Blogs on detail technical administration tasks related to cloud hosted virtual private servers with Linux or Windows operating systems

5 Key Steps to Prepare Your Online Store, E-Commerce Store, For the Holiday Season

The holiday season is fast approaching and I am sure you are working hard to make more money this season!!! You have secured your suppliers, reviewed all your processes from order fulfillment to defining your shipping policy to promotions and advertising but what about your online store?

Can your site handle the traffic spike?
First thing first; take a look your historical data and with a simple analysis you should be able to identify when the website traffic spike could potentially occur; to stress test your site you can use performance-testing applications to simulate the traffic (please communicate with our hosting provider before stress testing your website site). If you are hosting your website on VPS or Cloud VM you should be able to scale up your resources for a month or two to handle extra higher demand.

Make it easy to order
Make sure your shopping cart page is optimized, simple to navigate and easy to make a payment. Well, optimized shopping card should load quickly, should contain all the important information about the product, shipping, and ToS. It should also be easy to read and displayed on a single page. It is vital in today’s competitive online business world to give your customers different payment options for instance Credit Card, PayPal and if you want to be adventures you can accept BitCoin.

Business continuity and Redundancy
It is a nightmare if your website goes offline during the holiday shopping season; you should start putting together a business continuity plan. Conduct a risk assessment of your operation and come up with strategies to safeguard your business against the preventable risks. Make sure all your plugins are up to date and you have applied all the security patches; make sure you are using strong passwords and you have the backup of your website on your local computer. If you are hosting your website on a cloud VM with a reputable hosting company like cirrus hosting your server should be immune from hardware failure, because your data is not tied to a single server and in event of hardware failure your VPS or VM will be loaded on new hardware in a matter of minutes. You can also consult with your hosting provider to explore load balancing option so that you can distribute traffic between multiple servers. Load balancing is a cool option but it requires advanced technical know-how and it is much more expensive.

Website load time
Speed matters!!! In average a well-optimized e-commerce site should load under 3 seconds. There are a few simple steps you can take to reach the load speed of 3 seconds or thereabouts. In my opinion, the most important step is you should choose a light theme and compress your images – you can use Google Page Speed toll to see if your site benefits from compression, consider enabling caching feature and reduce redirects.

Site security and customer trust
An important aspect of any business let alone e-commerce is earning customers trust. One way of achieving that is by securing your communication between your client computer and your server through SSL. You have the option to use a free, open source SSL certificate like Lets Encrypt or a commercial SSL certificate like Comodo. You can learn more about SSL certificates here

Are You Looking For Reliable Enterprise Backup Solution? We Got You Covered!

The web/cloud hosting industry is an extremely competitive market; Hosting companies invest heavily in enhancing their infrastructure to provide reliable services and assist customers with implementing their business continuity plans. Studies show implementing a robust backup and restore solution -on dedicated and virtual machines – is the most pressing tasks of IT departments. At Cirrus Tech we partnered with R1Soft to provide reliable backup solutions to small business and corporate customers.

We interviewed Ali Mirdamadi, CEO of Cirrus Tech Ltd. to find out more about Cirrus Hosting Backup solution.

Q: Why taking the backup is important?

Ali: In IT world, data protection is basically the most important task that a customer faces.  I’ll give you an example If the server breaks like CPU failure or faulty memory you can always change those parts, However if you have a bad drive then you are mostly in the situation where your data is impacted somehow, It’s either lost or corrupted which is why data protection and backup is extremely important and for that, backup solutions are needed so that you be sure you have something to go back to.

Backups are not just for disasters recovery but they are also important when you face with other challenges like a fallen victim to cyber-attacks specifically where your data/website is encrypted or defaced by a hacker, or maybe your server is infected with a virus and you want to go back to your original data. Even human errors can cause data loss; people accidentally delete files or folders.

Q: Why we choose R1Soft?

Ali: We used to provide an in-house backup solution but we felt that the R1soft solution offers additional features that may appeal to most of our customers. In developing our corporate services, we always partner with leaders in the respective fields to offer more value-added services to our customers. We also wanted to choose the product that offers support for protecting various lines of business applications like Microsoft SharePoint and Microsoft Exchange Server.

first and foremost R1Soft is a very robust solution that actually WORKS all the times, we do not have to worry about backup failing on us, if you can’t use the backup to restore your data then what is the point of having a backup in the first place! Based on our own experience, R1Soft came to our rescue in a few occasions.

Q: What are the R1Soft features?

Ali: R1Soft has unique features that make it ideal and extremely suitable for our business and our customers.

  • Continues Data Protection – R1Soft reads the data directly from the disk or volume and uses block-level backup which drastically reduces the disk and network I/O.
  • Control Panel Interface – R1Soft has a web interface which allows our customer to manage their backup and restore.
  • Quick Restore – R1Soft also allows the customer to restore individual files. Or restore the entire server from scratch meaning your operating system, configuration, an application and data. So in one shot you basically restore the entire server.
  • Multi-Platform Support: R1Soft supports a variety of operating systems. We are not worried about OS compatibility.
  • Data Retention Policies – R1soft give you the option to specify the frequency of “recovery points” (backups) and customers are able to create as many recovery points as they choose. You can take backups that are 15 minutes apart or weeks apart. And since it is taking incremental backups it always backups the changes.
  • DB Backup- R1Soft supports taking backups directly from databases, which give customers a peace of mind that all backups are consistent. In another word, if you have a database open and you take a backup at the same time, that backup may not have all the information in the database. R1Soft allows you to actually get a direct backup from MySQL databases that are another important point that R1Soft offers. (this is an add-on service)

As a hosting provider, we offer flexible pricing to our customers and our customers have the option to choose onsite or offsite backup regardless where their actual server or virtual machine resides. For detail information about our backup plans please click here.

Website Not Secure? Step Closer to Secure Web

As you know Google has started an initiative to enhance connection security; Google is encouraging – some might say forcing- website owners to secure their blog or website by installing SSL certificate.  In October 2017 Google Chrome started showing “Not Secure” warning when visitors enter data on an HTTP page or if visiting HTTP page in private mode. In July 2018 Google launched the next phase, by shows “Not Secure” warning when visiting all HTTP sites through chrome. In this post, we will cover the basics and your options.

 

What is an SSL? Why move to HTTPS? What are the benefits?

In a nutshell, SSL certificate enables secure communication over the internet by encrypting the data such as your password or credit card information which is being transmitted between your computers and the server. When visiting a website or blog that is secured by SSL certificate you will see a padlock icon or green bar on the left side of your URL bar.

Moving from HTTP to HTTPS helps you with organic search ranking, in 2014 Google published a blog – HTTPS as a ranking signal – they announced that “we’re starting to use HTTPS as a ranking signal.” If you are looking for an uptick in your organic search traffic your better make the switch NOW. The other benefit is you are not only building confidence by safeguarding the communication of sensitive information but also protecting your website against hackers injecting malicious ads or spyware.  Since most of applications and tools are now communicating over HTTPS you will find it difficult to keep your website functional.

 

What SSL certificate should you get?

In this post, I am not going to talk about certificate validation level nor certificate types but I am going to talk about what is your mind, how much does it cost to get an SSL certificate? Well, you have two options; you can either to go with Open Certificate Authority and Commercial Certificate Authority.

Open Certificate Authority: it is a community-driven CA that issues free SSL certificates, Lets Encrypt and CAcert are two leading Open Certificate Authority. These types of SSL certificates do not provide any warranty, support is limited and you only need to prove the domain ownership in order to generate the certificate.

Commercial Certificate Authority: this type of SSL certificate is widely used by online stores and/or businesses. The approval process is done through Email, in some cases, the SSL Certificate Authority might ask for business registration and other government-issued documents to complete the verification process. The commercial certificate provides after-sale support, warranty up to $2,000,000 (depending on the type of certificate you order) and is compatible with 99% of browsers and systems.

 

As we have mentioned in our previous blogs, we are offering Let’s Encrypt to our customers, almost all of our website and WordPress hosting clients are now able to activate Lets Encrypt through their control panel. We also offer Commercial Certificate to our customers. For detail information about the Type of SSL certificate, we offer please click here.

About Cirrus Tech Ltd

Cirrus Tech Ltd. has been actively promoting its services to the hosting industry since 1999. The company has focused on 24/7 tech support, value-added services and a cooperative attitude towards all its clients. Cirrus is now one of Canada’s largest Web/Cloud Hosting companies in Canada.

 

Cirrus Hosting is now deploying Windows Server 2016

windows-server-2016

 

Cirrus Hosting is thrilled to announce that we are now deploying the latest version of Microsoft’s Windows Server on all our Cloud VM and Virtual Private Server (VPS) plans. Windows Server 2016 comes with lots of new features and upgrades. Let’s take a look at some of them:

 

Server footprints get even smaller with Nano

One of the biggest IT pro-related announcements Microsoft made this year was about Nano Server, a new small-footprint option for installing Windows Server 2016. Microsoft claims that Nano Server will have 93% smaller VHD size, 92% fewer critical bulletins and 80% fewer required reboots.

Nano is ideal for compute heavy tasks, or for dedicated purposes such as the mentioned DNS, IIS, or F&P. Nano can run well on both physical hardware and as a guest VM.

If you have online shop or downtime is a challenge for your system, you should give Nano a chance. You will love it!

 

Containers

If you have developed an application, your code, runtimes, tools, libraries, or anything else that your application needs to find on the running operating system in order to work can all be included in the container.

Microsoft has been working closely with Docker team to bring Docker-based containers to Windows Server. And now Windows Server 2016 offers two different types of “containerized” windows Server: Windows Server Container and Hyper-V Container. First one is for where you don’t mind container to run on the same server and the latter is for when you want completely isolated containers.

