1

Five Additional Ways To Use Your Virtual Private Server

VPS-Services

DNS Servers

DNS servers are known as the phone book of the Internet. Why? Every time someone keys in a website name (URL) on their desktop, laptop, notebook, tablet or smartphone, a domain name server (DNS) translates that text in hexadecimal Internet Protocol (IP) addresses. Those addresses identify where that website resides (on what server).

The Internet utilizes a distributed hierarchy of DNS servers globally. At the top of that hierarchy are root servers, 13 in total, that store a complete database of websites and their associated IP addresses. Ten of those are located in the United States of America.

The majority of DNS servers are owned by businesses or ISP’s. Just as Google uses its own DNS servers to manage Google.com and other domains, businesses can and do maintain their own DNS servers for the same purpose.

FTP Server

There are a number of advantages to using a VPS as a dedicated FTP server, one of which is that it gives you a deeper level of security, than say unlimited cloud services. With a dedicated FTP server, you can disallow access based on factors like country of origin, IP address or other variables. You’ll also be able to customize it to allow access from user accounts to the specific information they need on the server.

In Linux, we recommend that you use SFTP. This stands for SSH File Transfer Protocol, or Secure File Transfer Protocol, which is a separate protocol packaged with SSH that works in a similar way over a secure connection. I’d seen a number of WordPress sites compromised via hacked FTP accounts, and that’s not pretty to deal with after the fact. Go SFTP and save yourself some headaches down the line.

Forums

It seems there are thousands of forums online, covering everything from automobiles, fashion, body building and professional sports – to web hosting. On any given day, there are millions of members and guests on these communities sharing complaints, recommendations and conjecture.

Shared hosting works well for new forums, but once a forum grows, they often need to step up to either VPS services or a dedicated server. Why? VPS services give forum owners and administrators virtualized resources that aren’t shared, specifically in terms of vCores, RAM and disk space. It also allows them to customize applications that may or not be allowed on shared accounts.

Repository

A digital repository is an online archive for the storage of digital objects; these can range from digital archives, manuscripts, still or moving image galleries or anything that is in electronic format and needs a place to be stored either short or long term. The possibilities for what objects you could store is endless, so let your imagination be your guide.

Some examples could be reports, educational theses, articles, chapters of books, podcasts or simply photos of products – or on a more personal level, family photos.

VPN Endpoint

Essentially, endpoints are where Virtual Private Networks (VPN) terminate. The connections transverse from one VPN endpoint device to another VPN endpoint device. This is facilitated via a digital tunnel between two separate networks. Why set this up? This puts those networks behind routers/firewalls as opposed to tunneling into a specific server or computer.

Brought to you by ProlimeHost

We’ve been in the web hosting industry for over a decade, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in Virtual Private Servers (VPS) and dedicated servers, with data centers in Los Angeles, Utah & Singapore.

VPS Services: Lightning Fast SSD Virtual Servers

Our Virtual Private Servers all feature high performance Xeon processors and SSD storage in a RAID10 configuration to optimize your server’s performance, which dramatically enhances visitor experiences on your site.

That speed is backed by unparalleled 24/7 support, featuring both outstanding response AND resolution times to maximize your uptime.

Now is the time to join the ProlimeHost virtual private server revolution.

Dedicated Servers: Backed by a 99.9% SLA network uptime guarantee

We only use enterprise-class hardware in our dedicated servers and offer a four (4) hour hardware replacement.

Throw in IPMI for remote management, support for public and private networks, free operating system (OS) re-installs, and SATA, SAS & SSD (including NVMe) storage.

Call +1 877 477 9454 or email us at Sales@ProlimeHost.com. We’re here to help.




Addressing Ransomware Attacks


ransomwareFirst, what exactly are ransomware attacks and what’s the motivation behind them? Motivation seems easy enough to decipher – it’s monetary greed. In every instance I’d read about, there’s always some monetary demand to decipher their sites, generally in BitCoin payments (the preferred currency of cybercriminals everywhere).

One definition is, “Ransomware is a subset of malware in which the data on a victim’s computer is locked, typically by encryption, and payment is demanded before the ransomed data is decrypted and access returned to the victim.”

