} --prefer-dist

ln -s /home/username/laravel/public /home/username/public_html

 

ALL IN on SSD NVMe

We have also initiated a new project which is to use SSD NVMe on all our shared web hosting servers.

We have started a wide migration plan to a newest line of servers including SSD NVMes which are up to 5 times faster than our previous SATA based Intel SSDs and up to 20 times faster than SATA HDD. This upgrade will enhance widely your websites performances.

We will also update the Processors to the latest generation and use exclusively DDR4 RAM.

 

We sincerely hope that these features will bring you as much excitement as we were to deploy them. All these updates are implemented for existing Shared Web hosting users at no extra cost.

Announcement: New Wide Breakthroughs
posted by: in Announcements

This month we have big announcements to make to improve the level of services.

A Dedicated Server Control Panel

For all users based in our Paris Datacenter, you have now a full control over your dedicated server.
The panel comes with a load of new exciting features to make your hosting life far easier.

Please find the changes listed down below:

  • Reboot the Dedicated Server
  • Find the Server Location on a Map
  • Change Boot Mode and boot it in mode Rescue for a critical access
  • Installation / Reinstallation of the OS.
  • IPMI Access (Dedicated Servers Sensors Access, JAVA SSH Console)
  • MAC Address for Advanced Networking

We have taken this opportunity and took a leap forward by enabling the IP failover feature.

You are now able to move your IPs from one server to another in the same location within a click and a couple of minutes.

An Automated Monitoring System

We have also released a full monitoring allowing to see the ping response time graph from 3 different Location. (Paris, New York, Singapore).

The feature is now set in Beta mode and is available to all Dedicated Servers in our Paris location.

 

You may now see the response time and the packet loss in a graph so you can troubleshoot any issue your server

 

Windows Panel Upgrade: Easier Than Ever

 

We have rolled a full update of the Windows VPS panel to create and manage the VPS.

Windows VPS Control Panel

Here are the features list being added:

  • Reinstallation directly from the panel
  • Progress Bar During Installation
  • Better Snapshots Restoration Management
  • Bios Choice Removal (Automatic with OS choice)

 

One last thing…

The most waited location for the Windows VPS is now available. The king location for all internet marketing activities.

Windows VPS in the West Coast USA

After, long and dedicated hard work, we were finally able to keep up with the uncompromised services quality meaning space grade hardware and stunning network performances.

Actually, we did even better by selecting Intel SSD NVMe which triples the performances you would expect on a regular SSD Drive.

These max enhanced drives are combined with the latest Intel Xeon E5 High End Generation which would take your experience to a whole new level.

This initial release will come with a limited quantity and can be ordered directly from our Windows VPS page.

For this new launch, we offer an unique coupon for the first users to grab with a 50% over 2 months for your Windows VPS.

50MYWINVPSUSA

A new era has begun for us, and we want you to be part of it.

 

 

Make WordPress Redirect to HTTPS the right way

Do you want WordPress to redirect to HTTPS? This guide is made for you. It will teach you everything you need to know to make WordPress redirect to HTTPS and not only the technicalities.

Google made it clear that SSL is what they want for the web, it is also a crucial SEO factor.

The HTTPS protocol works with an asymetrical encrypted key which set an handshake between your browsers and the web server. It allows to authentify a visitor session and protect him from a man in the middle type of attack.

Enabling a SSL certificate for the website will bring its load of benefits such as

  • Increased Website Security
  • Reduce the Bounce Rate
  • Increase the Sales Conversion
  • Boost of Rankings in SERPS

 

This guide suggests that you already have a SSL installed on your web hosting account. If not you may refer to the guide below:

https://www.host-stage.net/client-area/knowledgebase/89/How-to-Generate-and-Install-a-Free-SSL-Certificate.html

Once your SSL certificate is installed, there are there are a few extra steps to make WordPress redirect to HTTPS properly and without any issue.

 

A SSL certificate requires all your content to be served through HTTPS to avoid a mixed content SSL error. WordPress will automatically serve the elements in https of your website such as:

  • Videos / Images / Audio
  • JS Assets (Adsense, Facebook Tracking Pixel, Adwords, Google Tag Manager, Analytics, Jquery Libraries etc..)
  • CSS Assets
  • Web Fonts

Also, your internet net linking should be referring to an https:// URL to avoid an unnecessary redirection.

Throughout this guide, we will teach you how to quickly make the change and verifications, force wordpress to load with HTTPS and the couple of extra steps required to make sure the swap is efficient.

 

I) How to Force WordPress to load through HTTPS ?

a. In WordPress redirect to HTTPS

The first step to do is to change the default URL of your WordPress website. It is a very powerful first step as all your images calls, pages links, posts links made through the WordPress Visual Editor would be redirected automatically to HTTPS without you having to correct it all.

