Defending Against Domain Name Slamming

You may think that there’s not much more to your domain name than a simple identity and location where your website is situated for discovery on the World Wide Web. In essence that’s all it is, an address where you can be found. But of course there’s significant value in that, and especially so for anyone who relies on being business online. It’s a fact that scams involving domain names have been increasing at an alarming rate.

Collectively, all these scams are referred to as ‘Domain Name Slamming.’

Here at 4GoodHosting, a part of what makes us a reputable Canadian web hosting provider is the fact that we strive to look out for our customers’ well being on the web. There’s an increased chance that someone with bad intentions may try to use your domain name to take advantage of you, so we’ll identify some of these scams and share some tips here today that you can use to guard yourself against them.

The Fake Bill Scam

The Domain Registry of Canada, or DROC, has been in operation for years, leading many Canadians to be confused regarding what looks like a renewal bill for your domain names. This scam is the version of ‘domain name slamming’ you’re most likely to come across, a it’s a type of scam that aims to overcharge or falsely charge domain name owners.

It’ll most commonly start with your receiving a letter that begins by informing you that your domain name(s) will be expiring in the near future. You’ll then be presented with a list of prices for renewal over different time periods before concluding with a tear-away payment stub you’re to use to ‘renew’ your domains.

The trick here is in the way they bury information in the walls of text in the letter. If you look and ready very closely, you’ll see that the DROC is actually asking you to change the company you register your domains with. Most commonly this will be snuck just under or above something more attention-grabbing like “failure to renew your domain name by the expiration date may result in a loss of your online identity”.

This of course gives you a sense of urgency to react, and individuals can be conned into paying up to 3X the price of a standard domain renewal. As if that’s not bad enough, you may also end up losing access to your websites and emails for extended periods of time.

Over the years, DROC has gone under many other names to continue their shady practices:

  • Brandon Gray Internet Services (a parent company – their certification as a .CA registrar has been revoked)
  • Domain Registry of America
  • Domain Renewal Group
  • Domain Registry of Europe
  • NameJuice
  • iDNS
  • Or any one of many others, unfortunately

Whatever such guise they’re using, they all use some variation of the same practice of mass mailing unsuspecting domain owners. The templates and logos may vary slightly, but the principle remains the same.

The 1-Up the Competition Scam

As mentioned, these scams need the domain name owner to feel a sense of urgency, but also a sense of fear of losing ground to the competition if they remain inactive or even delay in responding.

Generally delivered via email, these types of scams won’t request that you transfer your domain name, but they will ask you to purchase the same domain with a different extension. The standard ploy is to suggest that your domain name ownership is under question (almost never the case in reality), before sharing the helpful recommendation that you pay for the new registration yourself to wisely protect your brand and copyright around the world.

Their hope is that you’ll be sufficiently intimidated and ‘too busy’ to look into the matter much further. Then you’ll pay rather than spend time and resources pursuing what would be ‘legal matter’ developing out your continued inactivity.

Here’s an example of what this might look like:

Dear CEO,

We are a Network Service Company which is the domain name registration center in _____.

We Received an application from ______ Ltd on (date). They want to register (yourdomainname)as their internet keyword and
(yourdomainname).com.cn
(yourdomainname).net.cn
(yourdomainname).org.cn
(yourdomainname).asia
(yourdomainname).cn

But after looking into this further, we have found that(yourdomainname)conflicts with your company. In order to deal with this matter in the speediest and best manner, we need to send you an email and confirm whether this company is your distributor or business partner here in _____ or not.

Best Regards,

(The Scammer) / Service and operations manager

The communication seemingly comes from an overseas company, and the email warns you that a there is a mysterious competitor that is aiming to purchase a variation of a domain name for which you’ve had ownership, but usually with a different extension, such as .com.cn. As there is a potential copyright conflict, this scammer is very kindly offering you the option to beat them to the punch and secure the new extension domain for yourself.

How is Information Obtained?

The WHOIS database is a massive collection of information on the ownership of most domain names, and it also includes detailed contact information for owners and administrators. It needs to be a public database, but unfortunately that allows certain dubious companies to be able to scrape its data and store the information they need to solicit unsuspecting domain name owners.

Luckily, you can guard yourself against any such occurrence.

Protecting Yourself from Domain Slamming

There are 3 primary ways to effectively safeguard yourself from domain slamming.

  • Choose to activate privacy protection as a means of shielding your personal information on the WHOIS and the information will then be inaccessible to spammers and scammers. Noe that individuals registering .CA domains receive this protection FREE by default.
  • Keep your eyes peeled, scrutinizing any such communications and trusting your instincts. If it seems illegitimate, it probably is! Read through the content critically and if you continue to have doubts then Google search the company’s name or email address. If the results share talk of scams, immediately discard and ignore the communication.
  • When a scam email is received, mark it as spam in your inbox and forward it to spam@fightspam.gc.ca. The antispam filters will make a note and should be able to reduce the number of messages of this type in the future.

