Blogs on detail technical administration tasks related to cloud hosted virtual private servers with Linux or Windows operating systems

Everything You Need to Know About Windows 2019

Switching to a new server system or upgrading from one version to another can be tricky. We get so used to our regular pattern of movements that any change in the flow can disrupt work for a few days. But once you learn the new layout and features, you’ll find that they improve your flow overall. Windows 2019 is a powerful server system that can help you work better and faster with new improvements and updates. Here’s everything you need to know about Windows Server 2019.

General Updates and Improvements

Windows 2019 comes with a variety of new tools and powerful upgrades to older versions of Windows Server tools.

Windows Admin Center

The Windows Admin Center comes ready to use when Windows Server 2019 is employed. This browser-based app is locally deployed and allows you to manage servers, clusters, Windows 10 PCs, and hyper-converged infrastructure. Any servers and clusters that run Windows Server 2008 R2 or later can benefit from the power of the Windows Admin Center.

Desktop Experience

When setting up Windows Server 2019, you can choose between a simple Server Core installation or an updated Desktop Experience installation. Windows Server 2019 is a Long-Term Servicing Channel, allowing you to take advantage of tools and services that Semi-Annual Channel releases don’t include. With the desktop experience, you have greater control over your servers with more ease.

System Insights

The newest available feature provided by Windows Server 2019 is System Insights. System Insights brings local, predictive analytics capabilities directly to Windows Server. Backed by a machine-learning model, the capabilities of the new insight system allow for local analyzation of Windows Server system data. With this, you can keep track of performance counters and events while gaining insight into the functioning of your servers. With proper use, System Insights helps you reduce operational expenses that comes with reactively managing issues.

Hybrid Cloud

With Windows Server 2019, you get a unique and powerful hybrid cloud feature that improves app compatibility. By merging the components from Windows Server with the Desktop Experience, you can easily integrate other app usage, such as Azure. This process reduces the need to add the Windows Server Desktop Experience graphical environment, keeping the Server Core lean to increase functionality and speed.

The Server Core App Compatibility Feature on Demand (FOD) is an optional add-on feature. It can be added to Windows Server Core installations using DISM and is hosted on a separate ISO.

Security

Windows Server 2019 includes a variety of updates to safety and security measures that help protect your servers and personal data.

Windows Defender Advanced Threat Protection (ATP)

With Windows Defender ATP Exploit Guard, your server and data are more protected than ever before. This new set of host-intrusion prevention capabilities keeps you safe with four powerful components defending against a wide variety of cyberthreats.

Software Defined Networking (SDN)

Introduced in Windows Server 2016, the security enhancements of Software Defined Networking have been improved and expanded to provide better protection.

HTTP/2

With HTTP/2, you get a faster and safer Web experience. Improved coalescing of connections allows you to browse properly encrypted websites uninterrupted. The server-side cipher suite negotiation has been upgraded for ease of deployment and mitigation of connection failures. Windows Server has also updated the TCP congestion provider to Cubic so users can get more throughput.

With Windows 2019, you have a better hosting experience
Photo by Tadas Sar on Unsplash

Storage

Windows Server 2019 has upgraded their storage software. These changes provide users with increased storage availability and processing speed.

Storage Migration

Windows 2019 introduces a new storage migration technology that makes migrating servers to new Windows versions easier. When you utilize the Storage Migration Services, you don’t have to worry about changing any settings or risking app incompatibility. Everything moves over smoothly and quickly so you can continue on your way.

Storage Spaces Direct

Many upgrades have been made to Storage Spaces Direct. With these changes, you get full support for the Windows Admin Center, up to 4 PB scale per cluster, native support for persistent memory, and more. These enhanced features allow you to store more data and improve your server’s performance.

Storage Replica

Storage Replica has also been given a thorough update. New features allow you to log Storage Replica performance improvements to see how you can tweak or fine-tune your storage settings. The new test failover features also help you validate replication or backup data, so you know your storage is up to date and secure.

Container

Windows 2019 includes a variety of improvements to features that allow for greater compatibility and integration with other applications and platforms. Improved integrated identity makes Windows authentication easier and more reliable. Improvements have also been made to the base container image download sizes, startup times, and size on disk. The whole container workflow has a faster speed with Windows Server 2019. And managing your containers is now easier than ever with the Windows Admin Center containers extension.

