Archive

Security and conveniences 

Today, it is a short topic. I probably need a couple of day breaks. Anyway, it is about security and convenience. Most have gotten used to accessing an email account, an admin portal etc with just username and easy to remember password. I’m sure I was used to be like you, or anyone else. Right?

However, there is a need to enhance this area, especially a login to a place where it contains sensitive and important information. An extra layer of the sign-in mechanism is placed on the top of your usual login and limited to the authorized person. It can be a 2-factors authentication, another encoded  Admin URL. or another password layer, Whatever what it is, you have to spend more time and effort to sign in. Some very secure login might have multiple layers before you reach the sign in screen. The idea or objective is to make unauthorized login not possible.

While I’m describing, you already can feel the hassle, not yet doing it. Can you imagine the extra layers of the sign in can make you pull your hairs? I have seen many cases. For me, I’m kinda got used to it, my job needs me to sign in to servers. If I’m unable to practice good security measures, I will have troubles educating my clients.

To conclude,

if you preferred to be convenient, your security is compromised.  We must learn to adapt such hassle and environment to step up our security. It is a must for today cybersecurity.

What does SSL certificate mean to you?

I’m not sure but I have spoken to many, they have a faint idea on what is HTTP and HTTPS. What is SSL certificate and why some buy an SSL certificate? Here’s your chance. You should have a better understanding of an SSL certificate after reading.

The major difference between HTTP and HTTPS is secure for the later. When you are visiting HTTPS website your communication to the server is encrypted by an SSL certificate has installed on the web server. Without a proper CA signed an SSL certificate your browser will alert you as an error, will stop you to proceed unless you add the website to your exception list.

OK. Some not so technical literate customers will claim this as an error from the server. This is because you do not have an SSL certificate installed, thus the error from the browser, not the server. Why you did not install an SSL certificate? An industry practice, web hosting providers will not install and never install an SSL certificate. I will tell you why if you read on. However, some control panel like cPanel provide an SSL certificate on the server hostname and having said that the hostname must be qualified resolvable hostname in order to work.

Nowadays,  an SSL certificate can be paid or free. Most well-known control panels like Plesk and cPanel come with free SSL certificate. These certificates only valid for 3 months and renewed, provide the domain still resolved to the server IP same for new issuing. Here we will explain to you why as it is a form of validation. Yes, before the CA issue you with an SSL certificate, verification is required to check you really own the domain and business.

There are 3 types of validation depends on the type of SSL certificate. DV, OV and EV. Actually, it is more complicated if you are paying more for the certificate. Thos green bar you are with a LOCK, these are extended validated, more steps on verification before an SSL certificate is issued. DV is the cheapest and only require domain verification. DV only requires the applicant to create designated email account to approve the application or you can update the DNS zone records for verification. OV stands for organization validation, you verify the existence of the organization like DUNS, telephone numbers on the Yellow page. The EV extended validation normally requires you to fill up forms telephone verification and further verification is required to check on identity. Because of the validation, hosting provides do not pre-install the SSL certificates.

SSL certificate serves more than secure communication. Basically, it labels your organization. Especially, if you are doing business online, you want your online visitors and customers to trust you, SSL certificate will serve the purpose.  I will refrain myself t key in personal details if there is no proper  CA-signed certificate website. Information can be hijacked during the transmission, and you never notice.

However, there is a common perception that your website will not be hacked if you use HTTPS with a valid SSL certificate, It is incorrect. Your website is still hackable if you have loopholes or vulnerabilities. Some SEO experts claimed that there is an impact if the website is HTTP. Google lists HTTP as an insecure site on their search engine from July 2018. HTTPS will list faster. HTTPS websites will load faster in Chrome browser. I cannot really tell but SSL certificate is free now at Let’s Encrypt so what is the harm.

 

Do you really need a NAS?

The last few days, I’m debating on do I really need a NAS? I have asked myself many questions, and until now it hasn’t come to a conclusion. Basically, I have a few SATA hard drives lying around and as a gadget guy, I’m thinking what can I do with those drives? The idea of NAS strikes. But the question is do I really need one?

Here’s my analysis. A NAS can be something off the shelf or you can build one. The primary purpose is to upload, download and share files within your LAN network with many devices. A NAS is installed 2 drives minimum for redundancy. In case, one drive has failed, your data is safe. When you have 2 drives 2Tb or slightly lesser. Here comes the question? What do you store in a NAS for 2TB space? Isn’t it is cheaper to buy an external USB hard drive?

