Blog

Blog

Send a good email

Today, let’s us learn on how to send a good email. Hold on, not writing a good email but sending. Sounded simple? Yes, everyone knows how to send an email by clicking the send button. But do you know a good email can be ended into your recipient’s junk box, or even bounced? Now, it gets interesting isn’t? Writing a good email is not enough. Your recipient’s email servers have more anti-spam policies. Even you are writing good emails because of those reasons, your emails can go to junk.

With these rules, you can minimize the risk of your important emails ended in the junk box.

a. Always send an email via your or permitted email servers. Some have more than 1 email account and they have belonged to different email servers. If you are sending from an email server that is not permitted, as your IT people might set up something known as SPF in the DNS zone records. You are impersonating unknowingly. This type of failed SPF email might be rejected eventually. SPF is used to control email spamming especially those emails are impersonating your organization sending unauthorized emails to people.

b. Your subject is sensitive – avoid using words like message failed for delivery, spam, and offensive words. These words can easily be classified as junk email.

c. If you are sending an email with an attachment. Do not send doc xlxs or pptx etc. It is a good habit to zip them and scan them with your latest updated anti-virus if you have received such emails.

d. Look for a typo in the recipient’s email address especially they are already stored. A displayed name does not indicate your email address is correct. If you have received bounce email notification like invalid recipients or similar, you might have the incorrect email address.

e.Do not send an email with a big file. I do not recommend an email with attachments larger than 2Mb. Such large emails take a very long time to download, it might crash your recipient email application timed-out connection between the computer and the server.

f. Signed DKIM on all outgoing emails. Ask your IT team or hosting provider to implement DKIM on your domain main server. This can greatly enhance your email delivery if you are using the correct email server.

g. Last but not least, It might be beyond your ability. However, I need to mention as this is extremely important. your email server IP address must not be blacklisted if you are, the emails you sent are likely returned or bounced. Here’s the free tool https://mxtoolbox.com/blacklists.aspx to check your email server IP address is blacklisted.

Why is Shared hosting cheaper?

Have you wonder and asked yourselves in web hosting, why a shared hosting is cheaper? Many customers have thought they are the same. Basically, I need a website and a few email accounts. Well, you are not wrong. But a shared hosting vs a VPS there is differences. These reasons that I’m highlighting might affect you and your organization. So, it is good to read and to find out the differences.

Shared hosting or a VPS are still sharing a server. However, the shared methods are different. You put all the users into a server, they share mail service, web server, database server, Despite you can still restrict resources like memory to the budget buyers and hosting a website using an IP address. Actually, you are using the same IP address as the rest in the server. What’s wrong? That’s nothing wrong until someone email account is compromised and send spam emails. Ok, he is sending spam email, it has nothing to with me. Here comes the problem. Email servers have this basic anti-spam thingy known as RBL. RBLs are maintained by different agencies. The popular one like Spamhaus, SpamCop, Barracuda etc.  These RBLs maintain a list of spammer through their system that detects spammer almost in real-time. So, if your email server IP is in the blacklist. Your recipient email will be rejected by their mail server. So, you are too affected because the RBLs blocked emails from your email servers IP address. Right, assign a dedicated IP will solve this problem. Yes, if the price has remained competitive. If the total price is the same as the entry VPS, it will not make sense. This is why;

VPS has allocated CPU units and RAM, unlike Shared Hosting. Even you said yes, my shared hosting plan has RAM. Yes, you are not wrong but it made a difference. Restricted and allocated has a different meaning here. Shared Hosting can use that amount of RAM but VPS is guaranteed which is the minimum memory you can consume. If there is memory available but not allocated you, in some virtualization you are allowed to burst and use more than what you have been allocated.

VPS is independent and unique, has its own operating and services. Others have difficulty with their web server for example. it will not affect you like the shared Hosting. Basically, those important services like web, email, database etc are isolated from one to another. Those reasons, you can accommodate more users in  Shared Hosting solutions whereas VPS has a lower density in this area. Thus, Shared Hosting is cheaper for those reasons. Not forgetting, the control panel is shared by many in a shared server. It’s cheaper in control panel license as it is shared, whereas VPS control panel is per instance basis.

The good, the bad & the ugly in Webmail

Webmail has become a must when you are choosing a web hosting package. Webmail is used to send and receive emails via IMAP protocol directly from the email server. I have observed that some relied on webmail but some insisted on using an email client application like Outlook. Whatever is the reason. Today, we share the Pros and Cons of using webmail.