Windows 2019 Support with Cirrus Hosting

With improved functionality and security features, Windows Server 2019 brings increased productivity and safety to web hosting options. When you sign up to host with Cirrus Hosting through VPS or a dedicated server, you get all the powerful features that Windows 2019 has to offer. Our technicians can help you set up your Windows Server settings, so they’re tuned to how you like it. We also offer full, detailed support 24/7.

If you want to see for yourself the difference that Windows 2019 makes in web hosting, give us a call today at 1.877.624.7787. We’re happy to answer any questions you may have about the Windows Server 2019’s new and improved features and get you online and running with them as soon as possible.

3 Warning Signs of a Phishing Scam

Phishing scams have become increasingly popular as technology becomes more readily available. All over the world, internet users are targeted by companies and individuals who seek to gain access to their identity and financial information via unsavory methods. Although firewalls and SSLs can help protect your information from hackers and other such cyberthreats, they won’t do much to help if you fall for email or website scams. Being able to identify these scams can help you avoid them, protecting you, your information, and your company.

What are Phishing Scams?

A phishing scam is a type of cyberthreat that attempts to obtain financial and secure information about someone over the internet. The most common type of scam is through email, where phishers will use urgent and scary situations to try and trick someone into giving out their information. This often includes a link to a fake website that is designed to look identical to an actual site that the user visits. An example would be an email that appears to come from Amazon, claiming that the account has been locked and orders won’t be put through unless the user logs in and rectifies the issue. But as soon as the user logs in, the scammers have their account information and can cause serious issues before the issue is even identified.

Warning Sign One: The Fake Address

It’s fairly easy for someone to create a random email address account and send out hundreds of emails a day. Thankfully, many companies these days use their own email servers, allowing them to have special addresses that are related to their company. For example, an email from Amazon will have an email address that ends in @amazon.com (or some slight variation such as @customerservice.amazon.com). Checking the email address of the potential scam is one of the quickest ways to check if it’s real or not. No one outside of employees for Amazon can make an @amazon.com email, and the same is true for other companies. Many email services these days list the email address after the name of the sender. If you don’t see one, you can click on the expansion options (usually an ellipsis near the top right of the email) and choose to see all the information from the sender. If you see an address that ends in @gmail.com, @hotmail.com, @live.com or any other common address ending, it’s likely a scam.

The only caveat to this rule is for smaller companies. A small-scale company, or one-person operation is less likely to have its own email server and will be operating from those regular emails. In this case, be sure to double-check that the email you received matches the address of other emails. If there is a discrepancy, email the address you know is safe and ask if they sent the email you received. If they didn’t, then it’s a scam.

Warning Sign Two: Sense of Urgency

More often than not, you get a fair amount of warning before things take a turn for the worse. If your account is genuinely under threat of being shut down, you’ll receive at least one if not more emails indicating there’s a problem with the account. If the first email you receive is about how the account is already shut down or something similar, it’s highly suspicious. Scammers want to create that sense of urgency in you because they want you to feel scared enough not to pay attention. They work hard to make their email look official so you don’t take the time to check the address or confirm the website before acting. If you’re reading an email and immediately get a sense of panic or dread, take a deep breath before you continue. Double-check that the email is legitimate before continuing. If you aren’t sure, you can email or call the customer service department of the company to check. Just make sure you go to their site directly and find the accurate number or email, as the scammer will include fake contact information in the email.

Know the warning signs of phishing scams
Photo by FLY:D on Unsplash

Warning Sign Three: Tone and Grammar

When a company sends out an email, they tend to follow a similar pattern and style. Any email that breaks away from this pattern is likely not from the company itself. The greeting may be off, for example, using your full name instead of just your first name as the normal company does. Or their overall style may be too formal or informal, given the overall vibe of the business. If you are uncertain whether an email is accurate or not, compare it to others you’ve received from that company. If the style seems off, it could be a scam.

Scammers are also less likely to catch spelling and grammar mistakes in their emails. Professional companies work hard to ensure that the information they send out to clients and customers is accurate and grammatically correct. They often have an entire department devoted to checking spelling and grammar. If you receive an email that has a lot of errors in it, or even just a few, take a second to confirm that the account is legitimate before continuing. Again, smaller companies may not have the same resources bigger companies do, but they’re still going to do their best to ensure their emails are properly drafted.

