Call us +1-231-421-7160

Anatomy of a Website - How it Works and Why it Might Not

A Little Background

Today we are going to focus on how a website works, share an overview of a hosting environment, and explore some other aspects of how a website functions.

Back in the old days, a website was a simple text document located in the server’s files. HTML let webmasters define the formatting on a website with the flexibility comparable to an advanced text editor, such as MS Word and allowed them to display images, and eventually other media.

Read more
  657 Hits

GDPR - what does it mean?

GDPRblog.jpg

The European Union has implemented a new law called the General Data Protection Regulation - GDPR for short - to help protect personal data of EU citizens. As a company that has many clients in the European Union, we have taken this very seriously and took steps to make sure that our service is GDPR compliant, which means many good things for our clients, not only from the EU but from all around the world.

Read more
  626 Hits

ImageTragick, what you need to know

In the last few days, we have seen questions regarding the recently released ImageTragick vunerabilites. We began working to patch and protect the CloudAccess.net platform shortly after the vunerability was announced. Here are a few commonly asked questions that we have seen.

What is ImageTragick / CVE-2016–3714?

ImageTragick is the internet nickname that was given to CVE-2016–3714 to help spread the word of this vulnerability to end users and the media. It features a website and a logo and is a pun based on "ImageMagick".

Read more
  2172 Hits

Understanding the IPv6 Rollout

ipv6-ready

Internet Protocol is the set of rules that governs the exchange of information and the way traffic is routed on the web. Internet Protocol Version 6 (IPv6) is the next generation Internet communication protocol that provides an identification and location system for devices, computers and networks and will replace IPv4, the current protocol that has many limitations. This blog shines some light on IPv6 and explains the impact on Internet users and how the CloudAccess.net platform is IPv6 ready.

The Growth of the Internet and the Need for a New Protocol

Originally developed in the 1970s, IPv4 is a cornerstone of the Internet as we know it. It was developed long before anyone could really imagine all of the interconnected devices that we have today. IPv4 allows for approximately 4.3 billion unique IP addresses, which might sound like a lot and certainly was a lot in 1970s standards. Nobody in 1970, however, could have predicted that the Internet would be as popular as it is or that many of us would be walking around with high speed computers in our pockets. With close to 3 billion current Internet users, IPv4 presents some serious limitations.

Essentially, the biggest limitation is that IPv4 is running out of the 32 bit addresses that each computer or device is required to have. An example of a 32 bit IPv4 address:

Read more
  3247 Hits

Site Sanitization: Cleaning up a Hacked Website

cleaning up

We pride ourselves on having an extremely secure platform, but even the most secure hosting providers see hacked websites on a daily basis. Almost always, the goal of the hacker is to steal content, send spam, spread malware or conduct some type of phishing scam. Many times we’ll see a site administrator clean a site only for it to be hacked again a few days later, and then they come to us wanting to know why. We find that some additional steps that can secure a site and fend off attacks are often neglected. This blog explains why sites are hacked, steps for cleaning up a hacked site, and preventative measures that can be taken to secure the site moving forward.

Why sites get hacked

Vulnerable Extensions

There are several reasons a site can be hacked, but the culprit we identify most often is an outdated extension. Updating extensions is critical because hackers can easily identify vulnerabilities in older versions, which are like a wide open back door to the site. If you’re using a Joomla site, it’s best practice to visit the Vulnerable Extensions List frequently. If you see an extension you’re using on this list, download and install the patches immediately. If no patches exist, disable the extension and find something to replace it.

Outdated Applications

Another reason we see sites hacked is because the site itself is an older version of the application, like Joomla 1.5 for example, which is no longer supported with security patches. We provide a managed hosting platform, which means we’ll update versions for you when a new STS (short term support) version becomes available. When a new LTS (long term support) version becomes available, it’s up to site administrators to upgrade on their own. It’s definitely best practice to stay current with the most recent version of your application.

Read more
  7508 Hits

Keeping Clients Protected: Stopping the Heartbleed Bug

heartbleed

 Throughout the last few days you’ve undoubtedly heard news about the “Heartbleed Bug”, a major vulnerability in the OpenSSL cryptographic software library. Essentially, the bug enables the theft of information that is normally protected by SSL/TLS encryption. Each SSL or TLS certificate comes with security keys that (if compromised by Heartbleed) weaken the security of communication over the Internet using applications like email, instant messaging, other web-related services.

CloudAccess.net server administrators actively monitor numerous security channels and we became aware of the vulnerability immediately. The bug causing the vulnerability has been around since December of 2011, but was only announced on Tuesday of this week by a team of researchers. Although there are no known real-world exploits of the bug, we have taken every measure to protect our clients, like we always do.

First, we applied the security patch to our entire network as soon as it was made available. We also communicated with our SSL provider who has confirmed that the vulnerability lies within the OpenSSL implementation, and not in certificates provided to us. We’re confident we’ve done everything within our power to protect your data. We’ve had no reported issues from any client on any of our servers. The only other step that can be taken is to re-key your SSL and we will do that for any client upon request.

