Tag: proactive

IDNS deceptive practices, IGTV is now live, cPanel now supports git.

IDNS deceptive practices, IGTV is now live, cPanel now supports git.

Today on episode 22 of Web Hosting Podcast. iDNS misdirection, this is a public service announcement for the alleged service provided by iDNS. This company may send out actual mail to you in an attempt to trick you into renewing your domain name with them. IGTV (Instagram TV) is now live, did you even notice? cPanel now supports git.

IDNS

IDNS is a company that sends out actual mail when your domain is close to renewal. IDNS, or Internet Domain Name Service, sounds pretty official and the letter looks even more official. However this is not a bill and is an attempt to trick you into moving your domain to their registry. This letter looks so official that it has tricked many people into sending them money. IDNS, sends out these letters in an attempt to trick you into paying their exorbitant fees for domain renewals. A standard domain renewal from a legitimate company is averaging $10 for a .com, however IDNS tries to get you to pay $45 for each domain. This is then compounded by a fee if you want to move away from IDNS. I think we will start to see fewer of these letters since the GDPR is in place and effectively hides some of the required information IDNS needs for these mailings. If you get one of these letters be sure to send it to the shredder.  Here is what these letters look like.

IDNS-Deception
IDNS-Deception

Git on cPanel

cPanel 72 now allows you to host git repositories as part of your cPanel account. This is great news for those of us that need to use git to share and track files.
From cPanels documentation page.
The Git™ Version Control feature allows you to easily host Git repositories on your cPanel account. You can use Git to maintain any set of files (for example, a website’s files and assets, a software development project, or simple text files). Here is a link to cPanel documentation.  We will likely discuss Git in a future podcast episode in more detail.

IGTV

IGTV is part of Instagram or Facebooks attempt to bring video to the social media giants platforms. This is very different than the current use of Instagram stories which are only limited to 15 seconds and expires after 24 hours. IGTV allows users to upload videos up to 10 minutes or 1 hour for verified users and these do not expire after 24 hours. This medium, in my opinion, is very different than having a youtube channel. IGTV is really trying to go after the “In Real Life (IRL)” moments, where youtube is more of a “produced” format. That is not to say you can’t do produced video on IGTV, it is just not as easy of a workflow. IGTV and Instagram in general is for a cell phone viewing audiences where the viewing device is vertical. Being mobile first is Instagrams strong suit. As it is mobile views account for over half of the current watched content online and is expected to grow to 78% by 2021.

Why is IGTV important for you or your business?

I was very doubtful about IGTV at first. I watched some videos from people I follow and watched some information on IGTV on youtube. It took me a while to see the potential and understand what all the excitement was for this platform. The vertical format is very hard for me to get use to, I do prefer the tabloid viewing option of youtube. However, putting all of the issues I have aside I think this is a great platform for businesses or personal. Almost everyone is going to have a cell phone and that is all you need to get started. This makes the starting cost nothing, granted you can do the same thing with youtube but I think most people expect a higher quality video on youtube. Starting up a IGTV channel is super simple. Just go to instagram.com, login and click on the IGTV button, then click on the “get started” button. From here you have to create and setup your channel. This is just like setting up a youtube channel. Once this is done you can start uploading your content. Make sure your video is in the vertical format. You can also make a custom thumbnail for your video, along with a title and description when you upload.

Currently Instagram has reached the 1 billion monthly active user total. That is billion with a b, per month. Put that in perspective. If you are able to reach 1% of 1% of those users, that is 100,000 new customers for your business. Since this platform is very new, you can get ahead of your competition by putting out great content. Here are some ideas you could try.

Video about you and your business. Make sure to include any social media links, website links, etc..
Micro vlog. Instagram is perfect for doing a small micro sized vlog series. You could show behind the scenes elements of your business.
Public Service announcements. These could be short snippets about product awareness or new items you are offering on your storefron.
Flash sales. Test your Instagram reach by having a flash sale only through Instagram.

