Category: Security Related

August 8, 2016

Domain Related, Hosting Related, Security, Security Related, SEO Related

Reading Time: 4 minutes

You may have heard of the 3 more popular content management applications: Wordpress, Drupal, Joomla - but you are not sure which one is best for your needs. Perhaps you remain curious; so we will focus the the two ‘other’ choices besides Wordpress: Drupal & Joomla. Each particular CMS will provide the basic functions of: adding, deleting, and publishing various types of content. Each program has different strong points (and weaknesses) which should be considered whole-cloth, prior to making your ultimate decision. First write down your business’ objectives and goals. This should be is the first step in selecting the best CMS application suited for your particular business needs. Ultimately, optimally serving your business’ unique target audience. Choosing the right CMS (by the way, easily confused with CNS (Central Nervous System)), is the backbone for your project it will save you a great deal of headaches later. A reliable web host, with super customer support, also saves you from initial and future headaches. With 4GoodHosting.ca you can get both ultra-reliable hosting and the CMS of your choice for free: Joomla, Drupal, or of course; Wordpress - or any of the 200+ free scripts we offer you with any of our hosting package. Drupal: In 2016, there is an estimated 1 million+ websites built atop the Drupal CMS. Drupal is common to government offices, universities and colleges, Non-government Organization, Canadian & otherwise global enterprises. America’s White House website is taking advantage of Drupal’s strong website security features. Drupal is a comprehensive, expandable, powerful content management framework suitable to be the foundation of virtually any type of website. Drupal’s Advantages: * Tested Enterprise-level security; advanced control over URL structure * Lots of functionality - including advanced menu management, graphics modification utilities, poll management, and administration/users management * Built for high performance; pages load fast because of its defaulting caching features * Ability to handle large amounts of content & data * Extensive selection of themes, modules & extensions * Ideal for community platform sites (requiring multiple users - admin, editors, logged in users requiring customized content, private groups, etc.) * Large robust community generally responsive to inquiries and concerns. * Good SEO...

August 3, 2016

Hosting Related, Security, Security Related

Reading Time: 2 minutes

(US & Canadian News) Microsoft actually championed a huge victory in regards to user privacy {which certainly has affect on Canadians using Microsoft products and services: Email, Cloud Storage, Skype, etc.) on July 28th. An appeals court has ruled that a federal warrant to seize email from a Microsoft server in “Ireland” is invalid. Federal investigators received a spy warrant (for email contents) as part of a criminal investigation in December 2013, which touched off a debate between the tech-industry and law enforcement about jurisdiction & data storage. The timing of this coincides with Microsoft’s Worldwide Partner Conference (WPC) - where the company’s president and chief legal officer Brad Smith promoted a vision for the internet that "respects people’s rights" and is “governed by good law.” Microsoft said: “We obviously welcome today’s decision by the United States Court of Appeals for the Second Circuit. The decision is important for three reasons: it ensures that people’s privacy rights are protected by the laws of their own countries; it helps ensure that the legal protections of the physical world apply in the digital domain; and it paves the way for better solutions to address both privacy and law enforcement needs.” Privacy protections for information stored on paper should persist as data moves to the cloud. This decision helps ensure this result. — Brad Smith (@BradSmi) July 14, 2016 Microsoft has publicly acknowledged a need for cloud providers, particularly those based in the U.S., to win back over consumer trust. Representatives for like-minded lobby groups include: the EFF (Electronic Frontier Foundation), i2Coalition, plus big tech companies such as: Rackspace, Apple, Amazon, Cisco, Hewlett-Packard, and Verizon - and notably in this case Ireland’s Parliament - and each submitted briefs in support of Microsoft’s initial statements and position. “We conclude that Congress did not intend the SCA’s warrant provisions to apply extraterritorially,” the judges said in the ruling (PDF). “The focus of those provisions is protection of a user’s privacy interests. Accordingly, the SCA does not authorize a US court to issue and enforce an SCA warrant against a United States‐based service provider for the contents of a customer’s electronic communications stored on servers located...