Read more
  4081 Hits

Free Lifetime Hosting for Joomla! Day and Joomla! User Group Sites

free hosting

We’ve been part of the Joomla community for a long time now, and we’ve been involved with many Joomla! Day events and Joomla! User Groups. In fact, our company was born out of events like these. We know that JDays and JUGs offer great opportunities to meet fellow Joomla users and enjoy good company, but they also promote discussion, spark ideas, and spur innovation. We appreciate JDays and JUGs so much, we’re offering free lifetime hosting for any JDay or JUG site out there.

If you’ve got an upcoming event or need a permanent home for your group, you can either launch a demo site and we’ll upgrade it for as long as you need it, or we’ll help you migrate an existing site into our network free of charge. We appreciate the valuable work you do and we want to support you any way we can. We’re the preferred web host for sites like Joomla! Day Chicago, Joomla! Day Ethiopia, and Joomla! Day North Carolina, among many others. We’d be proud to add your group or event to the list. Once in the network, you can experience our one-of-a-kind Cloud Control Panel™(CCP) for managing your Joomla site, and you’ll even be able to submit support tickets to get help from time to time.

  5093 Hits

Fall in Love with CloudAccess.net Hosting & Support: Special Valentines Day Offer

valentinesdaypromo

There are so many fish in the sea, and you deserve the most committed hosting provider out there. If you’re not married to your current host - if you’re not absolutely head-over-heals in love - you can save 25% on any of our hosting & support Service Level Agreements (SLAs). If you’re a demo client we’d love for you to join us in hosting matrimony by upgrading today.

Our highly devoted support team has an unwavering passion to help you build your online home. We’ll help migrate your site or upgrade your demo account, and we know you’ll fall madly in love with our entire platform. Remember, you need only purchase one SLA - after that, each additional site is only $5 per month.

We cherish all of our clients, and whether you desire a Standard, Business or Pro SLA, we’d love to create a perfect union with you. Experience our industry-leading level of faithful support. You won’t be disappointed. This is a limited time offer valid through Saturday, February 15th.

Read more
  4643 Hits

Passing PCI Compliance Scans in the Public Cloud

pci dss

This article was originally published in the March 2013 edition of the Michigan Cyber Initiative Newsletter. The actual newsletter is embedded at the bottom of this blog. The Michigan Cyber Initiative is the state of Michigan's official "action plan that offers clear approaches for safeguarding our families, protecting Michigan's infrastructure and shielding our economy." Because of our work with PCI cloud hosting environments, we were chosen to write the feature article in this newsletter. DevOps team members Christopher Ecklesdafer and Pawel Panek played a big role in the content of this article as did Jonathan Gafill, CloudAccess.net Project Manager.

To protect highly sensitive cardholder data, the Payment Card Industry Security Standard Council (PCI SSC) released 12 Top Level Data Security Standards (DSS). Financial organizations are required to validate their adherence to certain DSS requirements. Below is an overview of the 12 PCI DSS requirements.

Control ObjectivesPCI DSS Requirements
Build and Maintain a Secure NetworkRequirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder DataRequirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management ProgramRequirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control MeasuresRequirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test NetworksRequirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes
Maintain an Information Security PolicyRequirement 12: Maintain a policy that addresses information security

There are over 130 Approved Scanning Vendors (ASVs) that can be used to detect vulnerabilities found in a public cloud. CloudAccess.net, a Michigan-based Platform as a Service (PaaS), used McAfee and Comodo to perform security scans on targeted hosting environments. Using the results, the company adjusted server specifications to pass subsequent scans, ultimately helping several clients validate the security of their content including Reliance Bank, a full service bank with twenty branches in the St. Louis metropolitan region, and CIMA (the Center for Information Management and Assurance), an organization that aims to elevate the information security community. CloudAccess.net is helping clients pass ASV scans on an individual basis, but the company is developing an automated PCI-DSS hosting layer that can be applied to any environment with a click of a mouse.

Read more
  100032 Hits

My GoDaddy Site is Down! Change to CloudAccess.net Bolt DNS

dns-issues
dns
logo1

When GoDaddy's down, who ya gonna call? CloudAccess! 

Godaddy’s DNS network went down today, and it's not a surprise. This was caused by a Distributed Denial of Service (DDOS) attack causing extended downtime for millions of websites world-wide. At CloudAccess.net, we've built a very special DNS network aptly named “Bolt-DNS”. Bolt-DNS is a distributed DNS network that allows us to handle very large volumes of traffic even during a DDOS attacks. Our Bolt-DNS network will distribute the traffic evenly during these attacks, and it quickly reacts by working with our DNS data centers to stop or block any denial of service attacks.


The Godaddy DNS outage has also affected the sending and receiving of email messages for thousands of people. CloudAccess.net partners with Google for email services for a more reliable email hosting service. In the case where Godaddy email is down, our system stays up. In fact, taking down both Google and CloudAccess.net would be nearly impossible. You cannot take down two of the biggest players in DNS world down at the same exact time. Both providers have cached networks that would continue to route mail even on the largest of network attacks. Since your Godaddy email is directly connected to a non-distributed DNS network rather than on a massive network like Google and CloudAccess.net, you're subject to failures.

Read more
  136916 Hits