The take out more domains scam……

This scam is very subtle, it preys on fear, uncertainty and doubt. If you are not regularly doing business in this field and receive a message like this, it can be quite distressing. Note that this email below is not actually asking you for anything, but it is begging you to reply. (click on the image to see a larger version of it).

How does it work?

I have deliberately changed the real domain name in question to homestart-czw.

The sender (who is probably real) claims that they wish to use homestart-czw as a keywork in Chinese domain names.

They know that there is a homestart-czw.org.uk and that is how they found it. Similar scams along this theme may claim ownership of copyright or trademarks. What they want you to do is reply to the message. In other words start a conversation.

The sender will claim that you should protect your domain name against misuse by purchasing a set of CN (Chinese) domain names to protect your uk one. It will not stop there, they will also recommend that you purchase other domain names including the text “homestart-czw” for Thailand, Malaysia, Indonesia, Vietnam, Philippines etc. Before you know it you have purchased maybe 5 or more domain names that you do not need. Plus you have to renew them every year. The last one of these I looked at a few years ago would have amounted to an annual bill of £100 per year

Why should I ignore this?

Fundamentally because you are not trading worldwide, at best you are trading at the county level and most of you are at the local level covering a sub region in a county. Your domain name will generally give a clue about where you are: homestart-czw.org.uk is an Organisation (charity) based in the UK. You are not providing services in China or Asia, therefore no conflict exists.

However you have to admit; from a “plausible deniability” perspective, that the person making the enquiry could just claim he is trying to help you! Sadly there is nothing going on here which could be deemed to be illegal.

If you receive a message like this, send it over and I will check it for you.

The highlighted red ring around the web address is designed to fool spam checking tools which will probably be looking for that website address. That is why it has spaces and square brackets where there should not be any.

← Self directing spam to a spam folder! Spoofed Email Address Scam →

Fake 20i.com invoices

There have been several instances (around 15 of them) where an invoice has been sent to an organisation claiming to come from 20i.com and stating that their domain name has expired or is about to expire.

The information relating to your domain name is available to view on the Nominet website: Registration Data Lookup by Nominet Just enter your domain name and other information will be presented.

Someone, or some group have been trawling through this data and identifying websites that are hosted by 20i.com. I have a reseller account at 20i.com and deal directly with them. You have no relationship with them. Invoices from 20i.com are not sent to you, they are sent to me, and I look after them for you. The people behind the scam do not know that.

If you receive anything about your website, or your domain name and you are not sure, send it to me and I will confirm whether it is a scam or not. It stands to reason that if you do not have a relationship with 20i.com then you would not expect to receive an invoice from them.

20i.com are aware that this is happening, no doubt other hosting companies are being targeted too.

← Refresher Training Your Website has been hacked..... send bit coins. →

Beware of the peaks!

For much of the past month I have been working my way around sites and making sure the sites are updating correctly. In some cases they have not been doing this without additional input. I have not got to the bottom of why, some of it is related to the Divi template. I spent a very tortuous 2 days seeking support to find out why. It would have been more productive watching paint dry.

However I digress, I looked at around 70 of the sites I am hosting. I had to make changes to them to get the last version of WordPress to manage the updates. After I have done this the sites should in theory look after themselves.

In the dashboard of most sites is a Google Analytics summary of the last 30 days of activity on your site. I noted the image below which has a strange peak in it on one of the sites.

This is not normal

Then I found another one

And another one

And another one

Unravelling the thread

I found five in around 70 sites, so it was not everywhere. But what is it? I chose one site and decided to check Google Analytics to see what it recorded. The peak in most cases occurred over a 5 minute period when allegedly around 350+ people from around the world decided to visit your website at 9am in the morning. And I do mean from around the world, not just in the UK. Any country in the image below that is a shade of blue, means people (allegedly) came from that country.

The image on the left shows the top 31 countries and how many computers in each country. Click on the image to see a larger version. Not listed here, but I did check, looking at Russia countrywide, the visits did not come from one computer, but came from many across Russia.

What is going on?

