Site hosting news, tutorials, tips, How Tos and more
If you’ve never heard of a CDN or you’re not sure exactly what it is, CDN is an acronym for Content Delivery Network. What a Content Delivery Network does, in very basic terms, is serve your site files from multiple data centers all over the world so that your visitors download files from a server near them and experience faster page loads. As a bonus, you get to experience reduced bandwidth use due to your content being cached at the various locations on the network.
How does it work? You change your domain’s name servers to point to the CDN, which then handles the requests for your site. When a request comes in to the CDN, here’s what it does:
That makes for a better visitor experience, since visitors are getting files from a local server. And it saves bandwidth on your Winhost account, since the files don’t have to come from the Winhost servers every time they are requested.
There are a lot of CDNs these days, and their setups vary in levels of difficulty. We’re offering a CDN that’s really easy to set up, and if you already have a SiteLock security plan for your site (and you really should, but that’s a separate article), you can add the basic CDN for free.
If you’re thinking that sounds great, but your site doesn’t contain much static content, SiteLock TrueShield CDN can also serve dynamic content from more than 25 data centers around the world via its Dynamic Content Caching system. It’s all completely automatic, but you have control over the cache and can purge files any time you need to, for instance when you update or change content on your site.
On average, sites using the SiteLock TrueShield CDN load 50% faster and use 40-70% less bandwidth.
The TrueShield CDN can also handle end to end encypted SSL (https) requests, and perfoms advanced CDN optimizing techniques, including content minification, image compression, session reuse optimization, “on the fly” file compression, TCP optimization & connection pre-pooling and progressive image rendering.
The TrueShield CDN isn’t only about speed, it also offers a layer of protection for your web applications. Does your site use WordPress? If so, you probably know that WordPress is a common target for exploits, and if someone gets into your WordPress installation, the cleanup can be a nightmare, not to mention the probable damage to your site and your reputation.
The SiteLock TrueShield CDN protects you against many web-based exploits with a Web Application Firewall, which blocks malicious bots from accessing your site, and depending on the plan you use, can protect your site against many SQL injections and cross site scripting. Whether your site uses a third party application that runs on a database or works with a database you designed and built, the Web Application Firewall can help keep you safe.
I know this sounds like a commercial for SiteLock, but we’re big fans of their service, and we’re able to offer you some really cool and useful tools through them. We see the damaging effects of website exploits every day, and as I mentioned, cleaning up after them is no fun. It’s either going to cost you time or money – sometimes both. So prevention, as they say, is the best medicine.
Did you know that a single company owns more than 90 hosting company brands?
Most of them are linux hosts, but in the Windows hosting world they own Arvixe, HostGator, WebHost4Life, EasyCGI, ReadyHosting and a few others.
The corporation that owns all of these hosts is a publicly traded holdings company (NASDAQ: EIGI). Now, theoretically, a huge corporation could provide the world’s greatest hosting experience. After all, they have hundreds of millions of dollars to spend on infrastructure and staff. Theoretically.
That’s not the way it works though, at least not in the website hosting world. Which isn’t really surprising, since most publicly traded companies are primarily interested in one thing: making their investors happy. Which they do by maximizing profits, not necessarily by making customers happy.
Winhost is 100% employee owned and operated. We all work out of the same Los Angeles offices, including our technical support staff, many of whom have been here since day one. We show up every day because we love what we do: providing the best Windows server hosting available anywhere. We don’t answer to investors, we answer to our customers.
We’re not suggesting that all huge corporations are bad. But some of us have been in the web hosting industry for a long time, and have seen first hand how the quality of service and support typically decreases for the customer when their hosting company is gobbled up by the big fish in the pond. Sometimes dramatically so.
Which is a shame, since most of us only want a couple of simple things when it comes to our websites: reliability and a competent person to talk to when we have a problem.
If you miss “the old days” when you knew who your host was, we welcome you to join us here at the last of the independents: Winhost. Think of us as a lifeboat rowing away from a sinking ocean liner. Climb aboard. We always have room for one more.
Our SiteBackup service can now automatically back up your MS SQL databases to the cloud. You’ve always had the ability to back up site files and MySQL databases, but we’re excited to add the ability to back up MS SQL databases.
You can order SiteBackup in Control Panel.
SiteBackup is inexpensive (starting at only $2.95 per month for 10 GB of space!) and easy to use. You choose how often you want to back up and how long to retain the backups. Set it and forget it, your backups will be reliably and safely kept in secure cloud storage outside of the Winhost network.
We have also added Blacklist Monitoring
If your site is ever compromised, Google will flag it and our Blacklist Monitoring service will alert you and stop your site and database backups (to prevent making a backup of compromised files).
If you run third-party applications on your site, Blacklist Monitoring is a valuable tool to help you recover from common compromises. Even if you wrote all of the code on your site, Blacklist Monitoring is a great tool to have at your disposal. Even better, Blacklist Monitoring is available as part of the SiteBackup service at no extra charge.
We’re really excited about these new additions to SiteBackup because we believe they are going to make your life easier. Let us know if you have any questions about SiteBackup or anything else.
Things to note: SQL backup is available for SQL 2012 and later databases, and it only works for SQL databases that are on Winhost servers. Each backup is a full backup, not incremental. Blacklist Monitoring is only available for sites that are being backed up by the SiteBackup service. Read our Knowledge Base article for instructions on using SQL database backup and Blacklist Monitoring.
