Newly Identified Risks with Horde Web Email

It’s nearly impossible to veer away from web security and privacy concerns these days, as it’s a pressing issue in the digital world and the frequency with which new hacker attacks are arriving makes this types news as necessary as it is overwhelming. As we discussed in an earlier entry here, hackers are motivated by money, as there’s dirty dollars to be made selling sensitive information acquired from people without their consent, approval, or anything or the sort.

So here we are into the second last month of 2019 and – not surprisingly – another new and urgent software vulnerability is pushing its way to the forefront of what’s new and noteworthy in the world of web hosting. Here at 4GoodHosting, it’s likely that we’re not different from any other good Canadian web hosting provider in that we don’t have the luxury of not paying attention to developments like these, and so here we are again today.

Most of you will be familiar with Horde, as it’s one of the most popular free and open-source web email systems available to consumers these days. In truth, it’s the epitome of what a quality open-source web resource should be, as it’s been very responsibly built and is a good example of what can and should be done to ensure that software does not eventually become exclusive to deep-pocket development businesses.

However, unfortunately it seems that a major security flaw with Horde has been exposed and we believe it’s always best to put users in the know as soon as possible regarding this stuff. We’ll try to go short on the technical stuff, but this vulnerability is related to CVE 2018-19518, an IMAP (Internet Message Access Protocol) and it exists in the ‘imap-open’ function that is used to open an IMAP stream to a mailbox.

Invisible Thieves

In most cases where security is compromised and information or identity theft occurs – both in the digital world and otherwise – there’s more often than not some type of identifiable evidence of an unwelcome guest having been on the ‘premises’. Not so here, as a prominent web security researcher claims they’ve detected several vulnerabilities in the popular open-source Horde web email software that allow hackers to steal the contents of a victim’s inbox, and do so nearly invisibly.

Now for those of you who are in fact unfamiliar with it, Horde is one of the most popular free and open-source web email systems available. It’s built and maintained by a core team of developers, with contributions from the wider open-source community. It’s popularity has grown in leaps and bounds over the last couple of years, and is actually the default email client that is used by a good many universities, libraries and many web hosting providers themselves.

According to the report, these vulnerabilities with Horde were first seen in May. How the hackers gets ‘in’ is by scraping and download a victim’s entire inbox. Now most you will be saying ‘surely that’s not possible with all the protective measures and security checks in place these days’, and you’d be right – provided the door wasn’t opened for them.

That’s how this Horde security flaw is taken advantage of. The hacker tricks the user into clicking a malicious link in an email. Once that click is made, the inbox is quickly and thoroughly downloaded to the attacker’s server.

What could happen next likely doesn’t need a whole lot of explanation. Any valuable information contained in any of the communications contained in that inbox is there for the taking. Given how many of us have sensitive information like banking and other types contained in email communications, this risk doesn’t need to be amplified any more than it already is.

Known Culprits

Earlier this year there were over 3,000 firewalls hit with 20,000+ requests over just two days, and while we don’t have numbers to indicate how the problem’s been since then the fact that it’s more in the news now than then suggests that the problem hasn’t abated and very likely grown since then.

The folks over at Sonic Wall have published some of the ‘busted’ IPs from which these requests have originated. If you know where to look for them and are using Horde yourself, feel free to have a look for any of these known bad guys:

109.237.27.71 / 98.6.233.234 / 173.8.113.97 / 34.195.252.116 / 85.25.198.121 / 103.233.146.6 / 98.188.240.147 / 162.158.63.144 / 203.180.245.92 / 173.237.133.206 / 23.210.6.109 / 45.33.62.197 / 85.25.100.197 / 162.243.224.192 / 212.48.68.180 / 200.160.158.244 / 149.126.78.3 / 162.158.154.95 / 81.169.158.6 / 23.35.150.55 / 51.254.28.132 / 150.95.169.224 / 162.158.77.240 / 139.99.5.223 / 185.18.197.75 / 162.158.90.10

And if you see activity from any related to access to your software then it should very much be a red flag.

A Fix?

The norm is for security researchers to typically give organizations three months to fix flaws before they are publicly disclosed, so the fac this information has been made public and the news of the breaches counted earlier in 2019 suggests this has gone on for too long. Further, the consensus is that these flaws pose a ‘high’ security risk to users.

It should be mentioned that some – not all – of the vulnerabilities were fixed in the latest Horde webmail version. We’ve read that the Horde community has not publicly acknowledged the vulnerability — or that users of earlier versions of the webmail are still vulnerable.

Definitely something to be aware of and taking steps to protect yourself if you and / or your organization is using Horde as your chosen mail client. Not suggesting you reconsider that choice as it really is an excellent free and open-source web email system. And further, now that this is much more in the public eye, we expect Horde to be MUCH more aggressive in addressing this security vulnerability.

Fixes for Common iPhone 11 Problems

There’s no family of phones that make quite the splash like iPhones when a new one arrives. These days it’s the iPhone 11 that’s come onto the scene with a whole lot of fanfare, and for good reason. It’s quickly becoming regarded as a big step up from its predecessor, and not surprisingly they’re being snapped up big time by consumers who don’t mind the somewhat pricey tags attached to them. The tech giants out there in Mountain View, CA truly don’t ever rest on their laurels, and the iPhone 11 is a testament to that.

Here at 4GoodHosting, we’re thinking it’s likely that every quality Canadian web hosting provider is going to have plenty of customers who are iPhone faithful. We’re no exception there and we have more than a few of them here ourselves. If you’re going to shell out the big bucks for the newest iPhone then you’ll be expecting a superior product.

Now to be clear we’re not suggesting the iPhone 11 isn’t one, but it is true that – as is the case with any tech product – there’s often a few kinks that need to be worked out. These issues aren’t so major that they’ll be any type of deal breaker that will have an owner second guessing their decision to buy the newest iPhone, but they’re significant enough that any ‘fix’ for them will likely be most welcome.

So that’s what we’ll have for you here today, an overview of common problems with the iPhone 11 Pro and very straightforward ways of addressing them.

Eventful OS

It’s true that the number of reported issues with iOS 13 makes up quite a list. In response to this Apple has released a series of updates to respond to them, offering fixes to mitigate issues with the hardware. Here are a few initial iPhone 11 problems we’ve discovered around all three versions of the new phone so far and some tips on how to fix them.