Phishing scams are a dangerous type of cyberthreat that preys on the panic of customers and business owners. Falling for a scam leaves you with a giant mess to clean up — one that could take weeks or even months to properly resolve. If you’re online, you want to keep yourself safe. When you host with Cirrus Hosting, we help provide additional security measures to protect you and your customers from all kinds of cyberthreats. We’ll provide you with the information you need to identify and avoid phishing scams while keeping your accounts safe from hacking attempts. Call us today at 1-877-624-7787 or browse our packages online to see how we can help protect your company.

How to Get Started with The Right Security Systems for Your Business

In the modern world, it’s more important than ever to secure your websites and other online portals. As technology continues to grow, so too do attempts to break it. Without proper business web security, your websites can be at risk of hacking and data loss. It’s critical for businesses to protect their servers and websites, especially if their sites hold client/customer information. Protecting your business from cyber threats is a vital part of making sure your business succeeds.

Backups

No matter what security system you have for your business, a strong backup system will always be necessary. Even if you’re protected against most threats, you can’t account for human error or the occasional new threat that crops up. Data loss is one of the top two problems a business can experience when they aren’t properly protected.

To keep your data secure, you should have a backup drive that you regularly update and keep separate from your normal drives. For larger businesses or businesses that need extra security, it’s a good idea to have more than one backup drive. With a backup, your data is protected from cyber threats as well as physical threats, such as electrical outages or fires. If something happens to your server or database, you’ll be able to restore your data to a recent version, and only risk losing a few things instead of everything. If you host through a web hosting service, then these backups can be done automatically for you. However, it’s still a good idea to keep your own backups of your files in case something happens.

Training

Being aware of the threats your business faces is the best way to prevent them. You and your employees should be properly trained in cybersecurity measures. Not everyone needs to be a firewall expert or coding genius, but the basic level of security should be understood. Employees need to be aware of what to look for in possible hacking attempts, such as not opening emails from senders they don’t recognize, and web designers should be up to date on the latest in cybersecurity coding. If you work with a web hosting service, a certain level of security is built in with their work. However, it’s still ultimately your job and the job of your employees to keep the company’s online presence out of harm’s way.

Updates

A security system means very little when it’s not updated properly. It can seem like a hassle sometimes, when your operating system or security applications require updating nearly every day or so. However, these updates are critical in the fight against cyber-attacks. The longer a system is in place, the more time a potential hacker has to figure out a way to bypass it. As new methods are created to get around security measures, new measures need to be utilized to prevent them. Updating your systems and applications regularly is one of the best and most proactive ways to ensure your security system works properly.

Business web security helps your business stay safe online
Photo by Shahadat Rahman on Unsplash

Virtual Private Network

Using a virtual private network (VPN) can provide your business with additional security while increasing productivity. A VPN allows two computers to establish a virtual point-to-point connection over a public network. Although the network they are on is shared, the connection acts as a private one. This allows users to privately and securely connect without having to spend extra time, money, and computing power on an actual private server. It does cost a little extra to use, but VPNs are a great way to boost business web security without going the extra mile.

Encryption

At the heart of nearly every cybersecurity system is encryption. Encryption protects data by putting up codes and firewalls that block potential threats. The most common encryption method is SSL (secure socket layer) certification. Websites with proper SSL security systems will be able to send and receive encrypted data.

Sending anything over the internet is risky. But having that data encrypted dramatically reduces the chances of hacking or data loss. Having an SSL or other encryption software available on your websites helps keep your clients’ and customers’ information safe, as well as your own. With an SSL security feature, visitors to your site are assured that you are taking the steps necessary to protect them and your business. Without an encryption service, your business is likely to stagnate as users will be less likely to make an account, purchase items, or even submit their emails for a mailing list.

Getting an encryption service for your website takes a few steps and includes a few registrations. However, if you host through a web hosting service, you can easily pay for this feature and have them handle the rest. It’s a quick and relatively easy way to ensure your business is properly protected from online threats.

Web Hosting Services

Keeping your business safe online is a lofty goal, one that not everyone is able to accomplish. Thankfully, web hosting services like Cirrus Hosting offer advanced security features as part of their packages. You can mix and match which security features you want for your business, or let our team of trained cybersecurity specialists help you decide.

Every business is unique, and every business will need its own business web security system. Cirrus Hosting offers everything from VPNs to SSLs to backup services to dedicated servers. Our job is to help you get your business online and keep it online safely. Explore our available packages or give us a call at 1-877-624-7787 to discuss your business and its security needs. With our help, you’ll feel confident knowing your business’ online presence is secure.

