fware

Ransomware On Your Website – Is It Possible?

fware ransomware

Ransomware on a website?

Ransomware is popularly thought to affect only PCs, mainly containing older versions of Microsoft Windows, through phishing of login details. Actually, nothing is farther than the truth.

In fact, ransomware can be introduced even into Linux-based web servers / websites without using any phishing techniques, and even if they are behind a firewall.

The above image displays the new homepage of a website on cPanel shared hosting recently locked by ransomware. The image below is a listing of the ransomware-encrypted website files as seen via an FTP client.

fware ransomware file listing

How did the ransomware get in?

Servers are computers available on the public Internet and are required to serve information via multiple protocols such as HTTP/HTTPS, FTP, SSH, etc. This also creates multiple points of entry for attackers in addition to poorly secured entry points in web apps.

In this case, the website had allowed file uploads into directories that (carelessly) had execute file permissions enabled for everyone. In Linux this is the 777 permission. This allowed an attacker to upload the fware encryption PHP code to the website and then cause the code to execute via a web browser call.

What would you do if this happened to you?

How would you be affected if you woke up one morning to see your website that wasn’t available anymore? Even after paying the ransom there is no guarantee of receiving the decryption key and getting back your website files and data.

Luckily, in this case, the webmaster (website manager) for this website had already enabled automated website backups and was able to restore the website quickly. Most webmasters agree frequent automated backups are the best defense against total website loss. So does your website have automated backups?

 

dedicated servers billing discounts

New Dedicated Server Billing Cycles and Discounts

Dedicated Server on iwebz.hosting

A Dedicated Server is meant to take your web site one step further. Offering an amazing combination of dependable hardware and stable software, the dedicated servers on offer at iWebz Web Hosting are precisely what your site needs.

ARTICLE: Why should Tech startups start with Dedicated Servers?

New Billing Cycles

Recently, we’ve introduced a major upgrade to our dedicated servers – we’ve improved the hardware of the existing setups and added 8 new configurations.

Up until now, only a monthly payment period has been available for the dedicated server packages.

With the new update, our Dedicated Server customers will be able to make use of 3-month and 6-month billing cycles, apart from the default monthly payment option.

These billing periods are now available while placing your order.

dedicated server new billing cycles

Billing Cycle Discounts

dedicated servers billing discountsAs you can see, the new billing cycles are tied to a corresponding discount on the default monthly price.

This way, if you select the 3-month billing cycle, they will get a pleasing 10% discount off their plan’s monthly price right away:

And if you select the 6-month billing period, the discount will be twice as big – 20% OFF the default monthly price.

By switching between the 3 billing period options, you will be able to see the difference between the regular monthly price and the discounted quarterly and semi-annual prices in the table below and choose the most suitable option at the time of purchase.

Once enabled, the new billing periods will be in force for as long as you want. When the period expires, you will be able to renew your subscription for another 3 or 6 months, or to switch to the regular monthly billing option.

Get a Dedicated Server for your online venture

Take advantage of a free Control Panel, 24/7/365 technical support and a 99.9% uptime guarantee.
mezzanine cms logo

Installing Django-based Mezzanine CMS on iwebz.hosting

Following this tutorial requires you to have an active web hosting account from iwebz.hosting with SSH access enabled.

mezzanine cms iwebz python hosting

Setting up the Mezzanine CMS environment

To begin installing the Django framework-powered Mezzanine CMS (official website)on our platform, you must first create the app environment via SSH.

Step 1: Create a virtual environmеnt (venv) in the root folder of your account, in our case:

/usr/local/python-3.5/bin/virtualenv /home/venv/

Step 2: Enter the newly created virtual environment using the following command:

source /home/venv/bin/activate

Step 3: Go to the “www” folder of your hosting account:

cd /home/www/

Step 4: Install the Mezzanine CMS binaries along with the corresponding modules fastcgi support and flup6.

pip install git+https://github.com/NetAngels/django-fastcgi
pip install flup6
pip install mezzanine

NOTE: Make sure you disable the Outgoing Connections option or the installation of the modules will fail.

Step 5: Set up the Mezzanine project In a selected custom directory, in our case mydjangocms:

mezzanine-project mydjangocms

Step 6: Create a domain or subdomain for the newly installed CMS. Keep in mind that the Jail host option needs to be deactivated in order for the installed modules to function properly.

