Archive for July, 2009



Website Hosting Support

July 31st, 2009

Posted by keith

Hi All,

Today I would like to help you get the most of our excellent support offerings. This information will be helpful for all clients: those with domain names only, hosting accounts, reseller hosting, or dedicated servers. Firstly and something that is very much overlooked is ensuring up-to-date address information on file.

Whenever we need to send you important emails about your renewals or accounts we use the email supplied on our systems. We all know that people move providers and so their email addresses periodically change. So the first thing to be sure of is that we have your correct physical address, phone number and most importantly your email address.

The way to check this is to log in to https://www.34sp.com/login using the last email address you set with us. This will be the one supplied at sign up if you have never amended it.
Once logged in click on ‘Account details’ on the right hand menu. Amend your details as required and then click ‘submit’.

We offer a number of support mechanisms all designed to help in certain ways. I am going to explain how best to use these to get the quickest and most appropriate resolve to any of your issues.

For any issues which require us to make a change to your account, email or site or require us to provide password or other sensitive information. The best way to contact us is using the built in contact form on our website. Simply login to: https://www.34sp.com/login using your registered email and password and then click ‘contact’.

Because you used this form we know you are the account holder and can get on with the request without the need for further security checks. This helps speed up your request. This method is also very handy if you cannot send emails but can use websites. If you are having issues receiving emails please make sure you provide us an alternative email address or a phone number in the support request so that we can contact you.

If your enquiry is general or for some reason you cannot log in or have lost your login details. Send us an email to support. You can use our contact form here to send email as well. Put your domain name in the subject and a brief description of the issue. Then explain in the main mail what we can assist you with. Don’t forget to give us contact details as this helps to ensure you will get a prompt reply.

Our live chat facility is there for instant assistance with one of our staff. This service is only able to offer quick and easy support such as reminders of details, general technical questions or general account support. If a case requires an engineer, a support ticket will be raised for you. Live chat is best used to contact us if your mail, site or services are not working. We can quickly evaluate the cause and if it is involved we can raise you a ticket for engineers to look at. When using Live Chat it asks for a question. Simply type in the domain name / site name you want to talk about and a brief summary of the issue.

If a case requires Advanced Support it is handled by email only. Advanced Support is not available via Live Chat or Phone. If you need an update or need to add more to a case please reply to the email as this is the quickest way for them to be able to reply and assist you.

Should you need to speak to someone then you can use our telephone service. When contacting us by telephone or by Live Chat we will ask you for your security question. Please have this ready as we cannot assist you without it. Not sure what you set? Simply log into: https://www.34sp.com/login and click on ‘Account Details’ to check or change it.

Also when calling us please have your customer reference number to hand as this speeds up the search for you account and avoids delays in finding it.

We pride ourselves on our support and we want to assist you to use it to its best to get the quickest and most appropriate help.

Here is a quick summary of our support channels.

In order of speed and relevance:

For a quick answer on basic issues or to check status of account etc use our Live Chat facility between the hours of 8 to 8 weekdays.
For changes to accounts or more in depth issues log into your account at: https://www.34sp.com/login and use the contact form.
If unable to login or access our website send us an email to support. You can email us 24 x 7 x 365.
In the case of any support contact, be sure to put the domain name / website in the subject with brief summary of issue.
Always be sure to give us contact details so we can get back to the right person as quickly as possible.
If you need to talk to someone you can call us on 0161 200 1855 between the hours of 8 to 8 weekdays.

And last but not least periodically check your details with us to ensure accuracy. This will assist you when contacting us and also avoid any missed renewal notices.

I hope this guide helps you to enjoy our support at its best, and also to help us to continue to provide you with first class support.

FTP Security Explained

July 21st, 2009

Posted by Tom

Now that I’ve had (just over) a month to settle into my new role here at UK hosting company 34SP.com as a Systems Administrator, it would be quite fitting that I should be writing a highly technical, complex entry on the company web blog, particularly when you consider the content of my second-life as a 34SP.com customer.