What Type of Hosting Does My Business Need?

There are a lot of different web hosting options out there. Any provider can have a multitude of options. If you have not worked with web hosting, you might feel totally lost when it comes to figuring out just what you need. Cirrus Hosting provides an array of services, and we’re here to help you sort through the details to figure out just what type of hosting you need for your business.

Understand the Types of Hosting

Before you can figure out just what you need, you need to be familiar with the different types of hosting options out there. These are the most common:

  • Shared hosting
  • VPS (virtual private server) hosting
  • Cloud hosting
  • Dedicated server hosting

You will find that different hosting companies will potentially have different services available for their customers. Here’s a brief overview.

Shared Hosting

Shared hosting is pretty much exactly as it sounds. You are sharing your server space with other users. This is generally the most affordable hosting option out there. For some users, it’s sufficient. If you’re just getting started or don’t need to worry about heavy volume and traffic, this could be a good option for you. With shared hosting, there could be thousands of users on the same server. The server is managed by the host, so it’s up to them to control the users.

The downside of shared hosting is that you never know what resources you will have available. You can be affected by the action of others with things like malware or viruses. Your speed could suffer based on other traffic. Some providers that offer shared hosting will also allow you to upgrade. They help you transition to a different type of hosting when you are ready or your site grows.

VPS Hosting

VPS stands for virtual private server. This is very similar to shared hosting, but there are some safeguards in place. This helps you not have to worry as much about security from what others are doing. On a VPS, you are on a shared server, but you are offered your own spot on that server. That spot is yours and no one else can tap into it or subject you to their risks from it, either.

Cloud Hosting

Cloud hosting takes it all to the cloud for you. You have resources, speed, and storage on demand and you can adjust your cloud based on your needs. With cloud hosting, you rely on your provider. It is up to them to have the appropriate measures in place, and you just work within your cloud. You can manage it, add software and applications, and customize everything however you need it.

Dedicated Server Hosting

Dedicated server hosting is the top level. This is the ultimate form of hosting service and the more expensive option. You get an entire server dedicated solely to your needs. Within that server, you can do whatever you want to the space. You can customize it, manage it, add security, add tools, and work within your server. You don’t have to worry about anyone else on the server. It’s dedicated to you so the resources are ALL YOURS! The best part is you also do not have to maintain the server. That’s what we’re for!

Tips to Make Your Type of Hosting Decision

Now, let’s take a look at a few simple tips to help you know just what to look for before you choose a type of hosting.

Available Features

Think about the different hosting service options and the features of each one. What type of features do you specifically want or need? How can you be successful with your hosting plan? If you have any idea what type of storage you need or the traffic that you can expect, this could be very helpful. Determine what you NEED and then work from there.

Think about the security you will need and whether you will have high traffic or even need to be able to handle e-commerce on the site. Now, what type of hosting feels most suitable to those needs?

Security

Some sites don’t require a lot of security, while other sites demand high security protocols. The type of hosting that you choose will probably have something to do with the security that you need. You also will want to be familiar with how much support your provider offers in terms of security. What do they have in place for security, and how will that benefit your site? What type of added security do you need, and can you implement additional security measures?

Keep in mind that shared hosting offers very little security and you can’t really do much to add it. VPS has a similar setup to shared hosting, but offers you a layer of security between you and the next person there.

Budget

It’s quite possible that if you are just starting out, you might not have much of a budget. It’s safe to say that your budget will affect the type of hosting that you end up choosing in the end. Remember that shared hosting is the most affordable. Dedicated server hosting is the most expensive. You might need one of these or you might need somewhere in between.

We can help you choose the right fit for you based on your needs.

Let Cirrus Hosting Serve Your Needs

When you find yourself faced with choosing the type of hosting for your site, let Cirrus Hosting help you out! Not only do we offer multiple types of hosting plans and services, but we also offer you a company with experience in the field. We are a secure and reliable hosting provider that has been operating since 1999. We would love the opportunity to work with you for your hosting needs. Contact us today to get started.

How Does Dedicated Server Hosting Work?

When you are trying to determine what type of server hosting service you need, there is much to know to make an informed decision. In this guide, we’re going to focus on dedicated server hosting. We will cover just what it is and how it works. We can even give you some tidbits to compare it to other types of hosting to give you some reference. Cirrus Hosting does have several options available for dedicated hosting. Give us a call for your needs.