Actually, a USB 3,0 external hard drive writes and read faster than a NAS. An external hard drive is attached to your computer. For sharing, you need to physically transport the drive to someone. During the transport, if the drive is damaged, you can lose everything has stored. For NAS, you do not need to transport them when you are sharing data. They can be either shared on a LAN or WAN. The answer may not apply to some. If your network router has a USB port for file sharing, it is still possible to share data using an external hard drive.

The shortcoming for an external hard drive is 5Tb for 2,5 or you can maximum 8Tb for 3.5″. If you need a larger capacity device, you still need a NAS and USB drives do not have redundancy. So your current cut off point is 8Tb.

Today, NAS is more than a NAS. A NAS is like a mini server. There are a lot of applications the manufacturers package them into their NAS software. If you got enough RAM, you can use the NAS as your web server, a database server, a mail server etc. Manufacturers are smart, consumers can find many reasons to buy themselves a NAS device. Again, what you are doing probably there is another option. You can use the Google drive to store and share files. NAS will work in the LAN if there is no internet.

I personally think it boiled down what exactly need. If you do not need the large disk space, NAS is not your choice because of the upfront cost will cost more per Gb ratio.

File or block-level backup?

Most will recommend a block-level backup. Theoretically, bl0ck-level backup is utilising less bandwidth and storage. Block-backup can only backup block that part of the file is modified, thus it is using less space. If you are using block-level backup and VSS is enabled to backup a Microsoft Windows Server, you can backup an open file. The file-level backup will fail in this situation. If you have a lot of small files, file-level will take a very long time to backup them. Block-level is especially suitable for this type of situation.

However, file-level is not useless. Actually, the backup allows you doing both. The file-level backup is flexible. You can choose the files and folders to backup. Especially, those don’t need to backup frequently, this can be a faster restoration option.

Either a block or file-level backup, backup is a must in case you need to roll back or restore.

Is your mail server IP address blacklisted?

questionThe common tool used by many to check their mail server IP address is blacklisted from MXTOOL. Often, we are hearing from someone his or her mail server is blacklisted. But by who? And how? What will happen if my mail server is blacklisted? How can I resolve? This article will provide you with the information to have a better understanding of the matter.

Firstly, we must understand DNSBL. What is DNSBL? It is referred to as Domain Name System Blacklists, also called DNSBL’s or DNS Blacklists, they are spam blocking lists that allow a mail server administrator to block messages from particular mail servers which have a brief history of sending spam. The lists derive from the Internet’s Domain Name Program, which converts difficult, numerical Ip such as for example 123.123.123.123 into names of a domain like example.net, building the lists much simpler to read, use, and search. If the maintainer of a DNS Blacklist offers previously received spam of any sort from a specific domain name, that server will be “blacklisted” and all communications sent from it might be either flagged or rejected from all sites that make use of that specific list. DNS Blacklists have got a fairly long history in internet terms, with the initial one getting created in 1997. Known as the RBL, its purpose was to block spam email and also to educate Internet providers and various other websites about spam and its own related problems. Although contemporary DNS Blacklists are hardly ever used as educational equipment, their function as a contact blocker and filtration system still serves as their main purpose even today. In fact, the vast majority of today’s email servers support at least one DNSBL in order to reduce the quantity of junk mail customers using their support receive. The three fundamental components that define a DNS Blacklist – a domain name to web host it under, a server to host that domain, and a listing of addresses to create to the list – also haven’t changed from enough time when the RBL was initially created to today. Since then, a large number of different DNSBL’s have sprung up and so are available for use, plus they all have their own lists that are populated predicated on what does or doesn’t meet up with their own requirements and criteria for what a spammer is. Due to this, DNS Blacklists may differ greatly from one to the other. Some are stricter than others, some just list sites for an arranged period of time from the day the last little bit of spam was received by the maintainer versus others that are manually managed, and still, others not only block IP addresses but also whole ISP’s recognized to harbor spammers. This outcome in a few lists working much better than others because they’re maintained by providers with a greater degree of trustworthiness and credibility than competing lists may have. Users may also use these variations to select which DNS Blacklist is most effective for them based on what their particular security needs are. Much less lenient lists might enable more spam to complete but may not block non-spam text messages that have been misidentified on lists which have stricter recommendations for how are you affected or what’s left of it. To greatly help facilitate this, DNS Blacklists that are designed for use by the general public will generally have a particular, published policy detailing just what a listing means and must abide by the criteria organized in it to be able to not merely attain public confidence within their services but to maintain it as well.

