Site hosting news, tutorials, tips, How Tos and more

Archive for March, 2017


Introducing fully managed WordPress hosting, security and hardening

If you use WordPress and are worried about being hacked or compromised, or you just don’t have time to keep up with the frequent updates and maintenance, we just launched a service made for you.

Our Managed WordPress Hosting service includes:

  • WordPress hardening for maximum security.
  • Monthly updates of WordPress core, Plugins and Themes.
  • One of our in-house WordPress security experts will personally examine your WordPress installation¬†for malicious files and signs of compromise every month. If your WordPress installation is compromised or hacked, we’ll clean it up.
  • Configuration of automatic WordPress site and database backups.
  • WordPress-specific support and personalized assistance.

And if you need it:

  • Free website migration from your old host for a quick, smooth transition
  • WordPress installation, including database set up, Plugins and Themes

You can learn more about Managed WordPress Hosting and find a link to sign up here.

The Managed WordPress Hosting service includes the Winhost Max Plan, so if you are an existing Winhost customer and already have a hosting plan, contact us for pricing or open a helpdesk ticket and we’ll take it from there.

Every day we clean up compromised WordPress sites for our customers. For them it’s an inconvenience and an expense that they weren’t expecting and don’t welcome. But since WordPress is the most popular blog/CMS application in the world, it’s a natural target for hackers. If everything in your WordPress installation is not up to date, you are at risk.

And unfortunately, even if everything is up to date, you can still be vulnerable. That’s why Managed WordPress Hosting includes a WordPress hardening service, to increase security and reduce the chance that you will become a victim.

So if you love WordPress but could live without the constant maintenance and security tasks, let us do it for you!



Email change related to the postmaster@ address for your domain

We’re rolling out a change to the email system that you should be aware of.

The “postmaster” account is set up by default when we establish email service for a domain, but you have the ability to delete that account. The problem with deleting postmaster@ is that some important messages can be addressed to that address, and that’s because the SMTP RFP says the postmaster account for a domain is required to accept mail.

The change we’ve made is implementing behind-the-scenes forwarding that makes your primary domain admin the “postmaster” account (assuming you have deleted the postmaster@ account – if you have not deleted that account, you won’t see any changes). What that effectively does is ensure that email addressed to the postmaster@ address for your domain is delivered.

The side effect of this change is that you may see an increase in spam on your primary domain admin account, since spammers sometimes send to postmaster@, assuming that it exists on every domain (because they know that it’s supposed to exist).

A possible increase in spam is an unfortunate side effect of this change, but the alternative is the possibility of missing legitimate email addressed to your postmaster@ address. Those legitimate messages can be important, so we had to weigh the value of those important messages against the possibility of an increase in spam.

It’s worth noting though that we made this change on a small group of servers a couple of weeks ago, and we didn’t receive any feedback regarding an increase in spam, so the likelihood is you won’t notice much of a change with this new configuration.

As always, if you have any questions or concerns, open up a support ticket and let us know.



ASP.NET Core 1.1 Is Available

ASP.NET Core 1.1 is now available at Winhost, as is .NET Core 1.0.3.

We will be supporting two different versions of .NET Core because Microsoft is developing two different versions: “Long Term Support” (LTS) and “Fast Track Support” (FTS).

LTS (the 1.0.3 version) is focused on stability and use on production sites, so its development will take place more slowly. FTS (the 1.1 version) is the latest and greatest version, with more new features, but potentially more new issues as well. We don’t recommend it for use on production sites, but it’s there for you to tinker with and check out the latest Core features.

We’ll always support the latest LTS and FTS versions, with the priority given to the more stable LTS versions that are intended for production. The versions run side by side, so you can use whichever you choose (or use both for different purposes).

We’ve run in to some issues already where the latest Visual Studio version supports later (newer) versions than our servers support. That is going to continue to happen from time to time, because it isn’t feasible for us to keep up with the FTS versions across all of our production servers. The development cadence is too quick. What we will probably do with Core from this point on is update quarterly. We’ll try to post in the forum when we make those updates.

Note that .NET Core is only available on the Windows 2012 servers. If your site is running on a Windows 2008 server you’ll have to migrate to a 2012 server to use .NET Core. We can do the migration for you, just contact support and we’ll take it from there.

For more information on how Microsoft is developing the versions and how the version numbering works, check out this post on the MSDN site.



Using the Secondary Web and FTP URLs

When you open an account at Winhost we set up your website space immediately so you can start uploading files right away. But if you have an existing site hosted elsewhere, you will most likely want to get everything set up here and test the site before you actually point the DNS to Winhost. The Secondary URLs make that possible.

Your permanent FTP URL is ftp.HostingAccountDomain.com (where HostingAccountDomain.com is your domain name). But of course that URL won’t connect to the server here until your domain points to our servers, so we set up the Secondary URLs, both for FTP and web access.

The Secondary URLs can be found in the Site Info section of Control Panel:

So the Secondary FTP URL (ftp.w12.wh-2.com in the example here, yours may be different) is what you use in the “host” field of your FTP software to make the connection.

Then when you want to view your uploaded files, you would visit the Secondary Web URL, in this example, http://winhostc.w12.wh-2.com.

Another use for the Secondary Web URL

After your domain’s DNS is pointed to Winhost and your site is up and running, you can use the Secondary Web URL for troubleshooting purposes.

For example, if it seems that your site is unavailable, try entering the Secondary Web URL into your browser. If the site comes up, there’s a good chance that domain registration or DNS issues are the culprit.

When a site is unavailable, domain related-issues aren’t usually the first thing we think of as being the source of the problem, but even the most diligent among us can let a domain registration lapse, or make a mistake in DNS settings that takes our domain off line.

When NOT to use the Secondary URLs

Once your domain has been updated to point to our servers, remember to update your FTP software to use ftp.HostingAccountDomain.com (your domain name) as the host. And you should never use the Secondary Web URL as a link to your site from another site or social media platform, or hard code it anywhere in your site.

We make this recommendation because while it’s unlikely that the Secondary URLs will change, it is possible. They have changed for various reasons in the past. So once your domain points to our servers, only use the Secondary URL for troubleshooting purposes. Never as a link to your site.