Blog

WordPress – how safe is it?

People often talk about how WordPress is growing and growing (today the system has 18 percent of all installations homepage on the internet) and that safety is not hanging out with, but instead suffer from growing pains. Is it actually looks like? Let us right from the start to answer that question with a resounding “no”. WordPress is one of the safest systems you can install today and you are just the slightest little conscious about using secure passwords, update often, and maintain your security mindset, it is very difficult to hack into your WP blog.

More recently, it has emerged many blog posts about how hackers tried to break into the WordPress system with great success. What these posts are not gone into is that the sites that have been hacked had not been updated in a long time, was protected by very weak passwords and webmastrarna lacked knowledge of safety. Based on these latter conditions can any site hacked in minutes by a professional.

In this article we’ll look at how secure WordPress actually is and what you can easily do to be able to sleep well at night.

Safety first

In 2009 began WordPress to grow properly and many experts and professionals in general began to question the security of the system since it was made many successful incursions in only a few months. WordPress team took the complaints and doubts seriously and worked through the summer to patch up, improve and strengthen the system for safety and the hard work paid off. Towards the end of August were similar to WordPress a virtual Fort Knox.

The problem that existed and exist as regards the security of any system is that it is a site owner that determines how safe or unsafe it should be. Too simple password is the main culprit. Many people who install WordPress retains default administrator named “admin” and then select a very weak password. For a literate hacker is such a site a breeze. Many WordPress users also choose not to update the system files on a regular basis and is therefore leaving the doors wide open to intrusion. Everyone can figure out that a combination of these two omissions giving an extremely unprotected system – and that applies not only to WordPress.

WordPress Security | Netfirms Hosting
WordPress is initially quite safe and you can make it even safer.

Fact is that WordPress is one of the safest systems you can install on a server today – but it’s up to you as a user to determine how the high level of security you want.

User responsibility

Once you have installed the latest version of WordPress so you can feel confident that your system right from scratch is very safe. But after installation, it is you who is responsible for your system and its maintenance. There are some simple things you should consider in order to achieve a maximally protected website.
1.Create a username that is not similar to “admin”, “administrator” or something similar. Hackers have kodrobotar trying to log into WordPress sites, and these always examine first the most common usernames such as “admin”.
2.Use a password that consists of uppercase and lowercase letters, numbers and special characters, so that the potential combinations becomes prohibitive for hackers robots. An example of a good password: QdrT1u3 $ ¢ x1 | a9 . A bad password might look like this: anders12 .
3.Be sure to always keep your WordPress system update. As soon as there is an update (especially if it’s a security patch) then you should install it.
4.Also, keep plugins and theme files updated.
5.Install a security plugin that keeps track of what happens to your files, protect against attacks and prevent common intrusion. There are a number of such on wordpress.org. It is great to install a couple of different ones.

It’s very simple rules to follow and they give you a backup of the basicis. It is your responsibility to keep your system updated and to think safety-oriented.

Web Hosting With Crystone Hosting

Start Your Website and Web Hosting With Crystone Today! Free Site Builder and Site Studio Website Building Tools, 4,500 Free Website Templates. Free Website Transfer, Domain Transfer, MySQL Transfer, Script Transfer and lots more.

If you looking for web hosting try Crystone.com Hosting today!

i2Coalition Statement on State of the Union

i2Coalition Statement on State of the UnionIn response to President Obama’s inclusion of Internet issues in tonight’s State of the Union, Internet Infrastructure Coalition (i2Coalition) co-founder and Board Chair Christian Dawson released the following statement:

“The Internet Infrastructure Coalition supports President Obama’s desire to strengthen the security infrastructure of America. We look forward to working with the Department of Homeland Security to create a cybersecurity structure that respects the ability of infrastructure providers to innovate new security businesses and one that protects civil rights and an open Internet.

The development of strong cybersecurity structure needs to be truly voluntary and one that fosters a multi-stakeholder process. It is that process that brings together active participants in all aspects of the Internet’s infrastructure and one that reaches consensus on policies that ensure there is no better place to do business on the Internet than the United States.

