An SSL certificate encrypts information sent between a server and the users who connect to it. All websites that collect customer information are recommended to have an SSL certificate installed, and it is an absolute requirement for any site that takes credit card payments. Without an SSL it is possible for a third party to intercept and read your data (sometimes known as a man-in-the-middle attack) whereas an SSL certificate will make any interceptions unreadable.
There are many different trusted SSL providers (called Certificate Authorities) such as GeoTrust, Verisign and Thawte. There are also various types of SSL certificates, including standard, wildcard and Extended Validation (EV) certificates. These certificates will appear subtly different depending on the browser used, but will include some variation on a padlock symbol. Below is an example of a standard SSL certificate (well, it’s actually a wildcard but you can’t tell the difference):
An Extended Validation certificate means the website has undergone more rigorous testing (and paid a lot more) for their certificate, and allows more information to be included, such as a company name. The images below are from the same website, Paypal.com, displayed in different browsers.
The higher the validation (more identity checks) the more trusted the SSL certificate. A standard SSL certificate can be issued in a few hours whereas an EV SSL certificate may take days or weeks to pass all the authentication checks. Most websites don’t need anything more than a standard SSL certificate, well written and maintained code (important!) and a great website host (aww shucks, nice of you to say) to protect their customers from hackers and identity thieves.
HostAway can provide SSL certificates from multiple trusted vendors so if you have a preference please contact us and we can provide a quote.
We have reviewed our hosting costs for additional mailbox and website space and reduced prices by up to 50% !
Customers don’t need to do anything to receive these new prices – they will be reflected on your next invoice. The new prices are:
We are also able to create custom sizes so please contact us for pricing if you require more space.
You may notice a discrepancy in pricing between email and website hosting and this is due to the different backup, virus scanning and replication procedures involved with email data versus website data.
By now you’ve probably heard of ‘The Cloud’ or the term ‘cloud computing’ bandied about and you may have wondered “does my business need to be in the cloud?”. We understand The Cloud is often used as a generic buzzword to cover a range of hosted solutions which confuses a relatively simple concept. Hopefully this article will clear up any misconceptions you may have:
Cloud computing refers to remote computers running software and storing data which you access over the Internet.
One of the earliest widespread cloud services was Hotmail – an email service where your data was stored online and not on your local computer. Over the past ten years there has been a rapid growth in the number and quality of services being offered through the cloud, i.e. over the Internet which you may access via a web browser, mobile app or a very basic computer.
Cloud computing allows your business to benefit from technologies without needing to have the expertise to manage them, and focus on what you’re good at. Google, Microsoft, Amazon and Apple are some of the big players in the cloud, offering applications, storage and computing power with their varied services. Services such as Facebook, Twitter and Instragram are also examples of cloud services, as are smaller players such as Xero (accounting), Salesforce (CRM) and Dropbox (storage/file sharing). To get a little more technical, cloud computing is often broken down into these 3 broad categories:
Software as a Service (SaaS) – The most common model, on demand software often paid for by a monthly access fee. This replaces the need to purchase software to install on a single computer with users instead leasing software to access from whichever device they choose. HostAway’s webmail software and mailout portal are examples of SaaS.
Platform as a Service (PaaS) – This model refers to computer environments that allow application developers to build and deliver their own software and services. An example is HostAway’s shared web hosting and database platform which allows website developers to focus on their code and not have to worry about the maintenance of the underlying operating system or hardware.
Infrastructure as a Service (IaaS) – As the name suggests, this model provides users with access to virtualised infrastructure or hardware. Customers can lease computing power, storage, IP addresses and scale up or down depending on their requirements, without having to purchase any physical machines. HostAway has been offering Virtual Private Servers since 2008 allowing users to maintain their own operating systems and software.
There are a number of compelling reasons to move your IT resources into the cloud.
- Scalability. If you need more, you pay for more.
- Flexibility. Access your data from anywhere with an Internet connection.
- Capex vs Opex. No more hardware costs, you lease services instead of buying assets.
- Physical security of data centres. Your data is safer on a server inside a data center/s than on a hard drive in your office.
- Potentially lower costs. Not only do you not pay for hardware, depending on your model you don’t need to maintain or patch software either.
Cloud computing is dependent on your Internet connection. If your connection goes down, so does your productivity. The delays in the NBN rollout and the necessary improvements in Internet connectivity in Australia has meant some companies don’t have reliable or fast enough connections to make use of cloud services.