December 21, 2015

Domain Related, Hosting Related, Security Related

Reading Time: 6 minutes

An IP (Internet Protocol) address is basically a postal address for each and every Internet-connected device. Without one, websites would not know where to send information/data each time you perform a search or try to access a website. IPv4 offers only about 4.3 billion IP addresses (specifically 4,294,967,296); which you most likely are familiar with already ( x.x.x.x; (1-255).(1-255).(1-255).(1-255) ). Through the use of techniques such as Network Address Translation (NAT) the life of IPv4 was extended, because NAT allows multiple devices to connected to the Internet through a single IP address, with the router in that particular household or business keeping track of which local device are receiving & sending data packets. But without IPv6,the Internet’s expansion and innovation could be limited, and the underlying infrastructure theoretically could become increasingly complex to manage; so a more expansive, address protocol has been deemed necessary. IPv6, the latest - and possibly could be the ultimate addressing protocol, holds 2128 or 340,282,366,920,938,463,463,374,607,431,768,211,456 IP (340 billion billion billion billion) addresses. That is enough to give at least 4.3 billion IP addresses, or the addressing space of the current internet, individually to every person on Earth; or 7 billion current Internets! Why the IPv6 protocol architects decided on such an unnecessary huge address space is unknown; Surely, 264 or 18,446,744,073,709,551,616 (18.4 trillion million) would have been way too many already. It seems like a bad call on the planner’s part, simply too excessive, when instead each packet could contain 64 bits of extra data. However, if we want to ever give an IP address to every mappable cubic centimeter of Earth’s entire atmosphere, IPv6 will provide future generations that capability, and more. read_more Companies that use and distribute IP addresses will need to adapt their networks and systems to use IPv6. Our servers, networks, switches, at 4GoodHosting have been already made IPv6 compliant. Just one IPv6 deployment highlight to draw your attention to this month, but it’s a big one: Canada’s Telus are just a few months into their IPv6 rollout, but it is clear from the chat above that they have been busy at upgrading their network with ipV6. Additional IPv6 benefits *...

August 31, 2015

Hosting Related, Security, Security Related

Reading Time: 5 minutes

The above diagram shows you the architectural difference between cloud hosting solution and traditional hosting solutions. Cloud service partitioning of the overall system stack, as outlined above, only started to become generally promoted in 2008-2009. Traditional dedicated servers, shared server hosting accounts, and VPS hosting were offered all over the internet more than full decade before the word ‘cloud’ became the latest buzzword. This article is a bit different than most every other ‘cloud hosting’ article published so far. How? Well, there has been alot of hype over the past several years about the cloud approach to web hosting. Although cloud hosting is becoming an increasingly popular method of web hosting, there are some disadvantages to that arrangement. As with each kind of hosting, there are pros and usually at least one drawback associated with each type; and each has a significantly different cost. Hosting a website in a public cloud offers some benefits that we will review below, but there is one very significant drawback - which is an inherent lack of control over security/privacy of a company’s business data. This means that your information could be vulnerable to hackers and unauthorized users. After all you would be storing your ‘private’ business information out there in some unknown rather geographical location in ‘the cloud’. Would you simply trust that? If you just have a small website, that showcases your company with some simple functionality such a contact form, then a traditional shared hosting account or VPS (Virtual Private Server) is completely adequate; as it has been for a long time. Shared hosting has been the status-quo since the late 1990s’. Regarding software applications and databases that deal with your actual business data: such as your customer lists, their ordering information, your customer’s personal information or credit-card/banking information, you would logically want that information to be kept ‘in-house’ or internal. Your company’s most important data is usually the proprietary software that your company has developed (usually at great expense), or your company’s entire customer database (which is usually tied together with your customer’s personal credit card or banking details). This is something that you would not normally want to have...