If you receive a scam email or letter, or have been the victim of one of these scams, keep in mind you’re not the only one who’s been duped and that it’s not any reflection on your smarts. Canada has an Anti-Fraud Center which you can contact as well as Canadian Anti-Spam Legislation (CASL) where email scams can and should be reported.

10 DIY SEO Tips for New Websites

It’s really all too easy to assume that you need to have some type of special savvy mixed with a whole lot of know-how to get your newly-formed website ranking sufficiently. Truth is that’s not the case. You WILL get your money’s worth if you hire an SEO expert to optimize your site, but for many of you money may be a little tight and budget constraints are what they are.

Here at 4GoodHosting, we’re like any other good Canadian web hosting provider in that we like to see our newbies be successful, and out of the gate as much as possible. SEO isn’t the be-all end-all of making that happen, but it factors in quite considerably.

There are quite a few things you can do to speed up this process, helping your site get better search engine rankings and more traffic much sooner than you’d expect. Here are 10 SEO tips specifically chosen with new websites in mind, and ones that are decidedly doable for even those of you with very little in the way of established SEO application knowledge.

  1. Start be targeting low competition keywords at the outset

When a site is first launched, it will have a very low authority with Google. This means it will rank worse than established competitors for high competition keywords. You’re perfectly free to target those keywords, but the speediest way to generate new traffic to your site is to target keywords that are less competitive.

You can determine how competitive a keyword is by using Google’s Keyword Planner. This will show you whether competition for a term is high, medium or low. Finding keywords which are less competitive gives you increased chances of ranking for them and receiving the traffic which they send. Choose to target highly competitive keywords only and you may not rank at all,meaning no organic traffic in the early days. This method is a good technique while you slowly establish your site authority.

  1. Locate your main keyword in the page’s title tag

Search engines use title tags and other meta information to determine the subject matter of each page or post on your website. This is very much essential, and so when you create your new website it’s highly advisable to have your page title tag featuring the most important keyword or term. Do it, and then when someone searches for that the search engines will quickly identify that your page has relevant content.

There’s a real link between keywords in the title tag and search engine rankings, so make the most of this technique. Also make sure that you include your keyword in the page’s meta description.

  1. Titles Are For Searchers, Not Search Engines

Getting ranked number one in Google is not a guarantee of any volume of traffic. You’ll only get people coming to your website if your result gets clicked on. When you write the title of your page or blog post, you STILL have to write it in a way that will make grab the interest of a visitor who may be a potential reader. Your title needs to pique their interest.

Let’s say you run an online store. Maximizing sales is made possible by writing titles that attract searchers who are ready to buy. Simply adding the word ‘buy’ to your keyword, for example, can do wonders.Titles like these are much more likely to get clicked on and result in a sale.

  1. Ensure Titles Don’t Get Cut Off

Hard to argue that space isn’t precious when it comes to search engine results. When it comes to titles, only about the first 70 characters get shown, and that number is sometimes less for mobile devices. The allowed length for meta descriptions is about 100 characters.

If your titles and meta descriptions are too long, they’ll be cut off. This can have a negative effect on click-through rates as searchers want all the information in front of them before deciding whether to click or not.

Make sure you keep within the limits and work with the title to be able to put your keywords near the beginning. Then they will be always be shown, and you’ll benefit.

  1. Clear the Way to Your Content

When searchers choose to visit your site, they expect to find the content they’ve been searching for as soon as they land on your page. To ensure this happens, don’t force them to scroll half way down the page before seeing the title and don’t overload them with adverts and pop-ups.

Google puts value on ‘above the fold’ content, meaning the content you see before scrolling down. Browser-sized images with no text or too many header ads are not seen favourably.

  1. Optimize Images

It’s increasingly common for people to search for products by doing an image search. If they see something they find attractive, they’ll visit the site directly from Google’s image results. If you sell products on your website and have lots of images, you can create better ranking opportunities by optimizing them.

All you need to do is add a description to the alt text tag, for example, <img src=“photo-of-closet-organizer.png” alt=“closet organizer” />

It also helps to change the actual image name from the number given by your camera like ‘DCSN-832467.png to something search engines can read – ‘photo-of-smart-closet-organizer.png’

  1. Use AMP – Accelerated Mobile Pages

It’s possible to improve your search engine rankings by improving the speed with which your website loads. One of the best ways to accomplish this for mobile devices is by using accelerated mobile pages. These are lightweight versions of web pages designed to load very quickly on mobile phones.

AMP pages already rank highly for mobile searches, so it’s important to be receptive to this trend. Keep in mind that roughly 66% of our surfing is now done via mobile devices.

Another key to faster loading times is to make sure that your web host runs your website on a high-performance, fast loading server – and we’ve DEFINITELY got you covered there when you’re with 4GoodHosting.