Point your newly created domain or subdomain to the path of your project. In our example, the path is “/www/mydjangocms”.

python settings

Setting up the Mezzanine CMS app

Step 7: Go to the newly created Mezzanine CMS folder:

cd mydjangocms

Step 8: Set up a database for your CMS. In our case, we’ll use the sqlite3 database for the sake of ease (alternatively, you could set up a MySQL/PostgreSQL database by applying the necessary settings to the Python setup file:

python manage.py createdb

You will see the following message:

A site record is required.
Please enter the domain and optional port
in the format 'domain:port'. For example 'localhost:8000' or 'www.example.com'.
Hit enter to use the default (127.0.0.1:8000):

Use the default option for the SQL host. You will then be asked to enter your username, email and password. These are the login credentials for the CMS system and not the database.

In the end, you can choose if you want to have some demo content inserted.

Step 9: Set up an .htaccess file in the folder of your project with the following entries:

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.fcgi/$1 [QSA,L]

Step 10: Set up an index.fcgi file in the folder of your project using the following code (it will serve as an entry point for all requests to the CMS). Don’t forget to replace “mydjangocms” with the name of your project.

#!/home/venv/bin/python3.5
# -*- coding: utf-8 -*-
import os
import sys
activate_this = '/home/venv/bin/activate_this.py'
exec(open(activate_this).read(), dict(__file__=activate_this))
cms_path = '/home/www/mydjangocms/'
sys.path.insert(0, cms_path)
os.chdir(cms_path)
# Set the DJANGO_SETTINGS_MODULE environment variable.
os.environ['DJANGO_SETTINGS_MODULE'] = "mydjangocms.settings"
from django_fastcgi.servers.fastcgi import runfastcgi
from django.core.servers.basehttp import get_internal_wsgi_application
wsgi_application = get_internal_wsgi_application()
runfastcgi(wsgi_application, method="prefork", daemonize="false", minspare=1, maxspare=1, maxchildren=1)

Step 11: You’ll need to make the index.fcgi file executable using this command:

chmod +x index.fcgi

Step 12: Edit the settings file located inside “mydjangocms/settings.py” and replace

ALLOWED_HOSTS = []
With your actual host name:

ALLOWED_HOSTS = ['mydjangocms.my-best-domain.net']

Step 13: Run the following command to collate the static files:

python manage.py collectstatic

You are now ready and your site should be up and running.

In our example, the newly installed Mezzanine CMS will resolve to:
http://mydjangocms.my-best-domain.net/

django mezzanine cms installation

Now you can log into your Mezzanine CMS Admin Panel using the login details set in step 8 above and kickstart a new blog, for example:

django mezzanine cms admin panel

Web Hosting with Python support

Know more about our web developer-friendly shared web hosting with SSH access and Python libraries.
icann logo

ICANN IRTP-C impact on Domain Transfers

icann logoICANN Domain Transfer Policy Updates

ICANN has mandated certain updates to the Domain Transfer Policy for enhanced verification when either the Registrant or the Registrar change occurs. This will be effective from 1st of December, 2016.

Here are some of the key aspects that are part of the new Transfer Policy :

Impact on Inter-Registrar Transfers

A Form of Authorization, or FOA, is the email that is sent to the registered name holder when a domain transfer is initiated to approve the request. The FOA will now expire after 60 days if the transfer is not completed, unless we allow an automatic renewal and the registrant has expressly opted in to an automatic renewal.

● The FOA is void if the domain name expires before approval.

Impact on Inter-Registrant Transfers

● If a material change is made, we must collect consent from both the Prior Registrant and the New Registrant, prior to making the requested change, even if you represent both parties. A “material change” is a change in the name, company or email address listed for the registrant contact.

● If the Prior Registrant and New Registrant do not confirm the change within 60 days of the request, the change implementation will not proceed.

● Once both Prior and New Registrant parties agree to the requested contact changes, the information will be updated within 1 day after.

Impact on Privacy Protection

The Registrar on Record will act a designated approver for the Registrant. So no approval is needed from the Registrant listed on the domain. An email will be sent to the registrant whenever the status of Privacy Protection is changed. This email is merely for notification purposes.

 

We hope this was helpful. To know more about the policy please refer to the ICANN website.

