Web Server

After more than a decade of development, WordPress powers nearly one-quarter of the Internet. Through its vibrant and passionate fan base of volunteer’s developers, WordPress provides power, security, stability, and convenience unrivaled by any other free blog platform.

What you may not realize is how few of the WordPress-powered sites are actually blogs. In fact, WordPress had been a go-to staple for website developers across the globe. Whether you’re building an e-commerce site, a portfolio, a niche forum, or a blog, WordPress will allow you to develop your online presence.

 

Themes

The WordPress community is what makes it so attractive to users. This CMS has a passionate community of developers at its core. One of the best ways for a website designer to build a following is by creating free themes. A well-crafted theme can mean exposure, as well as a significant number of back links, especially if the designer includes his or her site in the footer.

When searching WordPress’ theme database you will find thousands of results for free themes. No matter what style works best for your website, you will find dozens (or even hundreds) of high-quality options.

Furthermore, WordPress’ core programming means most themes are easily customizable through widgets, menus, and color selection items. As long as the designer does his or her due diligence, you’ll be able to choose how you want each page of your site to appear, even with no programming knowledge.

For small businesses, this means creating a website is relatively easy compared to the days of individually coding your own website. Designers can easily utilize a pre-built theme as the foundation and customize according to their client’s needs and preferences.

 

 

Plugins

WordPress has several plugins that can enhance a site’s functionality. Whether you are looking to start a blog, forum, e-commerce site, or a photo stream, there’s a WordPress plugin that will provide that functionality.

When making minor tweaks (or even major ones), there’s a 99% chance that a plugin can do it for you. Plugins can do anything from running SEO audits, generating XML sitemaps, to automatically resizing images and thumbnails. Did you know that there’s a WordPress plugin that allows you to include JSON information in every post?

 

 

Support

WordPress’s passionate community isn’t only helpful in providing themes and plugins, but also support. Developers are willing to help beginners master the ins and outs of the system. The platform is well documented with a large resource base to help troubleshoot almost any issue. One of the greatest parts of the WordPress community is that there is no shortage of helpful forums full of people who love to teach others how to use WordPress. To top it all off there are local meet ups for several communities worldwide that are led by passionate enthusiast who want to share their knowledge. You can find these meetings posted on WordPress.org under meetups.

 

 

Security

Since WordPress is so widely used, hackers will attempt to find security holes and exploits that will allow them to take gain access to vulnerable sites. Due to its open source nature, those exploits can be slightly easier to locate. However, there is a vested interest from the community to ensure that any security problem is patched up immediately.

Additionally, WordPress comes with a cluster of built-in and add-on security features to guarantee your site’s safety, including defense from bots, brute-force logins, cross-site scripting, and many other security holes.

WordPress continues to be an outstanding platform for bloggers around the world, but it can also be a powerful tool for building any website. If you take the time to master this platform, you can easily save time, money, and energy on the design and development of any project.

Read more

 

 

 

 

 

I am sure we can all relate to the gut wrenching feeling when working on your computer and all of sudden it needs to reboot in order to update the OS. It typically happens when you are in the midst of something very important and during the most inopportune time.

When this occurs we find ourselves frustrated and wanting to avoid the whole issue altogether by delaying the reboot. Hence why we wanted to share a nice solution which is through CloudLinux whom has a feature called KernelCare which happens to be an awesome application that allows for kernel patching without the hassle of reboots! Who could imagine that a simple single line of code could be so powerful and alleviate unwanted stress.

System administrators who are constantly monitoring their server for the latest security patch don’t have to wait around anymore. KernelCare is able to automatically check for the latest patches and apply them as quickly as possible. You also never have to worry about live patch updates slowing down your server either. KernelCare does not only promise superb server performance, but saves you time and money.

KernelCare ensures that you can seamlessly run your website 24/7 which we all know brings relief to many.

Read more

As a longtime fan of WordPress, working on my former employer’s website pained me. I compared the organization’s online presence to a kindergartener’s craft project—held together with macaroni noodles and paste.

The website looked fairly modern to visitors, but the backend was a disaster. The theme had been customized beyond recognition, meaning updates would require days of rebuilding that we couldn’t afford. Our performance and security continually suffered, and I spent tons of time beating back the malware, pharmaceutical ads, and SQL injections.

The person who originally created the website was a fantastic graphic designer but knew very little about running a website. He naturally chose WordPress, the world’s most popular content management system, and did his best to keep up with the various requests and ideas that sprung up across the office.

Over time, our brand suffered from what turned out to be unsound and unintentional mistakes and bad decisions. When properly managed and hosted, however, WordPress does wonders for efficient workflows and improved user experiences. Below, I’ve outlined the top five lessons I’ve learned or witnessed through many years of hosting, building, and fixing WordPress sites.