Problem & Fix 1: Wireless Charging

This issue is definitely the most widespread of all, so it gets top spot on our list. The most common issue here is when an iPhone 11 is laid on a Qi wireless charger, your new device will not actually charge, despite it clearly recognizing its interaction with the charger. Some people have also claimed that their device becomes very hot to the touch, even while not charging on the pad.

There is something of a consensus that this bug first surfaced after installing various iterations of iOS 13, and that may mean the blame is more with the software than the functionality of the device itself.

Possible Fix:

A straightforward suggestion is the only one to offer here – update your iPhone’s OS with newly released versions, with Apple continuing to issuing fixes for various problems. Note as well that for some user as power-off reset/restart resolved this problem for them

  • Press and release volume up
  • Press and release volume down
  • Hold the power button and wait until the Apple logo appears

Problem & Fix 2: Activation Issues

No matter what type of device it is, activation issues are fairly standard when you try to get a new phone up and running at first. So not surprisingly, the iPhone 11 is no exception.

Possible Fixes:

Start by ensuring that all systems are up and running by checking Apple’s System Status page. Seeing anything that is not toggled in green means you need to wait until all systems are up, and then try again. If all are green and you’re still unable to proceed with the full activation, check that your phone has a SIM card inserted. Switching the SIM card from your old phone into your new one is option number one. If you continue to get a “No SIM” or “Invalid SIM” error message, despite having just inserted the SIM card and certain its there, Apple recommends doing the following:

  • Confirm with your mobile service provider that your plan is operational
  • Update your handset to the latest iOS version and restart
  • Go to Settings > General > About. If an update exists, you’ll see a prompt to select OK or Update. Choose it and see to it the update completes in full
  • Remove the SIM card from the tray and then place it there again, also ensuring the tray closes completely
  • Confirm that the SIM card is operational, by trying a different one. You can ask your carrier to test your phone with a different card. If it’s found that your current one is defective, they will almost certainly provide a function one for you at no cost

Problem & Fix 3: Volume, Audio & Sound Issues

A good many new iPhone 11 owners are also reporting that there’s issues with the volume and audio on their phones. While we haven’t been able to dig up and explanation for that yet it’s not to say this isn’t something that an OS update can remedy. It likely can, but you can also try these solutions on your own in advance and see if they work for you.

Possible Fixes:

  • Remove the SIM card from your phone, and then re-insert it. This problem can be caused by a SIM card that’s sitting improperly in the SIM card tray
  • Turn off Bluetooth and then compare the audio quality with or without it active. If it improves, have Bluetooth turned off when making or taking calls.
  • Check to see that your microphone is clean, clear, and unobstructed. These things can get filled with dust and grit fairly easily, and the blockage prevents the mic element from picking up sound
  • If the above steps are ineffective, clear your phone’s cache memory by restarting it
  • Do a hard factory reset (Settings > General > Reset). If you’re going to go this route, however, be sure to back up your data first

Problem & Fix 4: Overheating

This is the surprising one of the bunch, and especially considering the huge issues that were seen with Samsung’s Galaxy S7 a few years back. There have been plenty of reports about iPhone 11 units becoming seriously hot to the touch, along with concerns about the effect on the long term battery life of their new handset. If yours is giving you grief that way too, here’s what’s recommended. We’ll state first that if your phone is extremely hot then you should go to your provider and make them aware of the situation.

Possible fixes:

  • Remove your phone from its case. Some inexpensive phone cases actually block the heat dispersal points on the device and promote it overheating as a result
  • Avoid leaving your handset in a car or exposed to hot temperatures for extended periods of time
  • Make note of any games or apps that cause your phone to overheat
  • Try going into Airplane Mode for a while. Go into the Control Center and tap the plane icon to shut off all GPS, Bluetooth, Wi-Fi, and cellular signals. Monitor your phone to see if it cools down as a result of doing this
  • Observe if it is charging your device that causes it to overheat. If it overheats and stays hot to the touch following charging, then you must take it to your retailer and ask that the issue be looked into without delay

Should none of the above steps work, you’re encouraged to contact Apple tech support or make an appointment with the Genius Bar.

Why the Rise in Phishing Attacks Against Macs?

It’s likely fair to say that people who are loyal to Macs are more fervently that way than their opposites, meaning people who are PC. Whether that has anything to do with Apple’s advertising campaign of 10 years ago or so where Mac was a young, hip, and casual and PC was older, inflexible, and suit n’ tie guy all the way. But the truth of the matter is for those with certain prerogatives when it comes to their computing device – especially for creative work – a Mac is the only way to go much of the time.

It’s for this reason and the ongoing popularity of the iMac and MacBook that today’s subject is worthy of some attention. There’s been a pronounced rise in the number of phishing attacks against Macs, especially in recent years. Here at 4GoodHosting, we can assume that many of you are Mac devotees as well, and that’s why as a leading Canadian web hosting provider we can relate to how anything that puts you more up to speed on what might be threatening your Mac is going to be quite welcome.

So what’s this all about, and what’s the need-to-know here and what’s just noise? We’ll do our best to lay it all out for you here today.

The Mac Myth of Malware Immunity

That Macs are immune to malware is a myth, but it’s certainly a popular one. It is true that the risk of attack for Apple’s computers is significantly less than for Windows computers, but they can still be compromised and infected. Look no further than the Zoom infection that hit up many users earlier this year, and something that did get quite a bit of coverage.

This is confirmed with a report a few months back from antivirus firm Kaspersky, which published a report claiming that phishing attacks on Mac users could double from their 2018 rates by the end of this year. That’s going to be a cause for concern for anyone using a Mac.

The report states that in the first half of 2019, Kaspersky software detected some 6 million or so phishing attacks targeted at Mac users, with 1.6 million attacking the Apple brand name by June 2019.

For those of you might be unfamiliar with what a phishing attack is, it’s where a malicious actor attempts to trick you into giving away sensitive information. For example, they might send you an email masquerading as an Apple message and asking for your Apple ID login info. If obtained, this info is then used to make fraudulent purchases.

2015 MacBook pro – Preferable to a 2019?

As much as that doesn’t makes sense – maybe so!

