Web Hosting and Digital Marketing Blog .

Blog

Changelogs March

This month came with its load of new features for which you can find the changelog below :

Shared Web Hosting

  • Curative and in Real Time Malware Detection to avoid acccount suspension upon mail spam + Automatic .htaccess Shield set up
  •  On the fly scans of malwares through HTTP upload (BETA)
  •  Upgrade Modsecurity to 2.9
  •  Automatic Kernel security patches upgrade without reboot
  •  Upgrade Apache to 2.4.18 (slight perf boost)
  •  XMLRPC Attacks Protection without blocking the WordPress Jetpack Module
  •  Default Apache Configuration Enhancement on PHP 5.5 – More modules prebuilt
  •  RAID 1 SSD Shared Server Standard
  •  Network Upgrade to 1 GBPS on all shared servers

To Come :

  • Personalized DDoS Mitigation Alert Email for Dedicated IP users
  •  Email Alert to users for Curative Malware Detection
  •  Email Alert to users upon XMLRPC Attack Detection
  •  Wordpress Labs Tests results to be set in production for massive performances enhancements

Reseller Web Hosting :

  •  Most of the Shared Web Hosting Enhancements
  •  Beta Test Of IP manager feature from WHM (Extra IP management paanel)

To Come :

  • -IP Manager to be set in production

SEO Web Hosting :

  • -Network Expansion to 40

To Come:

  • Network Expansion to 60 by the end of April
  • End of Beta for the 1st of May

Linux VPS :

  • RAID 10 SD VPS Node Standard
  • RAM DDR4 Standard
  • Mailing Offer Beta
  •  OS Templates Updated (Ubuntu all versions, CentOS all versions, Fedora all versions)
  •  CentOS 5.7 + cPanel set as End of life. Available in OS choice but not supported. Manual cPanel Configuration by our support instead on CentOS 6
  •  Beta Test CentOS 7 + cPanel
  •  Custom set up fees waived for cPanel configuration

To Come :

  • CentOS 7 + cPanel default cPanel template
  • New Mailing Offers

Windows VPS :

  • RAID 10 SSD Standard to replace SAS 15k drives
  •  Wide Network Enhancements
  •  Removal of a virtual network ACL which caused a downtime
  •  VPS Template upgrade
  •  Windows Server 2012 Available upon request

To come :

  • Upgrade network to 3 GBPS
  •  Windows server 2012 available from the order form

Dedicated Server :

  •  New dedicated servers available (limited stocks)

To come :

  •  Full Range of servers publicly available (unlimited stocks)
Shared Web Hosting : Ressources General Increase

Hello,

We have just increased the values for each packages of our web hosting offers. 
We have studied the usage of each packages and weight it against the server’s ressources usage and we concluded that all our users shall benefit from a ressources increase. 

For our starter users we have increased the number of processes from 20 to 50, while we intendede to lower the RAM at 512 Mb, we have kept it at 1024 Mb. 
For our premium users, we have increased the number of processes from 40 to 100 and the RAM rfom 1024 Mb to 2048 Mb. 
For our business users, we have increased the number of processes from 100 to 150 and the RAM from 2048 Mb to 4096 Mb. 

The IOPS limit is also align with the RAM for all packages. 

The upgrades are already effective.

We believe that according to our analysis it would match way more the usage of each packages and they purpose we have in mind, starter for fresh websites, premium for several established websites, and business for professionals. 

We sincerely hope that you’ll appreciate these free upgrades and enjoy the user experience of your reloaded accounts. 

Best Regards
Vincent Royant
HostStage CEO

Security Issue Exim : CVE-2016-1531 -> PATCHED!
posted by: in Security

On the 2nd of March an Exim vulnerability has been discovered and announced allowing any user to gain root privileges. 
This issue is affecting all its versions. 

Exim is the default mail transporter for all cPanel based servers. 

cPanel has included an emergency update which was patched overnight. We did a manual update on all our critical infrastructures using cPanel (mainly our shared and reseller servers) a few hours after the security issue. 

You can check whether your server has been updated by running the following command : 

rpm -q –changelog exim | grep CVE-2016-1531

Which should give the following output : 

– Fixes CVE-2016-1531

It doesn’t return anything and if you are running cPanel you would only need to type the following SSH commands : 

/scripts/upcp
/scripts/check_cpanel_rpms –fix –long-list
**UPDATE : 4th March 2016

The update has broken a feature to detect mailing script which now returns cwd=/ instead of cwd=/path/to/script

We have notified cPanel which has notified Exim and a patch is on its way since our custom malware script detection relies on returning the full path of a script sending emails.

