let's encrypt logo

Let’s Encrypt SSLs enabled on our reseller hosting platform

let's encrypt logoSSL Certificates have become a must-have for websites since Google declared secure HTTPS connections a ranking factor and especially since the search engine giant voiced its intention to start flagging all non-HTTPS pages as insecure later in 2017 in a visible-to-the-Chrome-user manner.

The hype around SSLs has made SSL providers reconsider the pricing of certificates so as to make them more affordable to the wide public.

Meanwhile, a public-benefit authority called Let’s Encrypt aimed at providing an all-free HTTPS encryption solution to users was born in 2016.

Let’s Encrypt represents a free open certificate authority (CA), which provides website owners with digital certificates for enabling HTTPS (SSL/TLS).

Just like regular SSL certificates, Let’s Encrypt certificates offer basic SSL encryption, i.e. they give site visitors assurance that they are exchanging information with the domain that is visible in the address bar and that their personal data (login details, credit card information, etc.) cannot be eavesdropped.

If a site is using a Let’s Encrypt SSL, you will see https:// at the beginning of the URL in your browser’s address bar, along with a green padlock.

Let’s Encrypt SSL certificates may, however, not be suitable for every website. Know more

To give our customers the benefit of this development we have enabled the setup and automated maintenance of Let’s Encrypt SSL certificates in your iWebz Web Hosting control panel.

You can enable a Let’s Encrypt SSL certificate for any website whose domain is hosted in your iWebz Web Hosting account. Once your site loads over HTTPS, you need to redirect all HTTP URLs to their HTTPS counterparts. You can do that by adding a few lines of code in your .htaccess file.

 

dnssec

DNSSEC enabled for domain names on our platform

dnssecBy translating domain names into IP addresses, the Domain Name System (DNS) makes client-server communication possible and is crucial for the operability of the Internet.

Over time, the DNS has yielded vulnerabilities that allow hijackers to sneak into sessions and deceive users into giving their secure details to fake websites, for example.

This has called for the introduction of the Domain Name System Security Extensions or DNSSEC technology so that this part of the Internet’s infrastructure can be made secure.

The DNSSEC digital signature ensures that you’re communicating with the site or Internet location you intended to visit. DNSSEC uses a system of public keys and digital signatures to verify data. It simply adds new records to DNS alongside existing records. These new record types, such as RRSIG and DNSKEY, can be retrieved in the same way as common records such as A, CNAME and MX.

A signed nameserver has a public and private key for each zone. When someone makes a request, it sends information signed with its private key; the recipient then unlocks it with the public key. If a third party tries to send untrustworthy information, it won’t unlock properly with the public key, so the recipient will know the information is bogus.

To know more about DNSSEC you can visit this page on the ICANN website.

In line with the global end-to-end deployment trend, we have added DNSSEC on our platform as well for your hosted domains hosted in your iWebz Web Hosting account. This option is currently available for .COM, .NET, .ORG, .INFO and .BIZ domains.

 

fware

Ransomware On Your Website – Is It Possible?

fware ransomware

Ransomware on a website?

Ransomware is popularly thought to affect only PCs, mainly containing older versions of Microsoft Windows, through phishing of login details. Actually, nothing is farther than the truth.

In fact, ransomware can be introduced even into Linux-based web servers / websites without using any phishing techniques, and even if they are behind a firewall.

The above image displays the new homepage of a website on cPanel shared hosting recently locked by ransomware. The image below is a listing of the ransomware-encrypted website files as seen via an FTP client.

fware ransomware file listing

How did the ransomware get in?

Servers are computers available on the public Internet and are required to serve information via multiple protocols such as HTTP/HTTPS, FTP, SSH, etc. This also creates multiple points of entry for attackers in addition to poorly secured entry points in web apps.

In this case, the website had allowed file uploads into directories that (carelessly) had execute file permissions enabled for everyone. In Linux this is the 777 permission. This allowed an attacker to upload the fware encryption PHP code to the website and then cause the code to execute via a web browser call.

What would you do if this happened to you?

