Site hosting news, tutorials, tips, How Tos and more

New top level domain extensions are available

announcementsToday we are introducing 5 new domain extensions into the mix: .cloud, .club, .pro, .store, and .xyz. You can check out our website for domain pricing, or go to Control Panel right now to order a new domain name.

We plan to introduce more domain extensions, so if you have any suggestions, please let us know.



ASP.NET Core 1.0 is available now

announcementsWe have updated our Windows 2012 servers to support ASP.NET Core 1.0. This is the latest rewrite of ASP.NET from Microsoft (which they had previously called .NET 5). Learn more about .NET Core here.

If you want to use .NET Core 1.0 but your site is not on a Windows 2012 server, we can migrate you to a newer server. Just log in to the support portal and open up a ticket. We’ll take it from there. You can see the web server your site is running on in the Site Info section of Control Panel, under “Web Server.”



Upgrading DotNetNuke

howtoIt’s important to keep your web applications up-to-date. This prevents known vulnerabilities from being exploited and wreaking havoc on your site. That goes for any third-party software you might use on your site, but today we’re going to talk about updating DotNetNuke.

The most important thing before upgrading is to back up your current DotNetNuke site. Also, if you are using any third-party themes or modules, please contact the author(s) before upgrading to make sure they are still supported in the latest version of DNN.

Backing up the MS SQL database

This will place the backup of your MS SQL database within the App_Data directory with the file extension “.bak.”

Backing up your web site files via FTP

Downloading the upgrade files and Extracting

Important: you must know your SuperUser account login in order to upgrade.

You can download the Upgrade files through DNN’s download page.

Uploading the updated files

Upgrading



Summer Updates

banner-announcements

The latest versions of the following applications are now available through our App Installer tool:



CTB-locker ransomware now affecting websites

Do you know what ransomware is? It’s a computer compromise, typically spread via a macro in a Microsoft Word file. Those spam “invoices” you get, with a .doc attachment? They’re almost always ransomware. If the macro is run, most of the document and image files on your computer are encrypted, and the hacker then extorts money out of you to get the key. The longer you wait, the higher the price.

Right about now you’re probably thinking, “Not a problem for me, I have backups for all my important files!” Which is good. You can reformat your computer, restore your backups and be done with it. Lesson learned. If you’re not backing up your computer files, now’s the time to start, right? Right? Get started. Seriously.

Ransomware reaches the web

If that wasn’t bad enough, the people who write ransomware have now figured out how to encrypt your website files and hold them for ransom, and compromises are spreading rapidly across the web. The compromise is done through vulnerabilities in third party applications or your own scripting (out-of-date WordPress sites are a common target – update your WordPress site, plugins and themes!).

At the time we’re writing this, that ransom starts at around $175, and goes up from there the longer you wait. The best way to guard against that is the same way you’ve guarded against site compromise forever: keep your third party application updated, and examine your own code for vulnerabilities.

But if the bad guys do get in and your site files are encrypted and held for ransom, what can you do?

Well, we make site and database backups every day, so we may be able to help you restore the unencrypted version of your files. But our backups are meant for disaster recovery, so there’s often a fee involved with pulling and restoring a copy, and it will take a little time. In addition to that, we only keep a few days of backups. If you don’t notice a ransomware compromise for four or five days, all of our backups will probably be copies of the compromised files, and therefore not useful in restoring the site.

So what’s the best answer?

The best answer is maintaining a tight ship, as far as your site is concerned. But a really good standby strategy is our SiteBackup service. It allows you not only to back up website and database files, but to keep multiple versions of those backups for long periods of time. That increases the likelihood that you will have a “clean” backup to restore to defeat the ransomware goons. The best part is you control the backups, they’re available to you immediately any time you need them.

Another cool thing that SiteBackup can do is alert you if Google flags your site as compromised, and automatically disable any further backups. That means you can rest easy that you’ll always have a clean backup for restoration.

Any way you slice it, it’s better to be safe than sorry, so we really recommend checking out SiteBackup. It’s inexpensive (starting at $2.95 a month for 10GB of backup space!), extremely easy to use, and – we think – some of the best peace of mind money can buy.

Activate SiteBackup in Control Panel now.

Here’s what a site compromised by CTB-locker looks like:

ctb



Introducing SpamExperts Email Filtering Service

Spam filter by Spam Experts

banner-announcements

We have partnered with Spam Experts to bring you the leading premium spam filtering service. Because Spam Experts filters millions of emails daily, they have the ability to detect emerging threats early, so their spam filtering engine is always up-to-date.

Not only will you get a cleaner inbox, you also get access to a feature-rich management portal called SpamPanel.  Missing an expected email? You can check your email logs. Want to whitelist or blacklist a user or an entire domain? You can do that through SpamPanel. You’ll also get a daily report listing your quarantined emails.

You can try Spam Experts spam filtering FREE for 30 days (limited time offer until March 31, 2016 free trial extended to April 15th!). After the free trial you can continue using SpamExperts for as little as $3.45 a month.

For more information on Spam Experts spam filter pricing and features, check out our website.



ASP.NET 4.6 hosting available now

asp.net hostingbanner-announcements

Just wanted to announce the availability of ASP.NET 4.6 hosting – more precisely it’s ASP.NET 4.6.1. Many of you have been asking about it, and now it’s here at Winhost!

Note that we didn’t roll out ASP.NET 4.6 on all servers, so if you are interested in using ASP.NET 4.6 and your server doesn’t have it, then contact us and we’ll move your site to a server that supports ASP.NET 4.6.

 



Getting Started with RavenDB

howto

Over the years there have been a number of customers who have asked if Winhost supports NoSQL databases. There is actually one NoSQL solution you can install in our environment, and it’s RavenDB. In this guide, I will show you how to get started with it (i.e. installed and running) if you want to try it out. The instructions have been taken from the official site and modified for our hosting environment.

First, download the .zip file from the RavenDB website and then extract it. Open up the “Web” folder and make the following changes to the web.config file in that folder:

Change line 3 from:

<add key="Raven/WorkingDir" value="APPDRIVE:\Raven\" />

To:

<add key="Raven/WorkingDir" value="APPDRIVE:\web\ftpusername" />

Replacing ftpusername with the correct value.

Add/Insert the following in between the <system.web></system.web> XML tags to enable Full trust:

<trust level="Full" />

Once you have finished making the changes to the web.config file, save it. Then upload the entire “Web” directory into your hosting space.

Using the Winhost Control Panel, create an Application Starting Point for the “Web” folder. Open the “Web” folder using a browser (e.g.: http://www.HostingAccountDomain.com/web).

You’ll get an error regarding WebSockets. You can open up a support ticket to have it enabled and have “Overlapped Recycle” disabled in your App Pool settings, and that should complete the installation so that you can try it out.