The number of phishing attacks taking aim at Macs in 2015 numbered 852,293, based on Kaspersky’s software. That rose 86% to 1.5 million in 2016, then exploded up to 4 million by 2017. There were 7.3 million attacks in 2018, and the company is reporting 5,932,195 attacks so far in 2019. Should this growth continue at its current rate, there could be over 16 million Macs targeted by the end of this year, and that would more than double the 2018 number.

Apple is offering a number of tips on how to avoid being victimized by phishing attacks. The most important thing for you to understand is this:

  • Apple will NEVER ask for your Apple ID password or verification code in order to provide support, and launching browser pop-up windows warning you that your Mac is infected is also something they NEVER do. If you get an unsolicited phone call from someone claiming to be from Apple, hang up and contact Apple directly.

There is, surprisingly, some good news in this. The number of circulating malicious files that target Mac users and the number of times Kaspersky products detected malware and potentially unwanted software on Macs seems to be declining in 2019 compared to 2018. The belief is that this is a reflection of how these interests are refocusing their Mac efforts on phishing rather than on viruses and other malware files.

Ample Annoying Adware

Kaspersky’s report explains further that although both the number of malware attacks and the number of affected users have been growing annually since 2012, the number of affected users actually dropped noticeably from around 255,000 to 87,000 in 2018.

The belief is that the era of explosive growth with Mac-focused malware seems to be behind us, and the decline in the activity of cybercriminals on this platform is a slow but definitely discernible trend.

It’s also worth noting that instead of full-fledged viruses, most of the Mac malware coming around these days is Adware – malicious files that run ads in as many places on your Mac as possible. Why this is something of a grey area, but it may be primarily because much less effort is needed than to create a virus.

To their credit, Apple is seeing this trend and making redirected efforts to protect its customers. We should note as well that this is only part of the overall picture with Mac OS security concerns. Attacks on Mac users who were running different antivirus apps – or none at all – didn’t enter the picture. For this reason it’s safe to assume that the total number of these kinds of phishing attacks is likely higher.

Antivirus Up – Now

We’ll conclude here with proving some solid if unspectacular advice; if you haven’t installed an antivirus app on your Mac, it’s high time you did. And, like anything, it’s a good idea to buy one of the pricier ones because it’s a product like most others in that you get what you pay for.

If you’re looking to protect your Mac, you should install an antivirus app. We’ve rounded up your best options to help remove the guesswork in keeping you safe on your Mac. Macworld is a very reputable source for information related to Apple products, and their #1 choice for antivirus software for Mac is Sophos Home Premium.

Browser Fingerprinting: The Risk, and What You Should Know

Internet privacy is one of the hottest of the hot button issues in the digital world these days, and it has been for quite some time. There’s so many different ones that are still discusses at length, and for good reason. News over recent years has indicated the surprising extent to which people’s private and other information has been exposed. There are ongoing efforts to counter this trend, but as is the case with many things it takes time to put effective measures in place.

Browser fingerprinting is one of them, and when one digs deeper into this particular issue it’s fairly common to have greater concerns about it. Here at 4GoodHosting, we are one of the many reputable Canadian web hosting providers who see the ‘insecurity’ of the World Wide Web to be as big a problem as it really is. As such we choose to make people informed of what they can do to protect themselves against the prying eyes that they likely have no idea are watching their moves online.

So what’s at issue here, how concerned should you be, and what can people do to be proactive in defending themselves against browser fingerprinting. Let’s look at all of this today.

Pervasive Peeping

A good number of people who use VPN services to hide their IP address and location may believe that by doing so they don’t have to worry about their browsing privacy being violated. This is the best place for us to start here, because that’s simply not true. With browser fingerprinting you can be identified and tracked.

One thing there’s no getting around is that every time you go online, your browsing device then provides highly specific information about your operating system, settings, and even hardware, to the site you’re visiting. This in itself is perfectly normal, and ideally shouldn’t be any cause for concern.

However, when this information is used to identify and track you online then you’ve experienced browser fingerprinting, and unfortunately many unique details and preferences can be exposed through your browser.

Once a sufficient amount of information has been collected, you are now regarded as having a ‘fingerprint’ for tracking and information purposes.

The sum total of these outputs can be used to render a unique “fingerprint” for tracking and identification purposes. What’s revealed as part of your fingerprint? Good question, and it’s quite a list:

  • User agent header
  • Accept header
  • Connection header
  • Encoding header
  • Language header
  • Plugins list
  • Platform
  • Cookie preferences (allowed or not)
  • Do-Not-Track preferences (yes, no, or not communicated)
  • User’s time zone
  • Screen resolution and its color depth
  • Local storage use specs
  • Session storage use specs
  • Picture rendered with the HTML Canvas element
  • Picture rendered with WebGL
  • Identifying and listing of any AdBlock software
  • List of fonts

Extent of Browser Fingerprinting Accuracy

Browser fingerprinting may be a tool to identify and track people as they browse the web, but it’s certainly not the first of them and it likely won’t be the last. There has been all sorts of talk in the news that there are many different entities – ranging from corporate and government ones – that have an interest in monitoring internet browsing tendencies and haven’t been reserved in the slightest about acting on it.

The most conspicuous ones are advertisers and marketers who find this technique useful for acquiring more detailed data on users, with increased advertising revenue being what’s at stake. Alternately, some websites use browser fingerprinting to indicate potential fraud, so it’s true that not every variation of browser fingerprinting is ill-conceived

Test Websites for Browser Fingerprinting

It’s fair to say, however, that you should be doing what you can to prevent your from being yet another information mine for those employing browser fingerprinting. Fortunately, there are some online resources you can use to determine the information that is being revealed by your browser.

The best one in our opinion is www.deviceinfo.me.

In addition, you may also want to try websites that make browser data known and also assess a ‘uniqueness’ score calculated via your variables in comparison to their database of browsers.

Panopticlick is a good one we’ve been introduced to, and amiunique.org is said to also be a good resource. Amiunique, however, is open source and provides more information and updated fingerprinting techniques, including webGL and canvas.

The question will of course be how accurate are these sites. The answer is that, for the most part, they’re only somewhat accurate. Go ahead and make use of them, but don’t take their findings to be absolute truths and a thorough representation of what may be made available through your browser.