Mistake #1: Choosing a Cheap Host Instead of One That Brings Value

Although nearly every reputable hosting provider offers an ultra-simple one-click installation of WordPress, not all companies have invested in the modern infrastructure required to run the platform efficiently.

Upgraded hardware, such as faster-performing solid-state drives, can come with added costs. While it’s certainly understandable to seek out the most affordable hosting plan for your website, you risk getting exactly what you paid for.

 

Mistake #2: Installing Suspect Plugins—And Then Not Updating Them

While there are certainly several must-have WordPress plugins, some might actually do more long-term harm than good. According to the WPScan Vulnerability Database, plugins account for more than half of the known WordPress vulnerabilities. WordPress core files account for about 30% of the weaknesses, with themes covering roughly 15% of the remaining deficiencies.

When looking to install a plugin, look first at the options that have been installed the most number of times. If thousands or millions of users trust a plugin, the program is probably pretty reliable. Similarly, take stock of the plugin’s ratings and notice when the code was last updated. Frequent revisions are a sign that the developers are actively keeping up with security concerns and usability features.

Mistake #3: Using the Infamous Admin Username or Having Weak Passwords

Until WordPress 3.0 was released in 2010, the platform automatically set up new sites with an administrative username of—you guessed it—admin. This spawned a feeding frenzy of brute force attacks, as intruders didn’t need to guess an account’s username, just the password.

Even though WordPress ended that practice, the admin username is a major weak spot for unsuspecting site owners. Similarly, using a password of “123456” or “admin” or—cringe— “password” is likely going to accomplish exactly what one might expect. Strong passwords are critically important to successful WordPress usage, as well as limited login attempts (more on that later), and two-factor authentication.

Mistake #4: Thinking You Know How to Edit Theme and Core Files

Being able to edit a theme or plugin file directly from the WordPress interface might be convenient for the most experienced developers, but it represents a major security hole for most users. As if an intruder having unfettered access to the inner workings of your site isn’t scary enough, self-inflicted problems and broken code are incredibly common.

Limit the ability for you or your colleagues to introduce vulnerabilities to your website’s code by establishing and maintaining WordPress users roles and capabilities—give people the least amount of access needed. To take matters a step further, you can actually disable the WordPress theme and plugin editor by inserting define(‘DISALLOW_FILE_EDIT’, true); in the site’s wp-config.php file. You’ll still be able to access the files through FTP access, if you’re daring and desperate enough to still need to edit those files.

Mistake #5: Leaving Yourself Open to Attack by Not Configuring Properly

The popularity and widespread use of WordPress understandably makes the platform a major target for attackers. New malicious strategies now enable intruders to find and infiltrate fresh WordPress installations within 30 minutes of paying for a web hosting plan.

With just a few quick adjustments, however, you can help your website turn back the large majority of attacks. Start by installing a plugin that caps the number of login attempts; we recommend Limit Login Attempts Reloaded for standing up to brute force strikes. This 10-point guide includes several other code snippets you can add to various configuration files to block access to important WordPress directories and prevent certain suspicious behaviors.

Building Online Brands Often Includes a Polarized WordPress Experience

Admittedly, the much-loved open-source publishing platform does not come without a few quirks. Even experienced developers have a love/hate relationship with WordPress, as a 2017 survey showed that, while roughly 35% of developers loved working with the content management system, about 65% dreaded using WordPress.

The platform’s undeniable usability and simplicity, however, make WordPress a go-to option when looking to build an online brand—if you know a little bit about what you’re doing.

Mercifully, I eventually got the green light to redesign and relaunch my former employer’s website. Nearly all of the site’s ailments disappeared once I installed a new theme and a host of plugins, and switched to a better hosting provider. I still spent more time than I wanted running backups, updates, and security scans, but at least I could establish the best practices and routines needed to maintain the site well past my eventual departure.

Read more

Docker is a container technology built in runC, a container runtime that implements their specification and serves as a basis for other higher-level tools.

container image is a lightweight, stand-alone, executable package of a piece of software that includes everything needed to run it.

Containers share same kernel as the host operating system,due to this reason containers can be setup and started with in few seconds of time as compared virtual machines.

Docker container runtime includes containerd integrated with runC to provide better functionality, containerd is used in docker, kubernetes and other container platforms.

A more detailed information can be read at https://blog.docker.com/2017/12/containerd-ga-features-2/

docker can be installed on linux distors from package managers like dnf,rpm,apt,aur or following instructions from docker site https://docs.docker.com/install/linux/docker-ce/fedora/

there is another method to install docker getting the script from https://get.docker.com/ and installing.