However, as it happens, I’m going to start with a relatively simple topic that has application to all accounts including reseller hosting and VPS. I’m going to talk specifically about SFTP, or the SSH File Transfer Protocol.

But What’s Wrong with FTP?
Many of you will have noticed, and indeed some of you may have even been the victim of, hacks to your website hosting by attackers logging-in via FTP and defacing your website for what is usually profitable gain. It’s unfortunate that there are still a modicum of support requests from clients who have fallen foul of such attacks.

These attacks aren’t simply limited to 34SP.com accounts, nor are they limited to the use of one particular server Operating System or configuration. Whilst many can often be quick to demonise the use of overly-simple passwords (i.e. dictionary words, words with trailing numbers, passwords consisting of numbers) due to their inherent vulnerability to brute-force or dictionary attacks, it isn’t always the case that a user falling victim to an attack had a particularly weak password.

The reality today is that brute-forcing requires far too much effort for an attacker. Who would really want to wait for a script to try two million passwords, only to find out that none of them worked? Yawn! I don’t think I’d waste my time doing that… And of course neither would any self-respecting attacker, particularly when there’s an easier option to hand.

Ignoring the probability of any infection of a user’s local machine with malicious software, or the susceptibility of the user to social engineering attacks (which in themselves prevent far more serious ramifications than FTP security) the possibility also remains for attackers to intercept information that is transmitted across the Internet in plain text. It is for this very reason, that HTTP’s secure alternative, HTTPS, is widely used across the web for mediating secure transmission of information to and from such systems as control panels and e-commerce sites. Of course, nobody would wish their credit card details to be transmitted across a shared medium, for all to see. So why would you want the login details to your website transmitted in a similar fashion?

So How Can I Protect My FTP Traffic?
FTP, like HTTP, transmits all data between the client and server without any form of encryption, which in the case of an FTP login command, also includes your private username and password. Unfortunately FTPS (or FTP-SSL) is seldom used in practice due to the requirements (and cost) of maintaining signed SSL certificates. Whilst the benefits are routinely accepted for the use of HTTPS, this practice is less than desirable when considered as a global replacement for every single FTP connection.

SFTP works quite differently: it relies upon the SSH (Secure SHell) protocol to create a secure ‘tunnel’ with which to transmit FTP traffic. Similarly, SCP operates in the same way, but does so with reduced capabilities for the user. The security of SSH is provided by RSA public/private keypairs, as opposed to requiring costly SSL certificates. This reduces the complexity in setup and reduces the cost of deploying a secure FTP service, whilst thankfully maintaining a level of security that would thwart the persistent of traffic-intercepting attacks.

Great! But How Do I Use It?
Given the longstanding acceptance of FTP as the de-facto standard for publishing files to web space, there are a great many hurdles to overcome in the road towards the widespread adoption of secure file transfer methods. Education is one such hurdle: many, many users are unaware of the dangers involved in the transmission of insecure data, or even that secure alternatives exist.

Similarly, the Plesk Server Admin (as of version 8.6.0) doesn’t support SFTP natively. However, the demand of such features led to the deployment of an in-house extension, enabling all of our Linux/UNIX-based hosting servers to provide simultaneous SFTP and SCP access alongside traditional FTP. By providing ‘shell’ access with a limited set of allowed commands, access to your web space via secure file transfer protocols can be implemented without any particularly difficult modifications to the standard features of Plesk.

In order to take advantage of SFTP (and SCP) you will need to do two things:

  1. Obtain an SFTP/SCP-compatible client: as an example, WinSCP is a free and intuitive client for Windows users.
  2. Write a short e-mail to our Support Team stating your domain, and your desire to use SFTP.

The only caveat to this feature at present, is that it is still controlled by the FTP lock, so if you decide to disable FTP access on a particular domain; SFTP and SCP will no longer be available until FTP access is re-enabled. Similarly, it is not currently possible to disable FTP whilst retaining only SFTP access, though hopefully this is something we’ll be able to look towards implementing in the future.