Without going into extensive detail, browser fingerprinting test websites like the ones shared above are good for revealing the unique information and values that can be rendered from your browser. Beyond that, however, trying to beat the test by achieving a low ‘uniqueness’ score may be a waste of time by and large.

Mitigating your Browser Fingerprint

Browser fingerprinting is a very complex and evolving issue. One interesting more recent revelation is that there’s nothing you can do to mitigate some fingerprinting attacks on smartphones. That said, here are ways to mitigate your browser fingerprint:

  1. Modifications and Tweaks to the Browser

Sometimes there are different options for tweaks and modifications to mitigate browser fingerprinting. For Firefox, you can get started with this by typing about:config into the URL bar of your browser, hit enter, agree to “accept the risk” and make the following changes:

  • resistFingerprinting (change to true)
  • disabled (change to true)
  • peerconnection.enabled (change to false)
  • enabled (change to false)
  • firstparty.isolate (change to true)

We will mention as well Brave browser is a good option for those wanting a simple, privacy-focused browser that blocks tracking by default and still supports Chrome extensions. Brave also allows you to enable fingerprinting protection, which is under the Brave Shields settings:

  1. Browser Extensions and Add-ons

There are a number of different browser extensions and add-ons that you may find useful. Here are some of them:

  • Canvasblocker by kkapsner
  • Trace by AbsoluteDouble
  • Chameleon by sereneblue
  1. Use of Virtual Machines

Another option is to run different virtual machines, making it so that you’re able to run different operating systems on your host computer. VirtualBox is FOSS and offers an easy way to run different Linux VMs for more privacy and security. There are many different video tutorials online, depending on your operating system and the VM OS you are looking to use.

Virtual machines offer numerous advantages in terms of privacy and security, while also protecting your host machine. If the VM iscompromised, simply delete it and create a new one. Plus, different VMs can be used for different purposes.

  1. Avoid Browsing with a Smartphone

The reality is that every ‘smart’ device is a data collection tool for corporate entities (and their surveillance partners), and smartphones are especially vulnerable to browser fingerprinting. Most often they’re fingerprinted using internal sensors and there’s not much that can be done to prevent that. Attacks can be launched by any website you visit or any app you use on a vulnerable device without requiring any explicit confirmation or consent from you, and a fingerprint is usually generated in less than one second. Plus, the calibration fingerprint never changes, even after a factory reset.

It should be noted that Apple has apparently patched this attack vector with iOS 12.2, while Google and Android still have yet to take any action on it

 

5 Top Features for New Mac OS Catalina

It may be the name of a particularly scenic island off the Southern California coast, but Catalina is now also the name of the newest Mac OS that has recently arrived. Like any successful company they’re not ones to rest on their laurels at Apple, and as such these new and improved operating systems keep on coming. For most Mac owners that’s a good thing, and there’s a LOT of R&D efforts and budget directed towards determining what new wrinkles users will find most appealing.

Here at 4GoodHosting, we imagine that nearly every other quality Canadian web hosting provider is also going to be taking note of the new features seen with Mac OS Catalina. Considering that Macs are the computers of choice for people who employ their devices for creative purposes, we can go ahead and assume these development will appeal to enough of our customers that they’re definitely worthy of a blog post.

So let’s do that here today – have a look at the Top 5 New Features with Mac OS Catalina.

With its release, the new MacOS brings with it a laundry list of changes, including a host of new features, a few updated apps, and the demise of a beloved app. But among these features, five really stand out from the rest. Here are the five best features in MacOS Catalina.

  1. Apple Music, Podcasts, and TV – Replacing iTunes

To be certain, there are a LOT of people who are none to pleased to have heard of iTunes’ coming demise. Whether or not that’s going to be problematic for you, the general consensus is that over time these users will also come to appreciate the appeal of what’s being introduced here with Catalina as it regards entertainment via the devices.

Beginning with Catalina, iTunes is will be replaced with Apple Music, Apple TV, and Apple Podcasts apps. And, in our opinion, if you’re open to new things you’ll quickly come to see how this is all a good thing.

The general consensus is that the Apple Music app is lightning fast and will provide users with a library of some 50 million songs, playlists, and music videos. Plus, Apple Music users will still have access to the iTunes music store. The Apple TV app will support 4K HDR and Dolby Atmos, and the over 100,000 iTunes movies and TV shows now available for rent or purchase is something that promises to go over VERY well with Mac Users who love entertainment on-demand.

Apple TV+ is their new original video subscription service, and podcast fans will love how the new Apple Podcasts app includes a catalog of over 700,000 shows. Go ahead and search for podcast episodes by host or discussion topic and you’ll like how machine learning gets you to your podcast of-choice that much more quickly.

  1. 2ND Screen support with new Sidecar App for iPads

Equally worth of the most fanfare here is MacOS Catalina’s second screen support for iPads – Sidecar. This new feature allows Mac users to utilize their iPads as a second screen with their Macs for any task where two displays are preferable. Sidecar can be incorporated in two different ways; dragging windows from your Mac to your iPad and using the pad just as you would any external monitor, or pairing your iPad with Apple Pencil to make file changes that are then reflected on the primary display seen on your Mac.

It will be possible for you to use Sidecar wired or wirelessly. Do note, though, that for the wireless version to work you must be within ten metres of your Mac. There is also support for Touch Bar provided the apps you’re using with Sidecar actually support Touch Bar.

Sidecar promises to be very popular with people who write extensively with their Mac and would prefer not to have to be referencing on the same display. Of course, there will be many other appeal points for it too. Which leads us to number 3 here..

  1. 3. Using Sidecar to Use iPad as a Drawing Tablet

Another sure-to-appeal aspect of Sidecar will have a lot of promise for artists, designers, and illustrators. Once you connect your iPad with Sidecar, you can take your Apple Pencil and draw and annotate things directly on that iPad.

Needless to say, many people will be abandoning their Wacom tablets and enjoying the direct-source productivity made possible by Catalina OS and Sidecar in this way. The ability to directly edit creations with Photoshop or Illustrator without having to import a file to the device is something that’s definitely going to be well received.

