Canadian Web Hosting Blog and News
19Dec/130

Using SSH with Windows Server

Running both Windows and Linux servers in Canada requires a team with a broad range of expertise and know how.  One of the inherent challenges that that Canadian Web Hosting Linux administrators ask for, rather than run a remote desktop session, is to enable native SSH or Secure FTP access to Windows servers.  Windows does have some capabilities when it comes to administrating servers remotely like Powershell but it isn’t seamless and can leave you wanting when trying to run scripts, perform maintenance or troubleshooting a support ticket.   A great example of how we use this is our Canadian Cloud Hosting environment and we leverage SSH to run regular maintenance scripts and automate certain installation updates as needed.

While there are a few options available for SSH and SFTP, some of the most common tools used (and our preferred choice) is freeSSHd or Copssh.   Free SSHD describes itself this way – freeSSHd, like it's name says, is a free implementation of an SSH server. It provides strong encryption and authentication over insecure networks like Internet. Users can open remote console or even access their remote files thanks to buit-in SFTP server.”  FreeSSHd supports regular shell or command-line SSH access, SSH-based SFTP access (with command-line or GUI clients), and SSH-based tunneling (VPN-like functionality).  As with anything, if you are going to use encryption make sure you create and document private keys after the install is complete.  Once you’ve completed your install, now it is time to configure the server.

Configuring Your Server

Once you open freeSSHD you'll find a system tray icon, which you can click to open the server settings and create some users by selecting the Users tab.   As standard procedure for Canadian Web Hosting, we add security by enforcing the option for user to authenticate and/or use of a private key on their local machine.   You can also setup IP whitelisting and/or modify host restrictions by entering the required IP address.  100%

In some cases your users may also want to use SFTP connections to transfer files, click the SFTP tab to designate a default path for users.

Time to Test the Server

Now, as a standard procedure before opening the SSH port on any firewalls, you can test your server by connecting it from a remote client program using the “localhost” or IP address of your machine.  You can also use clients PuTTY or FileZilla.

Open the Firewall

In order to access the SSH server from other machines, you need to open port 22 on your Windows Firewall or any other firewall that is installed    Note, if you plan to connect to the SSH server via the Internet, your routers and/or network where you are connected must be configured to allow access.  Similar to the above, your routers need to have port forwarding set  to open SSH port 22 and forward traffic to the IP address of the SSH server.

Matt McKinney

google.com/+canadianwebhosting

1Nov/130

Optimizing WordPress

We get a lot of questions from clients about how to get the most out of their websites and move higher up on Google search ratings.  Aside from various SEO techniques and including proper keywords in your site, one of the most important factors to consider is load time.   For the purposes of this blog, we will look specifically at WordPress.  By optimizing your WordPress site, the major search engines will view your site more favorably and some of the steps below will help move you toward the top . More importantly, it will improve your overall customer experience and make it easier to navigate your WordPress site.   Listed below are 5 quick steps to get you started.

 

1) Enable Caching

By enabling caching, you decrease load time on your Canadian Web Hosting server and this allows client devices to cache records thereby improving load and performance each time they make a visit to your WordPress website. 

Listed below are some popular plugins that will help you enable caching and allow you to tweak the caching settings

  • WP Super cache
  • Hyper cache
  • W3 Total cache

 

2. Compress Images

by compressing your images, you will reduce the total file size and increase download speeds on the client side.  Listed below is another popular plug-in to enable compression.

  • WP Smush.it

 

 3) Use Proper Image Files

Using proper image files plays a significant role to ensure files load smoothly and are presented correctly to your end users.  The list below provides a quick overview on preferred file types and the benefits they provide.

  • PNG: this file type is supported by most of the well-known browsers, making use of this file type makes it possible for your users to see what you want them too see.
  • JPG: for sharper images requiring detail you can use the .jpg extension.
  • BMP/TIFF: these file types are normally much larger than the alternatives, which would decrease responsiveness on the site.

 

4) "Minify" HTML, CSS and Javascript

An frequently looked over optimization technique is to make sure that you reduce the whitespace contained in your site code so it can be compiled quicker.  If you aren't a coder, you can just use the following plugin to "minify" your site.