Now, we have understood what is DNSBL. The commonly used list is from spamcop, spamhus, barracuda etc. They are maintaining an almost real-time updated list to most mail server administrators to block spam emails. This is a common and popular method. As soon as your mail server is blacklisted and listed. Emails are originated from the blacklisted mail servers are bounced until they are delisted.

What is a WAF?

Have you ever wondered what WAF means? (extracted from Sucuri Website)

WAF stands for Website Application Firewall. In order to make it simple to understand, imagine your website as a house and the people outside on the streets are the traffic that wants to come to your website.  Of course, you want to open your door to friends and family, but you also want to protect your house from the bad guys. That is exactly what the firewall does. The WAF is the locked house door. A WAF keeps the malicious traffic off your website. In other words, a WAF is a layer of protection that sits between your website and the traffic it receives.

Why do you need a WAF?

The same way that there are criminals on the streets, there are hackers online. Threats to websites emerge and evolve every day; keeping up with the hacking trends can be very stressful to any webmaster.

Network and local firewalls alone cannot stop hackers from breaking into your website anymore. Many of these solutions are not effective when it comes to stopping malicious online traffic.

Having an effective Web Application Firewall (WAF) provides companies and website owners peace of mind.

Expecting the hosts to take care of your website security can be misleading, as their main goal is to ensure the accessibility of your website. Some hosts, like GoDaddy, do offer website security. Nevertheless, you need to make sure to implement a security solution, like the Sucuri Platform to protect your website for you.

Another important aspect of having a Website Application Firewall on your website is the time it will save you in the long run. After setting up a WAF properly on your website, you would no longer be spending precious time thinking about ways to protect it. Then, if your website was, in fact, hacked, how many hours would you waste trying to find the issue and fix it? I am not even mentioning the amount of money potentially lost from having an unprotected website.

How does a WAF work?

The WAF works as a vaccine for a website. It is a preventive measure taken so your website does not get infected or goes offline. Nobody really likes to be vaccinated, but the cost of getting sick is always a thousand times higher. Having a WAF activated means having a proactive posture on your website security.

You already know that having a website firewall solution is vital to protecting any website. Next, let’s dive deeper into the characteristics of WAFs.

WAF Features

Application firewalls go beyond the metadata of the packets transferred at the network level. They focus on the data in transfer. Application firewalls were created to understand the type of data allowed for each protocol, like SMTP and HTTP. There are specific application firewalls for websites and they are called Website Application Firewalls (WAF).

Application Firewalls

In general, all WAF solutions function the same way. They are basically a wall between your website application and the visitor browsing your website. A WAFs main goal is to impede malicious requests from damaging your website.

The difference among the many website firewall solutions in the market is mainly how they are deployed and their database. The Sucuri WAF is the most advanced in terms of virtual patching. We take research very seriously. Our firewall analysts work hard day and night so we can provide you the most complete and robust solution in the market. Our WAF filters block up to 100% of the attacks your website can suffer from.

Now that you know what a WAF is, let’s talk about the Sucuri WAF.

Sucuri Firewall

Sucuri is a website security company that was born to offer website owners a comprehensive security solution. The Sucuri Firewall is a cloud-based software as a service (SaaS) Website Application Firewall (WAF) and Intrusion Prevention System (IPS) developed exclusively for websites.

What is great about the Sucuri Firewall is that it functions as a reverse proxy. The Sucuri WAF intercepts and inspects all incoming Hypertext Transfer Protocol/Secure (HTTP/HTTPS) requests to a website. Then the WAF strips the malicious requests at the Sucuri network edge before it arrives at your server.

 

Another feature that the Sucuri Firewall offers is that its WAF includes Virtual Patching and Virtual Hardening engines. The Sucuri Firewall mitigates threats as they happen.

The Sucuri WAF keeps the threats far from your website without impacting your website negatively. Quite the opposite, the Sucuri website firewall makes a website up to 70% faster, as it is built on a Content Distribution Network (CDN).

