Site hosting news, tutorials, tips, How Tos and more

Archive for the ‘Inside Winhost’ category

Recap of New Hosting Services and Features in 2017

As 2017 comes to a close, we reflect on the year that’s passed and look forward to a new year.  Here are some of the new features, services and enhancements that we introduced in 2017.

ASP.NET Core Deployment Options

Last year, we launched support for ASP.NET Core on our hosting platform. Since then, Microsoft has been busy with many minor updates and also a major update with ASP.NET Core 2.0. We’ve been working hard to support .NET Core and support the different versions that our customers may be using. Winhost supports Framework Dependent Deployment (FDD) and also Self-contained deployment (SCD).

ASP.NET Framework 4.7

While Microsoft continues to update their latest .NET Core initiatives, they continue to update ASP.NET 4.x as well. We kept up-to-date with Microsoft’s ASP.NET 4.x framework and support ASP.NET 4.7 hosting on our platform.

Managed WordPress

Since WordPress is one of the most popular apps on the web, we host a fair share of WordPress sites. Ans due to its popularity, WordPress gets a lot of attention from hackers, so we’ve helped many of our customers with compromises and hacks. To insure security, it’s important to keep up-to-date with WordPress updates, theme updates and plugin updates.

To that end, we understand that many of our customers may not have the time or the know-how to maintain their WordPress site – so we launched a Managed WordPress service. With our Managed WordPress service, we harden your WordPress application and will update your WordPress core, plugins and themes monthly. Our expert staff will also personally review your WordPress installation every month, looking for any signs of compromise or malicious files. And if any malicious activity is found, we’ll clean it up.


Due to customer requests, we added support for Node.js. If you are interested in using Node.js, get in contact with us.

Increased FTP Users

We also increased the number of FTP users that can be created for each of our plans. The Basic plan supports 10 FTP users, the Max plan supports 30, and the Ultimate plan supports 100.

Although I didn’t highlight any of the behind-the-scenes activity in this list, you can rest assured that we continue to make improvements to our back-end infrastructure, security, processes, hardware and support.

We’re honored that so many of you trust Winhost with your important websites and applications, and we work hard every day to make you happy that you’ve made that choice.

Wishing everyone a very happy new year!

The Winhost Affiliate Program and Why You Should Be Using It

How many sites do you manage? Guessing it might be a few, but let me ask you this: how many of those sites did you get paid for signing up at Winhost? Not quite as many, I’m guessing. So maybe it’s time to take a look at the Winhost Affiliate Program.

The Winhost affiliate program isn’t anything new, but I understand if it isn’t the first thing you think about when you come to Winhost. I mean you have to think about your current sites, databases and domains you may have with us. An affiliate program is probably the last thing on your mind. But let me tell you why you might want to move it up on your list, at least when setting up that new site with us in the future.

With the Winhost affiliate program, we will pay you a commission of 60% of the hosting fees paid at the time of purchase. I know, giving you just a percentage probably isn’t helpful so let me break it down for you. Say you sign up a new Max plan hosting account on the 1 year billing plan. The hosting fees paid at the time of purchase would be $119.40. As an affiliate you would receive a commission back to you of $71.64 (60% of the fees paid).

That commission can then be paid back out to you, or put towards your hosting account as credit, it’s up to you. We also offer special incentives for those who sign up 15 or more sites a month using the affiliate program, including higher commission rates and flat rate commissions.

You can get started with the Winhost Affiliate Program here. When you scroll down to the bottom of the page we have a quick form to fill out where we ask for the standard information (name, contact info) and have you create your affiliate ID and password. All affiliate payments are paid either via PayPal or as hosting credit, so we also require a PayPal address when signing up.

After you sign up you will have access to our Affiliate Control Panel where you can view reports on sales made with your affiliate ID as well as request payments and view marketing creative that you can use on your site if you wish to.

If you have questions about our affiliate program, we are always happy to answer them. Just drop us a line at

Recap of New Hosting Services For 2016

This is the season when everyone is doing their annual recaps, so I figured we should do one too.  We had a busy year on a lot of fronts, and here are just a few of the new features and services that we introduced in 2016.

After a long wait and a naming convention change, Microsoft finally released their highly anticipated ASP.NET Core (formerly known as ASP.NET 5), and you didn’t have to wait for us to support it. We support ASP.NET Core on all our hosting plans that run on Windows 2012.

Microsoft SQL 2016
In 2016, Microsoft released their next SQL version and, of course, we made it available for you to use.

SpamExperts Email Spam Filter
You told us that you were frustrated with increasing spam, so we partnered with SpamExperts to bring you a cost-effective premium spam filter solution.

This year we introduced support for PHP 7. Even though we are a Microsoft-based host, we are keeping up with PHP too, so you can stay on the cutting edge of all aspects of web development.

New Top Level Domains
There are tons of new domain extensions available now, so we revamped our old domain registration system and introduced a handful of new domain extensions. We’ll be introducing even more in the future, and in the meantime we’re open to your feedback regarding other domain extensions you would like to see us offer.