The most common source of ransomware attacks

Malicious email attachments are high on our list as a common source of ransomware attacks, followed by software applications (and external storage devices) that have been infected, and what we see more often than not – websites that have been compromised. RDP (remote desktop protocol) is also used simply because it doesn’t rely on user interaction.

Can’t log into your site?

In some instances, cybercriminals use a lockscreen variant whereby they alter their victim’s logins.

Has your data been kidnapped?

Here your data files are encrypted, not necessarily only to the infected device, but to other network devices that are connected.

Early attacks could be reverse engineered, but …

You guessed it. While early attacks could be reverse engineered relatively easily, cybercriminals have developed enhanced versions that utilize exceptionally strong public key encryption.

Previous versions of ransomware attacks

When discussing public key encryption, one of the earliest versions of ransomware that used this was a Trojan horse by the name of Cryptolocker. As usual, the attackers demanded payment via bitcoin, and at the time, because of the RSA cryptology used, this was highly effective malware. Fortunately, the encryption keys for this variant were discovered leading to the development of an online tool that facilitated recovery, effectively defanging the malware.

Ransomwares attacks 

A recent attack, defined as WannaCry was disseminated in the Spring of 2017 that infected over 250,000 systems around the world. This malware utilized asymmetric encryption, making recovery difficult. Why? Using this variant, victims faced increasingly difficult recovery paths attempting to discover the private and undistributed key that was necessary for decryption.

Once again, payments via bitcoin were demanded, simply because they couldn’t be traced to the recipients. The net estimated damage from this attack alone may have exceeded $1 billion dollars.

Does paying ransomware demands guarantee you’ll get your files back?

Unfortunately, paying ransomware demands does NOT guarantee that you’ll get your files back.  Approximately 20 percent of firms or organizations that pay these fees do NOT get their data back.

The average amount of ransom demanded currently exceeds $1000

The estimated percentage of business executives that actually paid these demands ranges from 3 to 70 percent, so those aren’t exactly rocket science numbers, although across the board, fewer percentages of US companies tend to pay.

Are internet of things (IoT) vulnerable to ransomware attacks?

Unfortunately, yes, IoT is vulnerable, so it’s imperative that you take precautions. We’re talking about smart thermostats, refrigerators and security systems, as well as many other devices.

Who actually uses ransomware?

Unbelievably, ransomware kits on currently available on the dark web for less money than you might imagine. And you don’t have to be a computer geek to purchase and implement an attack. In some scenarios, the seller of the ransomware malware actually collects the ransomware payments, takes their percentage of the loot and distributes the remaining amount to the purchaser.

How would you know you were attacked?

Of course, there are the more obvious signs of attack like receiving a pop up message telling you that you’ve been attacked. Of course, the approach these cybercriminals take to extort digital currency for their misdeeds vary. Some victims are given deadlines to pay and some are simply threatened by promising to expose confidential information or data.

The key to minimizing ransomware attacks is prevention

First and foremost, backup your data in multiple locations, online and offline remotely and don’t click on suspicious attachments in emails, especially from strangers.

ProlimeHost

Brought to you by ProlimeHost

We’ve been in the web hosting industry for over a decade, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in Virtual Private Servers (VPS) and dedicated servers, with data centers in Los Angeles, Denver & Singapore.

VPS Services: Lightning Fast SSD Virtual Servers

Our Virtual Private Servers all feature high performance Xeon processors and SSD storage in a RAID10 configuration to optimize your server’s performance, which dramatically enhances visitor experiences on your site.

That speed is backed by unparalleled 24/7 support, featuring both outstanding response AND resolution times to maximize your uptime.

Now is the time to join the ProlimeHost virtual private server revolution.

Dedicated Servers: Backed by a 99.9% SLA network uptime guarantee

We only use enterprise-class hardware in our dedicated servers and offer a four (4) hour hardware replacement. Throw in IPMI for remote management, support for public and private networks, free operating system (OS) re-installs, and SATA, SAS & SSD (including NVMe) storage. Call +1 877 477 9454 or email us at Sales@ProlimeHost.com. We’re here to help.




Understanding DDoS Attacks


DDoS attackDDoS attacks are simply distributed denial of service attacks whereby unscrupulous cybercriminals try to overwhelm a website with bogus traffic from multiple sources. At first, they primarily attacked important resources, but recently they’ve expanded their nefarious attacks on nearly everyone.