 

git on web hosting

Git support enabled on iWebz Web Hosting

Git Support on Web Hosting

Providing a developer-friendly web hosting service is a goal we always strive for. With the evolution of application development, the need for setting up online development environments, such as Git, has become a necessity. As one of the most popular developer tools used by every 4 out of 5 developers, Git support is now enabled on the iWebz Web Hosting platform.

how git support works

With Git support enabled on our web hosting platform, developers will be able to push, pull or clone their projects from GitHub, or any other platform that’s hosting their repository, to one or more web hosting accounts on our servers.

This is all best done over SSH, which opens a secure connection and executes Git operations on the server as required. The use of SSH eliminates the need for deploying a daemon service on the server to push requests, which is one of the main security concerns of web hosting providers.

Using Git support to deploy a simple script or an entire app on a web hosting server is a fast and easy way to spread that version controlled content over a few web hosting accounts at the same time. This will save developers all the hassle of uploading the content to all the accounts successively over FTP.

The same holds true for updates – instead of having to use FTP to upload script or app updates to each web hosting account separately, the developer will just need to push an update from the Git repository with a simple Git+SSH command.

With Git support on our web hosting platform, you will be able to create your own repository directly on the server where your websites are located, instead of using third-party services like GitHub.

Example Git Usage

Here, we’ll examine a very basic Git repository usage scenario that will allow us to track and deploy a local (as in residing on our workstation) copy of a dev app in our production environment on the hosting web server.

Step 1: Prepare the remote (web server) Git and SSH environments

Let’s assume that our production app directory resides in ~/www/my-domain.tld/ and that our Git repository is located in ~/git_repos/my_app/. We need to execute the following in our web server environment:

$ ssh username@my-domain.tld -p 2222

After you supply your password and are logged in, you may proceed with:

  1. $ mkdir -p ~/git_repos/my_app
  2. $ cd ~/git_repos/my_app
  3. $ git init

This will initiate the Git repository and will allow us to take advantage of all the ‘goodies’ that the Git support provides.

Now we need to tell Git to accept pushes to our working directory (~/www/my-domain.tld/):

$ git config receive.denyCurrentBranch ignore

The next step is to create a post-receive hook that will help us deploy my_app’s code directly into our working directory:

$ editor_of_your_choice ~/git_repos/my_app/.git/hooks/post-receive

Fill the file with the following contents:

#!/bin/sh GIT_WORK_TREE=~/www/my-domain.tld/ git checkout -f

Save it and make the hook file executable:

$ chmod 0750 ~/git_repos/my_app/.git/hooks/post-receive

And a small step that will help us set up SSH:

  1. $ mkdir -m 0700 ~/.ssh/
  2. $ touch ~/.ssh/authorized_keys
  3. $ chmod 0600 ~/.ssh/authorized_keys

Step 2: Prepare the local (workstation) Git and SSH environments

Let’s assume that the app you’re developing resides in ~/projects/my_app/ and contains only one example file: index.php – we’ll set up a Git repository in the same directory:

  1. $ cd ~/projects/my_app/ $ git init
  2. $ git add index.php
  3. $ git commit -m 'initial version'
  4. $ git remote add origin username@my-domain.tld:git_repos/my_app

We need to generate a cryptographically strong SSH public/private key pair:

$ ssh-keygen -t rsa -b 4096

This will create two files: ~/.ssh/id_rsa (private key) and ~/.ssh/id_rsa.pub (public key).

Create a ~/.ssh/config file and add the remote host info:

  1. Host my-domain.tld
  2. Port 2222
  3. PreferredAuthentications publickey,password

If you already have this file, you only need to update it using the information above.

Now add the SSH public key to the production environment:

$ cat ~/.ssh/id_rsa.pub | ssh username@my-server.tld "cat >> ~/.ssh/authorized_keys"

Step 3: Deploy your app’s code to production Now we only need to push my_app’s code into production via Git:

$ git push -u origin master.

And you're done! Your app (index.php in this example) is now deployed on the remote web server in the ~/www/my-domain.tld/ directory using SSH & Git support.

How To Get Started?

First of all, you will need to have SSH access enabled for your iWebz web hosting account.

We include SSH access by default with the Enterprise plan, the Semi-dedicated 2 plan and with all VPS and dedicated server solutions on our platform. With all other packages, SSH is available as an upgrade.

