Category Archives: Auto-Installers

Taking a backup of your website in cPanel Paper Lantern

Leave a reply

We all should regularly take backups of our website, whether we like it or not. A backup is like a flashlight, you never know when you may need it. You may never need it or may need it once in 365 days. But if you do need it and don’t have it, you will regret it.

1. Login to your cPanel account (For more see this article)

2. Select the Backup option in cPanel

3. Under the Partial Backups option, you can choose which parts of your website to backup.

The Home Directory option will allow you to backup all files in your account, except for the MySQL databases and the cpanel account configuration. This option will download a .tar.gz file i.e. a compressed tarball which contains the entire folder structure and files inside your hosting account.

The Database Backup will allow you to download a backup file for each individual database. The file format for the database backup is dbname.sql.gz i.e. it is a compressed file, which contains a .sql file of the database.

You can also download domain wise email forwarders, in .gz format by clicking on the Email Forwarder option.

 

Do note: If your internet connection is interrupted or there is some download issue, your downloaded file may be incomplete or corrupt. Always verify downloaded backups before relying on them.

Tips To Prevent Failed Backups Of Your Website

Leave a reply
Tips To Prevent Failed Backups Of Your Website

Tips To Prevent Failed Backups Of Your Website

Most of us keep regular backups of all our important data, especially which is on the internet. Websites should also be backed up regularly as a safety measure in case of a disaster and also as a version tracking mechanism. This ensures that in the event of our website being hacked or becoming corrupt, we can quickly restore it to a prior version. Most of us have automatic mechanisms to take a backup. But little do we realise that taking a backup doesnt really end there. We need to ensure that it is a workable backup and not a dummy file which has not value. This article explains how we can prevent backup file failures and how to ensure that our website backup will be of use when we need it.

Elements

An important aspect of taking backups is not to forget any of the elements that make up your account. Your web hosting account has several elements which need to be backed up so that you can restore your entire account. This means that you need to backup things like Email, Website Files, Databases, Configuration Files, Web Statistics, Email Forwarders and any other customizations that you may have done with any of these elements. Hosting Control Panels like cPanel or Plesk may allow you to take backups of these elements separately or compile them into a single compressed file. Forgetting even one part of your account backup may render your website useless. Many people forget to take a backup of their database files since the backend is not something that the users interact with. Similarly, the small configuration files and customizations can also boost the speed and efficiency when you attempt to restore the backup.

Disk Space Shortage

The in-built backup options of your web hosting control panel will usually save your backup in the home directory of your account. This means that the backup will also consume hosting space within your account. If you are on a limited space plan, you should have atleast 50% free disk space before you backup your account. If you do not have enough space, the backup may not complete fully or may get corrupt. This can be disastrous when you are dependent on it and when you want to restore the account. Ensure that you have enough free space so that your backup is not stuck.

Failed Download

One of the most common failure points when taking a backup is the download to your local machine or onto the media you are ultimately backing up on. Very often, when the backup file is being downloaded on the media or machine, the network connection may drop or the process maybe terminated. This may indicate that the file has been downloaded, but actually the file is only partially downloaded. A client of ours who was switching from shared hosting to a dedicated server was taking a backup of his website on his own. He started downloading the backup file from his hosting account. The size of the backup file was about 600 MB. On his internet connection, it indicated that about 8 minutes were left for the download to complete. In between the download process, his internet connection dropped. He noticed that the file transfer had stopped and file was on his hard disk. However, he did not notice the file size and assumed that the entire 600 MB has been downloaded. The backup file was corrupt and had downloaded only 350 MB. Luckily he noticed the mistake and was able to retrieve the backup file. You may not always be so lucky.

Integrity Check with the Checksum

The best way to ensure your backup file’s integrity is using a checksum tool to verify the checksum of the file before and after it is downloaded. Ideally this means that you get a unique hash value of the file from the web server. This unique hash value is tied to the file and is almost impossible to reverse engineer. Then, after you have downloaded the file, retest for the checksum of the downloaded file on your backup media. The checksum of the file should be exactly the same. If the file is corrupt or tampered or has not downloaded properly, the checksum will mismatch and you will get to know easily. This ensures data integrity and provides assurance of a healthy backup file.

 

The Evolution Of Passwords: What Are The Alternatives?

Leave a reply
The Evolution Of Passwords: What Are The Alternatives?

The Evolution Of Passwords: What Are The Alternatives?

