State of Site5: June 2013

Hi everybody! Welcome to the month of June. I don’t know about you, but summer hasn’t really arrived for me, yet. It feels a lot more like April, but no doubt that will change soon! In the meantime, the Site5 team has completed another month of supporting our customers, enhancing services, and working on ways to improve your Site5 experience.

Here’s a recap of what we have been working on:

1. We spent a lot of effort improving uptime across our server fleet, ensuring we can protect against the types of usage spikes we saw with the well detailed WordPress attacks. New modules were written and deployed, as were new kernels.
2. Site5 has welcomed two more people onto the team, but we are still hiring spree! There are multiple positions currently open, including two seeking 10am to 6pm coverage which is perfect for those of you in North America and South America! If you want to work at Site5, please head over to our Careers page and apply for a position! I joined Site5 just a few months ago, and the difference between Site5 and other employers really is something to behold.
3. Our WordPress themes team released Fizz. Fizz is a terrific WordPress theme for a business website, but works well as a more professional-looking personal site as well.
4. We made shared, reseller, and VPS hosting available in Bucharest, Romania! Tom already blogged about that here. We are very excited about this new location, and the state of the art facility that hosts our infrastructure.

And here are updates for some ongoing projects:

• Our new billing system is starting to look like something special! Our development team has moved from working on the basics, to starting work on the niceties that will really make this new solution shine.
• Work has started on upgrading to Passenger 4, which will make it possible for us to offer multiple versions of Ruby at one time.
• CloudFlare integration is coming to our shared, reseller, and VPS customers! Look for another announcement soon on that.

This gives you, really, just a hint of what we’re working on. There are lots of other things occupying our time, but we’re just not ready to talk about them yet! Until July, I leave you with this:

“The best way to predict your future is to create it.”
― Peter F. Drucker

Host Your Website in Bucharest, Romania!

I am pleased to announce that we have added Bucharest, Romania as our third European option for shared, reseller, and VPS hosting!

As with our other location options, there are additional costs. These costs are as follows:

• Shared Hosting – $1 more per month
• Reseller Hosting – $2 more per month
• VPS Hosting – Varies (see Varies (please see the VPS page for pricing information)

If you are interested in having your existing account migrated to a new location, you can fill out the form located in Backstage and our migrations team will be happy to take care of this for you. There is a one-time fee of $5 for us to migrate an existing account.

This link can be used to test a download from a server located at our Bucharest location. You can use this to determine how fast file downloads could be if you host from Bucharest.

Bucharest Test Download Link (30 MB file)

Use this IP address if you would like to see latency or trace information: 188.240.51.132

If you have any suggestions for locations, please let us know in the comments!

Help Us Explain Malware Version 2!

Hey folks,

We really appreciated your help the last time we put this up, and we have taken your advice to heart. You’ll find below two explanations now… one for “non-geeks,” and the other for “geeks.” We use the term “geek” most endearingly given that we are a company of 100+ geeks here at Site5. :)

Again, we would really appreciate your feedback on whether the explanations below are clear and concise. We’re happy with them, but ultimately our customers are the audience. Any constructive feedback you have is much appreciated!

Malware refers to the bad things that happen if an attacker gets into your website.

Non-Geek Explanation
Malware refers to just about anything bad an attacker can do if they gain access to your website. Usually it happens if there is a security bug in the script that is powering your website (such as WordPress, Magento or Joomla,) or in a supporting plugin, add-on, module, or theme.

Once an attacker has access to your website they use this as a launch point to do things like:

• Place extra, malicious code into your website to infect your visitors’ computers with viruses and desktop-malware.
• Display unauthorized advertisements to your visitors
• Send spam and phishing emails through your hosting account
• Upload fake webpages to your account, and attempt to get people to visit them and steal their information (i.e. a fake bank website) through phishing emails
• Other bad things.

Geek Explanation
Malware on websites has come to refer to just about anything that results from an attacker gaining access to a website or the scripts that power that website.  This is code, iframes, or scripts designed to provide malicious hackers with the ability to use infected websites for illegal purposes. Those illegal purposes include but are not limited to:

• Sending spam email
• Infecting your visitors’ computers with malware
• Displaying unauthorized advertisements
• Deploying identify theft attempts through fake webpages

Malware is also often used to create “botnets,” a collection of Internet-connected computers controlled from a central location for the purposes described above or to launch attacks on other websites.