  • WP-minify

 

5) Perform Updates

We can stress this enough as we see customers run into issues because they don't update their site regularly.  Updating your version of WordPress and plugins will improve performance and increase the security and effectiveness of your site.  Or put another way, if you don't update your site you will get hacked with malicious code.  It is not a matter of if you get hacked but rather when.  We do have Canadian Web Hosting customers who on occasion can't upgrade their version due to compatibility issues. In this situation, there are techniques and tools that we leverage to virtually patch WordPress servers.  Canadian Web Hosting has partnered with the leading WordPress security firm Sucuri to enable customers to protect their sites.  Contact our sales team at sales@canadianwebhosting.com if you want to know more.

 

Following these 5 simple steps can help create a more efficient site and significantly improve your customers overall experience which improves your ranking on the search engines.  

1Jul/130

Dedicated Servers vs. Cloud Hosting

As more enterprises turn to the cloud, here at Canadian Web Hosting we are working hard to try to keep up with demand by growing our cloud services by incorporating technologies like OpenStack, Onapp, VMware and creating a powerful platform that automates many features allowing our customers to save time and money.  More importantly, with all of these services many customers can benefit from Canada’s privacy requirements giving their businesses the ability to control their data including how it is stored.  However, many Canadian Web Hosting clients ask us if they should also be looking at a Dedicated Server and whether there is a reason to consider that versus moving to the cloud.

 

Ultimately this question is dictated by business requirements, but when you first compare a dedicated server to other web hosting solutions like shared hosting or virtual private servers (VPS), the pricing will come out higher. However, because of the improved reliability, power and speed, it can be advantageous to invest into one or more dedicated servers to meet your needs.   In many cases, a dedicated server is the natural progression of services as your business grows where you may have started with a shared hosting or VPS plan, but need more power and resources behind your application or website.

 

So the first question one should look at when comparing dedicated servers to cloud servers is the requirement behind the server.  With our Canadian Cloud Hosting solutions, many of those customers are looking for real time scalability, flexibility, and reliability with features like automatic failover and infrastructure redundancy.  However, many businesses prefer dedicated servers because they are often more configurable, fully isolated, and a more secure way to store mission-critical data.

Because of this flexibility, achieving the best service from a dedicated server requires customers to have the correct setup, from the infrastructure to software and hardware configurations.  Some of the questions we typically ask customers are based on a few key areas.  For example, some key considerations include:

  • Hardware resources: How much RAM, CPU, and disk space are needed to handle the requirements.  These can be affected by things like software application, website traffic, amount of IOPs (input/output) and so on.
  • Server Security:  Because many companies choose to manage the servers themselves, we like to get confirmation that the company is confident that they can regularly update servers with the latest patches and security updates to keep the BIOS, operating system, and software running smoothly.
  • Network redundancy:  For reliability and uptime, are customers comfortable with having any areas where a single point of failure could occur, or if they are looking at a larger infrastructure, do they need redundant devices to mitigate the risk of failure.
  • Data center: A significant component of any deployment, but probably the least talked about, is the physical environment where the server is located.  Has it been optimized for supporting dedicated server hardware, with appropriate ventilation, cooling, security, and monitoring tools.  As an example, Canadian Web Hosting is a SSAE 16 Type II SOC 1 provider and during our annual audits the teams review our data center spaces including security, cooling, power and many other items that ensure our customers data is protected and handled appropriately and securely.

For companies interested in looking at dedicated server solutions, and want to work through a cloud hosting vs. dedicated server comparison our teams can be reached 24/7 at 1.888.821.7888 or by email at sales@canadianwebhosting.com  One of the best steps you can take is to look at the solutions and see what makes the most sense and allows you to meet your web hosting requirements.

3Jun/130

Protecting Your Website From Malware

When searching for your business online and you see this -

 

Your website and business are in trouble.  You’ve been hacked.  What should you do?

Every day, malicious users, hackers and cybercriminals attempt to compromise thousands of websites.  Hacks are often invisible to users, yet remain harmful to anyone viewing the page — including the site owner and/or business.   Every day, we see customers who unbeknownst to them, have been hacked and their site has become infected with harmful code which in turn can record keystrokes on visitors’ computers, stealing login credentials for online banking or financial transactions.