With the internet being an indispensable part of life, passwords have also become an integral dilemma. With more and more facilities coming up online, each facility requires different types of passwords based on length and strength. Some require you to put in a special character, others may want a CAPITAL letter and others may want you to do a back flip as well. The odd part about passwords is that not many people seem to have invested their time, money and resources into investigating what the alternatives to passwords could be. Some services offer to remember your passwords while others offer to automatically fill them into your web forms, but this doesnt really solve the problem of passwords.

With 2 factor authentication becoming more popular, passwords have to share their space of glory with other authentication tokens or methods. 2 Factor Authentication matches “something you know” with “something you have” and thereby allows you to sign in.

Audio and Visual Passwords

Using Audio and Visual means to authenticate is becoming more and more popular across the internet. Services like Clef provide a system by which an image on your phone app is matched with an image on the login screen of your website, by using the phone’s camera. This image matching causes the system to authenticate and allows you to login. Its something like how a bar code is read by a scanner and the entry is automatically filled in. Illiri goes a step further by transmitting passwords in audio form.

OTP by SMS / Email

A lot of websites with sensitive information often send a second password or a One Time Password to your email or mobile phone by SMS. This acts as a second layer of security to establish your identity. You have to then enter the exact same character string into your login box along with or after entering your password. Banks use this to authenticate high value transactions and also before you make important changes to your account profile. The limitation in this system is that you have to have mobile phone connectivity or access to your email at the same time that you want to do the transactions. This can be quite a limiting factor if you are travelling. Some banks also provide phone apps to allow you to generate the number using the app rather than sending the OTP by SMS. However, this system can be easily fooled if the impersonator has your password and mobile phone or email access.

Bio-metrics

Another way of replacing passwords is by using certain unique elements of the human body. Modern bio-metrics use Fingerprints, Retina Scans and even Face Recognition to help you authenticate even if you suffer from memory loss. Increased reliance on bio-metrics is visible from the integration of a fingerprint scanner in iPhones and also the launch of many laptops for home use with face recognition and also finger print readers. Although bio-metrics are somewhat unique, they don’t remain fool proof and also can be inconvenient. Hence, all devices which come with bio-metrics also have an alternate password or PIN option to authenticate.

Physical Tokens

Banks use physical tokens or “dongles” which generate a random number which must be put in with the password at the time of authentication. This is a replacement to the OTP, to ensure that there is no middle-man or interceptor who can steal your OTP when it is being sent by the bank by SMS or email. Physical tokens have a high chance of being lost or forgotten. Further, they maybe reverse engineered and misused by hackers.

As it is famously known that “security and convenience are inversely proportional”. This means that the more security you have, the less convenient it is and the more conveniences you have, the less secure they make you. True to this, no matter what security measures we try and implement, the human element will be the weakest link in the chain of security.

Why Do Most Web Hosting Providers And Resellers Recommend WordPress?

Leave a reply
Why Do Most Web Hosting Providers And Resellers Recommend WordPress?

Why Do Most Web Hosting Providers And Resellers Recommend WordPress?

If you ask most web hosting providers about what their recommendation would be for a blogging platform or Content Management System for a website you will most probably hear WordPress as the first option. Day by day, the patronage for WordPress is on the rise, and with good reason too. This article explains why most web hosting providers would encourage the use of WordPress and why it may be their number one choice for clients.

Updates and Community Support

WordPress is regularly updated by the community and is kept bug free and as secure as possible at all times. If there is a vulnerability or exploit detected, many people work hard to plug the vulnerability and fix the flaws in the system. Since it is open source, this is all a team effort of the community. No dependence on a dedicated team or on a profit-focused software company. This gives much assurance to web hosting providers that the software is safe to run on their servers without a hitch.

Auto Installer Support

Almost all auto-installer software support the WordPress system and enable quick setup and maintenance of WordPress. With auto-installer software like Softaculous, you can auto-update WordPress when a new version is released, you can update all themes and plugins when new versions are released and you can also configure automatic backups to take place through cron jobs. This eases the burden on the web hosting provider in monitoring outdated installations and asking users to keep updating their obsolete software. This also comes in use when the web host needs to step in to provide support or fire-fight a website compromise.

Useful Documentation and Helpful Tutorials.

WordPress is well documented and the documentation is easily accessible on their website. This is a major relief to most web hosts, especially when troubleshooting client issues. A web host would always like to know if there is some issue with his server or there is a misconfiguration with the user’s install of WordPress. Although providing support for WordPress may not be covered in the scope of work of the hosting provider, it would definitely give them brownie points for pointing a distressed client in the right direction.