**UPDATE : 5th March 2016

A work around is being worked on, we are waiting for its official release. 

https://bugs.exim.org/show_bug.cgi?id=1805

What is a domain name ?
posted by: in Domain Names

A domain name is a way to qualify a network , an authority or an infrastructure which translates an IP address to a name. A domain name is used to access the internet in browsers to facilitate the user experience since we can memorize words easier than numbers.

A domain name is the unique way to identify a website. It allows to translate one or several IP addresses to a name through the rules of the Domain Name System (DNS).

Dealing with web hosting services a domain name is assigned to a web server.

We call Bulk Register the possibility to register and check the availability of several domains at the same time.

We call TLD (Top Level Domain) or also an extension the last part of the domain following the last dot which is a specific descriptor for a kind of website, a localization, or a sign of authority. Recently, you are now able to purchase register your own TLD which costs $185 000

Nowadays, there is a wide range of TLD available which could describe your websites activities such as (.mobile, .media, .career and so on)

How to choose a domain and a TLD ?

How to Choose a Domain Name ?

Choosing a domain name is one of the most important factor which has a straight impact to the success and popularity of your website.

At least, you have two strategies dealing with your choice either you will “brand-communicate” or you will “content-communicate”

“Brand-Communication” is easy as you just have to pick the name of your company, brand, business or the name of your website

“Content-communication” is little harder because the domain name has to be relevant enough to let visitors or customers know about your content without hidding a different part of your content.

It is important to quote that, the “Content-Communication” is the easiest way to rank a website in a short term timeline, as your keywords are already in your domain name. But finding a relevant domain name with some popular keywords becomes more and more difficult.

Dealing with long term, people would rather remembering a catchy brand name than a long tail query, so the long term popularity of your website would be the Brand-Communication

How to Choose a TLD ?

Choosing a relevant TLD is also very important because it has a direct impact the image of a website.

Here is the list of different TLD and what they are meaning :

  • .us, .be, .de, .fr, .au, .eu …. : provides a country indication of your website. It would be easier to rank a website in the country targeted.
  • .com : is the easiest to remind for a customer and the most spreaded TLD in the world and fits well for any kind of website.
  • .net is mostly used for a website dealing with an internet theme.
  • .org is mostly used for non-commercial companies or businesses.
  • .info is mostly used for websites dealing with news
  • .biz is mostly used for e-commerce websites
  • .name is mostly used for personal website
  • .cc was dedicated to Cocos Island’s website but nowadays it is used for any kind of websites.
  • .tv is mostly used for any website dealing with television.
  • .ws was dedicated to Somoa but nowadays it is used for any kind of websites
  • .mobi is mostly used for a website designed for a mobile device.
  • .co was dedicated to Columbia but nowadays it is a subsitute to “.com”

You can check the best prices for each TLD and pick your domain name to start your own website here

Windows VPS : REVOLUTION

Today, we are proud to announce our next and wonderful lines of Windows VPS. 
These Windows VPS will become standard for all our users and we are starting to migrate the current VPS owners.

The gain of the new hardware is insanely significant as detailled below : 

SSDs, and SSDs and SSDs again ! That’s right, we have decided to swap over full SSD Intel DC3500 800 Go as standard. 
The SSDs are of course set in RAID 10 with a brand new hardware RAID Card MegaRAID 9271. This RAID card is configured with another PCI Express based SSD as Caching system which brings an amazing performance gain in reading / writing operations for your VPS. 

If you have ordered a VPS over the last 6 months, be assured that actually SSD became the standard already and your VPS is already SSD based. 

DDR4 ECC stepped up in the game as well making us one of the first world wide to provide DDR4 based VPS. The frequency has drastically improved making your VPS far more responsive. (From 1333Mhz to 2133 MHz!!) 

We haven’t neglected the CPU of course, which from our older version introduce a 25% gain with an extra 100 Mhz gain as clock based frequency and a far better architecture. (Dual E5-2687w v3)

We have also upgraded our network infrastructure massively by increasing the available bandwidth on a per node basis from 1 GBPS to 3 GBPS making us the world wide leader of the VPS network speed. 
But, we have also improved the POPs by introducing some new to decrease the latency throughout the world. 

Of course, the Windows VPS are still based on a Tiers 4 Certified infrastructure which means that all redundant components (network, electrical, cooling system) are still redundant. 

Last and not least, Windows 2012 R2 is now available fully licenced for your VPS. You can request to benefit from it at any time you please. 

We would also like to thank you for all suggestions that made everything possible! We went further for you to bring such a revolution in the Windows VPS market for intensive usages. 

