cPanel

spam experts

A Short Review on Spam Experts

Spam Experts is a spam filtering service. It provides both inbound and outbound filtering, along with mail archiving.

 

Filtering both Inbound and Outbound

Inbound filtering is what we would expect from a spam blocking appliance. It will block incoming spam. First, a domain is added to SpamExperts, the MX records for that domain needs to be changed to SpamExperts MX records. Once an email comes in it is checked via the Spam Experts servers and tested to see if it’s spam. If it is not spam, the mail will directly go to the client’s Inbox. If it is spam, it will be placed into quarantine.

Outbound filtering allows you to use the SpamExperts servers as a smart host. Your mail will be sent through the cluster where it is scanned for spam. If too much spam is identified then the account will be locked. This is useful at preventing a poor mailing reputation in the case of an account compromise or similar. This requires Mail server configuration changes to configure the SpamExperts servers as a smart host. An outbound account must also exist within SpamExperts for authentication purposes.

 

Levels of Access

There are 3 different types of accounts which are used with Spam Experts:

  1. Super-admin: This account can do anything, create new admins, access all admins and their domains, etc.
  2. Admin: This account can create new domains and make some API calls. Each client will have a single admin account. This account can be used to access all domain users created under that account.
  3. Domain user: Each domain created under a clients admin account will have a domain user associated with it. This account is used to inspect the logs for a domain, manage the quarantine, and whitelist/blacklist senders/recipients.

Each level of access has full control over the level of access below it. For example, a super-admin can use the SpamPanel GUI to log in as any admin user. An admin user can use the GUI to access any domain user for domains associated with that admin. Domain users can access the email users of any users created under that domain.

 

What people say and what I think of the service.

I am using Spam Experts for some time now and seems like it performs exactly as it promises. Truly the guys at Spam Experts have done a great job.

I have been reading post everywhere people saying that it doesn’t work, first of all, guys you should go through the documentation especially relevant details like filters and checkups that are done and in addition to that ask your host the provider about it. There are a handful of settings that needs to be adjusted just to get started. Finally, I must say that it indeed is a beautiful tool.

Seriously, guys there I nothing so called 100% spam proof as hackers/spammers find a way to get in eventually, but SpamExperts is actually worth it.

Reference : Spam Experts Home Page

spam experts

spam experts

Read more

 

New to Web Hosting, What Control Panel do I use ???

In the last few years serving the Web Hosting Industry I have run into numerous times when the above is asked and people get confused.

 

This may looks stupid in the first but actually matters a million. Control Panel is something that automates/Simplifies our day to day job. Not all of us are experts in the command line and neither like spending hours figuring out what went wrong in the first place.

 

There are numerous control panels both free and paid that does exactly this for you.

Paid : cPanel, Plesk (They are the best ones)

Free : VestaCP, Kolaxo, CentOS Web Panel, ISPconfig should be the ones called popular.

 

The above also depends on what type of hosting your love or prefer, windows hosting mainly comes with Plesk alone, whereas Linux hosting comes with varieties. Shared hosts with Windows environment give away Plesk and Linux cPanel similarly. 🙂

 

There is a big confusion among fans as to which control panel to use but clearly, it is up to you as to which one to use, Plesk seems great but has many limitations and is also cost confusing if you do not know what are your needs. cPanel, on the other hand, is clear about this, it has basically 2 types of licences, VPS and Dedicated server licence.

 

Now if you are an advanced user and have your own server and do not want a paid control panel and want to save some bucks go for the free control panel as you already love command line so just a little Google Search before hand will save a tonne of money.

 

The Basic requirement is that the server should be online and get as much resource as possible to the hosted site and not take up and just run the panel services. More resource available the better your server performance and that in turns run your site lighting fast. 🙂

 

 

Hope this helps and the next time you are confused you find a light in the dark.

 

 

control panelcontrol panelcontrol panelcontrol panelcontrol panel

Read more

Stands for “Secure Sockets Layer.” SSL is a secure protocol developed for sending information securely over the Internet. Many websites use SSL for secure areas of their sites, such as user account pages and online checkout. Usually, when you are asked to “log in” on a website, the resulting page is secured by SSL.