You may ask yourself, isn’t it my web hosts job to protect my server?  The answer is both yes and no.  Your web host, like Canadian Web Hosting, has most likely implemented strong network security mechanisms and other security features that ensure your service works properly including hosting your website.  However, where the most common misconception is that your web host does not control your server and your code for your website unless you are utilizing managed services.  In an unmanaged environment, each customer is responsible for updating their applications, website code and implementing services to protect their business.    We’ve seen some recent vulnerabilities with popular applications like WordPress that have severely impacted customer websites because they did not keep their applications up to date, even after receiving notifications that their code needs to be patched due to emergency vulnerabilities that have been identified.   These attacks range from server configuration problems, SQL injections, Code injection, error templates and many more.   It is also interesting to note that many customers fall into heavily targeted areas without even knowing that they are in a high risk geography.  Trustwave recently release a graphic that shows the most common areas of attack based on country.

So, if you’ve been hacked what should you do?   Here is where you ask yourself, do I want to handle it myself? Or get help?  Here at Canadian Web Hosting we follow-up a very rigid methodology to quickly identify malware/hacks on customers site, and have built a rigorous process to eliminate the hack as soon as possible.  Typically, we will look at the following steps:

1)      Scanning your site

2)      Quarantining the site

3)      Validating backup files

4)      Assessing the damage (hacked with spam or malware)

5)      Identify the vulnerability

6)      Clean and maintain the website

7)      24/7 Monitoring

Now, depending on your own expertise these steps range from basic to advance and may require a security professional to analyze the hack, remove it from your site/code and validate that your site is clean.  In the next article, we will spend more time talking about each step and identifying some best practices to minimize any impact on your business and your customers.    However, some simple steps can go a long ways in the event that an issue has occurred.   Check your user accounts and make sure you have unique passwords that follow secure password principles, update your web applications and operating systems whenever a patch is released, and utilize low-cost 3rd party security providers that can monitor your site 24/7 and will notify you of any potential vulnerabilities or malware attacks on your site.

There are a few services like this available today like stopthehacker and Sucuri that offer basic month-to-month or yearly costs to monitor your site and your reputation and notify you in real time when an issue occurs.  Recently, Canadian Web Hosting, the leading provider of web hosting and cloud-based Infrastructure as a Service (IaaS) solutions in Canada, partnered with Sucuri, the leader in malware prevention to deliver a cost-effective solution that is focused on malware detection and removal.  The reasons for this are several but are focused on several key principles – 1) extremely effective at identifying issues, 2) low cost threshold, 3) continuous updates to their database and security threads and 4) use of security professionals who review your site code and implement fixes.   This last point has been a key benefit for Canadian Web Hosting customers as it avoids common issues that we see with “automated” malware removal where the system just carves out the code without recognizing possible scenarios that will cause a site to crash or become unworkable.

Sucuri, works by actively scans all pages of customers’ websites for viruses and possible web malware threats to see if malicious users have injected harmful code into them. Additionally, Sucuri continually monitors potential new versions of malware and protects online businesses from any emerging threats.  Because of potential complexities identified in the process list above,  Canadian Web Hosting security experts take a very proactive approach work with our customers and will actively manage any malware notifications or possible attacks. In the event that an issue is identified, Canadian Web Hosting’s security teams take all necessary actions to rectify the situation including validation of clean backups and files, malware removal, and continuous communication with the customer.  Here are some of the features of Sucuri:

Standard Malware Detection
Advanced Malware Detection with Artificial Intelligence
Server-side Scanning including .htaccess Hack Detection
Webpage Defacement Detection
Phishing Page Detection and many more
Malware Cleanup
Blacklist and Reputation Monitoring
Vulnerability Assessment

Server Side Scanning
Speed Monitoring & Up-time Monitoring
WordPress Plugin

Working in combination with Canadian Web Hosting’s Secure IT platform, customers will benefit from using Canadian Web Hosting’s advanced Defense Network layer approach that both protects and monitor botnets, malware and a customer’s website's IP reputation to protect their users and networks from possible malware attacks. This includes malware prevention scanning that blocks inbound and outbound traffic by tracking malicious activities to their firewall gateways to enforce pre-determined security policies, as well as server side and website scanning that when combined are 85% more effective in preventing malware and malicious attacks when compared to traditional malware services.