Sincerely Yours and Merry Christmas to you all!
Vincent Royant
HostStage CEO

Windows VPS: Control Panel Available for ALL our users

We are thrilled and finally pleased to announce that after weeks of development we have finally released the Windows VPS control panel for all our users. 

Since, we have upgraded our new nodes to Windows Server 2012, we faced issues with the control panel which wasn’t available. 
We have made it work and even upgraded the design of the control panel. 
You can now request an access simply by opening a support ticket. 

We sincerely hope that you are as pleased as we are about this release! 

As usual, we are more than pleased to hear about your feedback, suggestion, and features requests.
Sincerely Yours, 
Vincent Royant
HostStage CEO

Security Issue Adobe Type Manager : CVE-2015-2426 -> PATCHED!
posted by: in Security

A few days, the hacking team released a few unknown exploits that are affecting all systems.
The security alert CVE-2015-2426 is dealing with all windows version and it involves elevated privileges through the Adobe type manager library’s DLL : atmfd.dll.

The DLL provides support for OpenType fonts and the exploit consists in a memory corruption that would give a full and hidden access to the hacker.

It is warmly recommended to perform the latest windows updates available in your update center from your control panel.

All the windows version are affected from Windows XP to Windows server 2012. As Windows XP and Windows Server 2003 aren’t currently supported any longer by Windows no updates will be patching the security issue.
At HostStage, we don’t have such versions running on our servers, but if your computer is based on an outdated Windows version it is highly recommanded to upgrade to a newer Windows.

We have patched our Windows servers on our end even though it is generally involving computers using a web browser.

Security Issue Glibc : CVE-2015-0235 -> PATCHED!
posted by: in Security

Hello,

48 hours ago a new security vulnerability has been discovered affecting most of the linux distribution running the GNU C Library. 
It is announced as very easy to exploit. You can find accurate details of the security threat quoted below : 

“A heap-based buffer overflow was found in __nss_hostname_digits_dots(), which is used by the gethostbyname() and gethostbyname2() glibc function call. A remote attacker could use this flaw to execute arbitary code with the permissions of the user running the application.”

At HostStage, we have taken actions immediately throughout all our infrastructure and patched all our servers (Shared Web Hosting, CentOS linux VPS managed and not managed, Reseller Web hosting, and all structural servers). 
We have also contacted all Debian / Ubuntu based users mentionning the steps to patch their server, as far as the patch requires a restart, we couldn’t take the liberty to apply it. 

You can find the steps below to patch your servers : 

CentOS : 

You can test whether you are vulnerable by typing the command below : 

rpm -q –changelog glibc | grep CVE-2015-0235

If it returns nothing, you must proceed with the glibc update with the following command : 

yum update glibc -y

Otherwise, it would return the line below : 

– Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183533).

Debian / Ubuntu :

You can test whether your OS is impacted by running the following script 

/* ghosttest.c:  GHOST vulnerability tester */
/* Credit: http://www.openwall.com/lists/oss-security/2015/01/27/9 */
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
 
#define CANARY "in_the_coal_mine"
 
struct {
  char buffer[1024];
  char canary[sizeof(CANARY)];
} temp = { "buffer", CANARY };
 
int main(void) {
  struct hostent resbuf;
  struct hostent *result;
  int herrno;
  int retval;
 
  /*** strlen (name) = size_needed - sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/
  size_t len = sizeof(temp.buffer) - 16*sizeof(unsigned char) - 2*sizeof(char *) - 1;
  char name[sizeof(temp.buffer)];
  memset(name, '0', len);
  name[len] = '';
 
  retval = gethostbyname_r(name, &resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno);
 
  if (strcmp(temp.canary, CANARY) != 0) {
    puts("vulnerable");
    exit(EXIT_SUCCESS);
  }
  if (retval == ERANGE) {
    puts("not vulnerable");
    exit(EXIT_SUCCESS);
  }
  puts("should not happen");
  exit(EXIT_FAILURE);
}


Then, you would need to compile it and run it as shown below : 

gcc ghosttest.c -o ghosttest
./ghosttest

The scripts will return either of the 2 following values : vulnerable or not vulnerable. 

If you are vulnerable you would need to run the following : 

sudo apt-get clean
sudo apt-get update
sudo apt-get upgrade
reboot
 
Sincerely Yours,
Vincent Royant
HostStage CEO 
Linux VPS : New OS available

Hello,

We have just released new versions that you can install from your VPS control panel directly.

– Ubuntu 14.04 in 32 bits and 64 Bits version
– CentOS 7 Minimal 64 bits and 64 bits.
– Suse 13.1 64 Bits

Note : CentOS 7 doesn’t support cPanel installation just yet.