  1. Add Internal Links

‘Link juice’ is a well-known phrase in SEO, and it refers to the fact that when you link from one page to another some of the ranking power of the linking page is shared with page being linked to.

If you’ve got a page that gets lots of traffic and want your other pages to rank higher, add an internal link from the high-ranking page to the ones where you want to see a bump up. Don’t overdo it, though: too many links will have a detrimental effect. No more than 3 is a good rule, and often times only 1 or 2 is best.

If you have just set up a new website, hopefully these8 tips given in this post will have got you pointed in the right direction for your site ranking in search engine results. From there, you should have more searchers to click through to your site. And that’s by and large what it’s all about when you’re in business online.

Mobile-First Indexing from Google

Mobile has revolutionized the entirety of how people peruse the online world, search for consumer goods and contents, engage with social media, and much more. Mobile has been a dominating trend since 2016, when mobile traffic outdistanced desktop traffic for the first time. A few months back saw Google announce that their search engine indexing would be reoriented to be mobile-first. Since then testing has been underway, and now we have their mobile-first indexing rollout. Over the next few years we can expect to see desktop websites being pushed back in the rankings, putting mobile and responsive sites first.

As a top Canadian web hosting provider, there is great relevance to all of this for both us and our clients. Some of you may have less of an understanding of what mobile-first indexing actually is, so let’s spend a short period of time discussing it here today.

Defining Mobile- First Indexing

It shouldn’t come as a surprise to learn that most people use mobile devices when visiting the mobile versions of websites. When the site’s indexing system follows the desktop version of a site first for making assessments about both the quality and relevance of a page in response to that user’s query, a diminished user experience can be the result.

Most problematic in this scenario is the possibility that the mobile user will abandon the platform, and that happens quite frequently. This new mobile-first index is how Google will attempt to discover, crawl, and understand web pages and documents for indexing and ranking them – from a mobile-first perspective.

So, from here on out Google will primarily crawl and first index the mobile-friendly version of your website with the smartphone agent, rather than indexing the desktop version as it would have previously. However, it’s important to understand that Google will continue to show the URL that is the most appropriate to users – desktop or mobile URL – in the returned search results. So yes, there’s no need to be overly concerned that your rankings and traffic will disappear overnight.

But be very clear, this change in Google’s indexing priorities means you have to make mobile SEO a top priority.

Conduct a Mobile-friendly Test

Many of you will have already followed up on the advice that you need to have a ‘mobile-friendly’ website where the same design, structure, and content are adjusted dynamically in response to different screen sizes and devices. If so, you won’t be required to make any fundamental changes to your site. Fortunately, one of the easiest ways to check whether your site is mobile-friendly is by working with Google’s Mobile-Friendly test tool.

Are my Mobile Pages Visible to Google?

The Fetch and Render tool in the Google Search Console is great for looking at your site’s mobile-version preview after the fetch and render is complete. The rendered results will resemble what Google can see and index in response to what’s offered by your mobile site.

There is a possibility that your mobile results may not have been indexed correctly. If you have dynamic serving or different URLs for your desktop and mobile website, that will almost certainly be the case. You’ll then have to add a sitemap to your mobile site and also tag all your mobile URLs with canonical and alternate tags, before submitting it through the Google Search Console. It’s also recommended to add it to your robot.txt file, and then ensure you follow the best practices below to ready the content for mobile-first indexing:

  • The same content found on your your desktop site – text, images (with alt-attributes), and videos, all in in indexable formats – must be featured on the mobile version as well.
  • Structured data must be updated on both versions of your site.
  • Metadata, titles and meta descriptions should be present on both versions.
  • Employ search consoleto verify both versions of your site, and most particularly checking Mobile Usability to dig up any mobile usability issues that might be altering your site’s performance.
  • Check your hreflang links between mobile and desktop URLs, but do each of them separately. Mobile URLs’ hreflang should point to mobile URLs, while the desktop URL hreflang should do the same for desktop URLs.

In addition, your servers need to have sufficient capacity to a handle any potential increase in the crawl rate for the mobile version of your site, which of course is very likely!

You should also have the correct rel=canonical and rel=alternate link elements established between your mobile and desktop versions.

Next, you should run a page speed test to identify issues with the load time of any one of your pages. Free page speed tests are pretty easy to find online with a quick search. Being able to maintain a competitive speed is a must today if you aim to reduce bounce rates – and who doesn’t? If the speed of your site continues to lag, you might also want to consider implementing Google AMP for your blog and website pages. We’ve found this to be effective ourselves.

The time is definitely now to take a mobile-first approach with your entire site. It essentially means putting in the required time to fine tune everything; from structure to responsive design to speed, architecture, and all the way to the entire user experience that you’re able to offer to the mobile user. Who, more than likely, is making up ever more of the traffic to your website.