Basically, there are advantages and disadvantages using webmail. Let’s start;

a. Webmail is portable, you can use it on a computer connected to the internet. Basically, you can log in to your email account at any time and anywhere, This is a major advantage.

b. Do not need to install and maintain the application in your computers. No licensing or disk space issue.

c. Because you are always on the same interface. Thus read, unread or even junk emails are the same from the last time you have signed in.

d. The contact list is not duplicated or different from one to another computers or devices since it is stored on the server.

However, they have disadvantages;

a, If there is no internet, You can’t connect to the server and retrieve your past emails.

b. When your server has crashed. You might lose every email and connect to the server is definitely not possible.

c. If privacy is your major concern, webmail is not an option. As you may leave traces on the browser.

d. Most web hostings have packaged the outsourced webmail, which is free. They are lack of features unlike our Shared Hosting Plus, the webmail is by SmarterMail.

Now you have better understand what is suitable for you.

It has made a difference on fetching vs forwarding

If you wondering what is the topic about, it is email forwarding and fetching. It is common you are seeing someone is forwarding emails to his or her Gmail, Hotmail or Yahoo email account. Some may have found it is easy to read email on one email account or you want to have a copy or most were communicated with you on a Gmail email address until you have migrated to a paid email account.

No matter what is the reason, forward is no longer the correct method and with hosting companies will stop you from forwarding email, especially you are hosted on a Shared server. Why they stop us from doing this? Do you have another option?

Gmail, Hotmail, Yahoo etc, these free email account providers have very stringent anti-spam policies. Forwarding emails are as good as sending emails to the destination. Means, if you are receiving spam emails, you are actually forwarding spam emails too. These providers will stop delivering your email because of spam emails and the frequency. Eventually, they will blacklist your mail server IP. Now you have become the culprit, not only you are a victim. All email accounts hosted in the same mail server are now having the problem sending emails to Gmail, Hotmail, Yahoo email accounts.

fetch emailCan you imagine all the email users are forwarding emails? You are actually spamming the receiving mail server. The receiving mail server anti-spam rules will kick in. This will block incoming emails from the sender’s mail server. So, we stop forwarding, but I would still like to have a copy of my business email in my Gmail? Yes, you can. We start using fetch email and not forward. How?

This is how. Gmail and other users can set this in the control panel as seen in the screenshot. You ‘Add Account’ to fetch email business email accounts.  from your business email account instead of forwarding emails from your email account. As such, your Gmail now behaves like your email client application like outlook download new email arrived in your business email account.

 

 

 

All about Domain name

Today, we talk about a domain name. Guess I do not need to explain what is a domain name but many do not really understand what is the function of a domain name. In the 1st place, a domain name is not a hosting. A domain name is a name where you have registered with the authorized registrar or their reseller. A domain name is portable, it doesn’t matter where you have stored your data, email and web content. Similarly, it is like the Television license that you have to pay yearly to maintain its validity.

Each domain has the assigned DNS this is the element to tell people where you are hosting your email and website. But you will definitely need a domain name so you can tell people what is your email address unless you are not hosting but use the free email services from Gmail, Yahoo, Hotmail etc.

We usually register a domain name related to a person or a business. Some maybe their interest or service. Anyway, this isn’t my point. My point is how to choose a correct domain name. Here are a few tips to make a better choice on registering a domain name.

  • Name after you or your business. So, you remembered the domain name as you remembered to the person or his business.
  • Easy to remembered. I will forget if the domain name is mot common name.
  • Keep it short not too long. Difficult to remembered and easy to have a typo.
  • Check its availability and made a few choices before you are registering,
  • Registering a domain name related to your product or service that you are providing.
  • Register a territory TLD of a domain name. Example, my business is in Singapore, I can choose to register a domain name ends with .sg or .com.sg but not .my or .com.my

A domain name is unique. As long as it is registered, you can’t register again. However, there are services or you can approach the registrant, make an offer to buy from them. if the amount is agreed by both parties, you can make a domain transfer to gain ownership.

 

To own a dedicated server, what do I look for?

Many when you are looking for a dedicated server, you compare prices at similar specification. This is a normal practice for a consumer, But how do you know they are the same. Like Intel XEON processor E3 has 6 revisions. Of course, it is not a must to get the latest but not too old though. Older parts have a shorter lifespan, the higher failure rate can cause disruptions. Here are a few tips helps individuals on choosing a dedicated server.