WordPress also has a lot of tutorials for newbie users and private bloggers. Many websites offer Video and Audio Tutorials for free, while some charge for premium guidance. YouTube also offers numerous free videos on WordPress issues and how to solve them.

Turn Around Time

A primary reason why web hosts and web developers love WordPress is due to the miniscule turnaround time for setting up a website and actually getting content online. The coming of auto-installers has further improved the speed of setup and updates. When a client trusts a web host for all their IT advice and expertise, they are sure to ask about WordPress. Setting up WordPress for an elderly client or a loyal patron is super fast and easy.

We have seen many clients struggling for months on end just to pick a suitable web designer. When they do pick one, it is an endless process to get the final site up and running. Either the Web Designer dilly-dallies or the client has very little time to give inputs. This process goes on for a couple of months, till the client realizes that the web hosting space they have taken is being wasted. When the client sits up and wants a website done yesterday, it’s the development team’s turn to act fussy. You can’t setup a full website quicker than with WordPress.

How The Softaculous Auto-Installer Enhances Your WordPress Experience With Newer Features

Leave a reply

How The Softaculous Auto-Installer Enhances Your WordPress Experience With Newer Features

Softaculous is an Auto-Installer like Fantastico and Installatron. While WordPress is not included in its Free Scripts, the price for a paid version of Softaculous is about $2.5 per month. This is quite a small price to pay for the benefits that it will give you. This article deals with the value addition that Softaculous has to offer as far as your WordPress experience is concerned. The aim of this article is to highlight the need for an Auto-Installer to make WordPress Management easy and less troublesome.

Auto Fill

The Softaculous installer automatically fills in the installation form when you are about to install WordPress. This means that it auto-fills field like the Database Name, Database Table Prefix, Site Name, Site Description, Admin username, Admin password, the admin email address and the Default Language to be used. Auto-filling these field helps to maintain consistency of the naming conventions (like database prefix) and also helps to randomize values (like database name and admin password) so that it becomes difficult for hackers to guess the password or database name. This saves the admin the headache of cooking up some innovative options and allows WordPress to be installed in a jiffy. It also aids newbie users by prompting them on what values should be ideally put into the text fields. This can be a big relief for people who were previously intimated by the built-in WordPress installer, which was not newbie friendly. If you are not satisfied with what Softaculous has suggested, you can always modify the values in the text box of the form. This ensures flexibility for those who want customization.

Advanced Options

Softaculous Contains a set of Advanced options which allows you to ensure the safety and data integrity of your WordPress blog or website. The form allows you to setup Update Notifications which will alert you when a new WordPress version becomes available for installation. This means that you don’t need to bother to keep a check on whether you have the latest WordPress software which is more secure as compared to earlier versions.

Automatic upgrade of WordPress is another feature which Softaculous provides. This means that you can setup Softaculous to automatically backup your WordPress files and upgrade them to the latest WordPress version as soon as it becomes available. This means that you need not bother about upgrading your WordPress installation and can concentrate on building good content for your site.

Automatic Upgrade of Plugins and Themes

This is a newer feature of Softaculous. It allows you to upgrade all your Plugins and Themes to their latest version. Buggy plugins are a major cause of security exploits in WordPress. This means that any 3rd party software that you install may contain some vulnerabilities which may be rectified in newer versions of the plugin. Although WordPress allows you to update the plugins and themes from inside the Admin interface, softaculous allows you to schedule updates and automatically updates the core plugin and theme files, without your intervention. It is always advisable to take a regular backup of your site, incase the automatic process fails and causes your site to crash.

Automatic Backups

Softaculous allows you to Automate backups of your WordPress install. This means that you can automatically backup your website on a daily, weekly or monthly basis into your home directory of your hosting account. You can then download the files to your computer at a later date. Incase you have a plan with limited space, you can choose to rotate the backups i.e. If the backup rotation limit is reached, Softaculous will delete the oldest backup for that WordPress installation and create a new backup.

Softaculous also pulls the information from your WordPress config file and displays the details of the install in a simple form, which you can use to sharethe backend details with your development team.

Softaculous needs to be bought by your hosting provider and installed on their server. We highly recommend Softaculous due to the ease of use and smooth functioning with cPanel / WHM. It is easy for the Admin as well as the end user. Softaculous and cPanel are an awesome combination which is a must have.