Note: beginning with Chrome version 46 the yellow caution triangle has been removed from the https URL when Chrome encounters minor errors such as those described in this article.
If you use an SSL certificate (https) on your site, you may have seen a couple of new things happening in Google Chrome.
When you upgrade the Google Chrome browser to version 41 or later, you may see various warning messages such as, “The identity of this website has not been verified,” “Your connection to <domain> is not encrypted,” or other visual indications that the https connection is not secure.
Those indications can appear when your SSL certificate uses a SHA-1 signature (most SSL certificates issued before 2015 use SHA-1).
To fix the problem of browser security warnings you must get your SSL certificate re-keyed for SHA-2. If you don’t see those warnings in Chrome and you purchased your certificate recently, it may already be SHA-2. You can verify using this test site.
1) Contact us and we will re-generate and re-submit the CSR.
2) You’ll then get an email from GeoTrust with a link to complete the process. When completing the re-key on the GeoTrust site, be sure that SHA-2 is selected as the “Hashtag Algorithm.” You can find step-by-step instructions (and a video) here.
3) After you’ve completed the reissuing process, you’ll receive an email with the new certificate. Go to Control Panel and paste the new certificate into the SSL manager and you’re finished.
1) Contact us and we will re-generate the CSR and email it to you. Then you’ll have to contact the issuer of your certificate to get your certificate re-keyed for SHA-2.
2) When you receive the re-keyed certificate, go to Control Panel and paste the new certificate into the SSL manager and you’re finished.
There is another potential problem after you’ve re-keyed your SSL certificate. While the address bar will show the green lock icon, if visitors dig deeper in Chrome, they may see an “Obsolete Cryptography” message.
Basically what’s happening now is they are ignoring the cipher preference we use on the server (which includes their preferred ciphers) and pointing out any “weak ciphers” they find. You might notice that many large corporate sites (such as Apple) are also insecure according to Chrome, for similar reasons.
That “obsolete cryptography” message may be with us for a while because Google is not providing any information (yet) on exactly what they want from the server to stop calling it insecure. It would seem that what Google would like to see is every server everywhere removing support for all older cryptographic methods.
The problem with that is removing some of those methods will shut out visitors using some older browsers and operating systems that don’t support newer methods (i.e. Windows XP). Since our servers are shared by many customers, it isn’t really an option for us to make global changes that prevent some visitors – even a small number – from accessing our customer’s sites.
We do run some special servers that do not support any of the older cryptography methods, they are primarily used by customers who need a “hardened” server to pass a PCI compliance scan. But the added security comes at a cost, as older browsers can’t connect to sites on those servers via https. Additionally, a few other things that you may take for granted now may not work, or may require adjustment or a work-around on your part. But if you’d like to move your site to such a server, just let us know.
And of course we continue to monitor information from Google on recommended server configuration, as well as continuing to test various configurations ourselves to prevent the “obsolete cryptography” message.
If you have any trouble re-keying a certificate, or if you have any questions about these ongoing changes, drop us a line and we’ll do our best to help.
I was checking the Winhost mailbag this morning when I came across this letter:
“Dear Winhost,
Your new website is so pretty. Why on earth does your blog continue to be such a monstrous eyesore?
Sincerely,
Patricia Cardingiff Baxbauer”
Dear Patricia,
Actually, we couldn’t agree more. If you would be so kind, please allow us a moment to adjust…
Just a little bit more…and…almost…
There!
How’s this? Better?
Sincerely,
Your pals at Winhost
What if you could have instant access to backed up site files and databases, and the ability to set your own backup schedule?
If you have ever mistakenly deleted or overwritten an important website file, and suddenly realized that you’re without a backup, you know it’s not a good feeling.
If you’ve ever been unlucky enough to have your website hacked or compromised, you know it can be next to impossible to tell which files have been changed or added. If you didn’t have a “clean” backup, you probably had a tough (or expensive) time getting things right.
With our new SiteBackup service you never have to be caught unprepared again.
SiteBackup performs automated backups of your website files and retains up to 30 versions stored securely off-site. If you accidentally delete or overwrite a file, you can restore the backup instantly with one click. You can find more details about SiteBackup on the Winhost website.
SiteBackup is available in three sizes:
10 GB storage: $2.95 a month
30 GB storage: $6.95 a month
60 GB storage: $12.95 a month
SiteBackup is not an extension of our own internal daily backups. It’s a completely new system that performs backups on your schedule and stores them at a secure data center outside of the Winhost network. So your working sites, databases, email, etc. are in one data center, and your backups are in another. Geographic separation for maximum safety and security.
Want even more good news? When you order SiteBackup you can use it for as many websites as you’d like! Backup multiple websites under a single account.
SiteBackup is ready and available for you right now. And if we do say so ourselves, it’s pretty cool.
If you’ve been anxiously awaiting SQL Server 2014 you will be happy to know that you can add an MS SQL 2014 database to your site right now in the MS SQL Manager section of Control Panel.
We continue to offer and support SQL 2008, SQL 2008 R2 and SQL 2012 as well. And as always, there is no extra charge for MS SQL databases.