So Now There’s No Chance That My Sites Will be Hacked?
Not exactly. Secure file transfer protocols serve only as a compliment to the continued use of strong (and secure) passwords. Similarly, if a user’s own system is compromised, then neither SFTP or SCP will be able to protect a user from an attacker. But when the final weakness is the FTP protocol itself, then it would appear that the time to switch to the widespread use of a more secure protocol would be a very prudent idea. Not just for the security of your own data, but for the good of the Internet as a whole.

Where Can I Learn More About These Issues?
You can read 34SP’s official announcement on FTP security.
Wikipedia carries good, clear articles on SFTP, SCP and the differences between both protocols.

Finally, CmdrTaco (the founder of popular geek news site, Slashdot) wrote a fantastic story regarding his own experiences with FTP hacks. It certainly has happened to the best of us!

Free Design Resources

July 14th, 2009

Posted by Simon

Over the years I’ve been working as a professional designer (and as a student before that), I’ve amassed a library of resources that I believe make my job as a web designer much, much easier. Whether its fonts, colour combinations or sourcing photographs – I’m always looking for the ‘latest thing’ to keep my designs original and up-to-date. Most designers I know have similar habits, with more than a few of them keeping their resource pools a closely guarded secret. At 34SP.com, we like to help, so not only am I going to show you just some of the places you can go online to find those little design essentials, most of the content discussed in this blog post is absolutely free!

Domains and Hosting:

Let’s get the obvious stuff out of the way first. All designers at one point or another need domain names and hosting accounts for their clients. I think you might have guessed who I recommend. Go here to view our reseller hosting accounts – great for designers and developers.

Fonts:

There are so many places to source fonts from, with prices ranging from free to thousands of pounds. Professional font foundries offer beautiful fonts that make your design stand out from the rest. However, unless you (or your client) are willing to splash the cash I’d recommend some of these fantastic free font websites.

Dafont.com
Without a doubt, the best site on the web for free fonts. Fonts are split up into different categories based on style and are available in both Mac and PC format. As well as a massive library of fonts, there is a busy community of typographers, so if you have any font related questions there is always someone who’s happy to help out.

Typedifferent.com
Typedifferent.com is a online font shop set up by Swiss design legends Buro Destruct. Despite the majority of the fonts being for sale (at very reasonably prices), if you look hard enough, you’ll find there are lots of free fonts mixed in too. It’s a great place to go if you are looking for free professional fonts.

Tipografea.com
A fantastic website setup by the lovely people at Xpaider.com. There are 8 contemporary fonts available on this site, but just because they are free doesn’t mean you don’t have to work to get them. Each font has its own page, with a hidden “Easter Egg” link to download the font. Hunting down these links can take a while but it’s a fun idea, and if you like the fonts then 5 minutes of your time is a worthwhile investment.

Photography:

The last 5 years have seen the price of stock imagery fall dramatically. In the past sourcing photography would mean paying large sums of money for one photo, often involving paying usage rights related to how many people would see the photo. However the rise in cheap stock photography websites, lead by stock photography giants Istockphoto.com and Dreamstime.com, have filled the void for affordable photography. There are also a number of free stock photo sites. Unlike Flickr or Google Images, these free stock photography sites are based around professional quality photography, and the large majority are free of any kind of user agreement (but always, always check).

Sxc.hu
Widely regarded as the best free stock photography site, Sxc.hu has a library of around 350,000 photos. The site is clean and easy to use and has a great community of blogs, tutorials and user galleries.

Stockvault.net
Stockvault.net is a site based around its community of content providers as much as it is based around free stock imagery. The site splits its imagery into categories and sub categories, making browsing very easy. With an image library of around 13,500 it’s not the biggest stock photography site, but the quality is great and of course, all the photos are free.