These are just samples of ideas, but I think you get the idea. I am planning on using IGTV for podcast promotion and public service announcements for security and product updates. So follow me on Instagram so you can get notifications of new videos.

IGTV Specs and info:

Is VR, virtual reality, part of your website design strategy?

Is VR, virtual reality, part of your website design strategy?

Today on Episode 19 of Web Hosting Podcast. Is VR, virtual reality, part of your website design strategy? You could be missing out if you are not. With the release of the Oculus Go last month, high end VR experiences have come to the masses. You can take advantage of this by including VR elements easily on your new or current website. Also a very interesting thing happened over the weekend.

A interesting thing happened recently. I was notified by haveibeenpwned.com, that my email address was seen on a hacked site. Listeners may remember that this site was mentioned in Episode 13 as one of the useful tools segment. The site happened to be ticketfly, which was recently hacked and had all of its information released. The interesting part about this the fact that I was notified by haveibeenpwned.com, before news of ticketfly being hacked was released. If you are worried about your online data, and you should be, then I would recommend taking advantage of the free service provided by haveibeenpwned.com.

What is Virtual Reality (VR)?
Virtual reality, as defined by wikipedia is : “a computer-generated scenario that simulates experience through senses and perception.”
I don’t think all experiences have to be “computer generated”, remember those stereographs from the 1800’s? To me those were a form of Virtual Reality. Also, Viewmaster, made a toy that you could put in round slides that presented you with magical worlds. These were not computer generated or had anything to do with computers.

What is the difference between VR and 360?
360 video or pictures are elements wrapped in a sphere. Think of a big bubble that you sit in where the media is projected around you in a sphere, this is 360. Virtual Reality, is stereoscopic depth, interactive elements as well as immersion. The term VR and 360 are used interchangeably, they are decidedly different. Here is a great article on the main differences from Vimeo https://vimeo.com/blog/post/virtual-reality-vs-360-degree-video

Why is VR important for your website?
Remember when everyone thought siri, alexa and google home were just fads and would never take off not to mention the iPod. Now it is reported that 55% of homes have a smart voice device. VR is in its infancy, but it should certainly not be ignore. With the release of the Oculus Go, tether free VR is available to the masses. Lets also not forget that google street view is widely used and constantly adding locations. Google is doing a great job of covering the entire world. If you have a business, you can put your location on street view which will allow your customers to view inside your business. This works on desktop, phones, and VR headsets. I currently use this to view new locations I want to visit. It might be a restaurant, board game store, or a pub.

Types of VR devices.
Google Cardboard – uses a cell phone and lenses. This is like a viewmaster type device.
PlaystationVR – Sony released the Playstation VR headset to be used with a Sony Playstation 4.
HTC Vive and Oculus Rift – These are gaming PC driven tethered headsets. These require powerful gaming PCs and are physically connected to the computer by long cables. These are the top end VR experience.
Oculus Go – This is a simple stand alone headset. It offers a great experience for users and is not tethered to any device. The purchase price is very low at $200.
Other/Windows Mixed Reality – There are a few other devices out there that require a PC that uses windows mixed reality and are tethered to the PC.

History for me of VR.
First use of a streograph as a child. These date back to the 1800’s and used like photos to simulate a 3D (virtual) picture when viewed through a stereograph. Quite a thing to see if you have never used one before.
Then I purchased a viewmaster branded google cardboard device for my iPhone.
Stepped up to HTC Vive in 2016 – still currently in use.
Oculus Go, now used almost daily as a web browser to experience new things and new places.

How I use VR now.
Playing immersive video games on PC.
Browsing the web on oculus go. There are a lot of websites that support VR and have VR elements as well as 360 elements.
Viewing Street View and virtual tours on both VR headset (Oculus Go/HTC Vive) as well as iPhone and Computer.

What devices do I use?
HTC Vive
Oculus Go
Computer Monitor

Website design use cases.
Brick and mortar businesses
Product visualization
Location tours of your establishment

Other use cases for VR workflow.