May 26, 2015

Domain Related, Security, Security Related

Reading Time: 3 minutes

Click on image to see it full zize. Even before whistle blowing hero Edward Snowden revealed the deep penetration the US government has impinged on it’s citizens privacy as you use the internet, there were many reports of government institutions spying on citizens, and cellphone records have often been mentioned in those reports. In spite of this, we have as a whole ‘learned’ to accept it. Cell phone use records offer tremendous insight into any investigation, because of the sheer amount of detailed information about the individual suddenly under the microscope. Apart from basic contractual information like a subscriber’s name and address, lots of other data is also gathered and stored on file by mobile providers; such as everywhere you have been with your phone. This database of data includes who you phoned (and they have the same type of data warehoused on your friends too of course), who you received calls from, who you sms’d, what you said, who said what to you, your tweets and facebook activity, your photographs are up for grabs, videos, and again, everywhere you have been. There is not much left, as the above is already above most people’s imaginations. read_more Mobile operators also record all ip-addresses and even which websites users visited on the Internet. All this information is available to any government agent with a higher level of clearance than a police officer (or investigator). From the information which is gathered, mobile operators can apply algorithms to find out when you prefer to wake up, perhaps even how many times you tap snooze, when you went to sleep or other usage patterns. App downloading is recorded, and perhaps every-time, how often, you launch your favorite game. With the right surveillance order (or perhaps without one) a mobile operator can also relay information about who you associate with. Armed with a valid subpoena, police and other government agents can retrieve recordings of your calls and all your SMS’s; warehoused digitally for years. A 2013 CNN report exposed that US operators use this data, for marketing purposes in conjunction with third parties. While even though Americans are told that the...

May 13, 2015

Security, Security Related

Reading Time: 6 minutes

This blog concerns the topic of what is known as “Ransomware”. It is becoming a ever more prevalent annoyance that has been circulating around the internet. The devilish hackers behind it are attempting to extort money from common people. Like its name implies, "Ransom-ware holds your computer hostage, subsequently demanding payment in order for the person to be able to boot or log into their computer again.", says Eric Rainbolt, 4GoodHosting’s support manager. It goes onto a victim’s computer through unpatched software vulnerabilities to silently install itself, and sometimes through social engineering tactics too. “Cryptolocker” is ransom-ware that can spread quickly through email a affects a person’s file that on drives that are mapped to a hard-drive (of SSD) using the drive letters D: , E, or F:. This can also include USB memory sticks, ext. hard drives, or from a network or cloud folder. Paying the criminals, which we don’t advise, may or may not let you access to your system or your data back, but there have been plenty of cases where the ranson-ware’s decryption key isn’t emailed or when sent doesn’t even work. Tens of thousands of machines have been affected in the past couple of years – after the ransom-ware pirates have sent millions of emails. So what can be done about ransom-ware? read_more Ransom-ware is is not only disruptive and intimidating, your subsequently encrypted files can often be considered damaged and oftentimes beyond repair. But if you have adequately safeguarded your system, then it is becomes nothing more than a nuisance. Here are some methods to negate the threat of ransom-ware. Mirror your drive to a backup drive at least once a month. Having a regularly updated backup is essential. If your computer is infected with ransom-ware it may cause you to lose work-in-progress documents. To avoid this it it better to use an external drive or backup service, particularly one that is not assigned a drive letter or is often not plugged in. Patch or Update your software Malware authors rely on people running outdated software with known vulnerabilities, which they can exploit to silently get onto their system. Updating your software often will...

March 16, 2015

Hosting Related, Security Related

Reading Time: 2 minutes

The Internet is wide open, but sometimes your proprietary content that has value should she sold for a certain amount of money. This is where Paywall systems come into play. This creates a membership or customer or client base for you as well, giving you email addresses where you may be able to sell similar content to the same previous customers. For paying subscribers, they then get access to say your gallery, video, mp3s books, articles, or any other kind of files. Again to keep things under control, you will need a paywall system. Paywalls have received a bad reputation because content people think should be free isn't always free. However, that is the proper nature of things, that your works should have some sort of monetary value. You just need to make sure you publish interesting content that others can easily find for free anywhere else; that is the other half of things. read_more Setting up a paywall system should be integrated smoothly into your website. Some CMS's (Content Management Systems) have plugins that can be used to setup your subscription system. Or maybe you are handy at programming and have developed your own paywall integration. However, the easiest option is to use Paypal's service. See PayPal.com for their easy to use integrations. Search "Paypal Paywall" or can you certainly use another payment provider's services. There are too many to list here. Also, you should also enable your website to use SSL encryption to keep your customer information, such as credit card information, email, phone numbers - private. When your site is run under "https" potential customers feel more confident to use your services. The final item you will need to take care of is how you plan to receive payment and the kinds of payment you will accept (Paypal, bitcoin, etc.) Many of the members online plugins for CMS's support most of the popular payment processors, and supply integrations with them as well. This minimizes the amount of work and headache for you to run your little private ecommerce service. If you don't have a website yet, check out our Canadian Hosting Packages.