 

So, you would need to go to your WordPress Admin dashboard and click on Settings, General and correct both of the input field by replacing http by https as shown in the screenshot below:

Wordpress Redirect to HTTPS

b. Force all the traffic to be redirected to the HTTPS version of your website.

For all the traffic coming to your website, you would need to instruct the web server to exclusively serve your website content through HTTPS in which case. This steps goes through editing the .htaccess file of your website.

 

If you aren’t using cPanel, you would need to use a FTP client to access the files of your website and at the root of your wordpress folders you should see the .htaccess file.

 

If you are a customer of our services, you should have the cPanel access in which case, it will be more convenient and you would need to go to File Manager, click at the top right on Settings, tick display hidden files, go to the public_html directory and you will see your .htaccess file which you can select and edit.

 

On the web you’ll find a lot of htaccess snippets for this redirection but most of excludes some basic instructions which are required to optimise your SEO and instruct Google that it isn’t a fresh new website.

RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

 

It will instruct to apply the rewriting rules only for http calls to your website and also give the signal it is a 301 redirection which would keep all the off site SEO efforts you already benefit from. This step will make sure that WordPress redirect to https.

 

This code has been tested on all our lines of services and is working properly. However, if you are from another provider you may try these codes if you are facing the slightest issue:

RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteEngine on
RewriteCond %{REQUEST_SCHEME} =http
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteEngine on
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

II) How to Fix the Mixed Content Warning on WordPress?

a. Fix Automatically the Mixed Content Warning

This is the most common issue you can face when enabling a SSL certificate and the HTTPS protocol.

The reason was stated earlier and you would need to replace all http:// calls you make throughout the whole website. Fortunately, there is a plugin for that.

You punctually install this plugin to search and replace as all the content you are after is located in your MySQL database.

Search & Replace

Once, you have installed the plugin you would need to go to its interface and search the string http:// and replace it with https://.

b. Test your website HTTPS and seek for errors

Once, you have replaced all the iterations of http on all  your website you shouldn’t have the Mixed Content Warning. Yet, if you still face the error, it could be because of an inclusion you did before. But you may refer to this page in order to crawl and scan your website for any SSL related errors:

https://www.jitbit.com/sslcheck/

For the custom inclusion you may hard coded in your theme, you would need to alter it from the WordPress Code Editor (Menu Appearance / Editor). Please use this editor wisely and always perform a full backup before altering it as you could risk to break your website.

 

III) Enhance the SEO impact of the SSL installation

Now it is time to make sure you aren’t loosing your SEO juice, and optimise the whole.

You may experience a temporary set back in the search engines but it is only temporary since you have performed a 301 redirection and the following steps will also insure that Google is made aware of the change.

Since, you changed your URL structure, the search engines will see it as a new website. Therefore, you would need to perform these easy steps to maximise the return of the operation

  1. Create a new property in the Google Webmaster Tools and Bing Webmaster Tools
  2. Send your Website Sitemap to both and update it on your website
  3. Update the website property in Google Analytics if you are using it. (Admin -> Property Settings -> Default URL)
  4. Transfer your Social Share Counts to your website using the following WordPress plugins.

 

WordPress Social Sharing Plugin – Social Warfare

 

Let’s Wrap it Up!

You have learned how to make WordPress redirect to HTTPS. This guide was exhaustive and could be a lot digest but it will make sure you aren’t facing the slightest issue to benefit from a fairly easy SEO factor to increase your website success.

Of course, before diving in such operation, it is important to perform a full website backup.

If you are one of our customer, you would need to go to cPanel and generate your backup in 2 clicks.

 

 

Your current host isn’t including FREE SSL ? Try our shared web hosting packages and issue SSLs for free for all your websites

You want the green bar for your website! Get an Extended Validation SSL for your business with $10 immediate discount using this coupon: EV4WP.

Shared Web Hosting Servers Major Upgrade

We have recently upgraded our whole shared web hosting web servers. The upgrade has been applied to all our shared web hosting users and concerns the implementation of a new set of features. The features are mainly focused around speed while enhancing the user experience and also supporting emerging new technologies as listed below

  • Automatic Firewall Check Upon login to the client-area and Unban
  • PHP 7.2 Support
  • cPanel Website Cache Management Plugin
  • Improved GZIP Management: Automatic GZIP Activation for Cached Content
  • TLS 1.3 Support
  • GeoIP2 Lookup Support
  • GoogleQUIC v43 Support
  • Google BROTLI Compression Support for Static / Dynamic Content
  • PHP CRIU Support
CVE-2091-0709-remote-desktop-access-min
CVE-2018-0886: Microsoft Security Update CredSSP affecting RDP Access

On the 8th of May, Microsoft finalized an update which started in March 13th by changing the authentification protrocol of the remote desktop sessions.