Who are their targets?

They’re currently targeting banking institutions, public libraries, news organizations, web hosting providers, auto repair shops, travel agencies, pet stores, hair salons and you name it – no one is safe from these low life Internet thugs.

Some alarming facts:

  • It’s not expensive to purchase the ability to launch DDoS attacks on the black market. For as little as $150, these thugs can acquire an attack that lasts for an entire week. What would that mean to your online business? Without protection of any kind, this would certainly affect your operations to some extent, either in terms of reduced traffic, shopping cart abandonment or higher bounce rates.
  • Thousands of attacks occur each and every day, with many of them becoming more sophisticated and complex. Just because a service states that they protect from DDoS attacks up to 20 Gbps, that alone is no guarantee that you’re protected. In fact, one leading web hosting provider contends that even 100 Gbps protection is no longer sufficient.
  • Downtime can be difficult to troubleshoot at times, but it’s estimated that one-third of all downtime incidents are caused by DDoS attacks.

The evil known as malicious botnets

These cybercriminals construct networks of infected computers and smartphones, known as botnets. Though these networks, these underbelly low-life’s of the Internet spread malicious software via infected websites, emails and social media accounts.

Once infected, control is administered remotely, clouded in stealth without the owner’s knowledge. The larger the network, the more damage can be dealt out against their targets.

DDoS attacks can overwhelm their targets

How do DDoS attack overwhelm their targets? They do this by generating tremendous floods of traffic, at a rate that servers simply cannot handle. At times, these attacks are so large that they can overwhelm a country’s international cable capacity.

The DDoS marketplace

What’s so frustrating is that it’s so simple to buy and sell these botnets on the black market. It’s essentially a sleazy underground market for silencing anyone you have a disagreement with or even your competitor. It’s widely known in gaming circles that you had better have DDoS protection if you’re running any type of gaming services.

Different types of DDoS attacks

DDoS attacks are generated and distributed in a myriad of forms, from Layer 7 attacks to Teardrops to Pings of Death to Layer 83 attacks. OK, there’s no such thing as a Layer 83 attack, but you get the picture. If there was a Layer 83, cybercriminals would find some way to attack it.

  • TCP connection attacks are designed to overwhelm all available connections to things like firewalls, load-balancers and application servers, whereas volumetric attacks attempt to consume all available bandwidth. The end result – network congestion.
  • In an effort to severely reduce network performance, a DDoS attack may consist of flooding TCP or UDP fragments, which in turn would overwhelm a network’s ability to reassemble the streams.
  • If these cybercriminals wanted to disrupt a specific aspect of a service or an application, it’s possible to generate an attack utilizing a low traffic rate, making the attack much more difficult to identify and mitigate.
  • DNS Reflection is used quite often, as it forges a victim’s IP address, making it possible to amplify the attack by over 70 times in size.

ProlimeHost

Brought to you by ProlimeHost

We’ve been in the web hosting industry for over a decade, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in Virtual Private Servers (VPS) and dedicated servers, with data centers in Los Angeles, Denver & Singapore.

VPS Services: Lightning Fast SSD Virtual Servers

Our Virtual Private Servers all feature high performance Xeon processors and SSD storage in a RAID10 configuration to optimize your server’s performance, which dramatically enhances visitor experiences on your site.

That speed is backed by unparalleled 24/7 support, featuring both outstanding response AND resolution times to maximize your uptime.

Now is the time to join the ProlimeHost virtual private server revolution.

Dedicated Servers: Backed by a 99.9% SLA network uptime guarantee

We only use enterprise-class hardware in our dedicated servers and offer a four (4) hour hardware replacement. Throw in IPMI for remote management, support for public and private networks, free operating system (OS) re-installs, and SATA, SAS & SSD (including NVMe) storage. Call +1 877 477 9454 or email us at Sales@ProlimeHost.com. We’re here to help.




WordPress Plugins – the Highs and Lows

WordPress

WordPress themes and plugins need to be updated when patches are released

WordPress is beyond doubt, the most popular Content Management System (CMS) on the globe, followed by others like Joomla, Drupal and more, and part of that popularity comes because of the thousands of plugins that make WordPress more functional. Plugins give webmasters a way to fine tune their sites, but there is some risk involved.