How the Sucuri Firewall Works

Performance optimization is part of the Sucuri WAF features. The CDN caches dynamic and static content across all nodes in the network to ensure optimal performance around the world. The Sucuri WAF configuration makes adequate preparation for global reach, load balancing, failover, and comprehensive performance improvement.

Website up to 70% faster with Sucuri Firewall

The Sucuri WAF runs on a proprietary Globally Distributed Anycast Network (GDAN). Anycast allows a network to broadcast an IP to multiple locations from a single node, permitting the nearest node to respond to a request. Imagine your website has a global audience: the website is hosted on a server in Houston, but your main visitors are in Asia and Western Europe. If you have the Sucuri Firewall activated on your website, the content would be broadcasted from a Tokyo and London Point of Presence (PoP) via our Anycast network. The result would be an improved user experience as visitors in Asia would get a response from the Tokyo PoP, and the ones in Europe from the London PoP. To sum it up, since Sucuri WAF runs on a Global AnyCast Network, the nearest node responds to the requests, bringing improved availability, resiliency, and failover capability to any website.

Anycast Network

This unique configuration allows for high availability and redundancy if anything fails in the network. Moreover, the Sucuri Firewall offers full Domain Name Server (DNS) services.

Another great advantage of using the Sucuri WAF solution is that it can help you increase your SEO rankings. The inclusion of an SSL certificate and improved speed from the Anycast CDN can improve SEO. You might see SEO improvement after the Sucuri WAF is activated because having HTTPS enabled and using a CDN are confirmed ranking signals from Google.

To sum it up, the Sucuri WAF:

  • Mitigates Distributed Denial of Service (DDoS) Attacks
  • Prevents Vulnerability Exploit Attempts, such as SQL injections, cross-site scripting (XSS), remote file inclusion (RFI) and local file inclusion (LFI)
  • Protects Against the OWASP Top 10 (and more)
  • Protects Against Zero-Day Exploits
  • Protects Against Access Control Attacks, such as Brute Force attempts
  • Offers Performance Optimization with its CDN

How can I add the Sucuri WAF to my Website?

In order to add the Sucuri Firewall to your website, all you need to do is add a DNS A record or switch to Sucuri nameservers. The time to go live is dictated by the DNS Time to Live (TTL). In most cases, it takes from 30 to 60 minutes. If you have any issues with the setup, or if you are not technical and need assistance, our support team can guide you through it.

Conclusion

As you have seen, using the Sucuri Website Application Firewall can be very valuable for your website and business. Not only do we offer protection, but also a performance boost and better SEO, which are like gold for any website owner. If you are wondering why you have not added our Firewall to your website yet — don’t worry. Chat with us and we will help you have your website protected today

How to protect your website?

 
A website is using WordPress, Joomla, Drupal is common. There is a huge collection of plug-ins, modules, and components. Most are free can download from the internet.
 
Because open source applications are free, they are a very popular choice example a WordPress website. 6 out of 10 websites are using WordPress. The installation script is available on the most popular hosting panel. A few click away, WordPress website will be ready for you
 
But do you know these websites are hackable? The vulnerabilities are in these open source CMS. Because the code on the CMS is readable by anyone. The bad guys will find its loopholes and exploit them.
 
So it is common to hear from someone, he or she has a hacked WordPress website. Can we protect it? Do we need to install a costly appliance?  In the past, engineers installed expensive equipment for combat web intrusion. Never think that the web protection existed with your web hosting which is not the case. In this modern world, cloud web protection is available at an affordable price.
 
There are 2 similar website protection services can do the job., Cloudflare, and Sucuri. Both are available at Vastspace. They have the same goal to filter any known or even suspicious malicious activities. Starts with as little as USD 20, you have CDN to speed up connections to your website and protects them at the same time. Not limited to DDOS attacks itself.
 