They rolled the final update by disabling the former CREDSSP protocol since an exploit was discovered. (CVE-2018-0886)

The exploit allowed to execute remote code a remote system through the logins details provided in a regular remote desktop session.

A hacker could therefore gain access to the remote desktop data, programs or even create/ disable new accounts.

Since, yesterday the patch not only patched the security issue by completely changed the authentification protocol and disabled the CREDSSP one by default.

The issue is that if you haven’t updated your Windows VPS (remote desktop server), you wouldn’t be able to access your VPS any longer and you should see the following message:

An Authentification error has occurred.

The Function requested is not supported

Remote computer: *IP ADDRESS*

This could be due to CredSSP encryption oracle remediation.

For more information, see https://go.microsoft.com/fwlink/?linkid=866660

Remote Desktop Connection CredSSP Error

In order to retrieve the usual access to your Windows VPS / Remote Desktop Access you would need to follow the steps below:

  1. Open a Command Prompt using Administrator Rights (right click on the cmd.exe, select execute as administrator)
  2. Paste the following commands into your command prompt and hit enter

reg add “HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters” /f /v AllowEncryptionOracle /t REG_DWORD /d 2

 

It will revert the modification made automatically with the latest automatic Windows Update and you should be able to access your remote desktop again.

Giving how critical this vulnerability is, we warmly invite you to perform all the Windows updates in order to patch the current security issue which is considered as highly critical and put your Windows VPS at risk.

Once you have run the update and your Windows VPS has been restarted, your VPS is patched and if you allow a remote desktop access to your computer, you would need to revert the change made by typing in the command prompt with elevated privileges the following:

reg add “HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters” /f /v AllowEncryptionOracle /t REG_DWORD /d 1

Hit enter.

Payza Logo
Payza Gateway Updated
posted by: in Announcements

We are publishing this news to let you know that we have updated the Payza gateway which is now operational.
Payza.com was seized by the US department of Justice  because of money laundering charges regarding the crypto currencies purchasing business.

Payza has now migrated their structure over Europe and now is under the website payza.eu

We have therefore updated the billing gateway after verification on our end to insure its integrity.

Google: HTTPS Swap is now Overdue

In 2014 Google made a statement on their webmaster central blog mentioning that Google would start to give a slight ranking boost to secured HTTPS websites using a SSL relying on a 2048 Bit key.

In January 2017 Google mentioned on their Google Security Blog that they had introduced with Chrome Version 56, a “Not Secure” mention in the address bar for website transmitting password or credit cards information.

 

Address Bar Google Chrome

 

While being announced in April 2017  in this official blog post, we notice that a significant amount of our users isn’t yet using a SSL certificate.

If your website isn’t using a SSL certificate as of now, it is now the time to get in and set one up for your website.

As a matter of fact, Google will push their effort further by introducing a dynamic warning to unsecured websites as soon as an user is entering data or even all HTTP pages browsed in Incognito Mode.

 

 

This update will come with the Chrome version 62 expected to be released in October 2017.

 

 

 

 

While not being a drastic penalty, it may still result in a loss in your conversion rates especially on non Tech Savvy markets.

Google makes consecutive move toward a full secured web even giving a slight google rankings boost using a SSL certificate which is a factor you should absolutely play with considering it is now at everyone’s reach.

Now, how would you approach the SSL migration, it can seem overwhelming and complicated. We are going to recapitulate a checklist for your to migrate to the HTTPS protocol without any inconvenience.

 

I) Backup Your Web Hosting Account

 

It is very important before proceeding to the SSL installations to back up your website in full, database included. You may refer to the backup section of your cPanel Account if you are running cPanel and then download it on your computer. This step is even recommended to do every once in a while in spite of our nightly backup for your shared web hosting account.

 

II) Check your CDN SSL Specifications

 

If you are using a Content Delivery Network (such as cloud flare or maxCDN), read about the specifications and whether they support the HTTPS protocol. It generally involves extra steps in order to make it work.

As a partner of Cloudflare, some of our users are based on this CDN. Cloudflare provides SSL certificate along with their CDN for which you would need to refer to this guide

If you are using Cloudflare SSLs you can refer directly to the step 3.

 

 

III) Install your SSL certificate

 

At HostStage, if you are running a shared web hosting account, you can refer to this guide, if you are under a managed linux VPS or a cPanel unmanaged VPS, or a cPanel dedicated server you can open a support ticket to have us install this module and you’ll be able to issue a SSL within a few clicks as shown in our knowledgebase article : How to Generate and Install a Free SSL Certificate with Let’s Encrypt

 

You can also benefit from premium SSL certificate which we provide or using a third party provider of course. Their benefits over Let’s Encrypt are multiple such as Issuance Speed, extended trust signals in browser (especially with EV SSL), all browsers compatible (Old Androids distributions, Blackberry, Sony PS3 / PS4)..) , Yearly renewal.