Given the attack which is still going on some 4 weeks after I was notified on another site, I am very conscious of how long that took to sort out. I checked in with the hosting company to ask about these and what they thought they were. I did not get a straight answer, other than any attack will be handled by special measures in the hosting and the site will continue to work despite this.

It is unlikely that these sites were affected in any way, the visits in this case were no different to UK based visitors. The only difference is they came from everywhere in a very short period of time, apparently altogether or in quick succession.

Speculation

A few years ago I witnessed an attack on one of my sites while with another hosting company. I documented it at the time in this site. The site in this case had a protection mechanism built in that if there were too many visitors arriving at once, or trying to log in, they delayed any further activity from that IP address. As soon as one was blocked another one started. When that was blocked another one started, and they skipped all around the world in a few minutes.

The site was not taken down, but this is basically known as a DDoS or Distributed Denial of Service attack. The expectation being that if enough computers hit your site it will consume the server resources and your site will grind to a halt.

Click on the image to see a larger version

BOT Network

It is highly likely that I was witnessing a Bot network which is a set of compromised servers from around the world controlled by one central resource and they were testing it. When I last came across this I had all of the IP addresses of the computers, and could do a geo location search and also identify the owners of the computers (if they were a server for example). In many cases they were corporate servers owned by respectable companies that probably had no idea that there were additional processes running off of their computers.

The system might be targeted at some point on a corporate server and financial demands made to turn it off.

Things for you to think about

If you see a massive peak in your statistics that you cannot account for, let me know ASAP. I will look into it. If you have one of these it means your statistics for that period are no longer valid. So do not use them in any promotional documentation.

You may have seen in the past messages like “We checked your website and it was not getting many visitors pay us ££££ and we will increase the number of visitors to your site” Well this is one way of doing it. It will not however generate any more business because the visitors are not real.

I can selectively turn off countries from accessing your website and take some other measures with the hosting company if you see anything like this.

However it should not really impact your website, or your existing visitors. If you are not sure about something; drop me a line.

Higher Specification Hosting Available

With effect from 1st April 2021 I will be offering website hosting on a higher performance hosting platform based on a Virtual Private Server (VPS). This means I have total control over the memory loading, processor loading, disk input/ output, network bandwidth for the VPS.

Where you are located currently this is in shared hosting which can be affected by other websites and functions sharing the same platform. I can now offer an upgrade path to higher performance.

The difference is faster access speeds and responses. Editing is notably faster too, I am developing all of my new sites in this space now.

The current fees for shared hosting with me, is £5/ month per account paid annually in advance.

If you wish to move to the higher performance hosting with dedicated resources the cost will rise to £10/ month paid in advance. Should anyone wish to move back to shared hosting, I will move them back within 28 days and refund any balance. So migration to and from the higher performance system is risk free.

Owncloud private cloud file sharing platform

If you move over to the VPS high performance hosting system I will also add in an OwnCloud file sharing platform into the hosting as well. I cannot do this in shared hosting, but because I effectively purchase disk space, I can use it for other things.

Why might file sharing be important?

We have all been locked down for pretty much 12 months. We have had to learn to work remotely, so people that used to touch base every now and again, or visit an office have not been able to do that.

OwnCloud provides a private and secure storage area on the server within your account. The nominated person in your organisation will access it to configure it and manage it, or I can do this for you. For your staff, or your trustees, or your volunteers; each person will have an account on the system. They download a free program on their computer, run it and log in. What happens now and subsequently every time they turn their computer on; a directory on their disk drive synchronises with a virtual folder in the cloud, and subject to access permissions, synchronises with it. It remains in synchronisation with the server while the computer is powered on. It works with Windows and Mac computers.

This means all of the nominated people can work locally on shared documents. Any changes are copied back to the cloud, and then sent to everyone else automatically.

Each account has a password and user name which is private to the person accessing the system. So you have complete access control. This system is much more robust than having a password protected page, because in this case it is much more secure, and depending on write and access permissions everyone can both read and write to the common storage area.

I already use a password protected page on my site

A password protected page limits the ability of the public to view something in a website, but it is a common password shared by a lot of people. Apart from the administrator, all participants are read only. It works fine, but it has limitations.