There are also security considerations when using cloud services, as you are no longer in complete control of your data. How is your service isolated from other users? Do you communicate with your cloud provider over an encrypted connection? Where is your data stored and what government’s laws do you fall under if your data is hosted overseas? We don’t mean to frighten you away from using the cloud but these are questions you should be asking – please don’t hesitate to contact HostAway if you have any questions about our hosted solutions.
You are probably already using cloud services (remember Facebook?), but for your business you may consider the three major deployment models: private, public and hybrid.
A private cloud involves managing your own services either in house or in a data center and accessed via a secure connection. This option is more expensive as you still have to purchase and manage your hardware, but offers more security, privacy and control. An example would be storing a file server in HostAway’s data centre using our Colocation service, and accessing the data via a secure Virtual Private Network (VPN).
A public cloud is the more well known model where services are provided to multiple users over shared infrastructure which is publicly accessible via the Internet.
A hybrid cloud uses a combination of the two, where a company will store non-critical data in a public cloud to take advantage of the lower costs and greater flexibility, but store their financial information in a private cloud.
The cloud is not a mysterious floating solution for all your IT issues, it is a business tool and as such you have to analyse its strengths and weaknesses to determine where you store your information, and who you choose to store it with.
Every industry has unique technical terms and IT is well known for it’s jargon and TLAs (Three Letter Acronyms). Whilst HostAway are happy to determine your needs and recommend a solution, we know that as a decision maker you might want to understand a little more about what we do. To help, we have come up with (or borrowed) the following analogies. PLEASE NOTE: As with all analogies, they aren’t perfect and so if you have any questions please don’t hesitate to contact us.
Your domain name (example.com) is like the street address for your business. Without a domain name no-one will be able to find you. The website hosting is the foundations and structure of your office building – you may need a small office or maybe a warehouse, an office block where you share resources (shared hosting plan) or perhaps dedicated space (virtual server). If your website needs a shopping cart you will need a database to store information much like a warehouse needs a shelving system to store products.
You then to have your designer (web developer) build you an office that will attract customers, paint it, create signage and fill it with furniture (content). The next step is to attract customers to your store, so you need to advertise your location which you can do online with banner ads or paid search results, or you can advertise on standard media (TV, radio, newspapers etc). You might also hire a Search Engine Optimisation (SEO) specialist, who will make your office building appear brighter and help it to get noticed by people looking for your products. Of course, you can’t just leave the same products on the shelves and let your office appear run down. Every now and then you will need to update your content and give your office a new coat of paint, or a complete re-design.
A key part of your hosting plan is DNS (Domain Name System) which can be likened to a phone book; it translates names into numbers. When you type www.hostaway.net.au into your web brower it checks with the “phone book” which provides the number (IP Address) where the website is stored, in this case 18.104.22.168. Your web browser then contacts that address and requests the web page.
A server is a powerful computer that serves a specific purpose (e.g. email, website, file sharing, etc). If you liken a server to one really big house, and had a single bachelor living in it he would have lots of room and could do what he likes. If you put a lot of bachelors inside the house, they will get in each others way and any mess made by one affects the rest. A virtual server would be more similar to an apartment building, the space is divided into compartments and the bachelors can only make a mess in their own space which doesn’t affect any of the other bachelors.
The Internet is often compared to plumbing as it is made of a series of interconnecting pipes of various sizes. The larger the pipe (more bandwidth) the more water (data) can flow through it. Network issues can occur if the pipes are cut or become blocked, which is why the HostAway network uses multiple large pipes (uplinks) to ensure we are always connected.
If we were to use the analogy that a web server is like a pub, serving drinks (websites) to patrons, then a Distributed Denial of Service Attack (DDoS) is like a thousand people entering the pub in front of you and ordering a glass of water each. The pub is unable to serve you as so many different users are flooding it and taking all the attention of the bartenders. Fortunately, HostAway has bouncers on the door and a cluster of pubs to keep the drinks flowing!
Bonus analogy (unrelated to hosting, we just liked it): If you copy an icon from your desktop to another computer why doesn’t the program work? The icon is most likely a shortcut, which only knows the location of the program, but does not contain the program itself. This would be like putting a post-it note on your office drawer saying “stationery” then taking the post-it home, sticking it to your kitchen drawer and expecting the contents of your office drawer to appear inside!
When you download or upload files via FTP (File Transfer Protocol) you are accessing your files on the HostAway web server. If you remove a file on the server it will remove it from your website, so please take care. If your website is built on a Content Management System such as WordPress then you won’t need to worry about FTP as you’re able to edit the site via an administration section in a web page. If your website is plain HTML however, you may want to occasionally make minor changes such as updating a phone number. This isn’t difficult to do, if you follow the steps below.