Dedicated Server Hosting Explained

Dedicated hosting is designed to give you all of the server access to yourself. It’s like the penthouse of server options. It’s not for everyone, as it is more expensive to utilize and may provide way more power and functionality than you actually need. However, this is a good option for you if you need high levels of performance and security.

When you use dedicated server hosting, one single physical server is dedicated solely to you – or to an individual business customer that pays for the service. The customer doesn’t just get access to the server, either. You get total control of the server for their needs. Customers make changes and customize it so that it works for them.

A customer with a dedicated server can use it however they want to. They have the performance and it’s like a clean slate for them to create. They don’t have to worry about sharing data, performance, or space. We will talk about the benefits in more detail later, but a dedicated server gives a client control, flexibility, security, and performance all in one place.

In our explanation of a dedicated server, we also want to mention that the customer isn’t responsible for maintaining or managing the server. That duty is performed by their provider. Basically, they get all of the access without any of the background work to keep the server running and operational.

The Benefits of Dedicated Server Hosting

There are several benefits to using dedicated hosting. Again, we want to mention that it isn’t for everyone. However, there are substantial benefits to those who use it.

  • You get control of the space
  • You have optimized performance
  • It’s fully flexible to your needs
  • Dedicated hosting is secure
  • Maintenance and tech support

Now, let’s look at these in a bit more detail!

You’re in Control!

Perhaps one of the best things about this type of hosting plan is that you still get to be in control. Where some hosting platforms will have major limitations on what you can change or if you can even make changes, that isn’t the case with dedicated servers. This means you are the only tenant and this is your penthouse, so you get to decorate it and organize however will work best for you.

As long as your changes are within the capabilities of the server, your options are endless. You can add and remove apps and operating systems. It means you establish the rules and security detail and you can grant people access or take access away whenever is necessary.

Ultimately, you will feel like you’re the boss of your domain and space. Your landlord will have nothing to say about you hanging that photo on the wall or painting the room bright green.

Optimal Performance

Since you have an entire server dedicated just to you, you get all the performance you could possibly need. Here’s the thing: when you use a shared server, a cloud server, or other shared platform, you don’t get the space all to yourself. While some of these can be great options for certain uses, they are not dedicated solely to you. This can sometimes affect your performance because the system can get weighed down or busy.

When you use dedicated server hosting, the performance is at your fingertips and your stuff will perform much better. You get speed, you get storage space, and you get the support you may need in the background as well.

dedicated server hosting
Photo by Mediensturmer on Unsplash

Total Flexibility

This benefit again relates directly back to this being your own space. You aren’t sharing with others so you have a little bit more flexibility. Rather than having to work in the confines of the same lease that many other businesses are, you get to do it your own way.

Under the flexibility of a dedicated server, you can change things when and if you need to. You don’t have to get approval to change any of your configurations or setup. Simply make changes to software and applications and even add them when you want to. You can also take control of your resources so you can allocate how the server resources are split between applications and processes.

This allows you to make changes and create a space where your business can benefit from the dedicated space. There is so much more than just having your own space at play here.

Reliable Security

Thanks to dedicated hosting, you also get the benefit of a secure space. You can add security protocols as you need to. A business can also amend or make changes in order to be compliant when you need to be.

Your hosting provider will have some responsibility for offering security on their end, particularly with the physical server but you can add your own internal security controls.

Maintenance and Tech Support

Finally, when you have a dedicated server, you are paying a provider to take care of that server. You are not managing the physical server; you are simply taking advantage of having access to the entire server for yourself.

The hosting provider is responsible for maintenance and upkeep of the physical server. It’s one less thing for you to have to worry about. Your hosting provider should also be available to you for tech support should you run into issues.

Cirrus Hosting Dedicated Server Hosting

If you are interested in using a dedicated server, let us help you. Cirrus Hosting offers a variety of packages for dedicated servers so that you can choose what is right for you! How can we help you?

How To Disable TLS 1.0 & TLS 1.1 on a Windows Server, VPS or Cloud VM

We talked extensively about Google, Microsoft and PCIs push to create a more secure internet. From supporting an open-source SSL certificate initiative like Let’s Encrypt to prompting “Not Secure” warning when visiting all HTTP sites through chrome, IE, and Mozilla. Those of you who are running an e-commerce site are familiar with PCI and already know that PCI has deprecated TLS1.0 & TLS 1.1 so the minimum requirements are TLS 1.2 and the gold standard is TLS 1.3. For those of you how are not familiar with PCI you can find out more here.