  1. Screen Time

Here’s the one new feature with Catalina that is bound to be getting top marks from parents. Managing the family’s screen time is made a lot easier now that the Screen Time app has become standard with a new MacOS. Catalina’s Screen Time lets users set limits for app accessibility and time usage across all of your Apple devices – not just your Mac.

Screen Time will also generate usage reports, and it also boasts a ‘ One More Minute’ feature that provides users with a small amount of extra time to wrap things up if that’ what they need. It also allows users to set communication limits whereby you can control who is able to communicate with your kids, and when they can do that.

  1. Updated and Improved Photos App

Apple has done well with the way they have revamped the Photos app in their newest operating system, Catalina. The most notable change is the way that it curates and features your best photos for you, doing so while removing poor-quality photos and duplicate shots at the same time without you having to do that manually on your own.

The Photos app also now generates much larger previews for photos, and machine learning helps your OS to be ‘smart’ about highlight important moments and memories. In addition, Live Photos and videos can now be auto-played while users scroll through their photo library.

We’ll conclude today by saying we’re aware we did this same type of commendation for Mojave OS not so long ago, but perhaps the fact that we’re doing it again (and will be in the future too likely) suggests that they do what they do exceptionally well down there in Mountain View, CA.

 

Understanding Web Hosting Bandwidth, and How Much of It You Need

Bandwidth is a term that’s bandied about fairly regularly in the digital world these days, and not surprisingly given how not enough of it can mean the ‘lag’ that nearly everyone has major difficulty tolerating. Truth is a lot of people that might be decrying a lack of it may not actually know what it is, and are more simply regurgitating what they’ve heard others says when voicing similar complaints.

Sufficient bandwidth is an absolute necessity for providing reliable web hosting, and here at 4GoodHosting we’re the same as every quality web hosting provider in Canada in that the success of our business depends on having it to the extent that it’s needed for websites hosted with 4GH. Nothing out of the ordinary there, but what is worth mentioning is that – in addition to having a basic understanding of web hosting bandwidth – there are measures that webmasters can implement themselves to increase available bandwidth.

All of that to come here in today’s blog entry, but first let’s have a basic look at what exactly web hosting bandwidth is and why you certainly can’t do without it

What is Web Hosting Bandwidth

Nearly all of you will be familiar with what it’s like to be driving in rush-hour traffic, or even observing it from a distance. We can think of bandwidth like the lanes of a highway and each vehicle represents the web traffic moving towards your site. Too many of them on those roads leads to long delays and frustrated drivers, while at the opposite end too many lanes mean excessive infrastructure costs for the city and a network that’s difficult and expensive to maintain on the taxpayer dime.

To the point, web hosting bandwidth is the amount of data that a website can deliver to its visitors over a certain period of time. We can conceptualize bandwidth as the capacity or diameter of any one or more of the ‘tubes’ of the internet – high bandwidths mean stronger, larger connections that can deliver more traffic and data, while low bandwidths mean more restricted connections or networks that often result in backlogs and slower loading speeds.

Web hosting providers (like us) typically describe the bandwidth associated with a certain hosting plan by relaying it as how much data can be delivered in a specific period of time, and most commonly in terms of gigabytes or terabytes per-month. As to be expected, you’ll pay more for extra bandwidth, but it’s also pretty much the norm that if you need it it’s not an added expense you can realistically avoid.

Unless backlogs and slower loading speeds aren’t going to be problematic for your visitors.. right then.

How Much Bandwidth Will Do?

This of course depends on the size, structure, and nature of your website. The reality is that bandwidth is a less adjustable component of web hosting, and so it’s important to find a web hosting plan in Canada with just the right amount of it as you certainly don’t want to be paying for a higher-priced hosting package that is more than you need.

It might be appropriate to say it’s better to err on the side of caution here and that too much is better than too little. While that’s probably true, there’s no reason why you shouldn’t or can’t find a package that gives you exactly the amount of bandwidth you need.

The Formula

We certainly didn’t create it, but we’re happy to share this simple formula for calculating how much bandwidth your site consumes; take these factors:

  • Average number of visitors each day
  • Average size of a page on your website, in kilobytes
  • Average number of pages viewed by each visitor
  • 31 days in a month

And multiply them all together.

That number will be the amount of bandwidth you can expect to approximately consume each month, in kilobytes (divide by 1,000,000 to calculate gigabytes). If your intention is to have people downloading files from your site, you’ll also want to multiply the average daily number of downloads and the average file size and add that number to your total.

It’s also a good idea to multiply your bandwidth estimate by roughly 1.5 to give yourself some flexibility with these projections.

Unlimited Bandwidth?

Not surprisingly, global internet traffic is reported to be increasing by roughly 22% each year. This growth is far outpacing the ability of telecommunications and internet service providers to supply the amounts of bandwidth required for many sites to retain their status quo when it comes to website performance. In response we’re seeing increased numbers of packages coming advertised as offering unlimited bandwidth.

That’s going to be misleading like that, as it’s not really unlimited. A better term here would be unmetered. Generally speaking, it’s only unlimited if every site hosted in that shared hosting arrangement is operating within their established bounds. We won’t go any longer, but just be wary of any such offer for unlimited bandwidth.

What Makes Bandwidth Important for a Website?

We can create an analogy here between bandwidth and a pair of shoes. Even Usain Bolt won’t be streaking down the track effectively if his cleats are several sizes too small. But in more literal performance terms, bandwidth is instrumental to your site’s speed and overall performance. You want it to be ‘firing on all cylinders’ as the expression goes, and having enough bandwidth is absolutely essential if your site is to be doing that.

First and foremost with all of this is page load speed. Web browsing individuals are impatient, so enough said about that. Insufficient bandwidth = poor page load speeds. Dynamic content needs more bandwidth too, and it’s a big part of why VPS hosting is increasingly popular these days

Is it Possible to Increase Bandwidth?

It is, and the primary way to do so is by conserving it. What we mean by this is reducing your site’s bandwidth usage. Here’s the most common ways of increasing available bandwidth for a website:

  • Look for external sources or storage for images and videos (or optimize image files for web)
  • Enable compression for HTTP, CSS, and JavaScript
  • Implement caching and a content delivery network to store static content on servers closest to your audience
  • Outsource RSS feeds to third-party applications or plugins

Alternately, you can – as mentioned – consider moving to a VPS hosting package.