Firstly you need to make sure you are on a secure computer (eg. with anti-virus protection, not in an internet cafe or on a free wi-fi connection).
You then need to download an FTP program. HostAway recommends FileZilla, which you can download for free at http://filezilla-project.org/. You can also download a tutorial on how to use FileZilla from our FTP support page.
Open Filezilla and you will notice the window is vertically broken in two, with your local files on the left and the remote (or website) files on the right. The right side should be empty because you have not yet entered your login details.
You can now enter your login details at the top of the screen:
Password: contact us if you don’t know this
Port: *Leave this blank*
Press ‘Quickconnect’. You will notice a folder appears on the right side of the screen called ‘htdocs’. Double click on the folder to open it, and the folders and files that now appear are what make up your website.
IMPORTANT: Take a backup of your files before editing them. Keep these in a separate directory in case you make a mistake when editing the files. Although HostAway keeps a rolling 7 day backup of your web files it is always recommended that you take a local backup. To do this select the folder you would like to backup the files to on the left side of the screen. Then on the right side click on one of the folders or files to make it active, then type Control + A to select all files. Right click on the highlighted files and select ‘Download’.
You can edit a file live on the website (right-click the file and choose edit), however we recommend downloading the file (to a separate location than your backups), editing the file, and then uploading it. To edit your homepage you would click on the file index.html (or perhaps index.htm or default.html), and download it. You can then open this on your computer – when your computer asks what program to open this with just choose Notepad. If you are not familiar with HTML the contents of the file will look like gibberish.
Not to worry – you can search for the specific text you want to change, e.g. type Control + F to bring up the Find dialog box, then type in the text you’re looking to edit, e.g. ‘Contact Details’. This will take you to where the actual text is stored. So long as you do not change anything outside of the > < tags then you should not break any code. Obviously without knowing any HTML you will only be able to edit the text, not change images nor the appearance of the website. When you've made your changes you can upload the edited file using FileZilla (select the file you want to upload, right-click and choose 'Upload') and overwrite the one on the web server. Refresh your webpage and your changes should appear! If the website goes wonky then upload the backup file you took, to repair this. Then go back and look at the file to make sure you didn't remove any tags like for example.
If your mailbox is full then new emails will be rejected by the server – oh no! Never fear, this is a simple problem to overcome, you can either delete some emails to make room or increase the size of your mailbox.
When your mailbox is over 90% full the email server will automatically send you a message to warn you that you are running out of space. The simplest step is to log into the HostAway Members Panel and click on Email Quota Manager. This will display a list of mailboxes in your account and the amount of space allotted to each. Simply click on the plus or minus buttons to add more space to the particular account and choose ‘submit’. Problem solved!
Run out of space? If you’ve allocated all of your mailbox space then contact us to add more space to your account.
If you would prefer to delete emails to make room then please ensure you are running IMAP. If you are running POP (see this article for an explanation of the difference) then deleting emails from your computer won’t necessarily free up any space. If in doubt, log into Webmail and if you delete emails from there you can be certain you are removing emails directly from the server. If you are running POP you may need to lower an Advanced option in your mailbox settings to only keep emails for a certain number of days (e.g. reduce this from 30 to 14). This will clear out emails older than x amount of days.
TIP: Use your email program to rank your emails by size and save any large attachments, then remove them from the email. Alternatively, if using Outlook you can create a second .pst file to use as an archive, by following this tutorial: http://www.howtogeek.com/198907/how-to-archive-email-messages-in-outlook-2013/
Your website is the online reflection of your business, so of course you would like it to be attractive and convey all the relevant details in an appealing manner. Whether you built the ideal website or you are still looking for the right web developer one thing you need to consider is ongoing maintenance. Who is responsible for updates and security patches? Who uploads new content or makes edits? These are questions you need to ask your web developer before signing any contracts, in addition to how much these changes will cost.
Software (your website is software!) needs to be maintained and patched to allow for the latest features and to ensure it does not contain security loopholes that a hacker can take advantage of. The most popular Content Management Systems are constantly releasing updates which need to be applied to avoid your website being hacked. Our website hosting platform includes a notification system to prompt customers who don’t apply updates to these popular website platforms.
There are potential performance advantages to upgrading and while you’re updating the software you might want to update your content too – this is believed to be good for SEO. When updating your platform (i.e. WordPress, Joomla, Drupal, etc) don’t forget to update your plugins, modules and themes!
