Welcome to Vastspace, provides Reliable Web Hosting since 2014

Welcome to Vastspace

Blog

Blog

, Paid SSL?

Paid SSL certificate is a processs

I have spoken to many customers were buying SSL certificates. Most have commissioned Vastspace for the entire process. From my experience, most have the impression that the SSL certificate can be done on the same day.

Whether it is done by yourselves or Vastspace the process is the same. I will explain the entire process, so you will get a better understanding.

A Paid SSL certificate is issued by the certificate authority, not Vastspace. All SSL certificate applied for that domain must be validated and the CSR from the origin must be submitted.  The validation methods are;  domain-validation, organization validation and extended validation.  Each validation process is conducted by the CA. DV, domain validation has a shorter process. The ‘owner’ of the domain must approve that he or she has applied an SSL certificate for that domain.

Once CA has satisfied, they will issue the SSL certificate. This process is the fastest but it has lower insured value because it is domain validated. How soon? It depends on how soon the owner can approve for the DCV email sent to him or her.

I have seen DV SSL certificate took more than a month or even cancelled after the CSR was submitted. OV will validate the organization applied and buying the SSL certificate. The CA will print the organization name on the OV validated SSL certificate.

EV SSL certificate verification is the most extensive. The verification comprises the DV, OV and callback to verify the real person behind the business.  Business telephone number published on the authorised websites will be used.

The EV SSL verification is very long-winded if the organization is not prepared for the process. Handled by an inexperienced sales guy can delay the entire process. Thus, I recommend asking and check with the vendor before you are buying an SSL certificate, especially for the EV SSL certificate.

Here is the link to understand more about different types of SSL certificates.

, Paid SSL?

Demand and Supply

This is not an economy class but we are here to tell you the web hosting trend today. We can see the drop in demand of the dedicated servers but increases in VPS.

One reason I can see is the price. If you do not need the resources in a dedicated server, a VPS will help you save money. However, if you are calculating per gigabyte on RAM and the hard drives you will get, a dedicated server is cheaper.

In most cases, a dedicated server is not fully utilized. Average, we see servers used 40% or less is common. There are servers used as low as 15% at all times.

What are the reasons these customers have chosen a bare metal server over the VPS, here are my observations;

  • Past experience – In the past, virtualization is not popular and less stable. The choice is limited.
  • Privacy – Do not want a shared instance even it is virtualized.
  • Over-Provisioned – Expected traffic was underwhelmed.
  • Misled – Inexperienced, they were misled by the salespeople.

I’m a practical person and in my opinion, VPS or you call it a VM can fulfil 75% or more of the requirement. It is a matter of price. Most of these guest machine either they are low-weighted so they can have more guest machines in a node or the storage is expensive. There are cases you need storage space like a mail server.

However, you can see the price is coming down because of competition. Due to the demand, this will affect datacentre operators as well. As soon as it is virtualized, the footprint of the same in the dedicated servers will get smaller too. However, if the provider increased his ship in virtualization, his footprint will get larger in the datacentre.

So, it has depended very much on what they have focused and the market demand.

, Paid SSL?

Points of failures in Web Hosting

This is some things most of us will not consider when we set up or but a web hosting. After all, the most robust web hosting with a failover mechanism might cost a lot. So, if you are on an ordinary web hosting plam there are the common failures you can expect.

  • Electrical power – it can be the server power supply or the electricity from your power company. Most servers allow redundant power supplies. These power supplies operate in different sources of incoming electric power. Should one has failed, you have the other one runs and continue its operation.
    • The cheaper servers do not have such feature or the buyer did not buy the 2nd power to reduce cost.
    • The worst scenario is the engineer did not plug it in and this is happening because of the PDU sockets is limited. In order to fill up more servers in the rack, the redundant power supply is sacrificed.
  • A Proxy web server – Your website is served by a web server. However, if you are thinking of web protection, distribute your traffic and get nearer to your visitors, a web proxy is used. So now you have 2 web server as one is your proxy web server. Any of them failed, your website will fail.
  • Network – If your origin is only one, it is sitting on one network. So, as soon as the network has failed, your web hosting will fail.
  • Server failure – A software or a hardware failure will cause your web hosting to fail.