Every plugin you use adds resource consumption to your site

The good side of plugins is that they enhance the functionality of websites, but the bad side is that with increased plugins comes increased risks – not only from potential incompatibility with the current version of WordPress, but from potential threats like ransomware and malware.

Add to that, some plugins are resource hogs and will detrimentally slow down your site’s performance, leading to shopping cart abandonment and increased bounced rates.

How to limit your exposure to risk?

All is not hopeless, as there are ways to limit your exposure to the risks associated with WordPress plugins. The first and most obvious would be to delete all those plugins that haven’t been activated, and most likely never will be.

You know what I’m talking about. A web developer will download a theme from ThemeForest or elsewhere, install and customize the site, but not use all of the plugins that came with that theme and then they sit there for years, never getting activated or updated. I hear some of you asking, “What’s the difference? If they haven’t been activated, what’s the damage?” The difference is that those plugins are still vulnerable to exploitation and should be deleted. Hanging on to plugins you’re never going to use is tantamount to house hording. It’s time to clean house!

Think of it this way. Each one of those plugins has an author, who is ultimately responsible for keeping their respective plugin up-to-date. The more chefs in the stew, the more opportunity for disaster.

What you need to knowSpeaking of authors

There are tons of plugins floating around of questionable design, but how would you recognize them? Our recommendation would be to limit your plugin downloads to those in the OFFICIAL WordPress.org directory. It doesn’t end there though, as from time-to-time, some plugins are removed from that directory. Authors are real people; they sometimes lose interest, they move on to bigger and better things, and they even die. Where does that leave you? Fortunately, there are some key performance indicators (KPI) available to help.

When contemplating downloading a WordPress plugin

  • Check out the Version. Is it updated regularly? Is it compatible with the current version of WordPress?
  • How many Active installations are there? Hundreds? Thousands? Millions?
  • What is its rating? 5 stars? 4 stars? I recommend reading the reviews.

What should you do when you stop using a plugin?

That’s an easy question to answer as you should immediately delete any plugins you’re not using anymore. This will demonstratively reduce your exposure to risk.

Reducing the hassle of constantly updating plugins

A good number of plugins allow you to automatically update them as revisions are released. For those that do not offer this feature, it’s best to update all of your plugins IMMEDIATELY. The longer you wait to update outdated plugins, the greater the risk. Why? Cybercriminals focus on exploiting easy targets and outdated plugins are prime territory. Security vulnerabilities are discovered every day, and those vulnerabilities are distributed very rapidly to the underground world (the dark side) of the Internet. Every second you wait to update a plugin adds to your exposure.

Protecting your site and its data

Firewalls are an essential element in protecting your site and its data from malicious attacks. The two plugins that we recommend are WordFence and Anti-Malware Security and Brute-Force Firewall.

Web application firewalls, like these analyze inbound traffic to your site and then filter out any requests deemed malicious.

Common types of attacks

What we’ve seen so far as the most common types of attacks are cross-site scripting, directory traversal, SQL injection and malicious file uploads. Trust me, once your site has been attacked, it’s a real pain cleaning it up. You’re far better off spending some time being proactive, implementing measures to protect your site from malware, rather than being reactive – attempting to clean up the mess afterwards.

ProlimeHost

Brought to you by ProlimeHost

We’ve been in the web hosting industry for over a decade, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in Virtual Private Servers (VPS) and dedicated servers, with data centers in Los Angeles, Denver & Singapore.

VPS Services: Lightning Fast SSD Virtual Servers

Our Virtual Private Servers all feature high performance Xeon processors and SSD storage in a RAID10 configuration to optimize your server’s performance, which dramatically enhances visitor experiences on your site.

That speed is backed by unparalleled 24/7 support, featuring both outstanding response AND resolution times to maximize your uptime.

Now is the time to join the ProlimeHost virtual private server revolution.

Dedicated Servers: Backed by a 99.9% SLA network uptime guarantee

We only use enterprise-class hardware in our dedicated servers and offer a four (4) hour hardware replacement. Throw in IPMI for remote management, support for public and private networks, free operating system (OS) re-installs, and SATA, SAS & SSD (including NVMe) storage. Call +1 877 477 9454 or email us at Sales@ProlimeHost.com. We’re here to help.