Handicapped
visually impaired
agoraphobia

Software to help you develop for VR.
Great article on software for VR website developers. Link
Vizor.io – 360 Photo Editor.
Cupix.com – Create beautiful tours in VR from photos.

Sample 360 Photo I took.

Dissection of a WordPress hack.

Dissection of a WordPress hack.

Today on episode 17 of Web Hosting Podcast, Megan and I, dissect a website hack we have been working on. We discuss the how, the what and ways to prevent future hacks. We also discuss the defacement of webhostingpodcast.com and how I recovered the site so quickly. And remember those quick tips I use to run? They are coming back in a new way!

Podcast phone line 971 249 2359 is manned by me on Thursdays 9AM PST – 12PM PST. Feel free to call in and press (2) to reach me directly during those hours. If you want to just leave me a message anytime, press (1) and it will send you directly to a voicemail box.

Dissection of a WordPress hack we have been dealing with, the topics we cover are.

How we think it happened.
How we cleaned it up.
What could have prevented it.

Info on what we found from sucuri, regarding this specific website hack.

You will find the plugin I used to find that the wordpress core files had been modified. This plugin is since abandoned by automattic (the makers of wordpress, woocommerce and jetpack to name a few) but it can still be used. You need to download the hash file for the version of wordpress you are using. I would just like to point out that other external and filesystem based scans did NOT find this hack. Only by careful examination of the output of the exploit scanner were we able to find the source of this hack. It is no longer enough to just scan with one tool and think the site is clean. I recommend that you scan with multiple sources if you think you have been hacked, or if a hack keeps coming back after being cleaned. I also, and I can not stress this enough, recommend a daily backup of your website. There are many tools out there that will help you obtain a regular backup to a external location, such as dropbox, s3, ftp, or google drive. There is no reason to not have this setup for your site.

This is the plugin link 
And this is the location of the hash file on github.

Disaster plan or success planning your website.

Disaster plan or success planning your website.

Do you have a web site disaster plan in order?
I am betting you likely don’t.

Why is a disaster plan important?

The unknown is ever present in the world of technology. With the rise of malware and CPU defects, the chances of your site going down by unseen forces is getting higher every day. You literally could wake up one morning and your site is no longer online, or worse it is being held for ransom. Add into the mix the number of web hosting companies that go out of business or are sold to another company. If you don’t have a worse case disaster plan in place, it is my opinion you are not doing yourself any favors. It is very easy to put together and can be accomplished by anyone. This would be like having an emergency go bag if you live in a earthquake zone.

What are some key things you need to have on your disaster plan?

Login details for your Domain and where it is registered (username, password, phone number and support email address).
It may or may not be registered with the same company that hosts your website. I would make a document that includes your login details, contact phone number and support email address. Put this along with the others we will be covering into a envelope and seal it, then put that in a safe place.

Login details for your hosting account (username, password, phone number and support email address).
This is the location where your website is actually being served from. Put this information in the same envelope as the rest of the ones we are covering. It is also important to have a phone number and support email address along with your login details.

A current backup or archive.
We have discussed this several times on this podcast. You should have a current backup or archive you can work with of at least your website, and possibly of your whole hosting account. If you have been backing up externally or manually copying to a local disk drive, put this information and location of the backup in the envelope with the other information.

Now that you have your login details sorted out, you need to have some basic DNS information. I personally like to have a complete zone listing of all of my DNS entries. These are things like;

  • What are my nameservers and where are they pointing? Nameservers are vital to knowing where your zone record is being kept. If your nameservers vanish, your domain vanishes from the internet.
  • Where does www and yourdomain.com point to?
  • What are my MX records?
  • Do I have a custom record that is used for connecting to my mail server? For example, do you use mail.yourdomain.com and if so where is it pointing too?
  • Are there any other records I need for my site to be online? Custom records for a cdn, custom txt records that have been added, SPF records? There are many types of records that can be added to DNS. Some of them are for email, some are for proving you own a domain (google validation comes to mind). All records should be tracked and kept with your disaster plan records. You never know when you may need to recreate a zone entry.

