Welcome to Vastspace, provides Reliable Web Hosting since 2014

Welcome to Vastspace

Archive

Paid SSL certificate is a processs

I have spoken to many customers were buying SSL certificates. Most have commissioned Vastspace for the entire process. From my experience, most have the impression that the SSL certificate can be done on the same day.

Whether it is done by yourselves or Vastspace the process is the same. I will explain the entire process, so you will get a better understanding.

A Paid SSL certificate is issued by the certificate authority, not Vastspace. All SSL certificate applied for that domain must be validated and the CSR from the origin must be submitted.  The validation methods are;  domain-validation, organization validation and extended validation.  Each validation process is conducted by the CA. DV, domain validation has a shorter process. The ‘owner’ of the domain must approve that he or she has applied an SSL certificate for that domain.

Once CA has satisfied, they will issue the SSL certificate. This process is the fastest but it has lower insured value because it is domain validated. How soon? It depends on how soon the owner can approve for the DCV email sent to him or her.

I have seen DV SSL certificate took more than a month or even cancelled after the CSR was submitted. OV will validate the organization applied and buying the SSL certificate. The CA will print the organization name on the OV validated SSL certificate.

EV SSL certificate verification is the most extensive. The verification comprises the DV, OV and callback to verify the real person behind the business.  Business telephone number published on the authorised websites will be used.

The EV SSL verification is very long-winded if the organization is not prepared for the process. Handled by an inexperienced sales guy can delay the entire process. Thus, I recommend asking and check with the vendor before you are buying an SSL certificate, especially for the EV SSL certificate.

Here is the link to understand more about different types of SSL certificates.

Demand and Supply

This is not an economy class but we are here to tell you the web hosting trend today. We can see the drop in demand of the dedicated servers but increases in VPS.

One reason I can see is the price. If you do not need the resources in a dedicated server, a VPS will help you save money. However, if you are calculating per gigabyte on RAM and the hard drives you will get, a dedicated server is cheaper.

In most cases, a dedicated server is not fully utilized. Average, we see servers used 40% or less is common. There are servers used as low as 15% at all times.

What are the reasons these customers have chosen a bare metal server over the VPS, here are my observations;

  • Past experience – In the past, virtualization is not popular and less stable. The choice is limited.
  • Privacy – Do not want a shared instance even it is virtualized.
  • Over-Provisioned – Expected traffic was underwhelmed.
  • Misled – Inexperienced, they were misled by the salespeople.

I’m a practical person and in my opinion, VPS or you call it a VM can fulfil 75% or more of the requirement. It is a matter of price. Most of these guest machine either they are low-weighted so they can have more guest machines in a node or the storage is expensive. There are cases you need storage space like a mail server.

However, you can see the price is coming down because of competition. Due to the demand, this will affect datacentre operators as well. As soon as it is virtualized, the footprint of the same in the dedicated servers will get smaller too. However, if the provider increased his ship in virtualization, his footprint will get larger in the datacentre.

So, it has depended very much on what they have focused and the market demand.

Points of failures in Web Hosting

This is some things most of us will not consider when we set up or but a web hosting. After all, the most robust web hosting with a failover mechanism might cost a lot. So, if you are on an ordinary web hosting plam there are the common failures you can expect.

  • Electrical power – it can be the server power supply or the electricity from your power company. Most servers allow redundant power supplies. These power supplies operate in different sources of incoming electric power. Should one has failed, you have the other one runs and continue its operation.
    • The cheaper servers do not have such feature or the buyer did not buy the 2nd power to reduce cost.
    • The worst scenario is the engineer did not plug it in and this is happening because of the PDU sockets is limited. In order to fill up more servers in the rack, the redundant power supply is sacrificed.
  • A Proxy web server – Your website is served by a web server. However, if you are thinking of web protection, distribute your traffic and get nearer to your visitors, a web proxy is used. So now you have 2 web server as one is your proxy web server. Any of them failed, your website will fail.
  • Network – If your origin is only one, it is sitting on one network. So, as soon as the network has failed, your web hosting will fail.
  • Server failure – A software or a hardware failure will cause your web hosting to fail.

Basically, they are Murphy’s law, we cannot beat them. Even, you are self-proclaimed the best web hosting providers, you will still face these consequences.

Using IP address for your WordPress website

Today, my customer has come to me to view his WordPress website using an IP address. You can use an IP address as your hostname. However, we do not recommend this method.

There are a few reasons and you have these criteria. Actually, I still cannot find a good reason for doing this.

  • You have a dedicated IP address and resolved to only one site. You can use it as a default site.
  • Private site. Do not want others to resolve using a domain name.
  • Do not want to use reverse and forward DNS. Maybe for point of failure.
  • Never hard code a link using domain name every permalink is managed by the WordPress.

If anyone can think of a valid reason, please write down the comment below.

Getting a WordPress website using an IP address must at least meet the first criteria like what I have mentioned earlier. In addition, you need to change the name to IP address in ‘General Settings’ of your WordPress website or define it in your wp-config,

In this case, you can use an IP address.

However, if you are making a new website or staging, I personally recommend the ‘host file’ method to resolve locally. The domain name can use the same if the website has a different IP address. If it is done using the same IP address, you cannot use the same domain name but a fake domain name.

If you are using a fake domain name you will have to update the general settings or define it in the wp-config file.

In this way, your WordPress website is always accessible and it will not run into errors like ‘404’ page not found.

Types of DNS zone records

Types of DNS zone records

DNS is like a directory, tells your visitors to go to where to fetch a particular service. For example, email is location A and website is location B.

That’s mean to say, it is not necessary to host your website and email servers at the same place as well as your subdomain. Actually, I have spoken to many, they have the perception the services must be located on the same server which is not true.