Arrival of Android ‘Things’ OS for IoT Devices

The Internet of Things, or IoT as it’s handily abbreviated, has been the foremost development in the Web world in recent years. The promise it holds for expanding upon the way we use the World Wide Web for our benefit is quite considerable, and it would appear that the world’s premier technology company is as receptive to this as you’d imagine they’d be.

Here at 4GoodHosting, we’re as much of a fan of Android operating systems as anyone and like any Canadian web hosting provider we understand that a good many of you will be in either the iOS or Android camps when it comes to your OS of choice. Each have their benefits, but it would now seem that Google has beaten Apple to the punch when it comes to introducing an OS that’s tailored to the IoT.

Google has announced the general release of Android Things (1.0), a managed operating system that lets users build and maintain internet of things (IoT) devices at scale.

With this new operating system developers can build smart and connected devices for multiple purposes. Consumer, retail and industrial applications to name a few. All while able to use existing Android development tools, APIs and resources to develop these new apps for specific devices.

Android Things is classified as an embedded operating system that supports Wi-Fi, Bluetooth Low Energy and the Weave protocol. With it you’ll be able to promote multiple ways of communication between devices. Developers can now leverage Google’s Android partner ecosystem, machine learning capabilities, as well as Google Assistant.

It will be worth noting as well that Android Things also offers software development kits (SDKs), designed to help developers when building an array of IoT devices. Google has stated it intends to partner with hardware manufacturers to provide more SDKs.

Front and centre with this new OS is the Android Things Console. Developers can use it to download and install the latest system images, as well as manage and share OEM application across products and owners, monitor informative analytics, and have over-the-air updates ‘pushed’ as necessary.

Since it was previewed in December 2016, over 10,000 developers have provided feedback about Android Things, and most of it has been decidedly positive. The fact that more than 100,000 SDKs having been downloaded in last 18 months bears that out. In the 1.0 release, Google has added support for two new System-on-Modules (SoMs) for Android Things, based on:

  • NXP i.MX8M
  • Qualcomm SDA212
  • Qualcomm SDA624
  • MediaTek MT8516

hardware platforms

Android Things will continue to support the existing Raspberry Pi 3 Model B and NXP i.MX7D devices.

All of this of course while Google continues to lead the smartphone market with its Android OS. Their aim here is to establish their presence in the emerging IoT devices market, and they may very well be the early bird that gets the worm. With an eye to bringing Android Things products to market, Google has been working closely with LG, Lenovo, and JBL.

Android Things 1.0 is available for free for non-commercial users, allowing management of up to 100 devices via the Android Things Console. Users who need to manage more than 100 devices will need to choose paid commercial subscriptions, but it projects to be well worth that investment.

The Mixing of A.I. and Mobile App Marketing

A.I. is definitely one acronym that needs no explanation, and particularly if you’re deeply immersed in the modern digital world. Artificial Intelligence is the great new frontier, and while we all know well of Siri and Alexa, etc. etc., there’s really so much more to the trend and what it will mean for us in the not so distant future.

It’s now clear that A.I. is being implemented practically, and for a premier Canadian web hosting provider like ourselves that’s really exactly what we were hoping to hear. We can now expect that AI will not only revolutionize the mobile industry, but also greatly influence the way mobile apps are marketed in the coming years. A.I. employs machine learning to analyze data and differentiate that data into accurate or inaccurate based on specific ‘truth tables’ and calculations made. The result is a more thorough approach to decisions in all domains, and the marketing of mobile apps is included in that.

The strategy for mobile app marketers then becomes whether they should incorporate the vast potential of AI to qualify user behaviour automatically, predict buying behaviours, offer recommendations to users by taking previous purchase data into account, and making tthe app’s content more engaging. Mobile app advertisers can clearly see the immense potential and need for AI in mobile app marketing, and ways they can deploy it for best results.

Here’s how:

Automated reasoning ability of A.I.

A.I. has now empowered apps to engage in independent deductive reasoning. Paired with machine learning, it holds the promise of enabling new apps that possess a human-like ability to judge themselves, completely independent of human input and instead based in computer science and mathematical logic. This is artificial intelligence at its most powerful, as it helps the user to achieve their goal in a much easier and speedy way. Programming these apps using A.I. allows them to analyze the actions of the users while they engage with the app, and then providing them with smart directions based on the analysis of any number of relevant factors.

Users then benefit from a more customized and personalized experience, rather than any standard one-for-all solution. One example is how certain taxi apps use A.I. to take traffic congestion and time of the day into consideration when offering the best possible route for the driver. Along with the data of past trips and similar routes from other taxi drivers, an intelligent solution is arrived at.

A.I. for learning purchasing behaviours

The need to upsell an app after a number of initial downloads is essential for marketers to ensure the app continues to receive downloads. As a result, marketers need to target specific customers in specific ways based on informed decisions about the purchasing behaviours of customers. It’s now clear that bombarding them with emails, push notifications, and in-app messages is NOT the way to go about this.