Vectors:

Vector graphics are great for creating an illustrative look, and unlike photos they can often be scaled up or down and still look great. Any designer worth their salt should be able to create basic vectors for their design, but occasionally time and budgets restrict the time that can be spent tweaking your graphics. It is in times like these, that stock vectors can be an invaluable resource. Unlike photos, vectors can be dismantled, re-coloured and generally used in ways you just can’t use a photograph. If you use vectors in the right way, they also look great.

Freevectors.net
Freevectors.net is an index of free vectors from different sites all over the web. The vectors are either created by other users, or they are sample packs from professional stock vector sites, such as Go Media.

Iheartvector.com
Another extensive archive of royalty free vectors, split into categories for easy navigation.

Other Great Resource Sites:

kuler.adobe.com
Kuler is a great little application that lets you create, save and view other colour combinations. With a great set of tools and extensive user generated gallery, Kuler is the place to go if you find yourself struggling to find that winning colour combination.

lorem-ipsum.info
Generate placeholder text so you design looks full of content even if your client hasn’t given you any. Lorem Ipsum has been used by designers since the 60′s, and is great filler text that looks organic placed into a text area.

Brandsoftheworld.com
A huge database of logos from all over the world, all in eps format. A great place to go if you’ve been supplied a tiny gif logo that’s sure to ruin your design.

bluevertigo.com.ar
The most comprehensive list of design related resources online, Bluevertigo.com.ar covers all the sites mentioned in this post, and many many more. Whether its photography, fonts, Photoshop brushes, stock sound effects or Poser models, your bound to find what your looking for on this site.

I hope that these free design resources are helpful to you. Let us know if there are design resources that you frequently use which we haven’t included. Good luck with your upcoming design projects!

Why Tables Are Bad

July 8th, 2009

Posted by Ali

Many of our clients create their own websites – either for themselves, or on behalf of clients. Whether you are a small business owner creating an ecommerce site via a Professional Hosting account, or a designer creating client sites with a reseller hosting account, you’ve probably used tables in your designs.

Over the past few years many changes have been made in the way people design and build websites. One of the most widely discussed change is the use of DIVs over the tables for the structure of websites. In this article I’ll explain why we shouldn’t be using tables and how to implement alternative methods using DIVs.

Tables are confusing
Tables require considerably more code than DIVs. If you compare the table:

<table>
<tr>
<td>This is the content</td>
</tr>
<table>

With the DIV:

<div>This is the content</div>

You’ll see the table can quickly get complicated as much more code is required. This means with a huge number of tags it’s far easier to make mistakes and once the website is complete they’re much harder to maintain and amend. More code also means the website takes longer to load, that means using more bandwidth, meaning the website is potentially more expensive to run.

Tables are for data
Tables are meant to be used for tabular data storage so using them for layout structures means they’re being used incorrectly. They should only be used for displaying data, i.e. a table of product features or a shopping basket.

Tables are not accessible
Tables destroy the logical flow of the web page, especially when tables are nested within other tables. When people use screen readers, the web page is read out in the order it’s coded. When using tables, the content isn’t necessarily coded in the order it’s displayed on the page, for example: the content first, then the navigation, then the footer. This means users can get confused and lost navigating around the website.

The alternative
The much more accessible, usable and easy alternative to tables are box elements, i.e. DIVs, styled using CSS. You can specify the size (i.e. 800px x 200px) and position (i.e. 25px from the left, 10px from the top) of the DIV allowing you to easily build up the page without the complex coding of tables.

In terms of search engine optimization (SEO), SEO friendly elements such as headings, paragraphs and lists can be used to specify different types of content and text – meaning a potentially higher ranking in Google and other search engines. Box elements are coded in a logical order meaning they are easily understood by screen readers which increases accessibility.For further reading about why tables are bad, plus box elements and how to use them I recommend the following links:

http://webdesign.about.com/od/htmltags/ss/aa121602a.htm

http://www.smashingmagazine.com/2009/04/08/from-table-hell-to-div-hell

Hosting News

Search Blog

Use the search facility below to search through the 34SP.com news archive.

Recent Posts

Blog Categories


 
Hosting News
 
Blog
 
New Dedicated Server Hardware