Noction optimizes Border Gateway Protocol (BGP) automation


IRPNoction automates BGP which helps improve multi-homed network performance, essentially making it a vastly improved version of BGP.

BGP has been around for decades

When BGP was first formalized decades ago, the world was just starting to realize the enormity of the Internet and the possibilities it presented, in terms of capability and size. Unfortunately, time marches on and the limitations of this protocol started displaying its limitations, especially when dealing with today’s incredibly complex networks.

BGP on its own is not easily updated on-the-fly

While BGP directs routing based on information exchange, it is also influenced by route attributes such as the origin, AS path, local preference, aggregator, next hop and others. Those attributes can be set by network engineers, but updating them on-the-fly presents its own unique set of issues. For example, when customizing BGP for the selected outbound route in a multi-homed network, the selected outbound route would typically be the route with higher preference locally, even if that path might experience congestion.

Having network engineers manually monitor network performance – good or bad?

If you’re directing network engineers to constantly (manually) look for failures and congestions, they’re forced to deal with rapid variances in environments. Toward that end, they need to constantly test and collect data via probes like ping and traceroute (and others) to determine packet loss, available bandwidth, end-to-end latency and jitter. That becomes increasingly difficult when BGP directs a change in routing.

IRP improves network performance

The Noction Intelligent Routing Platform not only improves network performance, it also reduces operational overhead.

What types of issues are typically encountered by large enterprises and ISPs?

The first and foremost issue encountered is uptime. It’s critically important to provide reliable services across the network 100% of the time. Toward that end, network congestion and problematic routes need to be addressed and resolved quickly. Those paths with increased latency and higher than acceptable packet loss need to be avoided, so that they’re ultimately offering consistent throughput across low latency routes, all the while avoiding exceeding committed bandwidth.

Noction IRP to the rescue

All of those aforementioned issues are addressed by Noction IRP by:

  • Automating dynamic route updates depending on real-time performance of the network
  • Defining routing policies (improves control of ISP usage and cost)
  • Automatically throttling outbound traffic to committed levels for the ISP
  • Automatically balancing loads among multiple providers
  • And by customizing routing policies predicated by business goals.

Noction leverages existing information to save time

Noction actually leverages existing connectivity with information that is collected dynamically, so that network engineers don’t need to waste their valuable time running down 1000’s of probes to troubleshoot network failures or congestion, or simply to decide best path at that moment. This also helps eliminate human error.

What Noction does

Noction actively probes remote prefixes for latency, historical reliability, packet loss, throughput and capacity, then calculates how to optimize the network to improve routing. It works on the network edge performing non-intrusive traffic analysis, probing affected routers, then automatically reroutes traffic. It effectively reduces latency and packet loss by 24% and 89%, respectively.

Monitoring and troubleshooting

IRP helps network engineers troubleshoot performance issues much quicker, providing real-time views, then sending out notifications when issues do happen.

Noction optimizes costs

Noction optimizes costs by balancing traffic (figuring in commit rate), ensuring the correct amount of traffic is directed to the right ISP.

IRP is not intrusive

Because IRP sits outside of the traffic path, there’s no adverse effect on the network, and even if the IRP gets switched OFF (or fails), the edge router falls back to normal routing without any downtime.

ProlimeHost

Brought to you by ProlimeHost

We’ve been in the web hosting industry for over a decade, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in Virtual Private Servers (VPS) and dedicated servers, with data centers in Los Angeles, Denver & Singapore.

VPS Services: Lightning Fast SSD Virtual Servers

Our Virtual Private Servers all feature high performance Xeon processors and SSD storage in a RAID10 configuration to optimize your server’s performance, which dramatically enhances visitor experiences on your site.

That speed is backed by unparalleled 24/7 support, featuring both outstanding response AND resolution times to maximize your uptime.

Now is the time to join the ProlimeHost virtual private server revolution.

Dedicated Servers: Backed by a 99.9% SLA network uptime guarantee

We only use enterprise-class hardware in our dedicated servers and offer a four (4) hour hardware replacement. Throw in IPMI for remote management, support for public and private networks, free operating system (OS) re-installs, and SATA, SAS & SSD (including NVMe) storage. Call +1 877 477 9454 or email us at Sales@ProlimeHost.com. We’re here to help.