Free Website Migration Services
We understand that moving a website can be a painful process and the prospects of moving can keep you stuck with a less than desirable host for longer than you’d like. We are making it easier to move your site to Winhost by offering free website migration services. Make it your new year’s resolution to finally rid yourself of your tired old host!

Have a great holiday season and a happy new year.

Looking for a customer-centric, independent, employee-owned host? Here we are.

insidewinhostDid you know that a single company owns more than 90 hosting company brands?

Most of them are linux hosts, but in the Windows hosting world they own Arvixe, HostGator, WebHost4Life, EasyCGI, ReadyHosting and a few others.

The corporation that owns all of these hosts is a publicly traded holdings company (NASDAQ: EIGI). Now, theoretically, a huge corporation could provide the world’s greatest hosting experience. After all, they have hundreds of millions of dollars to spend on infrastructure and staff. Theoretically.

That’s not the way it works though, at least not in the website hosting world. Which isn’t really surprising, since most publicly traded companies are primarily interested in one thing: making their investors happy. Which they do by maximizing profits, not necessarily by making customers happy.

Winhost is 100% employee owned and operated. We all work out of the same Los Angeles offices, including our technical support staff, many of whom have been here since day one. We show up every day because we love what we do: providing the best Windows server hosting available anywhere. We don’t answer to investors, we answer to our customers.

We’re not suggesting that all huge corporations are bad. But some of us have been in the web hosting industry for a long time, and have seen first hand how the quality of service and support typically decreases for the customer when their hosting company is gobbled up by the big fish in the pond. Sometimes dramatically so.

Which is a shame, since most of us only want a couple of simple things when it comes to our websites: reliability and a competent person to talk to when we have a problem.

If you miss “the old days” when you knew who your host was, we welcome you to join us here at the last of the independents: Winhost. Think of us as a lifeboat rowing away from a sinking ocean liner. Climb aboard. We always have room for one more.

Winhost Supports Classic ASP and Microsoft Access Databases


Did your current host drop support for Active Server Pages, or Classic ASP? (We’re looking at you, GoDaddy!) Well, we support it! And we’re committed to continuing support for Classic ASP sites on modern servers.

We also support using Access databases with your Classic ASP site. Here is a Knowledge Base article to get you up and running:

How to query an Access database with ASP using a DSN-less connection

Classic ASP, Access and the Persits components are available on all of our plans.

Dear Winhost


I was checking the Winhost mailbag this morning when I came across this letter:

“Dear Winhost,
Your new website is so pretty. Why on earth does your blog continue to be such a monstrous eyesore?
Patricia Cardingiff Baxbauer”

Dear Patricia,

Actually, we couldn’t agree more. If you would be so kind, please allow us a moment to adjust…

Just a little bit more…and…almost…


How’s this? Better?

Your pals at Winhost

Any day now…



Three kinds of outages and what we can do about them


From your desktop to our servers there are a lot of technical issues that can potentially have a negative impact on your web site. What we would like to talk about in this article are interruptions or outages related to our servers or network. The things that happen on our end of the wire.

Most web hosts avoid discussing these kinds of things, which is understandable. No one wants to draw attention to an unpleasant aspect of something they are trying to sell to you. But whenever an outage occurs many of you will ask us, “What are you going to do to make sure this never happens again?” We think that’s a reasonable question, and one that deserves an honest and detailed answer.

There are essentially three different forms these outages take; maintenance and upgrades, server-specific problems, and provider problems or malicious attacks. What we can do to alleviate or prevent the problems varies depending on which type of outage we’re talking about.

Maintenance and upgrades

Since the Winhost platform is primarily made up of servers running the Windows operating system, a certain amount of downtime for maintenance and upgrades is unavoidable in order to maintain security and provide you with current technology.

We do planned maintenance (when necessary) on Wednesdays, and a general Windows update every month. There is also occasional unplanned maintenance, which is usually an update or fix for a security issue or a problem that is having an immediate negative effect on a group of servers, so the fix is made outside the normal maintenance window.

Server-specific problems

Our servers are consistent across the entire network, so for example, all mail servers have the same configuration, all SQL 2008 servers are the same, all SQL 2012 servers are the same, etc.

However, all of the users on the servers are different, and the number of users per server varies, so even though all Windows 2012 web servers have the same configuration, they can experience different problems.

Additionally, all servers run on hardware, and all hardware is susceptible to component failure. We use only top-of-the-line Dell servers, but no matter how much you pay for them, electronic and mechanical parts still fail. Using virtual servers (which we do in some cases) reduces the likelihood of mechanical failure to a certain extent, but virtual servers still run on physical machines.

So while server-specific problems are bound to happen occasionally, we do a few things to prevent unnecessary issues, such as extensive monitoring of the live servers (via giant monitors in the support and system administration offices, and immediate text messaging to all of the system administrators telephones), and controlling and balancing density, so that the servers always have roughly similar numbers of users and loads.