Either Docker-based or Hyper-V, if you are looking for process isolation, security and scalability in your application containers, Windows Server 2016 will satisfy your needs.

 

Improved server management with PowerShell 5.0

The latest version of Windows Server comes with PowerShell 5.0, which has many improvements, including new module called Package Management that lets you install software packages on the Internet. Also The Workflow debugger now supports command or tab completion, and you can debug nested workflow functions. And PowerShell 5.0 now runs in Nano server directly, so administration of this lightweight server platform is made even simpler.

 

Extended Storage Space

Three new features take over the software-defined storage that enables you to create HA data storage: Storage Space Direct, another cool feature of Windows Server 2016 creates redundant and flexible disk storage. Also Storage Replica replicates data at the volume level in either synchronous or asynchronous modes, while Storage QoS (Storage Quality of Service) guards against poor performance in multitenant environment.

 

Software-Defined Networking (SDN)

Greatly valuable in a virtualization environment, software-defined networking enables you to set up networking in your Hyper-V environment similar to what you can do in Azure, including virtual LANs, routing, software firewalls, and more and it makes life so much simpler for you.

You can also do virtual routing and mirroring, so you can enable security devices to view traffic without expensive taps.

 

There is a long list of improvements and it will not fit in one post of our blog. You can continue to read and learn more at System Center provided by folks at windows.

 

Are you looking to be one of the first to try the Windows Server 2016 on your cloud? We offer it Now for any Cirrus Cloud VMs or VPS.

 

Call us at 1.877.624.7787 (1.905.881.3485 if you’re in the Toronto area) or email us at sales@cirrushosting.com for more information about these features in this list or if you have any questions in getting your new server. We will be happy to assist you.

  •  Click HERE to find out more about Cirrus Hosting’s Windows hosting plans.

 

 

How to identify OpenSSL Heartbleed Bug on your cloud server and how to fix it?

Heartbleed Bug is serious vulnerability in the OpenSSL package. The HeartBleed exploit for OpenSSL only affects version 1.0.1 – 1.0.1f and 1.0.2-beta1 not patched before April 7 2014. For OpenSSL 1.0.1 the OS vendors have released official patches for this particular issue in their respected Repos so you will need to to update your OpenSSL package to the current release then you will need to restart your services that require OpenSSL such as the Apache Web server or Nginx but a full reboot of your server may be more beneficial as all of your services will be restarted.

For OpenSSL 1.0.2beta, this will be fixed in 1.0.2-beta2.

Testing:
To see the version of OpenSSL installed on your server please try the following commands from SSH:
# openssl version
# yum list installed | grep openssl
# rpm -qa | grep openssl
# dpkg –get-selections | grep openssl

 

Resolution:
The following commands will need to be ran from SSH while logged in as the Root user:
——-RHEL based OS(Redhat, Centos):
# yum clean all
# yum update openssl
# /etc/init.d/httpd stop
# /etc/init.d/httpd start
If using Nginx also use the following to restart the service:
# /etc/init.d/nginx restart
If you are using Plesk then also restart the Plesk control panel service:
# /etc/init.d/sw-cp-server restart

 

Then use the following command to see if any process are still using the old version. If there are any displayed then you will need to restart those services as necessary:
# lsof -n | grep ssl | grep -i del
-The current releases that have the issue corrected are as follows:
Centos/RedHat
64bit:
openssl-1.0.1e-16.el6_5.7.x86_64.rpm
Centos/Redhat
32bit:
openssl-1.0.1e-16.el6_5.7.i686.rpm

———

For Debian Based OS(Debian, Ubuntu):
# apt-get update
# apt-get install openssl
# /etc/init.d/apache2 stop
# /etc/init.d/apache2 start

If using Nginx also use the following to restart the service:
# /etc/init.d/nginx restart

If you are using Plesk then also restart the Plesk control panel service:
# /etc/init.d/sw-cp-server restart

Then use the following command to see if any process are still using the old version. If there are any displayed then you will need to restart those services as necessary:
# lsof -n | grep ssl | grep -i del
-The current releases that have the issue corrected are as follows:
Ubuntu 13.10: “openssl” 1.0.1e-3ubuntu1.2
Ubuntu 12.10: “openssl” – 1.0.1c-3ubuntu2.7
Ubuntu 12.04 LTS: “openssl” – 1.0.1-4ubuntu5.12
Debian (wheezy): “openssl” – 1.0.1e-2+deb7u5
——-
Alternatively, you can also download OpenSSL 1.0.1g available from their official website https://www.openssl.org/ and compile it on to your server as the issue is also corrected in this version.
If you are unable to update to the latest version of OpenSSL you can also recompile your current version of OpenSSL with the -DOPENSSL_NO_HEARTBEATS option to disable the “Heartbeats”
option.