Basically, they are Murphy’s law, we cannot beat them. Even, you are self-proclaimed the best web hosting providers, you will still face these consequences.

, Paid SSL?

Using IP address for your WordPress website

Today, my customer has come to me to view his WordPress website using an IP address. You can use an IP address as your hostname. However, we do not recommend this method.

There are a few reasons and you have these criteria. Actually, I still cannot find a good reason for doing this.

  • You have a dedicated IP address and resolved to only one site. You can use it as a default site.
  • Private site. Do not want others to resolve using a domain name.
  • Do not want to use reverse and forward DNS. Maybe for point of failure.
  • Never hard code a link using domain name every permalink is managed by the WordPress.

If anyone can think of a valid reason, please write down the comment below.

Getting a WordPress website using an IP address must at least meet the first criteria like what I have mentioned earlier. In addition, you need to change the name to IP address in ‘General Settings’ of your WordPress website or define it in your wp-config,

In this case, you can use an IP address.

However, if you are making a new website or staging, I personally recommend the ‘host file’ method to resolve locally. The domain name can use the same if the website has a different IP address. If it is done using the same IP address, you cannot use the same domain name but a fake domain name.

If you are using a fake domain name you will have to update the general settings or define it in the wp-config file.

In this way, your WordPress website is always accessible and it will not run into errors like ‘404’ page not found.

, Paid SSL?

Types of DNS zone records

Types of DNS zone records

DNS is like a directory, tells your visitors to go to where to fetch a particular service. For example, email is location A and website is location B.

That’s mean to say, it is not necessary to host your website and email servers at the same place as well as your subdomain. Actually, I have spoken to many, they have the perception the services must be located on the same server which is not true.

DNS and its zone records are also neglected by most. Many think I will only need a domain name and a web hosting. This is wrong, but usually, DNS is provided at no cost when you registered a domain but you will till need them.

Today, we will walk you through the common DNS zone records we are using with a domain name.

  • A record – this is to resolve a name to an IPv4 address. For example, the IP address of your server or website.
  • CNAME record – is an alias name to another domain.
  • MX records & Priority – They are your serves to receive emails on your domain behalf. Priority 10, 20 & 30 if you have more than one MX and where should the emails deliver based on its priority.
  • TXT – The field used as information. Like SPF, DKIM, DMARC and some may have it for validation.
  • AAAA record – Work like A record but for IPv6 addresses.

There are other not so common records like NS probably already added by our DNS provider or SRV used by certain service provider. Hope the above information is useful.

, Paid SSL?

Litespeed vs Apache web server

Litespeed vs Apache web server

Apache web server is very popular and it’s free. However, there is an alternative web server called ‘LiteSpeed’ Which is better? In this article, you will learn more.

Apache web server

Apache web server was introduced in 1995. However, within a short period, regular development and updates, the Apache web server was successful in becoming a stable and secure server at the time. We can say that the Apache web server is a flexible and versatile server because of its ability to load in components. The very useful feature of the Apache web server is that it is available completely free.

LiteSpeed

LiteSpeed web server is a lightweight web server by LiteSpeed Industries Inc. It was introduced to the market in the year 2002. In a short period of time, LiteSpeed has become popular and is capable of handling thousands of concurrent connections but it having a smaller footprint in memory.  Litespeed web server reads the Apache configuration files. According to the company, a single LiteSpeed web server is capable of handling data equivalent to two of the Apache web servers. There are add-on cache plugins optimized for Litespeed web server to many popular CMS software like WordPress and with LiteMage Cache which is a full page caching solution to enhance the speed of Magneto stores.

Apache vs Litespeed

The LiteSpeed web server is its ability to handle heavier traffic as compared to the Apache web server. For example, an Apache server encountering DDOS threats was replaced by LiteSpeed web server, the Apache server crashed due to the threats, while on the other side, the LiteSpeed web server survived.