Using A.I. makes this aim easier for marketers by processing and analyzing this data and providing information about the behaviour of app users that sorts them into genuine leads and ones who are unlikely to express any further interest in the product. Targeted suggestions about specific products and services and the best time to push out A.I.-powered systems can also decide on these notifications for specific customers.

A.I. to provide personalized purchase recommendations for users

Advances in technology have made it so that users are expecting more personalized services. To meet users’ expectations and keep them engaged, it becomes necessary to outdistance your competitors by using A.I. to implement a learning algorithm for monitoring user choices and their likes and dislikes when working with the app. This information can then be used to keep these users engaged with the app by making relevant – and smart – recommendations. Most users these days prefer to use anything that saves them time and effort, while adding value and efficiency to their daily digital tasks.

Using A.I. to enhance user experiences and send push notifications based on the information holds great promise for getting more out of your customer base.

Adding engaging content to apps using A.I.

High uninstall rates for apps observed within 90 days from the initial download is often a result of the failure of these apps to provide users with fresh, relevant, and engaging content. An app should not come across as a content cookbook. Instead, it should contain content which is appetizing for the specific demographic to which the majority of its users belong to. Weighing A.I. based research data about these users and adding elements of personalization using machine learning goes a LONG way in facilitating more user engagement.

Research has indicated that the first five sessions a new user spends with your app are crucial in deciding whether or not they will continue using it. A.I. works in the background and learns their behaviour, and then can serve to make each session more valuable than previous ones. Done correctly, there is often huge gains with user retention and engagement. Mobile app marketers can and should use A.I. to take out the guesswork of how to deliver the right message to the right person, at just the right time and through the ideal channel.

Mobile app developers who have wisely gotten onboard with this are now using some algorithms and methodologies in machine learning to solve every problem with the right mature approach, and that certainly applies to the marketing of mobile apps. A.I. is going to have a significant impact on the mobile app marketing, and if you ignore it you’ll definitely be doing so at your own peril as far as growth and continued demand are concerned.

Faith in Firewalls?

Even the least tech-savvy individuals will likely have heard of firewalls, and understand the purpose they serve in keeping computers safe from becoming attacked or debilitated by external sources. For a long period of time, firewalls tended to be pleasantly reliable for the most part, and would defend against the entry of malicious threats to the unit itself or the network it was a part of.

Like any solid Canadian web hosting provider, those of us here at 4GoodHosting don’t need to be convinced of the need for these safeguards. However, given the nature of our business we’re also front and center for seeing how firewalls aren’t the far-reaching and reliable solution they once were.

A new report called the Dirty Secrets of Network Firewalls has found that one-in-four IT managers could not identify around 70% of network traffic, and that on average 45% of network traffic goes unidentified. The most crucial finding of the survey, however, was that most firewalls were failing to do their job adequately. Along with this ever-growing lack of visibility into network traffic comes a more threatening reality of these individuals not being able to control what they can’t see.

84% of the IT professionals who responded admitted to having real concerns about security due to lack of visibility into network traffic. A similar percentage of those same respondents agreed that lack of application visibility was a serious security concern for businesses and could impact effective network management. The results of such looseness? Ransomware, malware, data breaches and other advanced threats for starters.

Reasons for Less Reliability

Major increases in the use of encryption, browser emulation, and advanced evasion techniques are the primary factors that detract from a network firewall’s ability to provide a sufficient amount of visibility when it comes to application traffic.

The report also states that organizations spend an average of seven working days remediating infected machines each month. Even small-sized enterprises spent an average of five working days on average doing the same thing. Larger ones? Try an average of ten working days to remediate 20 machines per month. That’s a sign of both ineffectiveness and forced inefficiency, to say nothing of squandered productivity elsewhere.

The organizations polled were all looking for an integrated network and endpoint security solution that would put an end to the threats. 99% of IT managers wanted a firewall technology that will take infected computers and isolate them automatically, while 79% of them would more simply like their current firewall to serve them better. 97% of these respondents expected the same vendors to offer firewall protection that allowed direct sharing of security status information.

Lack of visibility into network traffic

In addition to the severity of these security risks, the lack of visibility is also a major concern. 52% of IT managers reported that a lack of network visibility had negative implications for business productivity, and primarily because they could not prioritize the bandwidth for critical applications. Industries that rely on custom software to meet specific business needs are finding that an inability to prioritize these mission critical applications over less important traffic is becoming quite costly. Highlighting that is the fact that 50% of the respondents who invested in custom applications were unable to identify the traffic, and making insufficiently informed decisions has been significantly impacting their return on investment.