  • Do not rush. If the advertisement is unclear, please ask for details. Always ask for more details if you are unsure. Like XEON processors have a few revisions can affect CPU performance. Some hard drives are designed to use 247 as a server. You cannot use to normal hard drive for a desktop to a server.
  • Never make a long period of upfront payment. Price will start to drop for older parts. In past experience, the cycle is 9 -12 months. Longer upfront payment does not secure you a better deal, in fact, you could lose more.
  • A cheaper option might get you a desktop PC as a web or database server. They are not designed to run 247. Like cooling and continuous operation are major issues to these servers.
  • Rent a server slightly more than your needs. Servers are not portable, to upgrade a server, the chances are moving your data can be tedious.
  • Always buy a backup, if there is no backup might lead you to lose data in the event of hard drive failure.
  • Services monitoring, you should monitor the important services and receive an alert if your service is not operational. Remembered that you have rented a server for a few hundred dollars for a month, a non-operational service costs you more.
  • Protection is a must if you own a dedicated server. You have many websites or you have a high traffic website, to rent a dedicated server. This greatly increased the attacks because of its popularity. So access to the server must be restricted and limited.
  • Regular check on the health of the server. Whether you are using a Linux or Windows server, they are tools to do the diagnostic to the hardware in the server especially hard drives. Any pre-failure notices can save you time and money.

How to protect your email account

We are using our email account to communicate with peoples, coworkers, friend, or business associates. The emails you have sent is representing you, I’m sure you do not want to see they are abused, and impersonating your identity. The truth is these are happening every day. Email accounts from someone are sending Spam, send unwanted email, email that impersonates any financial institutions asking for banking details. These emails are normally from compromised accounts or look similar domain names to trick you.

It’s not surprising that you have received these email. Me too, it’s common to see this type of emails not filtered even your best anti-spam email gateways. There are a few rules to follow can protect your email accounts.

  1. Bruteforce attack is common today. If you have the choices to use a unique username. A common username like sales, support, customerscare, and similar, are targetted. For example, your name is John Tan, avoid using John as the username but john.tan. This can minimize the risk of successful guessing from a hacker.
  2. Always use strong Passwords and update them in 3 months interval or shorter. A strong password consists of capital letters, small letters, number and symbol. I recommend at least 10 characters long.
  3. Use latest anti-virus definition to scan your computers and smart devices for any malware periodically.
  4. Careful emails with links and attachments, never respond to unknown or suspicious emails. Click on links may indirectly infect your computers. Attackers can send you emails with attachment with malware. Scan them,  and do not open these attachments.
  5. Avoid logging in to public and not personal devices to check emails. This will increase the risks that your credentials stolen by bad guys.
  6. Quite similar to point5, do not connect to an unknown or public network to check your emails.

Actually, these apply the same to many areas. If you are adhering to these rules, your risk of having your email account to be compromised has greatly reduced or even not possible.

Do you need SEO or SEM

SEO stands for search engine optimization while SEM is search engine marketing. Google has the most popular search engine on the internet. Apart from, there are Yahoo, Bing etc. Basically. Google is most use search engine. If you selling tropical fish, people look for aquarium or something similar. Your website might be listed on the 1st page depending on the search engine’s algorithm. There are a few factors to get listed on the 1st page, the earlier your website appears on the search, you have the greater the business opportunity, one of the important factors I guess is popularity.

I have spoken to many, the common mistake they have made for SEO is typed their company name on the search bar. Wait a minute, if he or she particular searches for your company, they have probably known you and want to do business with you. SEO is about keywords, the keywords are the gateway to your business especially for online businesses, No one will type and search for your company and your website if they are looking for a bicycle. A bicycle is your keyword in this case.

Nowadays search engine like Google changes their search algorithm very frequent. The factors that influence from more prominent phrase has become less frequent. The fastest way is to advertise. Those appear with ‘Ad’ in your Google search results are actually advertisements. We call it Adwords, is the major in SEM. You can put up plain test ad, an image ad or even a banner in your Youtube video. In Facebook, you can advertise too.

SEM is the fastest and effective ways to let people know your business, products and services. However, a budget in this area must be set aside and easily cost you a thousand a month. This could be a high running cost to SME. The result is subjective. My advice is whatever which is your landing page or your money site you have to make sure your visitors can visit the page or site. The content must be concise and there is something to look forward. If they are not, you are wasting time and money.

What are the differences on Sucuri, Patchman & Imunify360?

Today, we share to look at the difference of these web protection you can find in the market. They are popular and if you are comparing to some enterprise solutions, they are affordable especially good for SME.

Web protection is necessary for today cybersecurity for websites are built using outsourced frameworks. But what is good for me? There is nothing that does 100% protection. Ultimately, you might have to use a few tools to help you achieve a more complete solution.