Transport Layer Security (TLS) is a critical part of a secure online transaction between two systems as it secures communications by authenticating one or both systems. Serious vulnerabilities prompted PCI to deprecate SSL/early TLS on 30 June 2018. So if you are using a Windows server or Windows VPS or Windows cloud VM you can do your part and be an agent of change by disabling TLS 1.0 and TLS 1.1 on your server. Doing so not only secures your server but also forces others who are still using SSL/early TLS to make the switch to more secure encryption technology.

Here is the step by step instruction on how to disable TLS 1.0 and TLS 1.1 on a Windows server:

  1. Open up Registry Editor by clicking on the Start Button, type in Regedit, and then hit Enter. Since we are dealing with registry, we strongly suggest backing up the current Registry state. Misuse of the Registry might have detrimental effects on your system. (In the Regedit screen highlight computer >>File >>Export >> Save file to a location you want)
  2. In Registry Editor, locate the following registry key:

HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\TLS 1.0\Server ( or TLS 1.1)                

  1. On the Edit menu, click Add Value.
  2. In the Data Type list, click DWORD.
  3. In the Value Name box, type Enabled, and then click OK.

Note if this value is present; double-click the value to edit its current value.

  1. Type 00000000 in Binary Editor to set the value of the new key equal to “0”.
  2. Click OK. Restart the Server.

Transport Layer Security (TLS) are together cryptographic protocols provides communication safety over a network; for instance a customer linking to a web server. A “handshake” is done at the start of a TLS or SSL connection. During this handshake the customer and server will work out what mutual ciphers and hash algorithms are sustained. This is also where a server will deliver its digital certificate to a linking customer.

TLS is the continuation of SSL. Over the years susceptibilities have been and carry on to be exposed in the denounced SSL and TLS protocols. For this reason, you must disable SSLv2, SSLv3, TLS 1.0 and TLS 1.1 in your server configuration, leaving simply TLS protocols 1.2 and 1.3 enabled.

Transport Layer Security (TLS) is additional security protocol to make sure privacy and information-integrity during web based communication among two applications. Like SSL Protocol, TLS Protocol also comes with two modules – TLS Record Protocol and TLS Handshake Protocol. Elementary properties of TLS Protocol are as follows:

TLS Protocol encrypts data by symmetric cryptography and makes sure privacy during web based communication procedure.

All the mails, which are switch over over the Internet, are tested while transferring from one computer to another. This feature delivers the trustworthiness of the web based communication.

TLS protocol restricts unauthorized users to interfere as a third party in the middle of a communication process over the Internet. The third party will take part in the communication only after identified by the two official communicators or operators.

Transport Layer Security Protocol comes with the cryptographic security to deliver vital privacy between two operators. Like SSL, Transport Layer security Protocol is extensible, i.e., you can integrate new encryption approaches in the TLS framework. By this you can decrease the effort of making new protocols as well as remove the obligation of implementing new set of safety library.

Cryptographic operations delivered by Transport Layer Security Protocol hinge upon the technical configuration of the CPU. These types are also alike to Secure Sockets Layer Protocol. ‘Optional session caching’ is available in TLS Protocol that enhances the number of networks and linkage activity to make the message process effective.

How To Configure Remote Desktop On Linux VPS / VM

Desktop environment is a bundle of programs that provides a graphical user interface (GUI). It provides end-users with a user-friendly and intuitive way to interact with computers. When it comes to virtual private servers (VPS) or Cloud Servers if you need a remote desktop environment you typically go with a windows VPS, you can simply use predefined applications and services to RDP to the windows server. When it comes to Linux VPSs you typically will be given a SSH access to manage and configure your server, although most Linux system administrators are comfortable managing their VPS through SSH access but sometimes the desktop environment is required during the application installation.

Unlike Windows and Mac, for Linux environment, you have many different desktop environments to choose from such as GNOM, Cinnamon, KDE, MATE, XFCE and etc… Most often than not (depending on the desktop environment) you need to have console access to complete the desktop environment installation and setup on your VPS or hosted server. Here at Cirrus Hosting every Cloud VPS/VM comes with console access free of charge.