 

Success plan not unlike the disaster plan.

What happens if your site starts getting a large amount of traffic. Good for you, bad for your hosting company if your on shared hosting. I have seen this type of thing happen time and time again. A article you may have written, or a product you are offering gets picked up by national news or celebrity likes your product. This is great news for you, but this can often result in your site going down or even being taken offline by your hosting company. How do you deal with a “scuccess” hit often involves the same things as a disaster plan. You may find yourself needing to move to a new host rather rapidly. Have those contact information and login details at the ready in your disaster plan packet. Lets just call this the “What if” packet.

If you are just experiencing some temporary increased traffic, meaning you don’t think it will last for very long as the hype dies down. There are a few steps you can do to help with the site traffic increase, which will likely help with server load.

  1. Use a caching service like cloudflare. We have discussed this in the past. Basic cloudflare services are free and it only takes a minute to setup. This will act as a buffer between your host and the people trying to access your site.
  2. Make sure you use expires and headers so files are cached. Another topic we have discussed in the first episode.
  3. Make sure you are compressing the site files with mod_deflate. See episode 1 for more details. Or listen to the end of this episode for the quick tip.
  4. Enable a caching plugin in your framework. Something like wp super cache or w3 total cache for wordpress will save you a lot of headaches with a sudden spike in site traffic. This will also lower server load by reducing the mysql queries required to load your site by making some of the site pages almost static in nature. This will in turn keep your host happy. This is not the same as cloudflare caching service.
  5. Serve a static site during the increase in traffic. This one is a little more tricky, but it is definitely possible. By removing the need to have mysql and php render pages, your site will load faster and have almost zero load on the server. This requires planning ahead however and having static pages ready to go.
  6. Work with your hosting provider to see if you can to keep your site online. If they are less than helpful, then reach out to the world and get a recommendation for a new host. A good host will want you to grow and be a part of your growth process. If they just suspend your account because you are successful suddenly, then they are impeding your growth and should be removed from the equation. If the host offers some suggestions to you, no matter if they sound complicated, and want to work with you in providing even a temporary solution to the situation, then you should listen and see if they can help.

Things to NOT do. Do not allow your host to move you to a tiny VPS of your own. This is the number one thing I see and it will kill your site, but save your hosts butt. If your site is already creating a problem on a very large shared servers with possibly many CPU cores and many Gigs of ram, what good is moving you to a 1 core and 1 gig of ram VPS going to do. They just want you off their shared server as fast as they can, they are not offering a solution but passing the buck to you and making a few bucks in the process. You site will never stay online in a small VPS unless you have someone that you can call on to make massive tweaks to the VPS itself, install specific software and configure it, this often requires a system administrator/engineer to do.

Do NOT try and block the inbound traffic that is being generated, this includes changing the URL, blocking IPs in .htaccess or server firewall. You want that traffic to come in, if there are elements on that page that require external resources, like a facebook or twitter feed, remove that code during the spike in traffic. These can potentially slow down your page speed.

The biggest take away I want to share with everyone is to be proactive and not reactive. Whether it is a disaster plan or a success plan, the “what if” scenario should be on the minds of everyone. And if you are not ready for it, it can be devastating to your site, your finances and even your emotional state. Like any other disaster preparedness scenario, regaining control of the situation as fast as possible will allow you to continue on with your life. It will remove stress and worry. If you get an email from your hosting provider saying, “your site has been shutdown because….” you will know how to proceed because of your planning. Take some time out of your busy week and determine the best way to handle your “what if” scenario, it will make your life a lot better. If you have already put together a “what if” packet, then please share your experience and tips you may have with me. I would love to hear about them.

Quick tip today is gzip compression in cPanel, you can also see a video I did on this here.