If you are in a group working on and sharing documents, this system is much more effective and secure.

A practical example of how it works

Many of the people I provide support to are worried about their IT skills. One of the benefits of this system after it is installed, is it works in the background.

Let’s assume we have Fred who is the chair, working with Sarah and Peter who are Trustees. Sarah owns the task of revising a policy. Peter and the Chair have signoff on it. If they have this system installed on their computers, it will work as follows:

Sarah starts working at 6pm, loads the old version of the policy into MS Word and starts to work on it. As she is working she adds notes into the document suggesting things to change. She saves the document locally on her disk drive in a special “OwnCloud” folder. When she saves it a copy is also passed back to the server on the internet as her copy is re-synchronised with the server automatically.

At 7pm Fred turns on his computer. A short time later his OwnCloud folder has synchronised with the server and a copy of Sarah’s working document has been downloaded. He can now review this. Make his own copy of the document, add his comments in and save it locally. When he saves it locally it also resynchronises with server and the file is uploaded back to the cloud.

At 8pm Peter turns on his computer. It synchronises with the server and finds two new documents. One from Sarah and one from Peter. He can open both and see Sarah’s original comments, and another version with the chair’s comments.

Peter appends his comments to the version that the chair raised and saves it locally. It is automatically synchronised with the server again.

Meanwhile Sarah left her computer on the whole time. As the variants were uploaded to the cloud, they were downloaded to Sarah’s disk drive, so she can see other people are working on the files.

Summary

OwnCloud is a very powerful system with lots of parameters which can be controlled by the administrator, including who can see and edit what. It will significantly help with remote collaboration.

Owncloud Provided with VPS hosting

If you move your website into the VPS hosting, I will add in an Owncloud private storage area and set it up for your users. You will have initially 3GB of storage space on the server. So this system is really for documents, not images. Things like Policies and Procedures are a good example of where this system can provide benefits. More storage is available if you need it, but it will be priced in increments.

There will also be a non refundable fee of £50 for setting up the OwnCloud system and documenting how it is configured. Training will be provided to your administrator.

← Virtual Private Server Spring Clean? →

Virtual Private Server

Following a request for faster performance, I have taken out a new account in February, and have been experimenting with it. It is called a Virtual Private Server (VPS).

When you look at the range of hosting services available they start off as shared hosting where there may be several hundred, or even over 1000 websites all sharing the same server platform.

I am a reseller, so I purchase a block of resources on this shared platform and add websites into this system. The hosting company monitors the performance of the servers and makes sure they do not crash, or fail, or run out of hosting resources.

However this model means that while each website is physically separated from the next, you can be affected by the overall operation of the server. I know from my dealings with the hosting company that they are pretty good at managing this, and it is very rare for a website or server to go down. If it does, by the time I have alerted them, they are generally already aware of the situation and have some remedial process underway.

I spent a lot of time in January and February trying to identify why some sites ran more slowly than others, and what could be done to speed them up. I have a series of support threads in this area with the hosting company. Your sites have many local tweaks on them to help them to perform well. But sometimes there are server related issues where a site might be slowing down, or less responsive because of something else going on, on the server. You are also spread across many different servers, not everyone is on the same one.

There are also some complexities with the caching system used and what it does with code used by the website. Sometimes deleting the server side cache (Stackcache in your dashboard) can clear things up.

Checking out some competition

I took out some hosting with another UK based company in early February to establish if we were seeing “good performance” compared to a competitor. I tried several sites there and recorded the difference in speeds. It turned out that where we are now for this class of hosting is very good. The cache provided by the server is also effective in giving each site an edge over competitive shared hosting.

The Next Level

When you look at hosting plans, the next level up from shared hosting is Virtual Private Hosting. This is where an instance of the operating system runs on platform where you have finite resources such as processor cores, memory, disk space, disk input/output and network bandwidth. Unlike the shared model, you are not sharing this model with anyone unless you choose to do so. There are several levels of performance, and you can scale up (or down) as required.