#curl -fsSL get.docker.com -o get-docker.sh
#bash get-docker.sh

I am following the steps provided at https://docs.docker.com/install/linux/docker-ce/fedora/

$sudo dnf -y install dnf-plugins-core

$ sudo dnf config-manager \
    --add-repo \
    https://download.docker.com/linux/fedora/docker-ce.repo

$sudo dnf install docker-ce 

$sudo systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.ser

$sudo systemctl start docer

$sudo usermod -aG docker $USER 

$newgrp docker 

$docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

#docker daemon is available to access for root user only, to allow user to access docker daemon,add user to docker group
$sudo usermod docker $USER

To reflect changes without restarting the session use
$newgrp docker ( “newgrp docker” has to be executed as normal user)

$docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

$docker images
REPOSITORY TAG IMAGE ID CREATED SIZE

#when you want to run a container docker will look for the image on the local system if the image is available it will create a container using the image and run.
or docker will pull the image from the docker public registry then starts a container.

I am trying to start a centos7 docker container in a daemon mode, when i execute the command for the very first time there is no centos7 docker image on my local system, docker is going to pull the image from docker registry.

$docker run -itd centos7 /bin/bash 
Unable to find image 'centos:latest' locally

We need a docker account to access the repository of images or else docker pull will not work.

$docker run -itd centos7 /bin/bash 
Unable to find image 'centos:latest' locally
docker: Error response from daemon: pull access denied for centos7, repository does not exist or may require 'docker login'.
See 'docker run --help'.

#lets authenticate docker hub account

$docker login 
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: anshumanc1992
Password: 
Login Succeeded

if we try to run the command again

$docker run --name centos7 -d centos
Unable to find image 'centos:latest' locally
latest: Pulling from library/centos
5e35d10a3eba: Pull complete 
Digest: sha256:dcbc4e5e7052ea2306eed59563da1fec09196f2ecacbe042acbdcd2b44b05270
Status: Downloaded newer image for centos:latest
ffa58a4c6066f79c1e1136788868802a5dd43d4a827138ab7ddf3f6ab3bd9c6f

$docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos              latest              2d194b392dd1        2 weeks ago         195MB


Read more

Stands for “Secure Sockets Layer.” SSL is a secure protocol developed for sending information securely over the Internet. Many websites use SSL for secure areas of their sites, such as user account pages and online checkout. Usually, when you are asked to “log in” on a website, the resulting page is secured by SSL.

SSL encrypts the data being transmitted so that a third party cannot “eavesdrop” on the transmission and view the data being transmitted. Only the user’s computer and the secure server are able to recognize the data. SSL keeps your name, address, and credit card information between you and merchant to which you are providing it. Without this kind of encryption, online shopping would be far too insecure to be practical. When you visit a Web address starting with “https,” the “s” after the “http” indicates the website is secure. These websites often use SSL certificates to verify their authenticity.

While SSL is most commonly seen on the Web (HTTP), it is also used to secure other Internet protocols, such as SMTP for sending e-mail and NNTP for newsgroups. Early implementations of SSL were limited to 40-bit encryption, but now most SSL secured protocols use 128-bit encryption or higher.

Providers

Worldwide, the certificate authority business is fragmented, with national or regional providers dominating their home market. This is because many uses of digital certificates, such as for legally binding digital signatures, are linked to local law, regulations, and accreditation schemes for certificate authorities.

RankIssuerUsageMarket share
1Comodo8.1%40.6%
2Symantec5.2%26.0%
3GoDaddy2.4%11.8%
4GlobalSign1.9%9.7%
5IdenTrust0.7%3.5%
6DigiCert0.6%3.0%
7StartCom0.4%2.1%
8Entrust0.1%0.7%
9Trustwave0.1%0.5%
10Verizon0.1%0.5%
11Secom0.1%0.5%
12Unizeto0.1%0.4%
13QuoVadis< 0.1%0.1%
14Deutsche Telekom< 0.1%0.1%
15Network Solutions< 0.1%0.1%
16TWCA< 0.1%0.1%

 

 

 

There is a good news for all guys who are passionate about using SSL but don’t ant to spend money. Let’s give LetsEncrypt a try.

Each certificate is issued for 90 days and then you will have to reissue them, that too is free. 🙂

 

Just contact your provider for the same as they may have a cPanel/Plugin setup for you to get it in a click. 🙂

Read more

PCI standard or Payment Card Industry Data Security Standard

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB.

The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is performed annually, either by an external Qualified Security Assessor (QSA) that creates a Report on Compliance (ROC) for organizations handling large volumes of transactions or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.

Basics of getting PCI Compliant.
–+-
1) First of all, if is hardly possible of a Shared hosting environments as they will not mitigate certain threats coz others customers will have multiple issues connecting to the services.

2) If you own a Dedicated server/VPS you are good to go.

3) There are tonnes of companies who provide PCI scan reports and will finally get you the PCI Compliant seal that you can proudly put on on your site.

4) There are major three type of ratings that you will see, High >> Red, Normal >> yellow and Pass >> green.

High are potential threats and needs to be mitigated at the earliest.

