Category: Knowledge Base

  1. Home
  2. Knowledge Base
Mar17

How to Make Custom PHP Changes Using a .user.ini File

Posted by in Knowledge BaseQ&A · No Comments

Different software will require you to have custom php .ini file or have a customized PHP configuration which can differ from increasing the upload limit and even adjusting the memory limit. Fortunately, as much as you cannot be able to make these chances on a server wide basis, you can do the same locally from within your account. All you have to do is follow these easy steps and you will be ready to go in no time. Please note: In order for the changes of the create user.ini file to reflect on all the sub folders within a given directory, a separate user.ini has to be created for each directory.Ideally, if the file created is within say the public_html folder, the changes will only impact the software that is installed in the targeted folder. Any other installations that are made to a subfolder herein like say public_html/blog are not affected. On that note, here is a step by step guide on how you can be able to create your own user .ini. Begin with opening up the file manager in the control panel. This will differ but in most cases, this is the SiteAdmin or the cPanel. Make sure […]

Continue Reading

Feb18

How to Choose Your Hosting Provider?

Posted by in Q&ASmall Business · No Comments

The only thing permanent in this world is change. You must keep this in mind when you choose a hosting provider. You must be able to grow within a hosting environment. Many businesses and individuals have suffered because they have not catered for growth while taking a decision. Here we will discuss challenges you are likely to encounter and how to cope with them. Your host is like a home for your website John Silver owned a shoe store in London. He had inherited this store from his father and was proud of it. The shoes he sold were special. They smelled of tradition, class and history. They did cost more than usual but his traditional customers valued his products. When John decided to go online, he received all kinds of advice. His good friend and neighbor told him that cloud hosting was happening and he should adopt it. John felt that the cost of cloud hosting was not worth it. John was a shrewd man and though he was not tech savvy, he knew business. He wanted to consider a few factors before choosing a hosting provider. Scope to grow and expand Discussing the situation with a friend, the […]

Continue Reading

Feb07

How to Install SSL Certificates

Posted by in Knowledge Base · No Comments

The SSL certificates are useful as they encrypt and thus protect data. This makes them invaluable for organizations or people who have to deal with credit card information, ID’s and social security numbers, pass-codes to sensitive databases and accounts as well as other highly secured private information that should not be in the public domain. In order to set up Secure Socket Layer, in short (SSL), you need, not only an SSL Certificate from a Certificate Authority, but also a dedicated IP address for your site. The IP address In order to install a functional SSL certificate in your site, you must have a specific IP address that will be somehow permanent for that particular site. Essentially your domain must resolve to a dedicated IP address on the server or else the SSL certificate will not be purposeful. Remember that the server’s primary IP address is not necessarily the dedicated IP address and thus more often the SSL certificate will not be functional if you use the server’s primary IP address unless it is the dedicated one. If you have a WHM/cPanel server, the wildcard certificate is not likely to work. This means that you will need to create a […]

Continue Reading

Feb02

Installing WordPress on Centos 6

Posted by in Knowledge Base · No Comments

WordPress is an open source tool for website and blogging. This tool operates on php and MySQL and currently includes over 22,000 plug-ins. They enable you to customize it to your specific needs. The first step to installing WordPress is in ensuring that your server has LAMP. You must also have root privileges or necessary administrator rights, if you are to install WordPress as per the directions in this guide. Step 1 Download WordPress from their website if you do not have it already. It will come as a zipped package that will directly store itself in your directory. To download, wget http://wordpress.org/latest.tar.gz Once downloaded you will have to unzip it, tar -xzvf latest.tar.gz Once unzipped, these files will go to the WordPress directory, in the home directory. Step 2 Creating a WordPress Database and User first by creating a new MySQL directory for WordPress. For this, you will need to log into the MySQL Shell mysql –u root –p Here you will have to log in with your MySQL user password in order to create a WordPress database and a user in that database. You will also need a new credentials i.e.  Password for the user you create. To […]

Continue Reading

Feb01

Magento Two Level Caching Systems

Posted by in Knowledge Base · No Comments

The default setting on Magento enables it to use a two level cache backends from the zend framework. This means that the system stores its cache records in two different backends where one is the faster and yet limited one while the other is slower. The faster alternatives include APC and Memcached while the file system is the slow one. The backends have unique features that make choosing them a rather important part of the process. The APC and Memcached for example do not support grouping the cache entries, as they are key/value cache backends. The files system and Redis however allow you to group the cache entries. The two level caching system and how it works:   The Magento backends File system The Magento default setting has it storing its cache entries in the file system and thus they can be found in var/cache/. The file system works just fine for websites that do not have much traffic but once the requests increase you may be unable to read and write in the file system. In this case however, the caches are organized by groups and may thus be easy to read and write. The main advantage of the […]

Continue Reading

Feb01

GHOST: glibc vulnerability (CVE-2015-0235)

Posted by in Knowledge Base · No Comments

A potential security vulnerability was found in the glibc library, which has been assigned CVE-2015-0235 and is commonly referred to as ‘GHOST’. All versions of glibc shipped with all variants of Red Hat Enterprise Linux are affected. You can read more about the foundation of this vulnerablilty at https://access.redhat.com/articles/1332213 To eliminate the possibility of an exploit: 1. Update the glibc and nscd packages on your system using the packages released by the OS vendors. On CentOS servers you can apply the patch using yum : yum -y update glibc nscd 2. Reboot the server to make sure all the affected services are restarted . For cPanel servers the cPanel takes care of the OS upgrades which applies the upgrades automatically however a reboot is required to restart all the services. Lastly as always support is avaialble 24×7 to assist you incase you need the patch applied or to check if your server is vulnerable or any other assistance.