The idea of this article is to help you understand their characteristics. A better understanding of how you can protect your websites. Let’s get started. There are pros and cons of each type of this kind of services and some can do more, but you have to pay more. Sucuri Firewall pro you do not need to install any software apart that update your DNS zone records for the website. Unless you want to scan your website files in the least 6 hours internet. You just need to upload a PHP file. Sucuri will handshake with your website in TLS protocol, to scan files for that particular website. Sucuri Firewall Pro subscription is per website basis regardless it is a sub-domain website.

server scabimunify360Patchman and Imunify360 install software onto the server, an agent for Patchman in fact. These 2 services are limited to Linux OS. You cannot install them onto a Windows OS. Patchman focuses on the websites use an opensource application like WordPress, Joomla etc on the server, Imunity360 focus more on a web server security. Patchman is very detailed on the vulnerability detected and the remedial action can be taken but I’m not sure it is limited to the known application only, it doesn’t give additional info on pure HTML website. However, it still does a Full server scan. Patchman has 3 versions. The 1st 2 are categorised as a commerce 0r non-commerce website and the most expensive is for all the opensource application. For detail, please visit their website https://www.patchman.co/.

I think these solutions are depending on what you will need. If you have a lot of opensource application built websites, Patchman will be best and you get most out of it. However, if you don’t, and you have plenty of resource Imunify260 might work for you. I personally like Sucuri, but it will be expensive if you have many websites to protect. The reasons that I’m liking Sucuri are because it offloads your server. Any attacks are not on the server but on the proxies. This has greatly improved the server’s performance. Moreover, any successful malicious files uploaded the mitigation is done at the proxy on the actual server.

You can use Sucuri with any web server on any operating system, and not limited to Linux only. Basically, if you have the budget the combination of either Imunify360 or Patchman with Sucuri Firewall Pro will further strengthen your web protection.

What does SSL certificate mean to you?

I’m not sure but I have spoken to many, they have a faint idea on what is HTTP and HTTPS. What is SSL certificate and why some buy an SSL certificate? Here’s your chance. You should have a better understanding of an SSL certificate after reading.

The major difference between HTTP and HTTPS is secure for the later. When you are visiting HTTPS website your communication to the server is encrypted by an SSL certificate has installed on the web server. Without a proper CA signed an SSL certificate your browser will alert you as an error, will stop you to proceed unless you add the website to your exception list.

OK. Some not so technical literate customers will claim this as an error from the server. This is because you do not have an SSL certificate installed, thus the error from the browser, not the server. Why you did not install an SSL certificate? An industry practice, web hosting providers will not install and never install an SSL certificate. I will tell you why if you read on. However, some control panel like cPanel provide an SSL certificate on the server hostname and having said that the hostname must be qualified resolvable hostname in order to work.

Nowadays,  an SSL certificate can be paid or free. Most well-known control panels like Plesk and cPanel come with free SSL certificate. These certificates only valid for 3 months and renewed, provide the domain still resolved to the server IP same for new issuing. Here we will explain to you why as it is a form of validation. Yes, before the CA issue you with an SSL certificate, verification is required to check you really own the domain and business.

There are 3 types of validation depends on the type of SSL certificate. DV, OV and EV. Actually, it is more complicated if you are paying more for the certificate. Thos green bar you are with a LOCK, these are extended validated, more steps on verification before an SSL certificate is issued. DV is the cheapest and only require domain verification. DV only requires the applicant to create designated email account to approve the application or you can update the DNS zone records for verification. OV stands for organization validation, you verify the existence of the organization like DUNS, telephone numbers on the Yellow page. The EV extended validation normally requires you to fill up forms telephone verification and further verification is required to check on identity. Because of the validation, hosting provides do not pre-install the SSL certificates.

SSL certificate serves more than secure communication. Basically, it labels your organization. Especially, if you are doing business online, you want your online visitors and customers to trust you, SSL certificate will serve the purpose.  I will refrain myself t key in personal details if there is no proper  CA-signed certificate website. Information can be hijacked during the transmission, and you never notice.

However, there is a common perception that your website will not be hacked if you use HTTPS with a valid SSL certificate, It is incorrect. Your website is still hackable if you have loopholes or vulnerabilities. Some SEO experts claimed that there is an impact if the website is HTTP. Google lists HTTP as an insecure site on their search engine from July 2018. HTTPS will list faster. HTTPS websites will load faster in Chrome browser. I cannot really tell but SSL certificate is free now at Let’s Encrypt so what is the harm.