Wingrove-Media VPS

I have taken out a relatively small configuration, but it is almost as expensive as the shared reseller hosting on an annual basis. It is based on a two core processor, 50GB disk space, 100Mb/s network speed and 2GB of memory. I have been running several websites in this space over the past 3 weeks.

Site access speeds are notably faster, editing is much faster, which tends to indicate that the Divi editing system is quite processor and memory intensive on the shared platform.

I can scale this area up from 2 processors to 10 processors and over 400GB of space 1000Mb/s port speed at £250 per month! Well that is a long way off. How this all goes is highly dependent on people moving their sites into this space.

For now this platform is available for the next 3 months and under review. I will provide more information on pricing and terms and conditions a little later.

If you are concerned about your site speed, and would like it all to run faster, I can demonstrate the benefits by moving your website into my VPS account for 2 weeks. Contact me for more details.

Slow site? Check your browser

One notable thing I did find out during this exercise was that Chrome was not as fast as I expected it to be. I ran multiple tests by working my way from left to right loading the top level pages on a website, and timing how long it took to load every page at the top level. I did this with Chrome (my normal go to browser), Microsoft Edge and Firefox. Chrome produced consistently lower results than Firefox and Microsoft Edge. (This was on a Windows 10 Professional platform).

I have started to use Microsoft Edge as my go to browser, and this has increased editing and browsing times. I would also add here unlike your Chrome Browser I have a few plugins loaded into mine, so these may have contributed to slowing it down. I did try unloading most of them, it was still slower than MS Edge and Firefox. That all said, I would recommend giving them a try. Unlike MS Explorer, which did have issues in compatibility with Web Standards, MS Edge seems to work fine.

Need a bespoke CRM system? – Call Graeme Neale

If you have either reached a point where you might benefit from a CRM System (Customer Relationship Management) or your old one has fallen into disrepair or has been withdrawn from the market then you might like to check out Graeme Neale, (Email address: gnh@pmvideos.com )

I have virtually met Graeme through the website redevelopment for Home-Start North West Kent where he has been building a new CRM system for them to replace MESH which is withdrawn later this year.

Graeme charges a flat fee for the development of the system, provides training and maintenance for a year, after the initial period; ongoing maintenance and support is negotiable.

If you are looking around, or considering just using spreadsheets, it might be worthwhile sending Graeme a message to see if he can help.

← Evening Tutorials Virtual Private Server →

Website Health

WordPress has recently introduced a health widget in the dashboard. It indicates the health of your website. I have been getting questions on it. It looks like this.

I have not done anything yet on this site (my site) so let’s take a look. First thing is not to wholly believe what it says. But we should check it out. I have clicked on the Site Health Screen link. It takes me to here.

The first thing to note is at the top. It is now running some tests. Which infers it did not really know what the state of the website is.

We have 0 critical problems, if you ever find you have one or more in this space alert me immediately. A critical problem could bring your website down.

The two recommended improvements show that I have one or more themes that are not in use, I should remove them.

It also says I have one or more plugins loaded which I am not using, I should remove them. Both of these are security precautions. In our case, not that important.

The last one relates to a function in the hosting which I have never seen anywhere, and is not supported by this hosting. It too is non critical. However it is worth checking by opening the box.

In the meantime while we have been thinking about this page the Site Health has changed to:

… GOOD. Well I did not do anything to the site. Unfortunately the way this has been implemented is a little alarmist. I don’t mind WordPress mandarins building a stronger and more robust platform, but this feature is not a great implementation as it turns out.

Check for yourselves

When you next login, give it a try and see what the page says. If you see something there after you have loaded it and are concerned, let me know and I will check it out for you.

← Website unavailable and other messages WordPress Site Health Check →

Website unavailable and other messages

Over the past six months there have been around 4 or 5 cases where websites have stopped working. This can invoke panic if you have never seen it before. There will be a white screen and some short message on it which will not mean a lot to you.

Firstly do not panic

Your website is still there, but cannot run. WordPress introduced some measures around six months ago which ran some diagnostic and other tests and reported on the health of the website. It is since this change some sites have failed, probably because one of the trapping mechanisms trying to identify problems has kicked in.