SSL encrypts the data being transmitted so that a third party cannot “eavesdrop” on the transmission and view the data being transmitted. Only the user’s computer and the secure server are able to recognize the data. SSL keeps your name, address, and credit card information between you and merchant to which you are providing it. Without this kind of encryption, online shopping would be far too insecure to be practical. When you visit a Web address starting with “https,” the “s” after the “http” indicates the website is secure. These websites often use SSL certificates to verify their authenticity.

While SSL is most commonly seen on the Web (HTTP), it is also used to secure other Internet protocols, such as SMTP for sending e-mail and NNTP for newsgroups. Early implementations of SSL were limited to 40-bit encryption, but now most SSL secured protocols use 128-bit encryption or higher.

Providers

Worldwide, the certificate authority business is fragmented, with national or regional providers dominating their home market. This is because many uses of digital certificates, such as for legally binding digital signatures, are linked to local law, regulations, and accreditation schemes for certificate authorities.

RankIssuerUsageMarket share
1Comodo8.1%40.6%
2Symantec5.2%26.0%
3GoDaddy2.4%11.8%
4GlobalSign1.9%9.7%
5IdenTrust0.7%3.5%
6DigiCert0.6%3.0%
7StartCom0.4%2.1%
8Entrust0.1%0.7%
9Trustwave0.1%0.5%
10Verizon0.1%0.5%
11Secom0.1%0.5%
12Unizeto0.1%0.4%
13QuoVadis< 0.1%0.1%
14Deutsche Telekom< 0.1%0.1%
15Network Solutions< 0.1%0.1%
16TWCA< 0.1%0.1%

 

 

 

There is a good news for all guys who are passionate about using SSL but don’t ant to spend money. Let’s give LetsEncrypt a try.

Each certificate is issued for 90 days and then you will have to reissue them, that too is free. 🙂

 

Just contact your provider for the same as they may have a cPanel/Plugin setup for you to get it in a click. 🙂

Read more

PCI standard or Payment Card Industry Data Security Standard

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB.

The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is performed annually, either by an external Qualified Security Assessor (QSA) that creates a Report on Compliance (ROC) for organizations handling large volumes of transactions or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.

Basics of getting PCI Compliant.
–+-
1) First of all, if is hardly possible of a Shared hosting environments as they will not mitigate certain threats coz others customers will have multiple issues connecting to the services.

2) If you own a Dedicated server/VPS you are good to go.

3) There are tonnes of companies who provide PCI scan reports and will finally get you the PCI Compliant seal that you can proudly put on on your site.

4) There are major three type of ratings that you will see, High >> Red, Normal >> yellow and Pass >> green.

High are potential threats and needs to be mitigated at the earliest.

Medium and pass can be ignored, as they don’t really matter.

5) There is a good point that you wanna keep in mind, if you are running Old CentOs versions or any other flavours like Ubuntu 12.x or below you should seriously upgrade first and then submit for the PCI scan.

For guys with CentOS servers 6.8 and above you really do not need to do anything special. Redhat and CentOS come in with a feature called backporting, and they down;load the patched on the current builds so no matter what comes out you are alwaye secured. You may want to call in your host and get them to check if all the CVE are backported.

Get the results that they give you and provide the same to the scanning commany so that they can whitelist the results oin the next scan. This way it may take a couple of scans but you will get the goal at hand. 🙂
—-

To whom does the PCI DSS apply?

The PCI DSS applies to ANY organization, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data

Am I PCI compliant if I have an SSL certificate?

No. SSL certificates do not secure a web server from malicious attacks or intrusions. High assurance SSL certificates provide the first tier of customer security and reassurance such as the below, but there are other steps to achieve PCI compliance.

A secure connection between the customer’s browser and the web server
Validation that the website operators are a legitimate, legally accountable organization

What is a vulnerability scan?

A vulnerability scan involves an automated tool that checks a merchant or service provider’s systems for vulnerabilities. The tool will conduct a non-intrusive scan to remotely review networks and web applications based on the external-facing Internet protocol (IP) addresses provided by the merchant or service provider. The scan identifies vulnerabilities in operating systems, services, and devices that could be used by hackers to target the company’s private network.

References:
[1]. https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard
[2]. https://www.pcicomplianceguide.org/pci-faqs-2/#2

Read more