Symptoms

There are several ways to tell if your website has been infected with malware:

• Your web host notifies you of spam/abuse complaints against your domain(s)
• Your hosting account begins using far more resources (CPU, RAM, storage) than normal
• You receive a warning when visiting your website because it has been blacklisted by a malware detection service which often partner with web browser development companies (e.g. Google, Microsoft, Mozilla, Safari, Opera)

Site5 Malware Protection helps prevent any of the above issues from occurring by proactively scanning your website, fixing any discovered problems, and alerting you to any issues before your end users begin to notice them.

Help Us Explain Malware

Hi everybody,

We are currently working on a description of our malware protection service, as well as malware itself. We would really appreciate it if you would have a look over the description of malware below, and provide some feedback. Is it clear? Is there anything we can do to explain malware better (when it comes to websites, not malware on your computer)? If you have any suggestions or ideas, please feel free to share them! Thanks.

Malware infects websites giving hackers access to your data

In short, malware is “malicious software” designed to provide malicious hackers with the ability to use infected websites for illegal purposes. Those illegal purposes include but are not limited to:

• Sending spam email
• Infecting additional computers with malware (A.K.A. drive-by downloads)
• Displaying unauthorized advertisements
• Deploying identify theft attempts through fake webpages

Malware is also often used to create “botnets” controlled from a central location for the purposes described above or to launch attacks on other websites.

Symptoms

There are several ways to tell if your website has been infected with malware:

• Your web host notifies you of spam/abuse complaints against your domain(s)
• Your hosting account begins using far more resources (CPU, RAM, storage) than normal
• You receive a warning when visiting your website because it has been blacklisted by a malware detection service which often partner with web browser development companies (e.g. Google, Microsoft, Mozilla, Safari, Opera)

Site5′s Malware Protection service helps prevent any of the above issues from occurring by proactively scanning your website, fixing any discovered problems, and alerting you to any issues before your end users begin to notice them.

State of Site5: May 2013

Hello Everyone!

It is May and the days are getting hotter in most parts of the world. The action is hotting up here at Site5 too as we have been busy working on some really important (and exciting!) stuff, all with the larger goal of giving you the best web hosting experience that money can buy!

Here’s a quick recap of what is going on:

1. Our software development team has been hard at work on revamping our billing & CRM system that will eventually replace the backend that powers Backstage. This is a significant rewrite from the ground up so it is will take time and there isn’t any ETA as of now. Our engineers are also working on other important internal projects, such as creating tools for staff that they can use to get things done a lot faster on our platform, such as installing SSL or making changes for Google apps to work. These tools will enable our staff to serve you significantly faster!
   
2. We’re working on setting up our helpdesk to route tickets automatically to staff members. We feel this will make our support process more efficient. This also serves as a base to test further ideas, such as routing tickets to the same staff member that worked it last, however all that is a long way ahead.
3. We have been in hiring mode for a while now, and a lot of positions have been filled. However, there are still some open positions so if you know of anyone who is qualified and interested in working for us, please send them over to our careers page. Site5 allows its employees to work from the comfort of their home and we greatly value work life balance.
4. Staying true to our commitment of providing free wordpress themes to the community, we will be releasing a new theme shortly, and work has begun on another new theme as well!
5. The recent attacks against WordPress websites have fueled our resolve to improve our defenses against similar attacks and traffic surges in the future. Our Technology team has been spending most of their time in these past weeks devising robust solutions to these problems in order to make sure that Site5 is more equipped than ever before to combat such attacks.
6. We will be adding a new location soon in Eastern Europe. More specific information on that soon, but I can tell you that it starts with Ro and ends with Mania!
7. Our Research & Development team has been putting in a lot of work on our custom kernel that is being designed to improve the way server resources are used. We aim to further increase efficiency and performance across our fleet with this new kernel.
8. We are evaluating the upgrade process to cPanel 11.36. Our current cPanel version (11.32) will soon reach end of life, so we want to make sure that we can safely upgrade to the newest version without any problems.
9. Work continues on switching the default PHP version across our fleet to PHP 5.3 and adding support for PHP 5.4. This is nearly done, with most of the shared/reseller servers having been switched over already.