Medium and pass can be ignored, as they don’t really matter.

5) There is a good point that you wanna keep in mind, if you are running Old CentOs versions or any other flavours like Ubuntu 12.x or below you should seriously upgrade first and then submit for the PCI scan.

For guys with CentOS servers 6.8 and above you really do not need to do anything special. Redhat and CentOS come in with a feature called backporting, and they down;load the patched on the current builds so no matter what comes out you are alwaye secured. You may want to call in your host and get them to check if all the CVE are backported.

Get the results that they give you and provide the same to the scanning commany so that they can whitelist the results oin the next scan. This way it may take a couple of scans but you will get the goal at hand. 🙂
—-

To whom does the PCI DSS apply?

The PCI DSS applies to ANY organization, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data

Am I PCI compliant if I have an SSL certificate?

No. SSL certificates do not secure a web server from malicious attacks or intrusions. High assurance SSL certificates provide the first tier of customer security and reassurance such as the below, but there are other steps to achieve PCI compliance.

A secure connection between the customer’s browser and the web server
Validation that the website operators are a legitimate, legally accountable organization

What is a vulnerability scan?

A vulnerability scan involves an automated tool that checks a merchant or service provider’s systems for vulnerabilities. The tool will conduct a non-intrusive scan to remotely review networks and web applications based on the external-facing Internet protocol (IP) addresses provided by the merchant or service provider. The scan identifies vulnerabilities in operating systems, services, and devices that could be used by hackers to target the company’s private network.

References:
[1]. https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard
[2]. https://www.pcicomplianceguide.org/pci-faqs-2/#2

Read more

different typesweb hosting

Shared, Dedicated, VPS, and Cloud hosting Different types explained

All sites and blogs on the Internet start with hosting.

Web Hosting 

is one of those beasts with so many variables that everyone gets lost, even developers with plenty of prior knowledge. In this article I’ll clear up the differences between the most common hosting types: shared, VPS, dedicated and cloud, let’s get started.

Shared Hosting – Cheapest, Best for Beginners

Shared hosting is the budget option. It is extremely cheap, but also not very good.
Some of the most well-known hosts in this segment are Bluehost, Siteground, and A Small Orange.

VPS Hosting – More powerful than Shared hosting

VPS stands for Virtual Private Server and is probably the most popular service to upgrade to and it can be the most well-balanced one as well.

A VPS server is still a shared environment, but the way it is shared is very different.

First of all, a VPS server is usually limited to 10-20. This decreases stress in itself, but the real improvement comes in the form of the hypervisor – which is the coolest name for something ever.

A VPS server is literally split into as many parts as there are users. If there are 10 users, 10GB of RAM and 200GB of hard drive space on the server, each user will be able to expand 1GB of RAM and 20GB of space. Once you hit the RAM limit your site may go down, but the others will remain stable. The hypervisor is the one responsible for managing the virtual machines that create this separation within the server.

Dedicated Hosting – If Your Site Exceeds 100k Visits/month

This is the hosting service that negates all bad neighbour issues because you are all alone on a server. This provides a host of benefits, but also comes with quite a few downsides.

Since you get a computer all on your own, many companies allow you to customise it extensively. You may be able to choose the amount and type of memory, the OS to install, and other hardware elements that make up a computer. This gives you a lot of flexibility which may be needed for some specialised software.

The downside here is that you actually need to know quite a bit about computers and server technology. While there are managed dedicated hosting solutions you’ll still need to do a lot more on your own.

Cloud Hosting

Cloud hosting is essentially the same as VPS hosting. Some companies don’t even call their service VPS anymore, the say Cloud or Cloud VPS. Let’s look at what cloud computing is first, and get back to what this has to do with hosting.

Until now we’ve been talking about computing that is similar to buying unit based products. If I buy a one-use battery and put it in video camera I can use it for a set amount of time until the battery runs out.

Cloud-based computing is similar to how utilities work. If I plug my video camera into the mains I can use it as much as I need and it will take as much power as it requires at the moment. If it is on standby it will use very little power when it is recording it will use a lot more but the electric system can handle the changes in power requirements.

 

Conclusion

Choosing a hosting package can be pretty difficult. The first step is understanding the type of hosting you need: shared, VPS, dedicated or cloud. Hopefully, this article has given you the background to figure that out.

If you’re just starting out (building your first blog/site) – go with shared hosting. It’s cheapest and usually more than you need at the beginning.
As the next step, you should take a look at a bunch of companies, I recommend checking our top rated hosts to find the best ones. Look at what’s on offer and compare the RAM, disc space, CDN usage, bandwidth and other quantifiable resources. Then take a look at any additional features on offer.

At the end of the process, you should have 2-3 favourites at which point it will boil down to personal preference. Perhaps a short talk with support – to gauge their helpfulness – will go a long way.

Read more