Git is enabled by default with all Hepsia Control Panel-managed hosting solutions including:

  • Web hosting packages
  • Semi-dedicated servers
  • OpenVZ Virtual Private Servers with a Hepsia installation
  • Dedicated servers with a Hepsia installation

iWebz Web Hosting options

New Free WordPress Themes Added

We have added a collection of modern and responsive WordPress themes to the Free Themes section of the Control Panel. Now you can choose a new theme for your WordPress-based blog, news portal, photo gallery, etc. The new themes are free of charge and can be installed with a click from the Control Panel.

What are the new WordPress themes about?

The new line of WordPress themes reflects the latest web design trends and offers a fresh perspective on the concept of modern online presence.

free wordpress themes

You can find grid-based themes where content is organized in a clean and easy-to-digest manner. This type of themes is perfect for culinary blogs, news portals, photo galleries, portfolio pages and even for e-commerce stores.

You can also find classic-style, site-wide banner-based WordPress themes with a handy integrated slider functionality. These themes are a perfect front-end solution for your blog, non-profit or commercial website.

The new full-screen, background image-based layouts are also worth paying attention to. Such a theme is a great front-end choice for creative agencies, photographers, architecture and interior design studios, etc.

How to make use of the new WordPress themes?

The new WordPress themes have been added to the existing library of free themes in the Control Panel.

free word press themes in iwebz control panel

Just scroll to the Free Themes section under Installer and you will be taken to the full list of themes that are currently available for download. Then click on the Install button next to the template you want to install and you’ll be taken through the 1-click WordPress site setup wizard

Signup for our Web Hosting account

Get an instant WordPress installation, free wordpress themes, infinite disk space & traffic allocations, routine data backups as well as a 24/7 technical support.

New Linux Dedicated Servers Line Available

Fully revamped line of Dedicated Servers

dedicated serversDedicated servers lie at the heart of any quality web hosting service. Due to their ability to offer maximum amounts of resources and utmost levels of flexibility, they can make any web hosting portfolio complete and fully competitive on a cut-throat market.

We have just revamped our dedicated server offerings to offer you a wider choice of dedicated server solutions at much more competitive prices.

Due to the strong interest in the entry-level Atom series, we’ve added 2 more SSD-equipped, Atom-driven configurations offering higher CPU and RAM allocations.

Also, we’ve added 6 brand new SSD-equipped, Intel Xeon-powered server configurations for more exigent users who need much faster loading speeds for their projects.

Types of Dedicated Servers available

Intel Atom-driven dedicated servers

Intel Atom-based dedicated servers are a great starting point for users who are just stepping into the field of self-hosted solutions.

AMD Opteron-powered dedicated servers

The two existing AMD Opteron-based dedicated server packages feature the same hardware parameters, but now boast much more affordable prices.

Intel Xeon-based dedicated servers

The brand new line of 6 new server configurations of Intel Xeon-driven dedicated servers are SSD-based, and offer generous amounts of RAM and monthly traffic.

The 2 most advanced Xeon-powered setups – Xeon 4 and Xeon 6 are fully customizable and require a longer assembly time – up to 2 weeks.

Advantages of SSD-equipped Dedicated Servers

Despite their higher prices, SSDs outperform HDDs in terms of data reading/writing capabilities. Our administrators have compared regular enterprise-grade SSDs against professional HDD (SAS) drives capable of reaching speeds of 10,000-15,000 rpm (revolutions per minute). On the figure below, you can check the resulting performance benchmark figures below.

ssd-vs-hdd-infographic

Why should you use Dedicated Servers?

If you are a small business with relatively simple web hosting operations, then don’t ignore dedicated servers.  The pressure to use the cloud is powerful, but thats because you only see the marketing hype.

The reality is that a dedicated server, properly managed, will generally provide greater performance and reliability at lower costs than current cloud service options.

With most cloud systems, the network and underlying storage are shared among customers. This can cause disk I/O to be unpredictable.   If another customer starts to send large amounts of write requests to the storage array, you may see slowdowns.  The upstream network is shared so you can experience bottlenecks there too.

With cloud, you share resources with others.  This includes disk, RAM, CPU and network. A node in a cloud computing service is usually no more reliable than a single dedicated server. Even with the cloud you have to build redundancy into the system. 

Often due to inherent design or more often configuration choices, a single user can overwhelm a local compute node.  This can result in temporary outages and performance issues for your operations that have nothing to do with you.

The Cloud also adds costs to bring together various components that are anyways available together in dedicated servers, and depending on the vendor architecture for which you build your app, it may also result in a lock-in.

Check out our Dedicated Servers

11 server configurations at LOWER prices