Jan19

The Google Penguin is Back, But Does It Say Anything New?

Posted by in Knowledge Base · No Comments

Google Penguin visits once a year and this is the third appearance. Needless to say that many website owners tremble at the arrival of humble Penguin because it can change their fate – either take them up or drop them down the search rankings. Fortunately, Penguin updates affect only a fraction of websites and only those which play hanky-panky with their sites.  The idea is to avoid getting punished by the Penguin. Here are some well-known techniques to avoid getting hit by Google algorithm updates and especially Penguin 3.0. Buying back-links? You are buying trouble We always want to find the easy way out. That’s human nature. It can also put us in deep trouble. Buying back-links may seem easy but it doesn’t help where Google search ranking is concerned. You must avoid all kinds of link farms and blogs which are known to take money. Now, how does Google know that your links are spammy? It’s quite easy really. Blogs can be identified by the kind of links they have on their site. For example a site on dogs carrying a link on psychology is sure to attract attention and penalty. Once you get blacklisted by Google, it’s quite […]

Continue Reading

Dec16

How To Control SPAM In Your Organization

Posted by in Q&A · No Comments

I know it is annoying isn’t it? Every time you open your email to check out important messages what you find is a long list of unwanted messages and you spend three quarters of the time clearing the long list of trash. Most of us have actually gotten accustomed to the idea that every time we open up our email, we are always prepared to find a huge bunch unwanted messages which add no value to our lives and the only thing they do is waste our time and make it difficult to locate the important messages. Perhaps most of us are partly responsible for the amount of spam that is showing up in our mail, especially after subscribing to endless mailing lists from all our favorite websites and blogs. Mailing lists are always an easy target for spammers to get hold of your information and start spamming your email. Despite this, we all have a right to choose who or not is able to access our email and send us messages every now and then. If anyone is constantly flooding your mail with unwanted messages without your consent, it is tantamount to an infringement on your rights and legally, […]

Continue Reading

Nov26

Magento Security Tips and Vulnerabilities

Posted by in Knowledge Base · No Comments

In 1960s, that’s when the term hacker came into being and was the first time when the word came into use. The invention of the word was by a group of programmers who were from the Massachusetts Institute of Technology. By then the word meant anybody who had smart ways of making things more functional and more useful, but today the word has a negative meaning as it refers to computer criminals. The sites that deal with the monetary transaction are the potential victims of hackers mostly E-commerce and financial sites. Magento the traditional e-commerce platform puts commercial site under threat of hacking. Most e-commerce websites use this magento platform as it is believed to be secure from hacking. Hackers do not target specific people business, but they discover a vulnerability of the application on individual shopping cart. They even attack payment gateways as well as haunt their tangible purpose. Hackers sometimes use unfair competition regarding purchasing and payment gateways.   E-commerce Site Vulnerabilities Due to most e-commerce platforms and payment gateways having created with similar development and coding techniques hence they have the same vulnerabilities. The reasons behind the vulnerability of the financial and e-commerce site. The first reason is […]

Continue Reading

Oct15

POODLE: SSLv3.0 vulnerability (CVE-2014-3566)

Posted by in Knowledge Base · No Comments

Google has announced that they have discovered a vulnerability in SSL v3 which has been named as POODLE. This vulnerability in the SSLv3.0 protocol, has been assigned CVE-2014-3566 by Redhat . All implementations of SSLv3.0 are affected. https://access.redhat.com/articles/1232123 Recommendations As NO patch has been released yet by REDHAT current recommendations are to use only TLSv1.1 and TLSv1.2. Backwards compatibility can be done using TLSv1.0. It is not recommended to use SSLv2 and SSLv3 as they are considered insecure. To disable SSLv2 and SSLv3 for apache : If you’re running Apache, just include the following line in your configuration among the other SSL directives and restart apache: SSLProtocol All -SSLv2 -SSLv3 Steps to disable SSLv3 For cPanel : 1. Set WHM » Service Configuration » Apache Configuration » » Apache Configuration » SSL Cipher Suite Set it to 2nd option : “ALL:!ADH:RC4+RSA:+HIGH:+ MEDIUM:-LOW:-SSLv2:-EXP:!kEDH PCI recommended”2. WHM » Service Configuration » Apache Configuration » Include Editor » Pre Main Include add below under “Pre Main Include” ==== SSLProtocol All -SSLv2 -SSLv3 SSLCipherSuite EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+ SSLHonorCipherOrder on ==== restart apache and test apache Run the following command to determine whether SSLv3 is enabled / disabled on a server: $ openssl s_client -connect localhost:443 -ssl3

Get Connected