Most well-made and well-situated websites backed by solid web hosting can expect to see 10% to 20% more traffic each month. Given this likelihood, even those of you are absolutely content with the amount of bandwidth available to you may find yourself needing more of it in the not too distant future.

3 Guaranteed Effective SEO Booster Moves

There’s a whole spectrum of people who have to have at least some level of familiarity with search engine optimization. Those that have SEO anywhere in their job title are a given, but there’s a number of other people who need to be catering to SEO realities with their work. Those of us who create content are a good example, but there’s others too.

Even if you’re an absolute lay person when it comes to this stuff, you’ve probably heard how Google and other search engine powerhouses prevent people from becoming complacent with all this by constantly changing the algorithms that determine the value of SEO.

Here at 4GoodHosting, as a top Canadian web hosting provider this stuff is very much front and centre for us nearly all the time. We know it has some serious importance for a good number of you too. Page rankings are serious stuff if you need to have your business as visible as possible online, and as such many people make an effort to really stay on top of best SEO practices.

Now we don’t claim to be the best of experts, but here are 3 guaranteed effective SEO enhancing moves you can make to help your website climb to higher spots in SERPS (search engine result pages)

Move 1: Publish Better Long-Form Content More Frequently

You’ve probably already heard the expression ‘content is king’, and likely more than a few times too. Fact is it’s as true as can be. Google rewards quality long-form content provided it is written in ways which benefits the users of the site. To ensure this, you need to review your service pages and give them priority. With a top-to-bottom, most important to least approach. you can identify spots where you can add informative sections of FAQ to expand the value of upon page.

Why FAQs though, you may be asking. They are an excellent means of naturally working in keywords – and especially for FAQ questions that you can foresee being made with voice searches more frequently.

Testimonials are another useful resource for this that many people won’t be aware of, and working with the same principles. Search engines increasingly regard the highest-quality content to be that which is useful for the visitors of the site, and they also have more and more of the AI to accurately identify this type of content.

Longer more-detail and ^useful^ blog posts are good too, and it may be that one longer and more developed post once a month may be better than 3-4 shorter pieces published during that same time frame. Another option is to include the posts of long-form along with short ones that you’ve written to create long-form posts that go once or twice a month.

Other tips? Quotes from the experts, with relevant images that are ideally original and also about the how-to videos with some of the additional resources for the readers are known to be effective SEO boosters as well.

Move 2: Beneficial Link Building

Link building is well understood and a widely-embraced component of content marketing. The key is in creating linkable content assets and then knowing how to market them to the types of people who will find it informative and valuable enough that they consider sharing it.

The general rule of thumb for content marketing has been that you should direct half of your resources to developing content, and the other half goes towards marketing those assets. The smart shift for SEO today is to tilt that in favor of creating strategic content, and even to as much as a 70/30, or 80/20 extent.

Start by analyzing to what extent you have developed relationships with those you consider to be reliable sources of backlinking. If you’re fairly well established in that regard then you might be able to spend about 80 percent of the content marketing and link building time for creating linkable content assets.

If not, you then need to alter the ratio to spend more time working towards marketing your link assets more effectively.

Move 3: Earning Quality Online Reviews Consistently

For a good long time it’s been the case that doing what it took to receive a regular supply of Google Reviews was all the thought you needed to give to getting quality online reviews for your business. Nowadays, however, it’s just not enough because – as mentioned – Google is now just that much more developed and sophisticated when it comes to analyzing the real values out there in the digital world; they have means of determining that which indicates that customers genuinely appreciate companies.

No real ‘trick’ of any sort to relate here – good old fashioned ‘quality products and / or services and putting the customer first’ sort of stuff that’s very necessary for ensuring your business is review favourably online nearly all the time.

It is also now understood that Google will reward sites with reviews that are much more diverse than Google and Yelp.

Get Help if You Need It

It’s likely quite fair to say that well more than half of the people who’ll say they know SEO ‘enough’ really don’t and are likely putting their web presence and online identity at a disadvantage because of it. It’s perfectly fine to admit this, and we’re happy to help any of our customers who are finding their website isn’t where it needs to be as it relates to ranking for keywords.

 

 

New Malware Campaign Targeting 11 WordPress Plugins

If you were to take a poll of everyone who has their own personal website for ‘self’ ventures – whether that’s a blog, a forum for ideology, or anything else ‘self’-oriented in a similar way – you’d find that the majority of those sites were built on WordPress. Despite the fact that it’s as old as one can imagine in the world of web publications resources, it’s still as present as ever in the online world.

This makes it so that it’s worthy of mention anytime an external force threatens the well being of websites built on WordPress. This isn’t the first time the software suite has been the target of hackers, and it very likely won’t be the last.

Here at 4GoodHosting, we think part of being a leading Canadian web hosting provider is keeping our valued customers up to date on developments that may influential to their online well being. Considering we can go ahead and assume that a good many of the sites hosted through us are WordPress sites, we’ll dedicate today’s blog to making those of you aware of this new risk.

The Skinny

These new serious vulnerabilities in at least 11 plugins for WordPress started to be seen last month, and it appears they are currently being used in an ongoing malware campaign. This was reported on in the circles where it needed to be, but what’s new with all of this is that that the hackers appear to have changed their tactics over the course of the last two weeks.

The first instance of this featured malicious code being injected into sites to prompt them to show pop-up advertisements, or – worse – redirect the visitor to rogue websites.

Then about 3 weeks ago, on the 20th of last month, the hackers changed their code and it is now also able to determine if a visitor has the rights to create user accounts on the site. Should someone with admin rights log in, the malicious code then is able to created a new admin account that won’t be noticed the principal authorized user.

To catch this, be on the lookout for email addresses reading as wpservices@yandex.com, along with the password w0rdpr3ss.

What the hackers do in this instance is use this admin account as a back door to enter at a later date when – ideally – suspicion of anything being amiss is at its lowest.