We have also updated the OS list in the order form when you are purchasing a linux VPS.

Sincerely Yours,
Vincent Royant
HostStage CEO

Security Issue bash : ShellShock CVE-2014-6271 and CVE-2014-7169 -> PATCHED!
posted by: in Security

A couple of days ago, 2 severe security threats were revealed which were called ShellShock. The security issue is dealing with the bash package affecting all Red Hat based OS (including CentOS), Debian, Ubuntu and Fedora. 

At HostStage, we took the problem very seriously and we deployed updates throughout our whole network. All our servers weree patched immediately and even updated twice as far as a second injection vulnerability was discovered. 

Finally, we have also decided, giving the criticity of the situation, to proceed with pactching all our customers servers. cPanel ones being managed was included by default of course but exceptionnally, we have extended it to all OS and we did it manually for the most part. 

Shared web hosting accounts were patched during our infrastructure update. 

We have updated all linux VPS and dedicated servers. The owners of the ones we weren’t able to update dued to password issue or because of the inconvenience the update could have cuased, should have received an email including the details to perform the bash update process. 

Windows VPS weren’t impacted by Shellshock. 

If you have others servers which aren’t hosted by HostStage, you can test whether it is vulnerable with the commands below : 

TEST OF 2014-6271: 

env var='() { ignore this;}; echo vulnerable’ bash -c /bin/true

If the result of this command returns “vulnerable”, it means that your server needs to be patched and you can scroll down below to find how to fix the vulnerability. 

TEST OF CVE-2014-7169: 

cd /tmp; rm -f /tmp/echo; env ‘x=() { (a)=>’ bash -c “echo date”; cat /tmp/echo

If the result of this command returns the output below, you would need to apply the steps below : 
bash: x: line 1: syntax error near unexpected token `=’
bash: x: line 1: `’
bash: error importing function definition for `x’
Fri Sep 26 11:49:58 GMT 2014

And you should be able see a file named echo in /tmp (cat /tmp/echo) 
If it results the following, it means that your server is patched and up to date : 

cat: /tmp/echo: No such file or directory

You can find below the different steps to update the bash package according to your different linux distributions : 

CentOS: 

yum clean all && yum update bash -y


Ubuntu 11.10:

sudo sed -i ‘s/oneiric/trusty/g’ /etc/apt/sources.list && sudo apt-get update && sudo apt-get install bash -y
Ubuntu 12.10:

sudo sed -i ‘s/quantal/trusty/g’ /etc/apt/sources.list && sudo apt-get update && sudo apt-get install bash -y
Ubuntu 13.10:

sudo sed -i ‘s/saucy/trusty/g’ /etc/apt/sources.list && sudo apt-get update && sudo apt-get install bash -y


Other Ubuntu Version: 

1) You need to get the grab the Codename of your Ubuntu distribution by typing the following command : 

lsb_release-a

Which should give you the output below :

No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu X.X
Release: X.X
Codename: <codename>

2) Then you would need to type the command below without the < and >

sudo sed -i ‘s/<codename>/trusty/g’ /etc/apt/sources.list && sudo apt-get update && sudo apt-get install bash -y
Debian 6 Squeezy: 

echo ‘deb http://ftp.us.debian.org/debian squeeze-lts main non-free contrib’ > /etc/apt/sources.list

apt-get update

apt-get install bash
Debian 7 Wheezy

echo ‘deb http://security.debian.org/ wheezy/updates main contrib non-free ‘ > /etc/apt/sources.list

apt-get update

apt-get install bash

Result 11 - 20 of 35

Join Us on Facebook

Our Latest Tweets

  • 2 months ago

    @Galukxy  What is the reason of your website suspension? It could be something we could help you with actually

  • 5 months ago

    The Ultimate List: 57 Online Local Business Directories https://t.co/HATo96qXrw #localseo #Leadgeneration… https://t.co/HUz7sXscHz

  • 5 months ago

    21 of the Best #Facebook Pages We've Ever Seen https://t.co/Kz0o3jhuWS #FacebookMarketing #SMM #socialmedia https://t.co/nFOwpvtGMs

  • 5 months ago

    How to Make the Right Landing Page Rank: A Complete #SEO Checklist https://t.co/PaAye3CJCd #DigitalMarketing https://t.co/vTsj6sXEpu

  • 5 months ago

    30 Crazy #SocialMedia Facts That Might Change How You Think About Marketing https://t.co/hmEK7QuAnM #SMM #marketing https://t.co/mUlSRX8itV