XFCE is a light, fast and stable desktop environment and in this blog, we will cover how to setup XFCE on Debian 10.3 and remote desktop to your Linux VPS.

It’s a fairly simple and straight forward process, first you need to SSH to your server and type:

# apt install xfce4

Apt package manager will download and install all the required packages. Once the installation is completed we need to set up a remote server software. In this example, we are going to use tightvncserver:

# apt-get install tightvncserver

After installation is completed we need to run and you will be required to create a password to access your desktop.

# vncserver

To connect remotely to your desktop environment you can use VNC viewer. Type your server IP address xxx.xxx.xxx.xxx:1 and the password you created earlier to access your desktop.

Colocation Data Center with Cirrus Hosting – In the Age of COVID-19 Pandemic

IT professionals are constantly performing risk assessments to identify and modify their security and operational strategy. However, pandemics like COVID-19 presents different sets of challenges as non-essential businesses urged to close and employees are directed to work from home. This pandemic possesses a range of serious challenges in terms of managing, monitoring, security and business continuity specifically to on-premise server setups. As your IT team might not be able to go to the site to physically access the servers, you might not have enough bandwidth to support remote access as more people are instructed to stay home and work remotely or you might not be able to upgrade your gears and increase your pipeline.

In this post, I would like to highlight some of the features of colocation with Cirrus Hosting, at our prime downtown location.

  • Reduced downtime: Here at Cirrus Hosting we have significantly improved our capacity and peak throughput by upgrading our core routes and networking gears. We also increased our pipeline by almost tenfold. We utilize multiple major upstream providers to ensure continuous Internet connectivity, greater route diversity and ultimately enhanced internet performance. In terms of electricity, our data center has 2 feeders from a substation, multiple backup generators with separate generators supporting the cooling infrastructure, automatic transfer switches.
  • Security: The downtown facility is SSAE 16 SOC 1 Type 2 audited. There are multiple layers of security in place to protect your assets like 24/7 On-Site Security guard, tailgate proof mantrap, key card and biometric access, CCTV. You also have the option to work with our network security team to implement firewalls, intrusion dedication and prevention solutions.
  • Flexibility: You do not need to worry about lack of expansion capacity, we have ample space for your future needs with 20k SQF of space. You can add cabinet, power circuits and bandwidth as your business needs grow. This flexibility enables you to make long term plans without requiring a substantial upfront cost.

As you know in many regions co-location facilities are deemed essential services and staff are getting an exemption. You can take advantage of our remote hand services, extend your team by adding on-site expert technicians who are ready to provide you with assistance at the datacenter. Services like swapping removable media, racking and staking equipment and visual verification for remote troubleshooting.

To find out more about our colocation plans please visit here or call 1.877.624.7787

About Cirrus Hosting

Cirrus Tech Ltd. has been a leader in providing affordable, dependable cloud hosting as well as website hosting services in Canada since 1999. They have hosted and supported hundreds of thousands of websites and applications for Canadian businesses and clients around the world. As a BBB member with an A+ rating, Cirrus Hosting is a top-notch Canadian web hosting company with professional support, rigorous reliability and easily upgradable VPS solutions that grow right alongside your business.

Payment Card Industry – PCI Compliance

If you are running an e-commerce business chances are you have heard about the PCI compliance. The goal of PCI is to set security standards for safer online payments. The Payment Card Industry Security Standard Council developed a security standard called Payment Card Industry Data Security Standard (PCI DSS) to be incorporated into the data security compliance program of credit card issuers like MasterCard, Visa, American Express and many more. 

If you accept online payment – collect, process and store credit card information – you are required to adhere to a set of standards set by PCI standards Council. Failure to adhere to PCI compliance might result in fines and penalties, legal costs, loss of customer confidence and revenue loss. 

PCI compliance continues the process, as a business owner you need to continually Assess your online payment process and analyze server vulnerabilities. Remediate the vulnerabilities by applying security patches and you should submit a quarterly scan Report to the acquiring financial institution. Most of the PCI compliance requirements are common sense security measures such as:

  • Configure and manage your firewall
  • Install SSL certificate
  • Control and monitor the server/data access
  • Update the OS and Antivirus regularly
  • Regularly test the servers and apply security patches as soon as they become available

To become a PCI compliant you are required to go through an audit process, many approved scanning vendors in the market will conduct the external vulnerability scanning service to validate that you meet the standards set by the PCI DDS. 