How would you be affected if you woke up one morning to see your website that wasn’t available anymore? Even after paying the ransom there is no guarantee of receiving the decryption key and getting back your website files and data.

Luckily, in this case, the webmaster (website manager) for this website had already enabled automated website backups and was able to restore the website quickly. Most webmasters agree frequent automated backups are the best defense against total website loss. So does your website have automated backups?

 

dedicated servers billing discounts

New Dedicated Server Billing Cycles and Discounts

Dedicated Server on iwebz.hosting

A Dedicated Server is meant to take your web site one step further. Offering an amazing combination of dependable hardware and stable software, the dedicated servers on offer at iWebz Web Hosting are precisely what your site needs.

ARTICLE: Why should Tech startups start with Dedicated Servers?

New Billing Cycles

Recently, we’ve introduced a major upgrade to our dedicated servers – we’ve improved the hardware of the existing setups and added 8 new configurations.

Up until now, only a monthly payment period has been available for the dedicated server packages.

With the new update, our Dedicated Server customers will be able to make use of 3-month and 6-month billing cycles, apart from the default monthly payment option.

These billing periods are now available while placing your order.

dedicated server new billing cycles

Billing Cycle Discounts

dedicated servers billing discountsAs you can see, the new billing cycles are tied to a corresponding discount on the default monthly price.

This way, if you select the 3-month billing cycle, they will get a pleasing 10% discount off their plan’s monthly price right away:

And if you select the 6-month billing period, the discount will be twice as big – 20% OFF the default monthly price.

By switching between the 3 billing period options, you will be able to see the difference between the regular monthly price and the discounted quarterly and semi-annual prices in the table below and choose the most suitable option at the time of purchase.

Once enabled, the new billing periods will be in force for as long as you want. When the period expires, you will be able to renew your subscription for another 3 or 6 months, or to switch to the regular monthly billing option.

Get a Dedicated Server for your online venture

Take advantage of a free Control Panel, 24/7/365 technical support and a 99.9% uptime guarantee.
mezzanine cms logo

Installing Django-based Mezzanine CMS on iwebz.hosting

Following this tutorial requires you to have an active web hosting account from iwebz.hosting with SSH access enabled.

mezzanine cms iwebz python hosting

Setting up the Mezzanine CMS environment

To begin installing the Django framework-powered Mezzanine CMS (official website)on our platform, you must first create the app environment via SSH.

Step 1: Create a virtual environmеnt (venv) in the root folder of your account, in our case:

/usr/local/python-3.5/bin/virtualenv /home/venv/

Step 2: Enter the newly created virtual environment using the following command:

source /home/venv/bin/activate

Step 3: Go to the “www” folder of your hosting account:

cd /home/www/

Step 4: Install the Mezzanine CMS binaries along with the corresponding modules fastcgi support and flup6.

pip install git+https://github.com/NetAngels/django-fastcgi
pip install flup6
pip install mezzanine

NOTE: Make sure you disable the Outgoing Connections option or the installation of the modules will fail.

Step 5: Set up the Mezzanine project In a selected custom directory, in our case mydjangocms:

mezzanine-project mydjangocms

Step 6: Create a domain or subdomain for the newly installed CMS. Keep in mind that the Jail host option needs to be deactivated in order for the installed modules to function properly.

Point your newly created domain or subdomain to the path of your project. In our example, the path is “/www/mydjangocms”.

python settings

Setting up the Mezzanine CMS app

Step 7: Go to the newly created Mezzanine CMS folder:

cd mydjangocms

Step 8: Set up a database for your CMS. In our case, we’ll use the sqlite3 database for the sake of ease (alternatively, you could set up a MySQL/PostgreSQL database by applying the necessary settings to the Python setup file:

python manage.py createdb

You will see the following message:

A site record is required.
Please enter the domain and optional port
in the format 'domain:port'. For example 'localhost:8000' or 'www.example.com'.
Hit enter to use the default (127.0.0.1:8000):

Use the default option for the SQL host. You will then be asked to enter your username, email and password. These are the login credentials for the CMS system and not the database.

