Using the new hosting

At the time of writing this I have moved over around 30% of the sites I manage. These are some of the key differences and benefits of the move.

 

  • Ability to backup all of the account including email
  • Faster UK based hosting
  • Hosting can be Windows, Linux or WordPress optimised
  • Up to 100 email accounts
  • IMAP based email with 10GB online storage
  • Webmail online (through here:  https://stackmail.com)
  • Email spam filtering is included and running
  • Unlimited hosting space
  • Unlimited bandwidth
  • SSD based storage (means it is fast)
  • Free SSL certificate (means we can use https security*)
  • Ability to block access by country in the control panel
  • Your own hosting control panel

The only downside I have found so far is technical support (this is something I use frequently) is not available 24×7 yet. But it is better than the other companies I have been working with.

*What is changing?

As I move people in and check that they are happy with everything, I am working my way around and turning on SSL for all websites.  SSL stands for Secure Socket Layer and it means that HTTP access to and from your website is encrypted. It is the same technology that is used with your bank to keep your transactions secure.

Some very recent changes will likely either fail dismally, or succeed in making some radical changes with websites. Over the past week Firefox has released a new version of their browser which makes it very apparent that you are entering information into a form and it is not secure. It was not secure before, and for the most part did not matter. That is how most websites work because they do not run over https://. I have generally not used https:// (the s stands for secure) because it means you have to purchase a certificate for your domain. Hosting companies charge money for these certificates, between £25 and over £100 per year. This would be a large expense given the annual hosting cost is only £48/ yr (assumes one website in the hosting).

However, possibly through revelations from leaked reports on security agencies reading our mail, logging into our systems, and possibly the volume of hacking that goes on: there may be an internet clean up process going on here.

Reading what is on the wire

Most people are unaware that if it was possible to tap into the communications on the internet from your location then there is a lot someone could find out about you, because some of what you do is in plain text. It is not generally practical to do so, and the nature of most networks today are point to point switched rather than distributed with the exception of WiFi which I will come back to in a moment.

Within the service providers data centre, or at any point going to the data centre from your location a 3rd party could add something to the network your data is on and collect messages from you and then analyse them. What they could not easily read is encrypted traffic. But much of it will be unencrypted or plain text.

I know this because I have done this locally on my network in the past, to capture traffic and see what is inside the messages while trying to figure out where traffic was coming from.  However practically speaking data centres and the street cabinets that carry the traffic are physically secure. So it is unlikey to happen, and you need some expertise to do it anyway.

It is possible for example that your mail settings are unencrypted, if you check your accounts in Outlook (or your mail application) which ports are you sending and receiving over, and do they use SSL?  If they don’t someone could capture your email messages. Think about the things you read and send in email.

The Public “Free” WiFi Hot Spot

Most WiFi hot spots are of course legitimate, the free ones want something from you like your email address so they can send you promotions. There are some that are set up on the street, in shops etc. Let’s refer to these as informal public WiFi hot spots. At the point the WiFi signals are converted to Ethernet messages and sent to the router at Joe’s Cafe, if Joe or one of his staff had inserted something into the data path that collects and analyses traffic, they could read your mail, know your mailbox password and independently access your mail and other areas. You would not know about it if your mail was sent in plain text. Likewise with accessing websites over unencrypted links.

Back to SSL and S in https://

When you login to your website, you login in using plain text at the moment. So someone could capture your password and user name. When https:// is turned on, and a certificate is issued for your domain, all access to your website, particularly forms is encrypted. This prevents a 3rd party from snooping on the network, or tapping your connections. Even in Joe’s Cafe.

Practical Limitations

Right now all websites were built based on an HTTP connection. This means that there are references in your website, particularly to images where the image is sent over a non secure connection. This means that your website is serving mixed content. This does not matter, provided that things you enter are secure.

Over the coming months I will try to find a way to make sure everything is locked down, but this step is in the right direction. The only way to make a completely secure site right now is to build it from the ground up on an https:// based site. I expect there are ways to detect where http:// is used within your site, and change those in database. However I don’t want to dive in there until I have found a way to do it that is quick and safe to execute.

Using Email

I have added an IMAP mail box and removed my former POP3 mailbox I had locally.  This means in Outlook, the view I have of my mail box, is the same view if I go on webmail. The difference here is that my mail remains at the server and is organised as such. I can now use multiple devices and have the same views of my mail whatever device I use.

Mail filtering that is running in the hosting is trapping junk mail. My junk mail has dropped substantially. So this is another big plus. The hosting uses some tests on mail and checks against some databases to locate common spammers. You can set the level of filtering, they are set up as high by default. I have not come across any problems, however it is a good idea to check junk mail from time to time.

Managing messages from your website

In all cases I have added in an email address that your system will use that shares the same domain name as your website. This is a safety measure, as mail originating from a website that is going out of the hosting is often detected as spam in the hosting and can be blocked. By sending the mail to a legitimate inbox first, and then forwarding it out to where it needs to go gets around that problem.

If you run a newsletter

Some newsletters are sent through a mail function in the underlying infrastructure of the website. There is a limitation here that only 200 mails per 12 hours can be sent this way. If your mailing list is above 100 names, let me know and I can set up your newsletter to send through an email account using SMTP.

Email from this system can support 8000 mails per 24hrs through a mailbox set up on the system

If you use forwarders

In the last system it was possible to set up a forwarder without an email account. That is not possible in this system. Each forwarder needs a corresponding email account. You do not need to use the email account, but do make sure you set one up otherwise you may receive an error if you try to use a forwarder (particularly group forwarders without an email account being present.

If I come across anything else that is noteworthy, I will add it here, or expand to another page.

Next: New Control Panel


Return to New Hosting

 

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail