Category Archives: SSL

How Many Servers Does A Web Hosting Service Need?

Leave a reply
How Many Servers Does A Web Hosting Server Need?

How Many Servers Does A Web Hosting Server Need?

Web Hosting customers don’t always realize what goes on behind the scenes of their web hosting service. The layman often thinks that the web hosting service is just another software installed on a monster computer, bit of which are sold to the end user. But there’s a lot more that goes on behind setting up a web hosting service. While some hosts use separate machines to run services like email, FTP, HTTP etc., some hosts install all these services on a single machine. This article takes you into the web hosting world and shows you which software servers are running to give you the best web hosting experience with different services.

Web Server

The web server is one of the most important parts of your web hosting service. The web server is what actually delivers your web page to the user’s browser. It also handles different requests for information that your browser makes and also takes care of incorrect or erroneous requests. When you see 404 error pages or warning messages, these are all served up by the web server. Web hosts commonly use IIS, Apache, Nginx and Tomcat amongst many different web servers. Web servers use the HTTP protocol to communicate with the user’s browser. The administrator also has the capability of restricting folders, files and websites through the web server configuration.

Mail Server

The mail server is essential when providing email service. The mail server allows the sending and receiving of email on specific ports. The mail server helps filter the received mail to different users’ folders and thereby allows multiple domains to be hosted on a single physical machine. Mail servers are also capable of redirecting mail and applying conditional filters to weed out unwanted mail and fight spam. Most mail servers allow the use of third party plugins or software to aid them perform their functions. For example mail servers can intelligently use third party RBLs or black lists to identify if a mail sender is actually a source of spam which should be rejected before he can reach the mail server. Mail servers usually use IMAP, SMTP and POP3 protocols to serve their purpose.

FTP Server

Almost every web host offers FTP services to transfer files. But most users don’t realize that this requires an FTP server at the hosts end. An FTP server allows connections using the FTP protocol, for the transfer of files. This aids users in downloading or uploading files in simple, quick and efficient way. FTP servers control the bandwidth usage, user connections, authentication system and even file management for the user. FTP servers are inexpensive to maintain and are now considered as included in any web hosting package.

SQL Server

An SQL server is a database management server which allows users to create and store data in relational tables, using the Structured Query Language or SQL. On windows machines, Microsoft MS SQL is installed, whereas Unix based hosting systems usually come with open source alternatives like MySQL, Postgresql, MariaDB among others. Web hosts sell databases based on the package that the user takes. Each database requires CPU and memory resources to function properly. Databases form up the backbone of most websites which have a Content Management System or which store a large amount of data.

Others

Some web hosts offer their own DNS service, for which they need to run a DNS Server on their systems. The DNS server just maps the domain name to the servers IP address so that when a visitor is using a service on a website, he is served up the right information from the right source. Premium web hosts offer File Sharing services and have a Web DAV Server either separate or integrated into their Web Server (as above). This allows users to quickly sync files to and from their website onto their mobile devices. Almost all web hosts also provide an SSH service so that users can connect securely to different ports for different services on the account.

While web hosting may seem like an easy business, managing all these services can be quite a task, which web hosts need to do on a daily basis.

When Do We Need MySQL Databases With Our Web Hosting?

Leave a reply

Whenever you buy web hosting, your hosting provider is sure to include an option called “Databases” in his price quotation or package details. But not many of us know what are databases and why we need them when setting up a website. This article aims to explain a couple of reasons why we use databases and when we need them for our website.

The database systems we usually get with our web hosting accounts are all relational database systems or RDBMS. If we take a Windows hosting server we usually get Microsoft SQL aka MSSQL and if we take a Unix based system we usually get MySQL. Both these systems put your website data into tabular layouts for fast and easy retrieval.

Databases are a collection of rows and columns, where each row or column is related to the others in some way. Due to this relation, information from this database can be retrieved quickly and efficiently as compared to if the data was stored in any other unstructured format. You can consider a database as a collection of multiple spreadsheets which are all related to each other in some way or the other.

Security

A major advantage of having your data stored in a database is the ability to protect the database from unauthorized access, or the ability to protect a database record from being tampered with. A simple example would be the storage of login credentials. In a simple way, login credentials can be stored in a simple text file and be read by your script which does the authentication. However, your file will always save the password stored in plan text, making it vulnerable to anyone who has access to it. Databases have the ability to encrypt the entries using a hashing algorithm to obscure them. Further, to read or write to the database, you need to specify login details, something which is not easily possible with an ordinary text file or spreadsheet.

Efficiency

Due to the manner in which data is stored in the database, retrieval and storage is most efficient. Unlike a spreadsheet, where anything and everything can be stored in any cell, SQL restricts the type of information stored in each row or column based on certain conditions. This validation is inherent in the properties of SQL and is an added advantage for a programmer or developer. Due to the various inbuilt mechanisms that are present in RDBMS systems, they are the most preferred method of storage and retrieval of data.

An article on the DatabaseJournal Blog explains this in a lucid way:

“…The problem with text files is during a read, if the text file is large, it can take quite a bite of time to open and scan the contents of the file looking for what we want. Also, if we wanted to see all the sales to a specific customer, the entire text file would have to be read, and every line occurrence of the customer name would need to be saved in some temporary place until we had them all. If we saved to a spreadsheet instead of a text file, we would have a Sort feature built in. So we may be able to find all the sales to a specific customer quicker, but again, if the file was large, opening the spreadsheet could take a great deal of time.”

Administrative Control

Database systems also have various control mechanisms which allow easy administration of the database and tables within it. The most important part is user management. Each user can be given specific rights to the database, thereby allowing limitation in access so as to secure the data from being tampered, modified or altered. Database Administrator’s can tweak many settings of the database thereby restricting the flow of data, the connection speeds, maximum number of connections to the server and even adjust what hardware resources should be allocated for performing a task.

Tips To Prevent Failed Backups Of Your Website

Leave a reply
Tips To Prevent Failed Backups Of Your Website

Tips To Prevent Failed Backups Of Your Website

Most of us keep regular backups of all our important data, especially which is on the internet. Websites should also be backed up regularly as a safety measure in case of a disaster and also as a version tracking mechanism. This ensures that in the event of our website being hacked or becoming corrupt, we can quickly restore it to a prior version. Most of us have automatic mechanisms to take a backup. But little do we realise that taking a backup doesnt really end there. We need to ensure that it is a workable backup and not a dummy file which has not value. This article explains how we can prevent backup file failures and how to ensure that our website backup will be of use when we need it.

Elements

An important aspect of taking backups is not to forget any of the elements that make up your account. Your web hosting account has several elements which need to be backed up so that you can restore your entire account. This means that you need to backup things like Email, Website Files, Databases, Configuration Files, Web Statistics, Email Forwarders and any other customizations that you may have done with any of these elements. Hosting Control Panels like cPanel or Plesk may allow you to take backups of these elements separately or compile them into a single compressed file. Forgetting even one part of your account backup may render your website useless. Many people forget to take a backup of their database files since the backend is not something that the users interact with. Similarly, the small configuration files and customizations can also boost the speed and efficiency when you attempt to restore the backup.

Disk Space Shortage

The in-built backup options of your web hosting control panel will usually save your backup in the home directory of your account. This means that the backup will also consume hosting space within your account. If you are on a limited space plan, you should have atleast 50% free disk space before you backup your account. If you do not have enough space, the backup may not complete fully or may get corrupt. This can be disastrous when you are dependent on it and when you want to restore the account. Ensure that you have enough free space so that your backup is not stuck.

Failed Download

One of the most common failure points when taking a backup is the download to your local machine or onto the media you are ultimately backing up on. Very often, when the backup file is being downloaded on the media or machine, the network connection may drop or the process maybe terminated. This may indicate that the file has been downloaded, but actually the file is only partially downloaded. A client of ours who was switching from shared hosting to a dedicated server was taking a backup of his website on his own. He started downloading the backup file from his hosting account. The size of the backup file was about 600 MB. On his internet connection, it indicated that about 8 minutes were left for the download to complete. In between the download process, his internet connection dropped. He noticed that the file transfer had stopped and file was on his hard disk. However, he did not notice the file size and assumed that the entire 600 MB has been downloaded. The backup file was corrupt and had downloaded only 350 MB. Luckily he noticed the mistake and was able to retrieve the backup file. You may not always be so lucky.

Integrity Check with the Checksum

The best way to ensure your backup file’s integrity is using a checksum tool to verify the checksum of the file before and after it is downloaded. Ideally this means that you get a unique hash value of the file from the web server. This unique hash value is tied to the file and is almost impossible to reverse engineer. Then, after you have downloaded the file, retest for the checksum of the downloaded file on your backup media. The checksum of the file should be exactly the same. If the file is corrupt or tampered or has not downloaded properly, the checksum will mismatch and you will get to know easily. This ensures data integrity and provides assurance of a healthy backup file.

 

The Evolution Of Passwords: What Are The Alternatives?

Leave a reply
The Evolution Of Passwords: What Are The Alternatives?

The Evolution Of Passwords: What Are The Alternatives?

With the internet being an indispensable part of life, passwords have also become an integral dilemma. With more and more facilities coming up online, each facility requires different types of passwords based on length and strength. Some require you to put in a special character, others may want a CAPITAL letter and others may want you to do a back flip as well. The odd part about passwords is that not many people seem to have invested their time, money and resources into investigating what the alternatives to passwords could be. Some services offer to remember your passwords while others offer to automatically fill them into your web forms, but this doesnt really solve the problem of passwords.

With 2 factor authentication becoming more popular, passwords have to share their space of glory with other authentication tokens or methods. 2 Factor Authentication matches “something you know” with “something you have” and thereby allows you to sign in.

Audio and Visual Passwords

Using Audio and Visual means to authenticate is becoming more and more popular across the internet. Services like Clef provide a system by which an image on your phone app is matched with an image on the login screen of your website, by using the phone’s camera. This image matching causes the system to authenticate and allows you to login. Its something like how a bar code is read by a scanner and the entry is automatically filled in. Illiri goes a step further by transmitting passwords in audio form.

OTP by SMS / Email

A lot of websites with sensitive information often send a second password or a One Time Password to your email or mobile phone by SMS. This acts as a second layer of security to establish your identity. You have to then enter the exact same character string into your login box along with or after entering your password. Banks use this to authenticate high value transactions and also before you make important changes to your account profile. The limitation in this system is that you have to have mobile phone connectivity or access to your email at the same time that you want to do the transactions. This can be quite a limiting factor if you are travelling. Some banks also provide phone apps to allow you to generate the number using the app rather than sending the OTP by SMS. However, this system can be easily fooled if the impersonator has your password and mobile phone or email access.

Bio-metrics

Another way of replacing passwords is by using certain unique elements of the human body. Modern bio-metrics use Fingerprints, Retina Scans and even Face Recognition to help you authenticate even if you suffer from memory loss. Increased reliance on bio-metrics is visible from the integration of a fingerprint scanner in iPhones and also the launch of many laptops for home use with face recognition and also finger print readers. Although bio-metrics are somewhat unique, they don’t remain fool proof and also can be inconvenient. Hence, all devices which come with bio-metrics also have an alternate password or PIN option to authenticate.

Physical Tokens

Banks use physical tokens or “dongles” which generate a random number which must be put in with the password at the time of authentication. This is a replacement to the OTP, to ensure that there is no middle-man or interceptor who can steal your OTP when it is being sent by the bank by SMS or email. Physical tokens have a high chance of being lost or forgotten. Further, they maybe reverse engineered and misused by hackers.

As it is famously known that “security and convenience are inversely proportional”. This means that the more security you have, the less convenient it is and the more conveniences you have, the less secure they make you. True to this, no matter what security measures we try and implement, the human element will be the weakest link in the chain of security.

The Advantages Of Buying Domain Names From A Reseller

Leave a reply

All those of us who have a website, have gone through the process of booking the domain name and hosting space. While some of us got the name and space as a bundle, the more adventurous of us lot bought the name and space from separate providers. Many of us didn’t even know what the vendor options are when purchasing a domain name. Domain names can be bought directly from an ICANN authorized registrar or from a reseller of an authorized registrar. The reseller maybe your hosting company or hardware vendor or software vendor or just about anyone. This article lists out a couple of points why it maybe more beneficial to buy your domain names from a trusted reseller rather than buying it directly from the Registrar.

Pricing

Price is a paramount factor in determining from where you should buy the domain name. Usually Registrars offer the domain name for sale at very high prices compared to Resellers, as they would like to discourage people from buying from them due to the added support burden. Resellers commit a certain number of domain sales to the Registrar and hence can get the domain names at a cheaper rate, which they may pass on to the clients. Some Registrars charge between $29-$40 for a .com domain per year, while their own Resellers offer the domain name for $9-$15 per year. This could mean a huge saving for businesses with a large number of domain names, or businesses which have several group companies.

Support and DNS Management

Another important feature which only Domain Resellers can offer is personalized support. This means that if you have an issue with your domain name configuration or billing, you can reach out to your local reseller and get a quick resolution without having to go through a long drawn process. Some resellers may also offer phone based support and may provide remote assistance for configuration as well. Although there will rarely be any changes required to a domain name, when switching a hosting provider or setting up a new domain account you may need some configuration assistance. DNS changes and Name Server configuration can be considered critical support, because your entire website and related services depend on it. This means that if you misconfigure your domain name, your website may become inaccessible or may not be reachable from some parts of the world. This can be quite damaging if your business depends on online sales. This is one area where a Resellers support maybe crucial.

Freebies and Premium Features

Some Resellers provide Freebies and Premium Features with a domain name, which others may not be able to provide. They may offer Free WHOIS ID Protection or even a free hosting account. Others offer an email address or even a free one page website to advertise your business before you start planning for a real website. Bigger Domain Name Providers cannot afford to give these freebies, because their business model does not permit them to micro-manage their clients accounts. They are more into bulk selling and do not cater to the retail market per se.

Easy Integration

The Advantages Of Buying Domain Names From A Reseller

Another important feature which a reseller may offer, is easy integration. Domain Names are never used in isolation and always have a service or system attached to them. These services could be anything, ranging from website hosting to email addresses or even a vendor-hosted eCommerce portal. Many software and hardware vendors offer domain names as a bundle with their other services, so that the customer is not hassled in configuring the domain name with those services. The vendor himself integrates the domain or sets up a system to easily integrate the domain name with the service in a single click. An apt example would be a hosting company which bundles a domain name and automatically configures the domain name with the hosting account. This eases the burden from the client’s shoulder, of cross-linking the 2 services.

Readers must also note that buying a domain name from an unreliable or unscrupulous Reseller can also cause problems and may also lead to bad service. However, these cases are rare and have many legal remedies. Apart from that, an important thing to remember is to have full control of your domain name at all times.

Have You Really Understood What “Cloud” Hosting Really Is?

Leave a reply

I was greatly amused when I read an interview of a famous Technocrat from the Web Hosting industry. The part that really amused me was his reply to a question about “Cloud” computing and hosting. This IT Professional is the head of a leading Web Hosting Software Provider. His company offers a renown Web Hosting Control Panel, but has not once used the word “Cloud” in association with any of it’s products or services. His simple response to this fact was that they themselves were unsure of the meaning of this term “Cloud” and what was really expected off of them when they would start selling “Cloud” based products or services. This article attempts to identify the various meanings that people in the IT industry attribute to the term “Cloud”.

Elastic or Scalable Resources

Recently, Cloud hosting has been given the meaning of an elastic system which can rapidly scale up or scale down to exactly what the user needs. This means that you can start building your website or application with minimum resources on the same platform and as your application expands, your hosting resources and storage space will also expand to match up to the requirements. This would be useful for testing and development, especially when the resources required per project or per module can fluctuate constantly. It could also be useful for an eCommerce portal which needs to scale up on a daily basis, based on the popularity and visitor traffic. This functionality can also be achieved with virtualization technology and other similar software.

Cluster Hosting

Cluster Hosting is another system where parallel computer systems are used to boost the efficiency and speed of the website or application. Each computer in the cluster usually performs a separate service or function and all the servers in sync form a powerful network for the users purpose. Cloud Hosting seems to be the same, but with a difference. The differences can vary from provider to provider, but by and large there is a great similarity it shares with Clusters. This makes it even more ambiguous and difficult to differentiate it with cluster hosting. To further complicate clarity, we have Grid Hosting, which also uses multiple computer systems to perform a task with greater speed and efficiency. The line of difference between Grid Hosting and Cluster Hosting is distinguishable by some technical brainstorming. However, the true meaning of Cloud Hosting remains a mystery which each one wants claim to have solved.

Pay as you use resources

Have You Really Understood What “Cloud” Hosting Really Is?

Another important feature which is being attributed to Cloud Hosting is that the resources are “Pay As You Go” i.e. every connection, every process, every thread and every action performed is micro monitored and you are billed for the real resources used. This may become an expensive affair if you are hosting a high volume application. Similar functionality can be achieved by customized software which is available fir shared hosting as well. Infact, compared to earlier times now most control panels offer in built functionality to allocate and bill for resource usage automatically.

Web Application Hosting

Some providers use the term Cloud Hosting to offer Web Application Hosting. You may already be using such services in your daily life. Gmail, Google Drive, Zoho, Sound Cloud, Amazon AWS are all examples which our now integral to our work and the services that we receive from different vendors.

We often wonder, whether the simple old vanilla “Shared Hosting” is now rebranded as Cloud Hosting, with a few bells and whistles thrown in. Should we say “Old wine in new bottle”? Till we are certain about the meaning of what these services entail, we too will avoid using it in marketing and promotional material for our hosting services.