Generally what has happened is the website may have been upgrading itself, the upgrade has caused a temporary conflict, and this or some related event has caused it to crash. What you see is the white screen. It can sometimes be falsely triggered by security plugins.

How bad is it?

The first thing to check is whether you can still log in to the site. Try to login as an administrator. If you can get into the site, there may be a warning message there. If the problem is down to a plugin (it normally is) try turning some of them off and see if the website returns. If the site does return, delete the broken plugin, and try reinstalling it.

If you cannot login and have access to the hosting

Normally the way I have to handle these problems is to log into the control panel, use a file manager to locate the plugin directory for the website. I then work my way down the list renaming the directories by adding some text at the end of the directory name. For example if the directory was called wordfence, I will rename it wordfence-off. When I do this, the plugin can no longer load. If it was the one causing the problem, then the site will return.

I would then delete the plugin and reinstall the latest version, that normally fixes it.

Can’t fix it?

If you cannot resolve the problem, send me a message, better still call me on the phone, and I will take a look as a priority. But you may find you can resolve this yourself.

Why?

I use a very limited set of proven plugins across the websites I build. They are all well maintained, and if a problem exists, and I can identify it (usually takes around 30 mins), so far removing and reinstalling them has resolved the problem. You may however have added in your own selection of plugins. Not all plugins are equal. Yours may be causing the problem.

If you are stuck, and have refreshed your browser, or tried a different browser and get the same result alert me immediately and I will try to get it resolved for you quickly provided I am near a computer.

If the worst happens

We always have a weekly backup we can rely on for website recovery if we run into a problem that cannot be resolved.

← Speeding up websites Website Health →

Speeding up websites

Over the course of the past three years I have raised over 300 tickets with the hosting company to raise technical questions and try to resolve problems. That does not mean they are not very good, far from it, they offer an excellent service, and are based in the UK in Nottingham.

One of my eternal questions is why is this one website running slowly and the others are ok. That can be for all sorts of reasons, including my local area network as it turns out. I inevitably am told “well it all looks ok from here” but they are sitting on the end of a VPN and not accessing the site in the same way I am doing it.

Anyway to cut a long story short, I am working my way around all of the website accounts and making some optimisations in the hosting account. I have to do this on a per account basis, and it will likely take the next two weeks as a background activity. It includes increasing the number of variables a website can use, this is important for Divi based sites, increasing the memory the site has available to 512MB. Turning off the standard WordPress Cron job manager and running one CRON job every minute from the hosting. Standard WordPress needs to carry out housekeeping functions, and these are triggered by visitors. If you do not have many visitors the jobs may accumulate, and also the hosting limits the number of jobs to be run to one per visitor. The fix in the hosting and getting the housekeeping function triggered from the hosting will keep these jobs to a minimum.

While doing this I am also checking the sites, adding back in the Google Analytics plugin you used to use, it was sold to a third party by the author, and from then on the new owner was asking for money for what should be a free service. It will show a graph on the dashboard after it is installed again.

Increasing backups to 8 consecutive weeks, and setting up an encryption password to protect the backups.

If you lost it, I will reinstall the old WordPress editor, some of you have mastered the Guttenburg WordPress editor, but it is a stretch, if you only go into the site now and again. The original editor was much easier to use.

Checking everything is running on the site.

Finally turning on a website optimisation function in the hosting and a CDN (Content Delivery Network) function in the hosting.

Having worked through that lot, your site and page changes should work in a couple of seconds. That seems to be the case with the first 20 sites.

I am trying to get all of the accounts to reflect the same standard settings. They have not over the years for a number of reasons.

Any problems drop me a line.

← All about Email and Webmail Website unavailable and other messages →

Support via Zoom

Like most of you I have become a Zoom convert and have taken out s subscription. I can provide ad hoc support if you are stuck, free of charge, just drop me a line and I can give you a hand. Training is also available delivered via Zoom if you need a refresher, or never got any training because of the coronavirus pandemic. So no excuses for not knowing how to do something.

Remember no such thing as a silly question. So if something is bugging you, stopping you from updating your site let me know.