As the world economy goes more and more virtual, it is vital for American workers in our field to be on equal footing with competitors around the globe. Our industry generates an estimated direct and indirect $46 billion in annual revenue in 2010 with expected 20% growth by 2013, and a trade flow to the United States of $9.2 billion. The services provided by the Internet infrastructure industry are now fundamental in our society, and as a group, we have the opportunity not only to impact policy, but to help shape the future of the Internet. We look forward to educating lawmakers with the facts to help make informed decisions on how to best foster American innovation and the Internet infrastructure industry.”

About i2Coalition

The Internet Infrastructure Coalition (i2Coalition) supports those who build the nuts and bolts of the Internet, and we treat it like the noble profession that it is. We believe the continued growth of the Internet is vital for growing an environment of innovation and seek to engage in ways to foster success of the Internet and Internet infrastructure industry. We seek to influence decision makers to weigh decisions on whether they are good or bad for the Internet economy and its foundational industries. In short, we seek to foster growth within the Internet infrastructure industry by driving others to harness the Internet’s full potential. To learn more about i2Coalition, visit www.i2Coalition.com.

Source: i2Coalition Statement on State of the Union

Crystone’s Sweetheart Deal – 20% off Enterprise Dedicated Servers

Stop by Crystone.com and check out their “Sweetheart of a Deal”!!

Crystone Logo

Sweetheart DealCrystone is today one of Scandinavia’s leading service providers in web hosting and hosting, with roots and headquarters in Stockholm. We also have regional offices in Miami, USA and Manchester, England.

We have customers worldwide and is both private individuals, associations and businesses of all sizes. With 15 years of experience in the industry, our focus on delivering a wide range of mature and attractive products, services and high service.

Through a high level of technical competence, availability and competitive prices, we have secured our customers’ environments and efforts, on several continents, every day.

Our services include, Web Hosting, Domain Names, VPS, Dedicated Servers, SEO Hosting and Reseller Hosting.

Softaculous Unveils AMPPS 2.0

amppsOn Friday scripting library provider Softaculous announced the availability of version 2.0 of AMPPS – the company’s application deployment solution.

The new version of AMPPS features updated editions of Softaculous, PHP, Apache and MySQL, among others.

Discussing the matter in a press release, AMPPS Senior Developer Jigar Dhulla expressed excitement, noting the company would follow up by adding even more things.

Softaculous has grown since its initial debut, adding more and more apps to a platform that includes the likes of Drupal, Joomla, phpBB, Moodle and more.

A complete list of changes:

1) The current version of AMPPS for Windows include:

Softaculous AMPPS 2.3(Softaculous 4.1.8)
Apache 2.4.3
PHP 5.4.11, 5.3.21 and 5.2.17
PERL 5.10.1
Python 2.7.2 with mod_wsgi 3.4 module
MySQL 5.5.29
phpMyAdmin 3.5.6
SQLite Manager 1.2.4
MongoDB 2.2.2(Only 64-bit)
RockMongo 1.1.5
FileZilla FTP Server 0.9.41

The current version of AMPPS for Mac include:

Softaculous AMPPS 2.3(Softaculous 4.1.8)
Apache 2.2.23
PHP 5.4.11, 5.3.21 and 5.2.17
PERL 5.14.1
Python 2.7.2 with mod_wsgi 3.4 module
MySQL 5.5.29
phpMyAdmin 3.5.6
SQLite Manager 1.2.4
MongoDB 2.2.2(Only 64-bit)
RockMongo 1.1.5
Pure-FTPd Server 1.0.35

2) PHP 5.4 now for Mac too.

3) Added Task Manager for Endusers.

4) Added Error Logging system of Softaculous AMPPS which can be accessed from Softaculous Admin Panel.

5) Apache Modules can be configured from Enduser Panel now.

6) Basic PHP Configuration can be configured from Enduser Panel now.