A key part of Internet security revolves around your passwords – choosing good ones and keeping them safe. HostAway is constantly monitoring for the latest Internet vulnerabilities and threats (we patched Heartbleed and Shellshock within a few hours of the news breaking) however this won’t protect your information becoming accessible if you have a weak password, or a virus on your computer makes the password available to a hacker.
Choosing your password
- Choose a long password (at the very least, 7 characters) containing letters, numbers and symbols.
- Don’t use publicly available information such as your name, phone number, etc.
- Use unique passwords for your important accounts, e.g. don’t use your email password to sign up to newsletters.
- Don’t use common words or sequences, e.g. password1, p@ss0wrd, fred2011, asdfghjkl, etc.
- Try to create a mnemonic password based on a phrase, e.g. “The folks at Hostaway are a mighty helpful bunch” becomes “Tf@HaaMHb:)”
Keeping your password secure
- Although best practice dictates not storing your password anywhere, if the choice is between using the same password everywhere or storing your 50+ passwords somewhere then write them down. Just keep them safe and locked away, or use one of the many password management programs available on your computer or smartphone to encrypt and store your passwords safely.
- Keep your computers software up to date. This includes but is certainly not limited to your anti-virus software.
- Make sure your password recovery options are set up correctly and update them if you change contact details.
- Use two-factor authentication where possible (coming soon to the HostAway Members Panel).
Time marches on and we will soon be saying farewell to another version of the Joomla CMS – the 2.5 long term support (LTS) release. Joomla 2.5, which replaced the 1.5 version a few years ago, will no longer be supported as of 31 December 2014.
If you haven’t already begun, now is the time to plan to upgrade your site to Joomla 3.3 – at the time of writing this article the latest version is 3.3.6. The number format is Major Release.Minor Release.Patch, i.e. the current version is Major Release 3, Minor Release 3 and Patch 6. Joomla 3.3 will be supported until at least September 2016, and you can find instructions for updating your software here.
The most likely difficulties you’ll run in to by updating your version of Joomla are incompatible plugins and possible theme/template inconsistencies. We recommend taking a backup of your site prior to upgrading however if you encounter issues please contact us and we can restore your site from our rolling 7 day backup.
If you remain on Joomla 2.5 your website will continue to function as before however it will no longer be considered secure. In 2015, if a weakness is discovered in Joomla 2.5 then a hacker will be able to exploit it since the developers won’t be providing any more security updates. This might not happen and your website could remain stable for years, however we prefer you to be aware of the risks so you can decide whether to upgrade now or stick with 2.5 and hope for the best.
If you plan to remain with Joomla 2.5 then we suggest improving your website security as recommended by Joomla here.
If you’ve used email services you will be familiar with the scourge of spam, aka junk email, which is estimated to compose between 80-85% of all email in the world. HostAway utilises a number of practices to limit the amount of spam you receive:
Greylisting is an anti-spam measure that works on the basis that spammers will not retry on receiving a failure message from the mail server. Greylisting exploits this by giving a ‘temporary failure’ message to the server that it is receiving mail from. This temporary failure message is designed to make the sending server try again later (similar to a telemarketer finding your phone engaged, spammers often simply move on to the next address in their list). Once a mail server tries again, the mail is accepted and the Greylisting system records the originating email address as well as the originating server. Future mail directed to the target email address is accepted instantly. Additionally, the delay imposed by Greylisting can sometimes result in a compromised mail server being discovered before it has a chance to retry sending mail to the intended recipient.
SpamAssassin is a widely used spam filtering program which gives each email you receive a spam ‘score’ based on various factors. This score is increased when the filter comes across characteristics associated with spam such as ‘Lose Weight Today’ in the subject line or malformed sender addresses. SpamAssassin automatically updates the rules that are used to filter spam emails every day and is constantly updated by the community and developers, this increases the chances of spam being flagged and offers greater protection as the filter improves. Once an email is given a high enough spam score (you can set this threshold in the members panel) the email is either tagged as spam or removed completely, depending on what score it receives. We have recently upgraded to the newest version of SpamAssassin to ensure the protection is up to date so you may notice you now receive less spam.
RBL (Real-time Blackhole List) filtering works by monitoring a list of blocked IP addresses which is supplied by a number of anti-spam organisations. When our mail server receives an email for you it looks at the network that the message came from, and then looks it up in these lists. If the network this email address came from was found in this list then the email will be rejected. This helps protect you against compromised web servers and is regularly updated by the anti-spam organisations to ensure the protection is up to date.
For more information about spam, or to report spam from an Australian source please visit https://www.acma.gov.au/stop-getting-spam
HostAway also provides Premium spam filtering as an optional service, please contact us for more details.