let's encrypt logo

Let’s Encrypt SSLs enabled on our reseller hosting platform

let's encrypt logoSSL Certificates have become a must-have for websites since Google declared secure HTTPS connections a ranking factor and especially since the search engine giant voiced its intention to start flagging all non-HTTPS pages as insecure later in 2017 in a visible-to-the-Chrome-user manner.

The hype around SSLs has made SSL providers reconsider the pricing of certificates so as to make them more affordable to the wide public.

Meanwhile, a public-benefit authority called Let’s Encrypt aimed at providing an all-free HTTPS encryption solution to users was born in 2016.

Let’s Encrypt represents a free open certificate authority (CA), which provides website owners with digital certificates for enabling HTTPS (SSL/TLS).

Just like regular SSL certificates, Let’s Encrypt certificates offer basic SSL encryption, i.e. they give site visitors assurance that they are exchanging information with the domain that is visible in the address bar and that their personal data (login details, credit card information, etc.) cannot be eavesdropped.

If a site is using a Let’s Encrypt SSL, you will see https:// at the beginning of the URL in your browser’s address bar, along with a green padlock.

Let’s Encrypt SSL certificates may, however, not be suitable for every website. Know more

To give our customers the benefit of this development we have enabled the setup and automated maintenance of Let’s Encrypt SSL certificates in your iWebz Web Hosting control panel.

You can enable a Let’s Encrypt SSL certificate for any website whose domain is hosted in your iWebz Web Hosting account. Once your site loads over HTTPS, you need to redirect all HTTP URLs to their HTTPS counterparts. You can do that by adding a few lines of code in your .htaccess file.



DNSSEC enabled for domain names on our platform

dnssecBy translating domain names into IP addresses, the Domain Name System (DNS) makes client-server communication possible and is crucial for the operability of the Internet.

Over time, the DNS has yielded vulnerabilities that allow hijackers to sneak into sessions and deceive users into giving their secure details to fake websites, for example.

This has called for the introduction of the Domain Name System Security Extensions or DNSSEC technology so that this part of the Internet’s infrastructure can be made secure.

The DNSSEC digital signature ensures that you’re communicating with the site or Internet location you intended to visit. DNSSEC uses a system of public keys and digital signatures to verify data. It simply adds new records to DNS alongside existing records. These new record types, such as RRSIG and DNSKEY, can be retrieved in the same way as common records such as A, CNAME and MX.

A signed nameserver has a public and private key for each zone. When someone makes a request, it sends information signed with its private key; the recipient then unlocks it with the public key. If a third party tries to send untrustworthy information, it won’t unlock properly with the public key, so the recipient will know the information is bogus.

To know more about DNSSEC you can visit this page on the ICANN website.

In line with the global end-to-end deployment trend, we have added DNSSEC on our platform as well for your hosted domains hosted in your iWebz Web Hosting account. This option is currently available for .COM, .NET, .ORG, .INFO and .BIZ domains.


kvm linux banner

Promo: KVM Linux VPS at just $1.00 per month

KVM Linux VPS Limited-Time Offer

kvm linux bannerThe following Kernel-based Virtual Machine (KVM) VPS configuration is available for just $1.00 per month!*

1 CPU, 1GB RAM, 20GB storage, 300 GB bandwidth, 1 IP address

*The price is valid for the first 3 months. After that period, if you choose not to discontinue, the price is automatically set to $12.00 per month. Offer ends on 31st March 2017.

About KVM Linux VPS

The key difference between KVM-driven VPSs and almost all other kinds of VPSs is the server virtualization environment itself. With KVM, there’s absolutely no requirement for any supplementary virtualization software to be installed on the server. The indispensable software commands are engrafted straight into the host OS kernel itself instead.

This goes to say that you can select pretty much any Operating System that can run on the specific server. Do you need to run BSD on your virtual server? This can be done. Do you need to use Windows? No problem.

This vastly minimizes the system resources that the physical server needs to reserve in order to run extra applications and makes those resources in turn available to the virtual machines. The absence of an extra communication layer also slashes the I/O waiting time, efficiently making your virtual server run markedly faster.

As usual, each of the Linux KVM virtual private servers provided by iWebz Web Hosting comes preloaded with SSD hard disks rather than ordinary HDD hard drives. So nothing changes there.

The Linux KVM virtual private servers are loaded with a number of free bonus deals, that include a dedicated IP address for your site.

Currently these VPSs are only available at our U.S. data center at Steadfast/Chicago.

