We experienced an extended mail server outage on one of our shared hosting servers (Basil) on Monday, February 22, 2009.
The issue started early Monday morning and was caused by substantial denial of service type attack by an extremely large volume of mail being sent to a specific mailbox.
To make sure this does not occur we have implemented new emergency response processes with our upstream providers, meaning they will have the authority to act immediately without our contact in similar situations. This will ensure that outages like this do not occur in the future.
In addition to the new processes, we are also hiring and training a new in-house technician to make sure you get the quickest responses and communication in the future.
Many of our attempts to respond to incoming tickets failed due to email addresses being hosted on the server where the problems were occurring. Please ensure that you are using an email address that is not hosted with us when creating tickets during outages – particularly those involving mail problems. It is also important to note that telephone support is only included in our Support
enabled packages. For those without Support, we are more than happy to respond to a telephone request via email as long as you leave an accessible email address in your voicemail.
We understand the importance of email and we apologize for any inconveniences this has caused. We believe these changes will not only prevent a similar situation, but will allow us to continue to offer you with the best service in the industry.
For best updates and information you can follow us on twitter.
We are asked this question quite regularly and although we have a knowledgebase article outlining how to fix the problem within Plesk, I felt it would be beneficial for many of you to know why it occurs.
Continue Reading
So you have a website and are a bit concerned about its security. It doesn’t matter if it’s a business site or a personal blog, this article will tackle some of the basics you can implement today to avoid the big headaches down the road.
How and why do websites get defaced, hacked, or corrupted?
Most sites are compromised by known vulnerabilities in outdated web-based scripts and applications. Simply put, this means if you run outdated versions of popular software such as message boards, blogging software, or content management systems, your website could be at risk. Other ways a website is commonly compromised is due to insecure or stolen passwords and incorrect file permissions.
Why would anyone want to hack my website? I don’t store any personal or financial information on my site so I shouldn’t worry about this right? Many people feel that because they think no one wants to compromise their website they don’t need to worry about its security. Stop it.
Although they may not want any of the information on your site, most of the time your site will be used to spread viruses, spyware, or deceive your visitors into going to sites with them. Most compromised sites we see have malicious code injected into the files in order to do just this.
Here are a few things you can do today to make sure your website is better protected.
Start locally
Make sure your personal computer is secure. If you use an FTP program to upload content to your website, chances are that you have the username and password saved within it. Depending on how that program stores this data it is possible to have that info stolen if your computer has spyware or a virus.
We recommend installing a virus scanner and regularly scanning for spyware along with being more cautious of where you are surfing online.
Update and patch your third-party applications
Most website security issues can be avoided by being proactive with updates and security fixes issued by the authors of your applications.
Many popular applications now have a one-click update that takes less than 30 seconds to perform. It is recommend that you backup your data before upgrading which can usually be done through your Control Panel.
If you stop using an application make sure you remove it. If you’ve switched from Wordpress to Joomla for your content management, make sure you remove the Wordpress installation as it can be forgotten about and left outdated. Even though you may not be using it, it can still be accessed.
Remember that updates, patches, and new releases are released for a reason. Staying on top of these updates may seem like an inconvenience at the time, but it will save you from a lot of headaches and issues in the long run.
Checking file permissions
Allowing everyone to read, write, and execute files on your website is a huge security issue. In a web-based environment you typically will want a “755″ permission setting, or full access to the file owner, and only read/execute access for everyone else.
Some applications will ask you to set a permission to “777″ or full access to everyone. Make sure you are running the most up-to-date version of this application before installing. Also, you may want to try it with a 755 as some hosting environments will for this.
Secure your login areas
It is best to access the administration area of any application over SSL (https://). This can be done by making sure it is placed in a ssl-based directory.
In addition to this, it is possible to limit the admin directory to only specific IP addresses. This can be done by placing the following information into a .htaccess file:
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName AdminAreaAuth
AuthType Basic
order deny,allow
deny from all
# allow home IP address
allow from 99.x.x.x
# allow work IP address
allow from 142.x.x.x
# allow vacation home IP address
allow from 24.x.x.x
For example, if you wanted to secure the admin area of your WordPress installation, you would place this .htaccess file in your /wp-admin/ directory. It will deny all connections that are not made from one of those predefined IP addresses.
—
Hope this helps. Interested in hearing more on a specific topic? Let us know!
The Canadian Government announced this week that it is planning on only buying Energy Star qualified servers. Canada, along with many other Governments including the EU, Switzerland, Australia and Japan have adopted the US EPA’s energy efficiency certifications for appliances.
The datacentre and hosting industries have seen a huge green push over the last several years and it is interesting to see a client with the purchasing power of the Canadian Government make an announcement like this.
With space being such an issue in data centers, it is easy to sacrifice energy efficiency with space efficiency. Although much attention has been put on making data center infrastructure and design more energy efficient, it’s nice to see a push to get the servers in those data centers more efficient as well.
Lydia Aouani of Natural Resources Canada said “Soon, any server purchased by our government will be Energy Star (certified).” She also noted that “If all data centers were using state of the art energy efficiency technologies, by 2011 we would go back to our electricity consumption levels of the year 2000,”
This guide shows how to configure your mail account in Outlook Express on Windows XP. It assumes you already have a mail account setup in our Plesk Control panel and know your mail password.
Continue Reading
This guide covers the steps necessary to broadcast to a SHOUTcast server. These are the steps that need to be completed on the client side, not the server-side. This guide assumes that you have already received an IP address, port, and password from Web Savers’ staff.
Continue Reading
We would like to welcome Chris MacLellan to the Web Savers team. Chris is joining us as our new Account Manager and will be introducing himself to many of you over the next few months. Thank you in helping us welcome Chris as part of the team.
This guide shows how to configure your mail account in Outlook Express on Windows XP. It assumes you already have a mail account setup in our Plesk Control panel and know your mail password.
Continue Reading
This guide will show you how to add your email address to Apple Mail.
Continue Reading
If you are having problems choosing the right hosting package, here is a little bit of information that will hopefully help you out.
Continue Reading
Client Area
You are here:
Find us on the web