Apache server is completely free while Litespeed web server is commercial. However, it is still affordable with Vastspace’s Litespeed hosting.

LiteSpeed server is the definitely a winner in the web server. Here, are the  advantages;

  • It is up to six times faster than Apache web server
  • It is three times faster than Apache in SSL
  • With its LiteMage cache, LiteSpeed web server makes Magneto runs up to 75 times faster. Not forgetting the LSCache for the popular CMS like WordPress and it is free.
  • It increases PHP performance by 50%

 

, Paid SSL?

Related to a Domain

Related to a Domain

Today, we talk about a domain name. This article is based on my past experience on a few TLD types of domains, like the .com, .com.sg, .sg etc. Hopefully, it helps some in a way if this information is useful.

  • If you are registering a .sg domain, it is in the month of August or you can wait till August. It will save you money. SGNIC runs a promotion on the price reduction of .sg domains in that month to celebrate Singapore National Day.
  • Check out our domain page, there are always TLDs on promotion, it could be the one you wanted to register.
  • Plular or singular of a domain name, to avoid any mistakes and if your budget allowed, register both. For example, cat.com and cats.com use one as an alias to your preferred domain.
  • A domain name is too long is difficult to remember, you should avoid.
  • Using a ‘dash-, for example, cat-house.com and cathouse.com, register both and use one as an alias to your preferred domain.
  • Domain should be easy to remember, ask a few people and get feedback.
  • A domain name represents a person, a brand or a thing. If they are not related, it is difficult to recall.
  • Never let your domain expired. Sg domain, you can renew up to 2 years and other TLDs may be renewed as long as 10 years. A redemption fee may apply if your domain has expired.
  • Avoid domain ID protection especially for anyone are doing business online. ID protection might indirectly or directly affect your creditability.
, Paid SSL?

Important services and ports

Important services and ports

Today, I would like to talk about the important services, ports and how should you treat them. I have seen many servers and VPS have them in default. I strongly urge everyone to starts to restricting and protect ing them. this is necessary.

  1. SSH service port 22 – This is remote Shell access for a Linux server. You can use TCP wrapper or iptables to restrict access by certain IP addresses. Also, change port 22 to something else that you can remember. Do not keep its default settings.
  2. RDP – ports 3389 change the administrator username and restrict IP addresses using the advanced firewall in Windows server OS.
  3. MySQL port 3306 limited to a local connection.
  4. MSSQL port 1433 limited to a local connection.
  5. Plesk administration port 8880 & 8443 using Plesk administration restrict access or use 2FA under tools and settings.
  6. cPanel / WHM port 2086, 2087, 2082, 2083, and even 2092 and 2093 you can restrict access using IP addresses in WHM. Use 2 FA for WHM and cPanel access.
  7. FTP port 21 active mode if possible restrict the access using IP addresses or at least use a strong password.
, Paid SSL?

Paid SSL?

Paid SSL?

Why do some go for a paid SSL while you can an SSL certificate for free?

There is no difference in encryption if you are using a free SSL certificate, they are the same in terms of functionality. However, some would still prefer a paid SSL certificate.

There are a few reasons why you would go for a paid SSL;

  1. Re-issue – mostly unlimited from most CA. However, there is a limit or delay to get an SSL issued as the process is automatic for end users. The waiting time for the next cycle is no for someone to run an online business.
  2. The validity of the free SSL certificate is shorter, you definitely can not get past the 12 months duration,
  3. Limited to DV (domain validated), if you are looking for OV or EV, it is only available to a paid SSL certificate.
  4. There is no insurance value on a free SSL  certificate.
  5. Support provided by CA, you might get support still for the free one but it is definitely taking longer.
  6. Reputation, if I’m running an online business. I will want my SSL certificate signed by a reputable CA and recognized by my visitors. Not likely with the free SSL, especially for the EV SSL.