Get Your KVM Linux VPS

Learn more about this powerful VPS solution from our website. You can also visit the website and compare all plans online.

Your own virtual private server will be configured in up to 60 minutes right after registration(select the KVM tab, then select the desired configuration/plan).

getssl logo

ssl.iwebz.net is now getsslnow.com

getssl logoThe team at iWebz would like to announce that as of 1st November 2017 we have permanently moved our address from ssl.iwebz.net to getsslnow.com thereby merging all our SSL certificate business activities under the getSSL by iWebz℠ brand.

ssl.iwebz.net is now getsslnow.com

  • The login details for your user account remain unchanged.
  • Your orders details will continue to be available.
  • Your certificates will continue to function until expiry of validity.
  • Newsletter subscribers have already been migrated.

If you are a customer and need any clarifications send us your query.


Top SSL Certificate Brands of 2017

An ongoing survey by W3Techs has thrown up some interesting numbers on the state of the global SSL Certificate market. Most notably 23.7% of websites have yet to implement SSL certificates.

W3Techs investigated technologies of websites, not of individual web pages. If a technology was found on any of the pages, it is considered to be used by the website.

W3Techs included only the top 10 million websites (top 1 million before June 2013) in the statistics in order to limit the impact of domain spammers. Website popularity rankings were provided by Alexa (an Amazon.com company) and a 3-month average ranking was used.

W3Techs did not consider subdomains to be separate websites. For instance, sub1.example.com and sub2.example.com are considered to belong to the same site as example.com. That means for example, that all the subdomains of blogger.com, wordpress.com and similar sites are counted only as one website.

W3Techs did not include redirected domains. For example, Sun.com redirects to Oracle.com, and is therefore not counted.

Not surprisingly to us at iWebz, the results show Comodo certificates are preferred by 39.4% of all websites that use SSL certificates, and the free SSL certificate authority Let's Encrypt is yet to get major traction with websites.

w3techs ssl certificate market chare

The stats are updated daily and are available on W3Techs.com


Need Help Selecting A Certificate?

Let us help you select one for your site.
chrome 63 ftp not secure

FTP sites will be marked Not Secure from Google Chrome 63

FTP sites will be marked as Not Secure with the release of Google Chrome 63 in December 2017

chrome 63 ftp sites not secure

Thats the direction of the discussion at https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/HknIAQwMoWo/xYyezYV5AAAJ

Although there have been plans to remove FTP support altogether, for now FTP sites will only be marked as Not Secure.

About FTP

FTP, or File Transfer Protocol, used with ftp:// requests is a decades-old network protocol that is used to transfer files between clients and servers. FTP does not encrypt traffic by default, making it susceptible to interception and manipulation by eavesdropping third parties.

FTP can be secured using an SSL/TLS, which in turn creates FTPS. Unfortunately, FTPS is not a widely-supported feature on most browsers, including Chrome, due to its low usage rate.

What are FTP sites?

FTP sites are locations from where you can use your browser to download large files such as the latest Linux OS distribution, or third-party softwares for your operating system.

However, since in time most software distribution services have moved to HTTPS download, and it is suggested the rest do the same.



Ransomware On Your Website – Is It Possible?

fware ransomware

Ransomware on a website?

Ransomware is popularly thought to affect only PCs, mainly containing older versions of Microsoft Windows, through phishing of login details. Actually, nothing is farther than the truth.

In fact, ransomware can be introduced even into Linux-based web servers / websites without using any phishing techniques, and even if they are behind a firewall.

The above image displays the new homepage of a website on cPanel shared hosting recently locked by ransomware. The image below is a listing of the ransomware-encrypted website files as seen via an FTP client.

fware ransomware file listing

How did the ransomware get in?

Servers are computers available on the public Internet and are required to serve information via multiple protocols such as HTTP/HTTPS, FTP, SSH, etc. This also creates multiple points of entry for attackers in addition to poorly secured entry points in web apps.

In this case, the website had allowed file uploads into directories that (carelessly) had execute file permissions enabled for everyone. In Linux this is the 777 permission. This allowed an attacker to upload the fware encryption PHP code to the website and then cause the code to execute via a web browser call.

What would you do if this happened to you?

How would you be affected if you woke up one morning to see your website that wasn’t available anymore? Even after paying the ransom there is no guarantee of receiving the decryption key and getting back your website files and data.

Luckily, in this case, the webmaster (website manager) for this website had already enabled automated website backups and was able to restore the website quickly. Most webmasters agree frequent automated backups are the best defense against total website loss. So does your website have automated backups?