27May/130

Canadian Cloud Hosting with OpenStack Vs. Amazon Web Services

In the years ahead, the web hosting industry will continue to see a transformation of the industry as companies continue to move into targeted ecosystems in order to continue to compete in their selective markets.  As many of you already know, Canadian Web Hosting is a technology leader in Canada and as such has made the decision to deploy a web hosting cloud environment built on the OpenStack Cloud Operating System.  There are many aspects to consider in making a strategic move and transforming our web hosting services into a highly reliable, repeatable and massively scalable Infrastructure as a Service (IaaS) solution for our Canadian and non-Canadian clients looking to benefit from Canada’s amazing regulatory environment.

 

Why Build a Canadian Cloud with OpenStack

As a provider, Canadian Web Hosting has a long-history of delivering a full-spectrum of web hosting services including shared hosting, dedicated server hosting, and virtual private servers, as well as deep integration of virtualization platforms Xen, VMware and Hyper-V.  With the OpenStack cloud, we are giving our customers to utilize a service that a complete infrastructure solution that offers compute, storage and networking as a service (with many features below) that do not require any type of vendor lock in. More importantly, with our experience support business clients over the years we make it very easy to transform your legacy IT environment into a modern cloud environment that integrates these technologies.   Many of our customers now moving are also bringing over the their existing AWS workloads and have realized that Canadian Cloud Hosting powered by OpenStack offers many of the same features as well as deep integration of many leading technology providers making integration of legacy systems a much easier process.  With AWS, everything is proprietary and runs on AWS’s own software.  In saying this, let’s take a high level view and compare AWS and OpenStack.

OpenStack vs. AWS Services comparison

To make things easy, I’ve compared with OpenStack components with similar components of AWS. Please note that this is not a straight comparison as services for both are changing quickly and with the release of OpenStack Grizzly in the last couple of months about 230 new features were just added.  For example, with NoDB integration, we have eliminated the dependency of a database in OpenStack and will no longer take down the cloud.   All these components are available as services.

 

Components OpenStack AWS (closest match)
Virtual Server Management Nova EC2
Image Management Image Service (Glance) AMI catalog
Object Store Swift S3
Block Store Cinder EBS
Network Management Quantum VPC
Identity Keystone Amazon IAM
Management Console/ Dashboard Horizon AWS Console

 

Based on the above, I have provided a brief breakdown of each of the services to provide a better understanding of each component within the cloud operating system.

Nova

This is the oldest component of OpenStack, responsible for Virtual Machine management operations and is the primary software that controls the compute platform and is similar to Amazon EC2.  It does not include any virtualization software, but rather defines the drivers that interact with underlying virtualization mechanisms that run the host operating systems and exposes functionality over a web-based API.  Some of the unique feature of this component is that it supports multiple hypervisors like Libvirt for KVM, XenAPI for XenServer and so on.

Image Service (formerly Glance)

This is responsible for managing Virtual Machine Images (AMI in AWS jargon).   The image service provides discovery, registration and delivery services for virtual disk images including registering new virtual disk images, quering for information on publically available disk images and use of Image Service’s client library for streaming of virtual disk images.   Some of the formats available include:

  • RAW
  • AMI (kernel/ramdisk outside of image)
  • VHD (Hyper-V)
  • VDI (VirtualBox)
  • Qcow2 (Qemu/KVM)
  • VMDK (VMware)

Swift

Swift is the Object store – essentially a repository to store and retrieve lots of data in virtual containers.

Keystone

Keystone is the Identity service that provides identity, token, catalog and policy services for use specifically by projects in the OpenStack platform including implementation of OpenStacks Identity API.  This also includes enabling key tenets like tenancy, roles, users, projects and tokens or in other words it is the mechanism that is responsible for determining who gets access to cloud resource and at what level.

Horizon

This is the user/ admin dashboard which can be used to manage the resources that constitute the OpenStack cloud including services for Nova, Swift, Keystone, etc.

Cinder

Cinder is responsible for providing block storage. This is actually a service component of nova-volume (part of Nova) and supports volume creation and volume snapshots.

Quantum

Delivers “networking as a service” between interfae devices (vNICs) managed by other OpenStack services like Nova

 

If any of you would like to work with Canadian Web Hosting and help contribute to OpenStack, just email us at sales@canadianwebhosting.com or follow us @cawebhosting.