In the end, you can choose if you want to have some demo content inserted.

Step 9: Set up an .htaccess file in the folder of your project with the following entries:

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.fcgi/$1 [QSA,L]

Step 10: Set up an index.fcgi file in the folder of your project using the following code (it will serve as an entry point for all requests to the CMS). Don’t forget to replace “mydjangocms” with the name of your project.

#!/home/venv/bin/python3.5
# -*- coding: utf-8 -*-
import os
import sys
activate_this = '/home/venv/bin/activate_this.py'
exec(open(activate_this).read(), dict(__file__=activate_this))
cms_path = '/home/www/mydjangocms/'
sys.path.insert(0, cms_path)
os.chdir(cms_path)
# Set the DJANGO_SETTINGS_MODULE environment variable.
os.environ['DJANGO_SETTINGS_MODULE'] = "mydjangocms.settings"
from django_fastcgi.servers.fastcgi import runfastcgi
from django.core.servers.basehttp import get_internal_wsgi_application
wsgi_application = get_internal_wsgi_application()
runfastcgi(wsgi_application, method="prefork", daemonize="false", minspare=1, maxspare=1, maxchildren=1)

Step 11: You’ll need to make the index.fcgi file executable using this command:

chmod +x index.fcgi

Step 12: Edit the settings file located inside “mydjangocms/settings.py” and replace

ALLOWED_HOSTS = []
With your actual host name:

ALLOWED_HOSTS = ['mydjangocms.my-best-domain.net']

Step 13: Run the following command to collate the static files:

python manage.py collectstatic

You are now ready and your site should be up and running.

In our example, the newly installed Mezzanine CMS will resolve to:
http://mydjangocms.my-best-domain.net/

django mezzanine cms installation

Now you can log into your Mezzanine CMS Admin Panel using the login details set in step 8 above and kickstart a new blog, for example:

django mezzanine cms admin panel

Web Hosting with Python support

Know more about our web developer-friendly shared web hosting with SSH access and Python libraries.
python manager

Python Manager section now available in the Control Panel

Python Manager

The Python Manager is the latest web developer-friendly feature of iwebz.hosting

Python is one of the most important application depython managervelopment languages and has been around for a long time now. It is easy to learn and use, no matter if you’re new to programming or an experienced developer. Its standard library supports many Internet protocols, including JSON, FTP, IMAP, HTML and XML.

Python is mostly used for web development, scientific & numerical computing, software development, and system administration purposes. So there are many different types of Python-based software.

Following the feedback of web developers, iWebz℠ has added a new Python Manager functionality to the Advanced section of the Hepsia Control Panel on iwebz.hosting.

The new Python Manager section in the control panel will allow users to edit the current Python version and to enable Python-compatible applications for their projects.

Located right next to PHP Settings, it gives you one-click access to various Python management options.

Using the Python Manager

From the Python Manager section of the Control Panel, you’ll be able to set the Python version for your account. You can choose between Python 2.7, Python 3.1 and the latest version – Python 3.5.

You can setup your Python app environment and install Python scripts using your SSH access that comes with your web hosting account.

Web Hosting with Python support

Know more about our web developer-friendly shared web hosting with SSH access and Python libraries.
.eu domain in flag

Renewal Grace Period changed for .EU domains

23rd November 2016

Revision in Renewal & Restoration Policy

A Renewal Grace Period is the time during which a domain owner can renew an expired domain at the regular renewal price. Most domain extensions offer a renewal grace period of up to 40 days.

The .EU Registry has announced a change in its policy with respect to Domain Renewals as a result of which .EU domains will no longer enjoy any Renewal Grace Period. This change will come into effect from 23rd November, 2016.

A domain name that is not renewed before the expiry date will now directly expire and be only be available for restoration at the stipulated restoration price.

If you have any .EU domain names coming up for renewal on or before 23 November, please ensure that you renew or transfer your .EU domains as soon as possible.

Renew or Transfer now

You can renew or transfer .eu domains on these websites.