The Eleven Plug-Ins Affected

At this point the hackers focus is on old vulnerabilities with 11 plugins. First to be identified as at-risk and insecure several weeks ago were Yuzo Related Posts and WP Live Chat Support. They’ve been joined by 9 others that have since then also been identified as potentially at risk:

  • Bold Page Builder
  • Blog Designer
  • Live Chat with Facebook Messenger
  • Visual CSS Style Editor
  • Form Lightbox
  • Hybrid Composer
  • All former NicDark plugins (including nd-booking, nd-travel and nd-learning)

Update and Security Precaution Information

It needs mentioning as well that the plugin developers have since released patches that repair the vulnerabilities. That’s great, but the problem of course is going to be that there are users who do not use that plug-in’s latest version. A lot of them too.

Updating plugins to the most recent version is recommended, but even still admins should check the user accounts on their website. If unknown admin accounts are found, deleting them immediately is important. It is subsequently also important to verify the files to ensure that there are no ‘back doors’ where the malware can gain re-entry if it needs too. If you are unsure, restoring a backup is your best bet.

For Non-technical users who uncover unauthorized access to their website, it may make sense to hire a security consultant who can assist with the disinfecting of your WordPress website if it’s an expense you can assume. It’s likely not as expensive as you think, and it should provide you with greater peace of mind.

No Go: Reviewing Parental Control Software for Smartphones

Fair to say that these days – more than ever before – it’s necessary for parents to establish some boundaries as to where their children are able to go on the Internet. We imagine that’s fairly apparent, even for those who aren’t parents. Impressionable minds do need to be kept safe from bad influences, and accordingly more and more Moms and Dads are actively seeking ways to restrict their children’s use of their mobile devices and where they ‘go’ with them.

Many of us here at 4GoodHosting are similarly minded, and as a Canadian web hosting provider we know it’s safe to assume that this is a priority for a good many of our customers too. For this reason we’re choosing to make a review of the best parental internet browser controls our topic for the blog today. And considering most parents are extremely busy people who’d prefer to spend as little time as possible on any one task, we imagine this review will be well received.

The Pocket Problem

It’s easier to keep tabs on your children’s browsing habits when you’re at home, and parental controls for desktop and notebook computers are much more commonplace and understood. When it comes to putting constraints on what they can do with their smartphones, however, it’s much more of a grey area and more challenging as a result. It’s something of a pocket problem, because they can be accessing data or finding a Wi-Fi connection pretty much anywhere, and not only are you not around to oversee them, but you may have thought there’s nothing you can do to their device to put restrictions on it.

Fortunately, that’s not the case. There are good smartphone parental controls out there, and so let’s not waste any more time in getting to discussing which ones are best. The best parental control apps offer ways to limit time spent on devices, track usage and location, and block apps or games. There are some free parental controls built into most devices nowadays, so you may not need to pay for a third-party app at all. There’s Google’s Family Link, Amazon’s parental controls are excellent, and Apple offers some parental controls too.

Alright, here’s our list:

  1. FamilyTime (Android and iOS)

This parental control app does everything, allowing you to explicitly customize what content your young ones will have access to, set time limits, track location, and more. Tool let your incorporate homework and bedtime limits, or create overall time limits. You can also get geofencing support that sends alerts when that phone enters or leaves a specific area, plus location tracking that allows you to see where your child is. You can also block or control on an app-by-app basis, place internet filters, monitor calls and texts, and overviews contact lists on the device.

There is a free version of this one, but you only receive a small subset of features. Premium ones for FamilyTime come with different plans available. $27 per year will set you up in full for one device, and $69 per year will do the same for up to 5 devices.

  1. Qustodio (Android, iOS, Kindle, Nook)

Qustodio gets high marks for user-friendliness and efficiency, and is a very good choice for parents for whom time is a scarce commodity. Its dashboard is particularly impressive, showing you all recent mobile activity for any of the connected devices. Reports include time spent on specific services like Instagram or Twitter, and you can set time limits, track texts, filter out sites you deem inappropriate, as well as block games or apps.

Add a host of customization options and it’s a great parental control app to use when managing devices for kids of multiple ages. Lastly, it works on Kindle or Nook devices, and is one of the only ones that does.

Qustodio costs $55 annually for the five-device plan. However, there is a free version with limited controls that you can use on just 1 device.

  1. ESET Parental Control (Android)

ESET is quite a good parental control app, but it’s limitation is that it’s only for Android devices. The free version lets you engage in app blocking, time limits on games, and basic reporting. The premium version allows website blocking, tracking location, parental messaging, and more detailed reports about what the smartphone user is doing.

ESET does have one especially smart feature – the parental message feature. It allows you to send out a message that your child must respond, otherwise they will not be able to continue using the phone. There’s a free 30-day trial for premium features, but following that it costs $30 per year, per device.

  1. Web Watcher (Android and iOS)

Web Watcher may be the best choice for those of you who see keeping tabs on your child’s text messaging as a priority. You’ll see all of them, including deleted texts, as well as photos, web browsing, call log, and location. Web Watcher also lets you oversee their activity on certain apps, including Tinder, WhatsApp, Kik, and Viber. Setting time limits and even capturing screenshots of your kid’s phone screen are also possible.

One of the things about Web Watcher is that because it’s essentially spyware, with a stealth mode, it has to be installed outside of the official app store. Be aware that serious security permissions are required, and it’s very invasive. However, it’s true that that is what some parents are after. It’s also far from cheap – it starts at $130 per year per device.

  1. Norton Family Premier (Android and iOS)

Norton is the premier name in antivirus software, and Norton Family Premier is a smartly designed program for restricting and monitoring what children do online. Family Premier offers parents a variety of features that are easily managed with the clean interface. Number 1 among its useful features is its robust web supervision; you can block sites entirely, or keep a general log of sites visited. You can make it so that warnings will be issued for sites that you choose not to ban outright, but where you would prefer your kids to proceed with caution.

You’re also able to set time limits, prevent device operation during specific hours of the day or night, and of course block apps too. The cost is $50 per year, but there’s no limits to the amount of devices you can use it with.

  1. Net Nanny (Android and iOS)

This feature-packed parental control allows you to track location, block apps, set time limits, and get a real-time feed of your child’s activity. You also have powerful web filtering controls for cutting out pornography, weapons, drugs and other content that is indisputably inappropriate for young people. Net Nanny does not allow for call or text snooping or monitoring of messenger apps, but you can see when they’re using them plus review their web searches.