7) Autoindexing in httpd.conf is now shifted in httpd-autoindex.conf

8 ) SSL Configuration is now shifted in httpd-ssl.conf from httpd-vhosts.conf

9) In case of port conflict, along with port 80, sensing of port 443 is also now enabled(Windows only).

10) Now users can take a backup before upgrading the script to newer version.

11) Now libpq.dll is loaded by default for pgsql support(Windows only).

12) Admin can now set default Username or Password suggested on script install form as Empty.

13) Turn off update available notification for script installations.

14) Now while adding FTP User from Enduser Panel, Home directory of User is not restricted to Ampps Path.

15) Improved the Softaculous packaging API.

16) Bug Fix : AMPPS will now sense only its own Apache, MySQL Server. Before it used to sense others too.

17) Bug Fix : Classes were not displayed in chrome due to SSL issue. This is fixed now.

18) Bug Fix : In case of failure during Restore process the exact error which caused failure was not displayed. This is fixed now.

NOTE : This version of AMPPS in WINDOWS is not upgradable from previous versions.

From The Softaculous AMPPS Team

End of Year cPanel Maintenance Tips

The end of the year is a great time to perform some basic server maintenance with your hosting automation system. As the system administrator, cPanel’s WHM will make it easy for you to complete a few routine tasks that should keep things running efficiently.

1. Remove old unused user accounts – Over time you have probably suspended users who have never returned. If you have unused websites or users on your server, it is a good idea to remove them now before they can become a security risk later.

Home >> Server Status

2. Test backups – Assuming you have been a good system administrator, you have been backing up your server all year long. What you might not have done is test any of those backups. Now is a good time to make sure your backups are actually working.

Home >> Backup

3. Fine Tune Services – The need for certain system services may come and go. With WHM you can enable or disable system services (or daemons) that start at boot and run in the background. Disabling the ones you do not need can reduce unnecessary memory and CPU usage. You can also select the services you want to monitor on the cPanel Service Status screen.

Home >> Service Configuration >> Service Manager

4. Server Status Check – WHM includes a set of tools that can help you keep an eye on your server’s health and performance. These include:
• Apache Status – information about the system’s web server
• Daily Process Log – information about daily CPU and memory consumption
• Server information – mostly containing information about server hardware configuration
• Service Status – a list of services that you are monitoring based on your selections in the aforementioned Service Manager.

Home >> Server Status

A Few Common Issues with Shared Hosting Security

Shared hosting is a form of virtual hosting that requires its users to share the same server and often the same IP address. This is the most economical form of hosting as it is quite inexpensive and usually sufficient for small to medium sized websites. Even though the websites on a shared hosting server have separate domains and separate content, they are still linked by the server that they share. While it is still the most affordable hosting option, there are still some issues you may face. This is why we do not offer shared hosting for SEO Hosting purposes.

Shared IPShared IPs

Unless you have an e-commerce site and need a dedicated IP for SSL, you will share an IP address with other users when using shared hosting. This is normally fine, but you should know that some of the things your neighbors do can affect your IP address. For example, if your neighbor gets put on a spam blacklist, anyone else who shares that IP will be on it to – including you.

CPU and MemoryShared CPU and Memory

With shared hosting you will have a guaranteed amount of disk space assigned to your account but you will still have to share CPU power and RAM with your neighbors. So if one of them ends up takes more than his or her fair share, it can adversely affect the other users.

HackingYou have been hacked!

It can be quite an unfortunate event when one of your neighbors has his site hacked and you just had better hope the security breach is not serious enough to cause the whole server to be affected. if that is the case then your site could be in jeopardy as well.

Despite the above three issues, shared hosting has plenty of benefits for traditional hosting but for SEO Hosting we still recommend using either a VPS or Dedicated Server for hosting your valuable websites as it is a much more suitable environment.

Does Your Blog have Search Engine Friendly URLs?