 

IV) Update the references in your content

 

All javascript, CSS, or absolute URL for images must be called in https and check whether the https version is working in your browser.

For example, let’s say assume you are using a Google fonts through the Google library.

In your website headers, you may have the following link to load your font :

http://fonts.googleapis.com/css?family=Lora

You would need to change it to :

https://fonts.googleapis.com/css?family=Lora

It would basically load your font using the Google SSL which is required for your own HTTPS otherwise, your page will displays warnings.

The references non-exhaustive list to check for is :

  • Update Images references in absolute URL
  • Update Social Media Javascripts references (Facebook, Twitter, G +)
  • Update External Javascripts and Libraries references (jQuery)
  • Update External or Absolute CSS Pages references
  • Update References in content (which could be in the database, WordPress plugins exists for this purpose)
  • Update Hreflang Tags
  • Update Canonical Tags

The only exception would of course remains the external links which doesn’t need to be in https as they are loaded along with your website.

It could be indeed a tedious work and they are way to automate the process either through SSH, or even using the bulk find and replace function of Notepad ++ on Windows, Atom on MacOS X. Please note, you would still need to check whether the HTTPS version of your resources is available manually in a web browser in order to be on the safe side.

 

V) Let’s not Forget your On Site SEO !

 

After all, you are also here to benefit from a ranking boost from the SSL so it is also important to not neglect the others side of your On Site SEO.

  • Update your Sitemap URLs with the HTTPS version
  • Update your Disavow file in Google Webmaster if any
  • Update your robots.txt to include your new sitemap(s)
  • Add a new property in Google, Bing Webmaster Tools and Google Analytics, and add in GWT and BWT the sitemap URL (no need to use the change address tool)
  • Update your social Share Count (some wordpress plugins and guides online are available)
  • Update your media campaign to use the https version
  • Update your old 301 redirects if any to redirect directly to the https version of your website

You can also enable HSTS (HTTP Strict Transport Security) which would optimize your website loading time by forcing the browser to make all its future requests in HTTPS rather than first querying over the HTTP protocol and then be redirected.

To do so, you would just need to add the following in your .htaccess file in your public directory.

Header always set Strict-Transport-Security "max-age=31536000" env=HTTPS

If your website includes subdomains, you may also directly enable HSTS for them as well with the code below instead of the first one:

Header set Strict-Transport-Security: "max-age=31536000 ; includeSubDomains ;" env=HTTPS

 

 

 

VI) Let’s Put This ONLINE and Fire your HTTPS

If you are using wordpress, you would need to change your Base Url from the admin area :

  • Click On Settings
  • Select General Sub Menu
  • Update WordPress Address (URL)
  • Update Site Address (URL)

If you are using another CMS such as Joomla, Drupal, Prestashop the steps while similar would differ.

You would need to refer to their online guide in order to update the website main URL

Then, you would need to 301 redirect the HTTP version over the HTTPS version for which you would need to update your .htaccess and use the code quoted below :

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

 

Section : I have heard !?

 

1) “I have heard that running a https website is slower than http!

It is indeed a valid concern since the server would be stressed a little more to encrypt the data of your web page. Now, if you are using our services, you wouldn’t need to worry at all on this matter. We saw it coming and we have taken silent steps to prevent any overload or significant performance loss. All our linux VPS nodes are SSD RAID 10 Hardware, using latest CPU generation. Our shared web hosting servers have all been migrated to Litespeed which is a better performing Apache replacement. Litespeed is also available on your Linux VPS servers.

2) “I have heard that Let’s Encrypt needs to be renewed every 3 months!

Correct here again! Except that in HostStage, Let’s Encrypt renewals will be done automatically in due time without any SSL downtime. So it would be a worryless situation for you. 

3) “I have heard that I must pay for SSL!

Yes, that used to be the case, and you can still do if you opt for a premium SSL certificate (starting from $14,99 per year). But the Let’s Encrypt initiative remains completely free and we do not charge anything for you to benefit from it. On your web hosting account, the feature is already there.

Result 1 - 10 of 39

Join Us on Facebook

Our Latest Tweets

  • 6 months ago

    PHP 5.6 & PHP 7.0 EOL, Hello PHP 7.3 https://t.co/TjVMXJFjGq

  • 6 months ago

    Microsoft Critical Security Vulnerability CVE-2019-0708 https://t.co/XShL8qyz6K

  • 1 year ago

    @Galukxy  What is the reason of your website suspension? It could be something we could help you with actually

  • 1 year ago

    The Ultimate List: 57 Online Local Business Directories https://t.co/HATo96qXrw #localseo #Leadgeneration… https://t.co/HUz7sXscHz

  • 1 year ago

    21 of the Best #Facebook Pages We've Ever Seen https://t.co/Kz0o3jhuWS #FacebookMarketing #SMM #socialmedia https://t.co/nFOwpvtGMs