Net Nanny costs $55 per year for up to five device pass, and can be used for non-mobile internet browsing devices too. There’s also a 20-device pass for $90 per year.

____

We’ll conclude here today with some helpful tips – When picking a parental control app, writing down your password or login information isn’t advisable, no matter how well you think you can hide it. Creating a news alert for the software you choose to help keep an eye out for any new vulnerabilities or workarounds is also wise. Keep in mind that some software can be bypassed with phone resets, customer service requests, and other tricks. There’s plenty of information online regarding this.

SSL Certs: Which One is the Best Fit for You?

Shopping online is pretty much a ubiquitous activity for people all over the world these days, and – not surprisingly – so much so that it’s now the preferred means of shopping for many people. Especially for certain goods, and not only do these people want selection, good prices, and the like, but they also want to be able to enter their credit card information and not have to worry about it being exposed.

Offering that peace of mind is absolutely essential if you’re in the e-commerce world, and nothing is more important in this regard as having your online transactions guarded by an SSL certificate. Even if you may not know exactly what these are, you’ve probably seen the ’##-Bit Encryption’ tag prominently on display once you get to the checkout when you’re shopping online.

Here at 4GoodHosting, not only do we offer very competitive prices on highest-quality SSL Certificates but like any good Canadian web hosting provider we have plenty of customers who are trusting our web hosting to ensure they’re ‘open’ for business 24/7 and all day, everyday.

Probably safe to say that there’s few if any of those folks who don’t already have their SSL Certs in place, but for those of you who are new to your business online then we thought we’d dedicate one post here to discussing SSL certificates and what you need to know to choose one for yourself.

Overview

There is a plethora of certificate types, and several categories and plenty of CAs. In advance of highlighting the different SSL certificates and how to choose the right one, we’ll first discuss why an SSL certificate is so important nowadays.

The reach and strength of cyber crimes has grown rapidly over recent years. So much so in fact that cybersecurity has become the #1 concern issue for both web users and website admins. The truth of it all is that cybercriminals can cost online businesses millions. The worldwide economy loses unimaginable amounts of money every year due to cybercriminal activity.

What SSL certificates do to protect agains this is that they enforce a secure connection between a server and its web users. They don’t only protect the sensitive information that is transmitted between a web user and a web server, but also boost ranking, improves brand credibility and go along way to boosting conversion rates.

Choosing the Best SSL Certificate

Knowing what SSL will be best for your online storefront can be a challenge. They’re generally categorized according to their validation level, warranty, technical support and domains support.

So what factors do you need to consider? These ones:

  1. Validation Level

Nearly all SSL certificates provide data encryption and session security services for websites. The validation level of each is where the primary differences between them are established. The validation level will determine how much information about a company will be shown in browsers or to the web users. The three main levels of validation are Low / Medium / High

Domain Validation (DV) SSL certificate – Low

These ones are also referred to as a low assurance, and are commonly used to protect standard websites, single domains, and blogs. The simplest form of validation is done where the website registration and administration approval are confirmed to issue the certificate. Processing time is anywhere from a few minutes to a few hours.

These certificates are suitable for low traffic websites or informative sites where financial transactions are not conducted. If you’re selling online, this type of cert will be insufficient for you.

Organization Validation (OV) SSL certificate – Medium

With medium certificate validation, an authorized agent verifies the domain ownership and company’s identity. This includes verifying the company name, city, state, and country. Web owners must submit some additional business-related documents for verification. As you’d expect, there’s more of a delay to all of this compared to a domain certificate.

Medium certificates provide appropriate security for medium-sized businesses that conduct standard (-$500 o/a) financial transactions and wants to provide assurances for customers that they can shop entirely safely within the site.

Extended Validation (EV) – High

These ones offer the highest level of security for websites, with a more rigorous validation process that verifies the ownership of the server and the legitimacy of its owner. Generally, the CA verifies the legal, physical and operational existence of the company, official government records, and databases, and confirms that only the genuine company is authorized to be in ownership of the extended-validation SSL certificate.

What you’ll see with these ones is the browser will show a green address bar with a verified name of the organization. The EV certificate is used by major players, like Amazon and Flipkart for example

Further, having an EV SSL really legitimizes the domain name.

  1. Domain Support

Next up you’ll want to determine how many domains you want covered with a single certificate. There’s three categories here:

Single Domain Certificates
Fine for protecting a single domain with its all subpages. Example:

www.mydomain.com/

www.mydomain.com/register

www.mydomain.com/about

www.mydomain.com/contactus

mydomain.com

Wildcard Certificates

The wildcard certificate allows its users to protect all the first level of sub-domains under an FQDN. It supports only DV or OV. The best instances are:

www.mydomain.com/

info.mydomain.com/

mail.mydomain.com/

payment.mydomain.com

Multi-Domain Certificates
Also referred to as SAN or UCC certificates. They allow users to protect multiple FQDN domains along with multiple sub-domains. This choice will be ideal for you if you’re running multiple websites with single or multiple company names. All DV, OV, EV support this category.

www.mydomain.com/

info.mydomain.co.uk/

payment.mydomain.co.ru

  1. Warranty

The warranty attached to your SSL certificate should also be a consideration – it shows your customers how serious you are about protecting customer information. An EV Cert provides a a more extensive and better warranty, with coverage between $1,0000-$1,000,000 being possible within the warranty.

  1. Technical Support

The more expensive the Cert, the more technical support you will receive from an SSL provider. Free certificates generally never have technical support. However, with an EV or OV technical support is provided while installing and validating the certificate. Make sure the support is available via different sources like email, live chat, contact us page, phone, social media resources, etc.

  1. Price

It’s not uncommon for web admins to think they should invest big bucks even with the option to get a free certificate – the ‘you get what you pay for mentality’. That’s solid thinking most of the time. Free certificates are valid only for a few days, and then after that you must renew them. If not, the browser will show your users that the website is insecure. The price of paid SSL certificates start at $10 and can go up to $350, depending on the type of SSL certificate.

  1. Vendor

Different vendors provide different price ranges and security elements for each certificate. Before choosing any SSL vendor you should verify that they have a good reputation. Do that by watching their reviews and consumer’s feedback on their website.