At Cirrus Hosting we offer a wide range of service dedicated server, public and private cloud so you can customize a solution based on your requirements to host your sensitive financial information. Our data center in downtown Toronto is PCI compliant and our knowledgeable technicians can help you through the challenging process of passing a vulnerability scan.  

Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attack

As our dependence on computers and computer network connectivity grows so do the vulnerabilities and the risk of falling victim to a costly cyber-attack(s). We tend to forget that most computer systems and their underlying technologies are susceptible to cyber-attacks. According to Kaspersky researchers, Denial of Service (DoS) and Distributed Denial of Service (DDoS) are the most prevalent type of cyber-attacks in 2019. But what is Denial of service attack – DoS attack is a malicious attempt to slow down or render a website or computer unavailable by flooding a server or network with a large number of simultaneous requests. When the network and computer resources are exhausted, the victims’ system is unable to fulfill legitimate requests and the victim’s website or computer becomes inaccessible. The DDoS attack is more sophisticated as it uses hundreds or even millions of compromised devices to lunch a Denial of Service attack.   

Here is the list of most common DoS attacks:

  • SYN Flood:  SYN flood targets the TCP layer. In general to establish a connection in TCP/IP network a three-way handshake method is used, whereby both client and server exchange SYNchronize-ACKnowledge (SYN/ACK) packets (SYN, SYN-ACK, SYN).  Hackers attack the server by sending a series of SYN requests; the server responds with SYNC-ACK and leaves an open port ready to receive the response from the client. In order words, attackers create multiple half-open connections with the server in an attempt to exhaust the system resources to the point that the system becomes unresponsive to the legitimate traffic.
  • UDP Flood: It targets the User Datagram Protocol (UDP), unlike TCP the UDP protocol does not require a three-way handshake however when server receives a UDP packet at a specific port, it first looks for the application listening to the port and if there are no applications receiving the packets server responds with Internet Control Message Protocol (ICMP), notifying the client that the destination was unreachable. When Hackers lunch their attacks by sending series of UDP packet requests to random ports server has to go through the above-mentioned process as a result system is forced to send multiple ICMP packets to the point the server becomes unreachable to legitimate requests/clients.
  • HTTP Flood: this is an application layer attack whereby HTTP client (web browser) sends an HTTP GET or POST request to the application or web server. Attackers utilizing multiple bots to send GET requests to retrieve the large image, documents or files from the server. In HTTP POST attack hackers try to trigger a complex and resource-intensive process like database search.  In both cases, the webserver is overwhelmed and unable to service the legitimate request.  

According to Kaspersky in 2019, 84% of DoS attacks are SYN flood, 8.9% UDP flood and 3.3% HTTP flood. Due to the nature of these types of attacks no organization is 100% immune. One of the most high profile DDoS attacks in 2018 was the GitHub, hackers launched the first wave of attacks peaked at 1.35Tbps followed by 400Gbps secondary attack which brought down the host. In a separate incident in September 2016 OVH was under DDoS attack peaking over 600Gbps which affected their operations. 

The reality is that due to the nature of DDoS attacks no one is 100% immune, however, there are various DDoS mitigation and resilience options available to reduce the impact of DDoS attacks.

  • Over Provisioning, Increase bandwidth capacity improves resilience to withstand low to mid-volume DoS attacks and provides much needed extra time to take action to mitigate the attack. At the server level, extra resources combine with solutions like mod_ evasive is a good place to start.
  • Cloud DDoS mitigation services, whereby the incoming traffic goes through a 3rd party network that has a much bigger bandwidth which means they will absorb the attack before it reaches your server. They are specialized in early DoS attack detection and mitigation.
  • A hybrid solution, for an enterprise organization a hybrid solution –a combination of cloud and on-premise DDoS mitigation – strikes a balance between security and flexibility.

Here at Cirrus Tech. we are continuously monitoring and improving our infrastructure. In order to increase our resilience against DDoS attacks, we have significantly improved our capacity and peak throughput by upgrading our core routers and networking gears. We are on track to increase our pipeline by almost tenfold by the end of 2019. We recommend our web hosting clients to scan their website, application, and plugins and eliminate any vulnerability from their website; keep their PHP, WordPress, and plugins up-to-date. We also suggest to our Linux VPS and Cloud VM clients to configure mod_ evasively or if you lack the expertise you can contact our support team for assistance and recommendations.