DNS and its zone records are also neglected by most. Many think I will only need a domain name and a web hosting. This is wrong, but usually, DNS is provided at no cost when you registered a domain but you will till need them.

Today, we will walk you through the common DNS zone records we are using with a domain name.

  • A record – this is to resolve a name to an IPv4 address. For example, the IP address of your server or website.
  • CNAME record – is an alias name to another domain.
  • MX records & Priority – They are your serves to receive emails on your domain behalf. Priority 10, 20 & 30 if you have more than one MX and where should the emails deliver based on its priority.
  • TXT – The field used as information. Like SPF, DKIM, DMARC and some may have it for validation.
  • AAAA record – Work like A record but for IPv6 addresses.

There are other not so common records like NS probably already added by our DNS provider or SRV used by certain service provider. Hope the above information is useful.

Litespeed vs Apache web server

Litespeed vs Apache web server

Apache web server is very popular and it’s free. However, there is an alternative web server called ‘LiteSpeed’ Which is better? In this article, you will learn more.

Apache web server

Apache web server was introduced in 1995. However, within a short period, regular development and updates, the Apache web server was successful in becoming a stable and secure server at the time. We can say that the Apache web server is a flexible and versatile server because of its ability to load in components. The very useful feature of the Apache web server is that it is available completely free.

LiteSpeed

LiteSpeed web server is a lightweight web server by LiteSpeed Industries Inc. It was introduced to the market in the year 2002. In a short period of time, LiteSpeed has become popular and is capable of handling thousands of concurrent connections but it having a smaller footprint in memory.  Litespeed web server reads the Apache configuration files. According to the company, a single LiteSpeed web server is capable of handling data equivalent to two of the Apache web servers. There are add-on cache plugins optimized for Litespeed web server to many popular CMS software like WordPress and with LiteMage Cache which is a full page caching solution to enhance the speed of Magneto stores.

Apache vs Litespeed

The LiteSpeed web server is its ability to handle heavier traffic as compared to the Apache web server. For example, an Apache server encountering DDOS threats was replaced by LiteSpeed web server, the Apache server crashed due to the threats, while on the other side, the LiteSpeed web server survived.

Apache server is completely free while Litespeed web server is commercial. However, it is still affordable with Vastspace’s Litespeed hosting.

LiteSpeed server is the definitely a winner in the web server. Here, are the  advantages;

  • It is up to six times faster than Apache web server
  • It is three times faster than Apache in SSL
  • With its LiteMage cache, LiteSpeed web server makes Magneto runs up to 75 times faster. Not forgetting the LSCache for the popular CMS like WordPress and it is free.
  • It increases PHP performance by 50%

 

Important services and ports

Important services and ports

Today, I would like to talk about the important services, ports and how should you treat them. I have seen many servers and VPS have them in default. I strongly urge everyone to starts to restricting and protect ing them. this is necessary.

  1. SSH service port 22 – This is remote Shell access for a Linux server. You can use TCP wrapper or iptables to restrict access by certain IP addresses. Also, change port 22 to something else that you can remember. Do not keep its default settings.
  2. RDP – ports 3389 change the administrator username and restrict IP addresses using the advanced firewall in Windows server OS.
  3. MySQL port 3306 limited to a local connection.
  4. MSSQL port 1433 limited to a local connection.
  5. Plesk administration port 8880 & 8443 using Plesk administration restrict access or use 2FA under tools and settings.
  6. cPanel / WHM port 2086, 2087, 2082, 2083, and even 2092 and 2093 you can restrict access using IP addresses in WHM. Use 2 FA for WHM and cPanel access.
  7. FTP port 21 active mode if possible restrict the access using IP addresses or at least use a strong password.

Paid SSL?

Paid SSL?

Why do some go for a paid SSL while you can an SSL certificate for free?

There is no difference in encryption if you are using a free SSL certificate, they are the same in terms of functionality. However, some would still prefer a paid SSL certificate.

There are a few reasons why you would go for a paid SSL;

  1. Re-issue – mostly unlimited from most CA. However, there is a limit or delay to get an SSL issued as the process is automatic for end users. The waiting time for the next cycle is no for someone to run an online business.
  2. The validity of the free SSL certificate is shorter, you definitely can not get past the 12 months duration,
  3. Limited to DV (domain validated), if you are looking for OV or EV, it is only available to a paid SSL certificate.
  4. There is no insurance value on a free SSL  certificate.
  5. Support provided by CA, you might get support still for the free one but it is definitely taking longer.
  6. Reputation, if I’m running an online business. I will want my SSL certificate signed by a reputable CA and recognized by my visitors. Not likely with the free SSL, especially for the EV SSL.

How Domain works for hosting?

How Domain works for hosting?

There 3 things for a domain to work with a web hosting. Many do not know the existence of DNS. DNS is actually important. It works as a directory to tell your visitor to go to the website or deliver your emails. Without DNS, your domain and web hosting will not work even they are valid or running.

Website hosting and email server are recognised and talked to each other using the IP address. An address numbers, e it an IPv6 or IPv4. Numbers are difficult to remember and it is not practical in the past using IPv4, thus there is such thing known as a virtual host, so many domains can use the same IP address.

This is where and how the DNS works. It helps to translate a name to numbers Like what I have said, DNS direct traffic for email or website. Without DNS, the name cannot be translated or resolved, everything will stop working on the internet.

Domain names registered with the registrars require 2 or more DNS. I personally prefer they are from different networks and GEO locations. So, if one DNS is down, the others are not affected should its network is having troubles. If you have 4 DNS but they are set up on the same network. It will defeat the purpose of having 2 or more DNS.

This article tells you DNS is relatively important but usually neglected. Hope it helps.