The survey also found that:

  • An average of 45% of network traffic was going unidentified, and not controlled accordingly.
  • 4% organizations are concerned about security.
  • 3% organizations are concerned about productivity.
  • 9% IT pros wish for better protection than that provided by their current firewall.
  • Organizations dealt with 10-20 infections per month.

It’s unlikely that anyone ever saw the first incantations of firewalls to have any sort of ‘set-it, forget-it’ promise, but it’s clear now that a big-picture review of their design, function, and -most importantly – results in application is very much due. It shouldn’t take much for this to become a priority issue in the web and digital security world.

Avoid Hacks Related to New Microsoft Outlook Flaw

These days most of us won’t pay much attention to a collection of seemingly random letter and numbers with dashes, but when it comes to this one – CVE 2018-0950 – anyone using Microsoft Outlook email may want to pay a little more of it. CVE 2018-0950 is the name that’s been given to an information disclosure vulnerability of Outlook, and Microsoft released a vulnerability patch this month.

Every quality Canadian web hosting provider takes the initiative to keep their customers informed in these scenarios, and we’re no different here at 4GoodHosting. This one in fact is particularly noteworthy with the fact that Outlook is one of the most popular and common email applications. Given the nature of this flaw and the reality that much personal information can be contained in email communications, this one isn’t one to be taken lightly

The release of the patch mentioned above, however, came nearly more than 18 months after receiving the report that disclosed the bug, courtesy of one Will Dormann, a software vulnerability analyst with Carnegie Mellon Software Engineering Institute’s CERT Coordination Center.

This vulnerability can make it so that sensitive information is then disclosed to a malicious site. Obviously, Microsoft Outlook users need to be aware of this vulnerability and what safeguards are best to neutralize the risk.

Leak Bug Threat Analysis

CVE2018-0950 affects Microsoft Outlook software, and specifically by rendering Rich Text Format (RTF) email messages that contain remotely hosted OLE objects hosted on SMB (Server Message Block) server (under the control of attackers).

The situation is that when other Microsoft applications such as Word, Excel and PowerPoint encounter remotely hosted OLE objects, the user is notified as a security caution before thos messages are rendered. Here though, Outlook took no such action and allowed attackers to have an easy access to the user’s system when they opened or previewed such mails.

The resultant vulnerability makes it possible for hackers to steal sensitive information. Windows login credentials or hashed passwords are at risk of being revealed, and done by sending an RTF-formatted email to a victim and convincing the recipient to preview or open that email with Microsoft Outlook. It’s that simple, with no need for any further interaction.

The bug then initiates a connection to a remote, malicious SMB server which leaks the victim’s IP address, user name, host name, domain name, and their NTLM Over Server Message Block (SMB) password. By simply convincing the user to preview an RTF email message with Microsoft Outlook, the attacker may be able to get their hands on the victim’s IP address, domain name, user name, host name, and password hash – which may be cracked offline.

This vulnerability may be combined with other vulnerabilities to modify the impact – and with VU#867968 most notably. With this combination an attacker could cause a Windows system to blue-screen crash (BSOD) when a malicious email is previewed with Microsoft Outlook.

Not at all to say that Microsoft has been oblivious to all of this. In an attempt to patch the issue, Microsoft released a fix in its Microsoft Patch update for April 2018. It now prevents Outlook from automatically initiating SMB connections while previewing RTF emails, but it’s not far-reaching enough to prevent all SMB attacks.

Recommended Safeguards

The following safeguard moves are recommended for Windows users with the aim of mitigating this vulnerability.

  • Install Microsoft patch update and apply for vulnerability CVE-2018-0950.
  • Blocking of specific ports; 445/tcp, 137/tcp, 139/tcp, along with 137/udp and 139/udp, used for incoming and outgoing SMB sessions.
  • Block NT LAN Manager (NTLM) Single Sign-on (SSO) authentication.
  • Choose complex and long passwords that can’t be cracked easily.
  • Choosing not to click on suspicious links added in any emails.

Optimizing Voice Search for SEO Ranking  

Voice recognition in smartphones isn’t exactly new, but pairing it with AI and this level of functionality is. Here at 4GoodHosting, part of what makes one of the best Canadian web hosting providers is the way we don’t need to be coaxed to keep up on developments in the digital world. We realize the immediate relevance all of these mobile trends that keep coming fast and furious have for both us and our customers who are in business on the web.

Nearly every business or company has been working to optimize their local SEO, and now voice search optimization has become more of a priority as well. Given the increasing predominate of searches and queries submitted by voice and process by digital assistants like those mentioned above, there’s good reason for that.

Here’s what we know about the best ways to optimize pages and content for voice search.

Ensure Good Page Speeds

Siri has made quite a name when it comes to helping people get the information they need without having to enter anything manually, and they don’t have to follow any set method or tradition for conducting their search. They’re free to use the feature in whatever manner they want. But if a page doesn’t load quickly, they’re going to move on.