That is it for now, until our next monthly State of Site5 post – take care and enjoy summer time!

State of Site5: April 2013

Hi everybody! It’s April! Wait, April? Wow… March was a complete blur as the Site5 team continued to support our customers, enhance our services, and work on ways to help everyone’s Site5 experience be a bit easier, and better.

Here’s a recap of what we have been working on:

1. We just launched SSL certificates! Site5 now offers three different SSL certificates to our customers, and all of the details are available in Backstage. We highly encourage our customers to select a Site5 SSL certificate as we can provide better support for them, versus third-party SSL certificates.
2. Site5 is still on a hiring spree, with multiple positions currently open! If you want to work at Site5, please head over to our Careers page and apply for a position!
3. Our WordPress themes team released Clippy, a pinboard-style theme. You wanted your blog to look like Pinterest, didn’t you?!
4. We also made several enhancements to our internal systems like beginning to roll out a new server monitoring solution, improving our VPS backups, and redoing our RAID array check tool.

We also have updates on some of our ongoing projects:

• Our new DNS system is not quite done, but we continue to work on it to make sure that the importing process is flawless. Once we’re happy with that, we will be able to make more strides forward.
• We continue to update the default PHP version on all servers, with new default being PHP 5.3, and PHP 5.4 being available as an option. All our shared, reseller, and cloud servers are running the new version, with just our VPS and cloud VPS servers left to upgrade!
• MySQL was upgraded across our entire fleet to help plug some security holes, and all servers are now running MySQL 5.1.67.
• Our new billing system is coming together nicely. Several key components were completed recently, and we’re all looking forward to its release.
• We have a few other projects that we should be announcing availability for soon. Keep an eye on the blog by subscribing to the RSS feed or checking Backstage!

We have covered a lot of ground, and the team here has a lot more in store for you. Until May, I leave you with this:

“Arriving at one goal is the starting point to another.”
- John Dewey

Widespread Attack Against WordPress Installations

Hi everyone,

I wanted to take a few moments to address the recent stability issues affecting our servers, and what we have been doing to combat them. Earlier this week, a large widespread attack began targeting WordPress installations across the Internet. Given how popular the WordPress blogging platform is, the attack impacted a large number of web hosting providers.

The Site5 team has been working diligently to find new ways to mitigate the attack. Some of the methods we have used include implementing hardware firewalls, traffic management systems, web server modules, rejecting certain UserAgents, and blocking connections from IP addresses that repeatedly attempt to access the WordPress login page over a specific threshold. It hasn’t been easy, but thankfully we have a team that has proved itself to be up to the task! Our forum post has additional details posted for those interested:

http://forums.site5.com/showthread.php?t=38008

After an extremely busy and tense few days, it looks like we have the issue under control. We will continue to monitor our fleet to determine if additional attacks are occurring.

We apologize for the increased support times and service issues, and we sincerely appreciate your patience as we worked through the attack.

We Bring You SSL Certificates

We know that many of our customers have been waiting for this for a long time, and we have appreciated your patience while we ironed out the details. We are very happy to announce that Site5 is now offering SSL certificates!

We have partnered up with Comodo, one of the top SSL certificate providers, to offer you the SSL certificates we know you need most. You get the peace of mind that comes with providing a secure site, your visitors get the peace of mind of knowing they are visiting a secure site, and everybody wins!

When logging in to Backstage, you will now see a new “SSL Certificate” option under the Add-Ons. The certificates we are offering are:

• Comodo PositiveSSL
• Comodo PositiveSSL Wildcard
• Comodo EV SSL

Of course, all SSL certificates purchased through Site5 come with free installation! We have also made the ordering process as easy as possible, making it easy for you to select the right SSL certificate for your website, and having our staff install the SSL certificate for you. At the end of the day, it really doesn’t get much easier than this.

If you have any questions, please feel free to leave a comment, or submit a ticket in Backstage!