We also retire all hardware that is past a certain age. So your site, database or email will never be running on a 10 year old server that everyone expects to fail at any minute.

When a specific server fails or is showing signs of stress, our administrators take action immediately, and make things right as quickly as they can.

I should take this opportunity to let you know that every member of the Winhost staff is local, and we all work out of offices in the same building here in Los Angeles. We do not employ remote staff or offshore third-party staff. Communication is easy and efficient in the event of a problem.

Provider problems or malicious attacks

These are usually the most severe of the issues we’re discussing, having an impact on the largest number of users. Unfortunately they are also typically the most difficult to deal with.

Provider problems

A provider problem usually means an issue with one of our Internet backbone connection providers. These are the companies (Internap and Savvis) that provide the connection from the routers in our data center to the Internet backbone.

It is not technically necessary to have multiple connections, but because these giant providers are not perfect (and they need to do maintenance and repairs sometimes too), we have multiple connections to prevent a complete network blackout due to provider issues. We split and balance traffic between the two, and most of the time, all is well.

Then there are the other times.

When one of our two connections goes down unexpectedly, we recalibrate and direct traffic to the connection that is working and do everything we can to insure that all incoming traffic can be accommodated.

The problem is, when a backbone connection goes down, some traffic is not going to route around it properly. It’s certainly supposed to. The Internet was built on the theory that traffic would easily and automatically route itself around unresponsive nodes. But in actual practice, things don’t always work the way they do in theory.

Long story short, if your connection doesn’t route around the dead backbone connection, there won’t be anything we can do on our end to remedy the situation.

That doesn’t happen often and it doesn’t affect everyone. But it will inevitably affect some of you, and if it does happen, from your perspective everything will be down. Everything may in fact be up, but anyone whose request is stopping at the dead backbone connection won’t be able to access our network.

I should also mention that it is theoretically possible for both providers to go down at the same time. The odds of that happening are very slim, but it is possible.

You might wonder, “Well, if that’s a possibility, why not have a dozen backbone connections?” and that’s a reasonable thing to wonder. But the cost for even one additional backbone connection would not come close to the potential, “freak-occurrence” benefit. Not to mention the fact that it wouldn’t improve your service on a day to day basis. We would just be sitting on top of (and paying for) a lot of idle, unused bandwidth.

Malicious attacks

Speaking of bandwidth, I saved DDoS for last.

DDoS is an acronym for distributed denial of service attack. They are brute force attacks that send so much data to a site or server that they effectively “knock it off line.”

The truth of the matter is we cannot prevent a large DDoS attack because we can never know what might trigger a large DDoS attack.

In the old days, a very large DDoS would throw hundreds of megabits of data at a site every second – or at the most, a gigabit (Gbit/s) – and that was usually enough to take it down. But providers got wise and started using DDoS mitigation services (like we do) that temporarily provide huge amounts of bandwidth which make a one or two Gbit/s DDoS ineffective.

But now with exponentially larger and higher bandwidth botnets, the attacks can be so large that we can’t even measure how much traffic the DDoS is sending. 10 Gbit/s hardware switches are saturated and paralyzed, and even larger switches that are used by the backbone providers are swamped and slow to a crawl (which is how a recent DDoS on a Winhost customer slowed down traffic for part of Yahoo!).

Since the methods we used to deal with DDoS in the past are no longer effective, what we do now is try to determine the target site or sites and remove them from our network (by null routing the IP address), then wait for the DDoS to taper off after the site disappears.

In order to locate the target site, our system administrators coordinate with our upstream providers to get the necessary target IP information. Once they have that, they start going through that IP manually, site by site, looking for something that might attract a DDoS.

That is as unscientific as it sounds, and as a result, locating the target can take anywhere from 30 minutes to several hours. And unfortunately,  even after we have identified the target, chances are it will continue to affect a number of sites even after the DDoS has ended, because the IP address those sites live on has temporarily been removed from our network.

Keeping you informed

I’ll wrap this up by saying that while it isn’t possible for us to prevent outages completely, we are always working on improving our communication when they do occur. Every outage is different (if they were all the same, this would be easy) and they each teach us something new.

But if you need quick information, and the outage is server-specific (and not generally crippling our network), your best bet is to check the forum for updates. The forum is the first line of public communication for the tech support staff, so it is typically the first place you’ll see information.

For outages that do affect our network, we post information on Twitter, Google+ and Facebook. We may not be able to respond to your questions or comments on social media while the outage is in progress, but we do our best to keep those sources updated.

We do not have a “social media team,” as some larger companies do, so despite our best efforts, you may see spotty updates on any given service during any given outage. That doesn’t mean we don’t care. It usually means the outage is happening at a time of day when we are not all in the office, so the people who are here are dealing with the outage and answering helpdesk tickets (and haven’t called to wake me up yet).

We’ll always do our best to keep you in the loop so you know what’s happening. If you have any suggestions you’d like us to consider, we encourage you to comment on this post and let us know.