Sure, you can buy UK hosting or buy UK domain names from us, but it’s been a while since website hosting company 34SP.com offered the opportunity to win anything. So we created a new online contest that combines the UK’s love of pubs with modern web tools such as Twitter and Google. Introducing the First Ever Pub Mashup Competition where web developers can win cash and prizes worth £1,334.

The contest entry criteria are simple: create a mashup that has anything at all to do with pubs. Any entry can win, just so long as the mashup involves a pub in some way. The competition runs from June 1 - June 30, 2009. Details on the rules and entry forms are available at: http://www.34sp.com/pub-mashup.

As stated by Wikipedia, ”mashup” is a term in web development, denoting a web application that combines data or functionality from two or more sources into a single integrated application. The term mashup implies easy, fast integration, frequently done by access to open APIs and data sources to produce results that were not the original reason for producing the raw source data. Google and Twitter are frequently used by developers when creating mashups as the APIs are well developed and accessible.

Co-founder of 34SP.com and frequent pub visitor, Stuart Melling explained the thinking behind the pub mashup competition, ”Let’s face it, here in the UK pubs are a revered institution. Our own staff enjoy a quick pint quite frequently here in Manchester, plus we often visit our local pubs, so we thought - why not create a great contest that involves both our audience of web developers and pubs? Plus, it gives the web development community a great way to combine their favorite activities into one - pubs and coding mashups.”

Winners of the First Ever Pub Mashup Competition will be selected by a panel made up of 34SP.com employees who enjoy going to pubs - plus a special guest judge to be announced in a couple of weeks. The entries will be judged on the following criteria:

Originality
Functionality
Robustness
Betterment of the greater Pub community
Fun and engaging to use

The contest entry deadline is the end of June, and winners will be selected in the beginning of July. So don’t delay - if you have an idea for that cool pub mashup - get it entered. At the very least, remember to take time out for a quick pint once in a while!

We are aware that a number of reseller hosting and VPS hosting accounts are also being affected by unauthorised FTP uploads. On our shared hosting accounts where we know what domains have been created and can alter these directly from our systems, with the reseller and vps accounts we cannot do this directly.

We can however offer you a method to restrict FTP access to a certain IP address or a subset of IP addresses.

The first thing to do is to determine your own IP address – one of the easiest ways of doing this is to visit http://www.whatismyip.com/. At the top of the page it will say ‘Your IP Address Is: 1.2.3.4′

If you are on a static IP then this is all that you need to do, if however you are on a dynamically assigned IP address, your IP will change on a regular basis and therefore you will need to know the IPs that you could possibly be assigned. While you are still on the http://www.whatismyip.com/ site if you look at the left you will see a link marked ‘IP WHOIS Lookup’ click this followed by the button ‘Whois Lookup’. The screen will now show a lot more information regarding your IP address.

In the output on this screen you should see something like this:

inetnum : 1.2.3.0 – 1.2.7.255

This is the range of IPs that you could be assigned.

Now that we have the possible range of IPs this is how to proceed.

In a text editor on your computer create a file named ‘.ftpaccess’ (note the . ‘dot’ at the beginning of this)

The contents of this file will be as follows if you have a static IP address:

<Limit ALL>
DenyALL
Allow 127.0.0.1
Allow 1.2.3.4
</Limit>

The Allow 127.0.0.1 is left there as a backup to enable you to access this via filemanger in siteadmin should you need to.

If you are on a dynamically assigned IP then you will need to allow some ranges. Based on our example inetnum output above our file would look like this:

<Limit ALL>
DenyALL
Allow 127.0.0.1
Allow 1.2.3.
Allow 1.2.4.
Allow 1.2.5.
Allow 1.2.6.
Allow 1.2.7.
</Limit>

Now simply upload this file to the httpdocs, httpsdocs and cgi-bin folders. This will stop anyone bar the named IP ranges from being able to access these key folders. You can also do the same with webusers and subdomains if you use these.

This change will not stop blocks on SFTP or SCP so if you only use these protocols you could use a file with the following:

<Limit ALL>
DenyALL
</Limit>

This would then stop any FTP access from being allowed to your site. Please do contact our client Service and Support Department with any questions or comments on this important security measure.

Here at 34SP.com we often advise clients on password security. All account types including domain names, website hosting, and servers require robust user names and passwords for security. In light of the fact that we have now added an additional layer of FTP security for clients, it seemed the right time to once again stress the importance of secure passwords.

This subject is far from new, and a concise and very well constructed treatise on the importance of password security written by HongHai Shen, a Google Engineer who works on security within Google was posted a while ago on the official Google blog. Please read this piece if you are wondering how to create a secure password.

Here are some more specific tips from the 34SP.com Service and Support Team:

In the event that you need to change or update passwords, please do not reset your password back to an old one. And please do not leave FTP access set to enable if you really do not use FTP all the time.

Refrain from using dictionary words. This is any word in English that exists in a dictionary. Passwords should look along the lines of grN#C9bSnJo((Sj for example. Randomly generated terms are best.

Here are some additional tips to help protect your site from compromise:

Do nots:

Do not use the same passwords for your mysql database as you do for FTP.

Do not use dictionary words.

Do not follow links in spam mails (curiosity in most cases kills the cat) .

Do not accept downloads or ActiveX or scripts on sites you do not know.

Dos:

Do use randomly generated passwords.

Do run an up to date antivirus.

Do change your password monthly for extra security.

Do disable FTP via the 34SP.com control panel when not in use.

One question, or possibly the objection, regarding secure passwords is, ”How do I remember a truly robust and difficult to crack password - when it contains all those upper and lower case letters, numbers and unusual keyword characters?”.

Here are two tools that can help with securely storing your passwords and help you to access them in a hurry.

RoboForm was named PC Magazine Editor’s Choice, and CNET Download.com’s Software of the Year. RoboForm allows you to:

Manage your passwords and Log In automatically.
Fill long registration and checkout forms with one click.
Encrypt your passwords to achieve complete security.
Generate random passwords to maximize password strength.
Fight Phishing by entering passwords only on matching web sites.
Defeat Keyloggers by not using the keyboard to type passwords.
Back up your passwords and copy them between computers.
Synchronize passwords between computers using GoodSync.

The full install of RoboForm is a paid product with full product documentation and support.

Alternatively, you can try http://www.keepass.info

KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).

Whatever method you arrive at for managing passwords, remember to maintain the highest levels of password security for your websites and domains. As always, if you have any questions or comments on password security, please contact the 34SP.com Service and Support Department.