February 23, 2015

Domain Related, Hosting Related, Security, Security Related

Reading Time: 5 minutes

What happens if we simply allow governments to make all the regulations and rules, not us, and let corporations argue about it, not us? That would be the clear merger of state and corporate power, which are the only two ingredients in the recipe for fascism; which has always occurred through all of the past two centuries of history under similar circumstance. Our case in point for this article is: Google Claims Opposition to New (without public consent) Rule that Gives American Federal Judges and their Government Omnipresent-Global Search Warrant Powers. The American “Advisory Committee on the Rules of Criminal Procedure” is quietly and slying consider changing a rule would allow judges to issue “ global warrants” to search computers (ie. your/anyone’s computer) and networks which are outside of the judge’s district. So, they wish to give the already outrageous NSA-spylike powers to all of their federal judges? If so, shouldn’t the American people be having some say on that particular huge issue? But they seem so utterly passive. Do the American people really need a “congress” to echo their concerns and trust that their elected officials vote likewise -> when today people can theoretically all take a vote simultaneously on the internet? The simple point is that individual citizens should claim their right to express their opinion publicly or privately over the internet without government suppression of it, nor interference. And why should we care? Because what happens in America certainly affects us here too; especially when pertaining to the internet. Back to the current scoop... Google has again surprised us all by just suddenly announcing an always-untimely proposed change to a procedural rule; which the google representative says could have “profound implications for the privacy and security of all web users”. read_more Into the nitty-gritty - American Federal Rule of Criminal Procedure 41 dictates that federal judges cannot issue warrants to search things outside of their district, with specific exceptions. The US Department of Justice asked the Advisory Committee to make changes to allow the government to conduct “remote access” searches of content stored in a location “concealed through technological means,” { they are also saying they don’t...

January 27, 2015

Domain Related, Hosting Related, Security, Security Related

Reading Time: 3 minutes

Forward: Pretty much all of us have heard or know that privacy rights no longer exist in the United States. Gone, finished, beyond recourse (except through using end-to-end encryption techniques ; however the NSA can probably still secretly grab your screenshot or logged keystrokes or live microphone through a backdoor partnership with Microsoft and Apple). Any per-existing privacy laws have been overwritten by new creepier laws that have paved the way for absolute intrusion into the American people’s personal world by their out-of-control government. Even if there are a few scraps of privacy protection in the states, it has become clear that any such laws are completely ignored by large and sophisticated spy organizations such as a the NSA. Edward Snowden’s whistle-blowing reports are a case in point. But did you know our home country of Canada has some of the most protective laws regarding internet privacy in the world, at least on paper? Our nation even has appointed a “Privacy Commissioner”: The Commissioner is currently Daniel Therrien. He was appointed on June 5, 2014. [ There have been eight Privacy Commissioners since the office was established in 1977. ] You even have the right to contact him or his office with your own related personal privacy concerns, anytime. More info: http://en.wikipedia.org/wiki/Privacy_Commissioner_of_Canada Here is his youtube channel: https://www.youtube.com/user/PrivacyComm The first incarnation of a privacy law came in 1977 when the Canadian government introduced data protection provisions into the Canadian Human Rights Act. read_more Then in 1982 The Canadian Charter of Rights and Freedoms stated that Canadians have "the right to life, liberty and security of the person" and "the right to be free from unreasonable search or seizure"; but strangely avoided using the word ‘privacy’. The following year, in 1983, the Federal Privacy Act regulated how federal government collects, passes around and utilizes people’s personal information. In the 90’s and 2000’s, other privacy legislation placed restrictions on the archival, the use and disclosure of citizen’s personal information by territorial and provincial governments, and likewise also by companies and institutions within the private sector. The latest ruling to emerge out of this fray is the recent June 2014 Canadian Supreme Court...