Voice search engine optimization is important, and let’s note that page speed plays a major role in voice search SEO. The average voice search result page loads in 4.6 seconds, which is 52% faster than the average page. This definitely raises the bar of what’s ‘acceptable’ and you need to make sure you’re in line with it.

HTTPS is Better

That extra character at the end of your URL prefix makes all the difference in the world now.

HTTPS websites dominate Google’s voice search results, and more standard HTTP sites lag far behind in popularity with voice-based search results. Take note again that 70.4% of Google Home result pages are secured with HTTPS.

Voice search results are significantly more likely to use HTTPS than other websites ranking on Google’s first page. As a result, implementing HTTPS may improve your chances of appearing as a voice search result.

Keep it Simple

Google prefers short, concise answers to voice search queries. The typical voice search result is only 29 words in length. When optimizing your content to rank in Google Home or Google Assistant, make your answer snippet as short as possible, while of course still providing a thorough answer to the query. However, it’s unclear how this applies to Amazon Alexa, Siri and other voice search platforms.

It’s safe to say it’s a good practice to get into, and brevity is always beneficial in the digital world in general.

Schema not so Big

Many of you will be familiar with schema.org and the way it helps search engines better understand your content. 36.4% of voice search results come from pages that use Schema, as compared to the slightly higher worldwide average of 31.3%.

While it’s true that voice search result pages tend to use Schema slightly more often than your average web page, the difference is not significant. Also, 63.6% of voice search results don’t use Schema at all. Conclusion? Schema has a direct impact on voice search rankings.

Assert Authority

Authoritative domains tend to produce voice search results significantly more than non-authoritative domains. In fact, the mean Ahrefs Domain Rating of a Google Home result is 76.8.

Unlike traditional searches, Google Home gives you a single answer to your question. Offering only one response means that Google feels the need to be extremely confident that they’re giving you accurate information.

The voice search algorithm may rely on domain authority over page authority to determine this certainty. Once Google finds a plausible voice search answer on a trusted website, the number of links pointing to the page itself aren’t that relevant.

Socialize and Thrive

Content with high levels of social engagement tends to perform well in voice searches. Consider that the average voice search result has 1,199 Facebook shares and 44 Tweets.

However, it’s extremely unlikely that the voice search algorithm uses social signals. But where’s there’s smoke there’s fire. Valuable, engaging content performs well in any search engine environment, and voice search is no exception. Try to publish valuable, highly-shareable content to improve your chances of ranking as a voice search result.

Easy on the Advanced Syntax

This is the surprising one of the bunch it seems. Simple, easy-to-read content may help with voice search SEO. Apparently the average Google voice search result is written at a 9th grade level. Which is not surprising when you consider that voice search results:

  • Need to contain simple words that are easy for Google to pronounce
  • Need to be comprehensible without any visual reference
  • Can’t contain challenging words or phrases

While it’s not proven, it’s quite plausible that Google may measure reading level and use it as a voice search ranking factor. Publishing simple, easy-to-understand content may help with voice search SEO, and overall it’s a good habit to get into, particularly if you’re in e-commerce.

Immersion Cooling: The Future for Data Centers

The continuing boom in digital technologies – and in particular for mobile video streaming and online gaming – now has mobile devices making up nearly 60 percent of the entirety of data traffic. Come 2020 that’s expected to rise to 80 percent and it’s an indication of how totally wired we’ll all look to be in the not so distant future.

Here at 4GoodHosting, we’re in a spot like any other Canadian web hosting provider where we see the incredible benefits this type of mobile connectivity is going to provide for us, but we’re also obviously aware of the operation challenges that these data demands are going to put on data centers across Canada.

Every online activity involves massive amounts of data that’s stored in different data centers, and while there’s many different sizes of them it is the large data centers that may overheat on account of the billions of gigabytes of data being created and used all around the world. Data centers and their IT equipment – servers, networking and storage equipment – consume mammoth amounts of energy to run AND work to cool the heat which emanates from the IT equipment going at or near capacity much of the time.

In fact, cooling is far and away the biggest consumer of electrical power in nearly all data center, and sometimes they may take up to 40 or 50 percent of all the power being used in certain ones.

Here’s something else to consider; this round-the-clock global data center energy consumption eats up roughly 3% of all globally generated power, and makes up 4% of greenhouse gas emissions. That puts the ICT industry at par with the airline industry in as far as those emissions, but it’s the data centers that are said to have the fastest growing carbon footprint among the entire ICT sector – to the tune of almost 1/4 of global carbon dioxide emissions from ICT.

There have been energy efficiency improvements, but it’s predicted that data center energy use will grow by 4% between 2014 and 2020.

Technological Advances in Cooling

The biggest change from recent years is that demand for data centers among cloud service providers, enterprises, government agencies, colocation providers and telecommunication organizations has increased in a big way along with the increased implementation of advanced technologies such as cloud-based services for their operational business needs.