Cloudflare has more POPs than Sucuri. The connection to your website from many places is faster. But this is numbers on paper. Many cases, you cannot tell the difference because they are in milliseconds. I have tried both, they offered protection but I like Sucuri more.
 
sucuri cpsucuri scanI have a trial service on the Sucuri Website Firewall PRO and monitoring. From the control panel, you get to see the website health status after you have logged in. The information is something you will not have in Cloudflare. They provide you with an overview of the website health. Spamhaus status is good,  can use as a reference on your mail server RBL if they hosted together. Also, you can adjust the scan interval as low as 6 hours on the scan or scan daily as a routine.
 
sucuri advanceAt the website firewall, you will get an overview of allowed and blocked traffic. More useful options like access control,  security, performance, and SSL on the settings. For Cloudflare, I’m overwhelmed with the features. Most layman will want to pay you to solve their problem. After the initial setup, they hardly log in to tweak the settings. So, I felt that some of this settings might be too much for them to digest. On Sucuri, most essential settings are available. Except that you might want to have a closer look at advance security option and protected pages at access control. These are good options if you have a WordPress or Joomla website if you want to protect sensitive URL.
 
But, there is a con on both setups. If they are not setup correctly, attackers can bypass this firewall. Eventually, your website is not protected. So, make sure you talk to a certified engineer.
Also, like your FTP, email service, webmail, and control panel can ruin too. Make sure you check these service and ask if there is any workaround.
Feel free to write to [email protected] if you have questions about the 2 services. As their partner, we are glad to assist you.

What is BRTFS?

BRTFS is a file this is certainly contemporary that began development back 2007. It had been merged into the mainline Linux kernel in the beginning of 2009 and debuted in the Linux 2.6.29 release. BRTFS is GPL-licensed but currently considered volatile. Hence, Linux distributions have a tendency to deliver with BRTFS being an alternative although not while the standard.

BRTFS isn’t a successor to the default Ext4 file system utilized in most Linux distributions, nonetheless it to expect to displace Ext4 later on. A maintainer for Ext3 and later, Ext4, features stated he sees BRTFS like a better method ahead than continuing to count on technology this is certainly ext.

BRTFS is expected to offer better reliability and scalability. It’s a file that is copy-on-write meant to address various weaknesses in current Linux file systems. Primary focus things include fault threshold, fix, and management this is certainly easy.

What is DKIM?

Known as DomainKeys Identified Mail is for identification on email designed to prevent email spoofing. It allows the email server to check that the incoming email claimed to have come from a specific domain was authorized by the owner of that sending domain. It is intended to prevent forged sender addresses in emails, a technique often used in phishing and email spam.

In technical terms, DKIM lets a domain name associate its name with an email message by affixing a digital signature to it. Verification is carried out using the signer’s public key published in the DNS. A valid signature guarantees that some parts of the email (possibly including attachments) have not been modified since the signature was affixed. Usually, DKIM signatures are not visible to end-users, and are affixed or verified by the infrastructure rather than message’s authors and recipients. In that respect, DKIM differs from end-to-end digital signatures. Our virtuemail has the option for DKIM.  You can contact us o understand more.

Email delivery?

Someone is

mail delivery
A mailbox full of mail against a blue and puffy white cloud sky

telling me just type the recipient email address to send an email. Sound familiar to you? He or she is not wrong. To send an email you first must know his or her email address but did anyone tell you how an email is delivered and why he or she did not receive my email.

Let me explain how an email is delivered. Most people are sending an email knowing only recipient email address. But sending email are more than just are knowing the other party email address. The most crucial thing for sending email is actually the DNS. without DNS, the mail server is handicapped and does not know where and how to deliver your email. DNS consists of records, it is like a directory to tell you where you are hosting the mail server and where to find you. With the DNS, your email is delivered to the destinate mail server and mailbox eventually.

Sometimes your recipient will claim email was not delivered to him or her. How did this happen? There are a few common reasons why an email was not delivered.

  1. Mistyped email address, this common mistake that people made, an email address is mistyped and sent wrongly and was not sent.
  2. Email has gone to junk box and not knowing the email did arrive but was never in the inbox.
  3. Some mail server allows users to filter their emails because of spam emails. Sometimes keyword related filtering could have wrongly filtered your email.
  4. Your mail server IP is blacklisted by the popular DNSBL. It was not you but someone account is compromised and sending spam emails. This can cause your mail server IP to be blacklisted. At such situation, your email will be treated as spam email and bounced or filtered.
  5. Email is showing delivered as sent. This can be due to a bug in the mail client and it is not delivered to the mail server. This can happen to an outdated application.
  6. It is rare but it happened the email is caught in the sender or recipient mail server mail queue due to many reasons. When the email is caught in the queue it will not deliver to the user mailbox.