With the ever increasing usage of dynamic content management systems (CMS) to power websites, webmasters have been looking for ways to make their URLs look better. We refer to these type of URL’s as “search engine friendly” URLs, but they are also user friendly as well since they give an indication of what the page/post is about. Search engines prefer static URLs to dynamic URLs, but why? The fact is that the way that dynamic URLs are created they can sometimes create nightmares in the area of SEO. Search engines do not like to index dynamic URLs and there are various reasons for this, one of them being the non-standard characters like ?, &, %, =, and such in the URL.

A standard dynamic URL that is produced from PHP, a server-side scripting language, may look like this, seohosting.co.uk/index.php?category=name&234845345u4-this-one-274763. This format however is not very user or SE friendly but by using technology like Apache’s mod_rewrite module, your page/post can have a URL that looks more like, seohosting.co.uk/seohosting-co-uk-gets-a-new-look-and-feel. This is now quite easy to achieve, especially with blogging platforms such as WordPress.

There are several reason why this should be important for you to implement these SEO friendly URLs:

People Want To Link To A Certain Page On Your Site

SEO Friendly URLs

Sometimes when people may want to link to your website and they will use the URL as the anchor text in that link. For that reason alone you should be using SEO friendly URLs since most likely you have placed your keywords in your SEO friendly URL like below:

http://www.seohosting.co.uk/most-popular-seo-hosting-plans



Look and Feel of the URLs

SEO Friendly URls

When you have not so nice looking URLs it can cause visitors to be weary of your site as it may throw up red flags in some peoples eyes as it may look like a “bad” site to visit. People may even think “hummm I wonder if I will get a virus if I visit this site?” I can only assume that many people probably feel this way about seeing such “ugly” URLs, so don’t scare away your visitors just change the way you

Copy And Pasting

Copy and Paste URLs

Finally, we have all seen what can happen to URLs that are too long. Someone tries copy and paste the URL but for whatever reason, the URL gets broken during the transmission or formatting process, and it’s basically a dead link. So don’t limit your exposure with URLs that can “break down” and are hard to



So in order to effectively use this technology, you need to make sure that your website has mod_rewrite enabled. If you do not currently have a hosting provider or if you are looking for a new one then you should make sure to find a hosting provider that has experience with blog hosting and that has mod_rewrite and other important features like it enabled by default.

Tips for Better VPS Security

So you just got yourself a new SEO Hosting VPS but now the question is, “How do I make it more secure?”. When running a VPS you need to protect your server against various security attacks which may harm or even destroy your data.

Here are a few basic VPS security tips:

1. Keep Your Software Up-To-Date – This is one of the most important tasks of securing your server. Everyday, numerous vulnerabilities are found in various applications, services and scripts so installing the latest updates on your server is crucial and strongly recommended.

2. Disable Remote Root Logins – Your service provider will most likely give you a root account to start but you do not need to login as root every time you access your server. You should, instead, create a separate user account that can escalate to root when necessary. Disable root logins in your SSH settings to add security.

3. Enforce and Use Strong Secure Passwords – Passwords are the first line of defense for your server but they are often the weakest links in server security. You should require any users to use secure passwords and change them regularly as well as create strong passwords.

4. Use a Secure File Transfer Method – If you think FTP is secure then you would be wrong, FTP is not secure. If you have sensitive data or even if you just want to protect your password, you should use your encrypted SSH login. SFTP is one method you can use.

5. Use Correct File and Directory Permissions – There are 3 types of access permissions: read, write and execute and they are available for three different categories of users: owner, group and others. With these permissions you can determine who can access or modify the files. You should ensure that all files and directories have the correct permissions since this is important for server security

6. Backup Everything – If there is any chance that you will need something, you should have a backup for it. Routine, off-site, automated backups will ensure that if something ever goes wrong with your VPS, you can easily recover.

7. Remove Inactive Accounts – If certain user accounts are no longer being used or have not been used for a long time then they are potential security risks for your server. Since no one is using them they can be compromised and possibly used to harm your server or other servers on the network.