Factor in as well the rapid growth of new technological trends like big data analytics, A.I. and machine learning, cryptocurrencies and the IoT. Bitcoin mining also burns huge amount of electricity.

All these new services and enhanced products is also pumping up demand for powerful computing hardware. This creates space needs and design implications for high-density racks that can be both powered and cooled.

P.U.E. stands for Power Usage Effectiveness, and all of these developments make it difficult to have reasonable PUE and be a ‘Green’ data center. The ideal PUE is 1.0, and that indicates maximum attainable efficiency along with no overhead energy.

Which leads us to cooling.

Air cooling struggles to effectively lower the operating temperatures of data center hardware these days, but liquid immersion cooling is much more effective. Liquid immersion cooled data centers are more compact, modular, green and highly efficient, saving up to 99% of electricity compared to traditional data center cooling themselves with chillers, heat pumps and HVAC.

Server immersion cooling makes it possible to significantly reduce their data center energy load, and that’s independent of how their PUE is doing. Hardware or servers are kept submerged in what is typically an oil-based liquid that is dielectric and thermally conductive.

This in turn allows data centers to employ evaporative or adiabatic cooling towers instead of chiller-based air cooling.

Submer Technologies is one new player on the scene that has a quality oil-based data center product, using a coolant fluid which is 100% biodegradable dielectric fluid and ensures an impressive 1.03 PUE plus a 45% savings on traditional electricity bill and hyper scaler efficiency. It’s great for web hosts, cloud providers, edge computing, cryptocurrency mining, blockchain and research data centers.

Big Data needs to stay cool too, and it would seem air is soon to be relieved of its duties there in most data centers around the world.

Can Your Web Hosting Provider Be Bringing Down Your SEO?

When you set out to build a website and – in the bigger picture of things – an online identity you are probably going to focus most on layout, graphics, content, SEO, marketing, and advertising. These are all vital components of a good website, but it turns out that where you choose to host your website also factors in as well.

Here at 4GoodHosting, so much has gone into making us a top Canadian web hosting provider, but without a doubt seeing to it that our clients and their websites are optimally located and enabled has always been a priority. We definitely understand that before you choose your website’s design or content, you need to choose a good web host who’s got the infrastructure in place to protect your rankings.

One of the factors Google and other search engines look for when indexing web pages is how fast they load. Now while it’s true that a good Canadian web host won’t necessarily get your website listed on Google’s first page, it is true that a lesser host will ruin your credit with Google and other search engines. Between a provider’s server type, location, speed, and uptime there can be an affect on your website’s relevance with search engines. It’s definitely something to consider.

Here are five web host traits that search engines that Google will see unfavourably for search engine rankings.

  1. Slow Speeds

This one’s probably fairly obvious. A website that is clocked to load slowly will be disadvantaged. Search engines aren’t going to rank your website high in the search results when it’s too slow, and that’s in the interest of keeping visitors on a page. Most site visitors will click off a website if the page is too slow to load. Between 7 and 10 milliseconds is considered to be the optimal speed, but anything over 100 milliseconds isn’t good. Your homepage should load in under 1 second, and there are many ways to test this. Google ‘free website speed checker’ and you should be able to find them easily.

  1. Excess Downtime

Even the fastest loading website is going to be disadvantageous if it’s down too often. When a user clicks on a link to your website, it should be readily available. Make sure you have uptime that is at 99.9% as a minimum. This is very much directly related to the quality of your web host’s servers and networks, and nearly all of them are able to guarantee 99.99% uptime. The closer to 100% the uptime is, the more time your website spends live.

  1. Server Locations

Occasionally the cause of a slow loading website is that the server is far away from you. If the website’s server is in Asia, and you’re in North America, there’s often delays and especially so at certain times of the day. It’s advisable to choose website hosting servers that are close to where your visitors are located, whether they’re your neighbours or far overseas. Doing this will inherently help your boost your search engine rankings and SEO.

  1. Shared Hostin

Shared hosting is an affordable way to get your website online fast, but it’s typically only suited for very small basic websites. Ones with added functionality and dynamic media are often starved for bandwidth on shared hosting. VPS web hosting is an affordable alternative to give your website all the breathing room it needs.

  1. Connection Errors

Now here’s the one that you just can’t tolerate. Most web hosting providers are air tight in this regard, but there’s a few who aren’t and it’s important that you do your homework. Read customer reviews and dig for reviews on the company as a whole.

Common messages are ‘internal server error’ and ‘database connection failure.’ If your website’s getting more traffic (which IS a good thing) and this is occurring, then like above it’s time to get a VPS hosting account OR move to a provider who has what you need with shared web hosting.

Now not to toot our horn a little too much, but we’ve had a AAA rating with Better Business Bureau all across Canada and we are one of the providers who CAN guarantee 99.9% uptime and we’ve got exceptional customer service and support to go along with it.