cPanel & WHM 11.38 + has seen a number of new SSL improvements in the form of usability changes, SNI support, and support for multi-domain certificates. All of Simple Servers servers have been upgraded to support this feature. Detailed below are some of the major improvements you can now experience when using cPanel with your Simple Servers hosting account.
Enhanced Error Checking
A number of niceties have been added to the user interface to make the process of installing a certificate more straight forward and much more foolproof. In the event that there’s an issue with the certificate cPanel & WHM will deny the installation to prevent the certificate from being installed on the server. Additionally, it will let the user know that there is an issue that needs be to resolved in order for the installation to result in a working certificate.
Server Name Indicator (SNI)
Currently, it’s common for each SSL Certificate to require its own dedicated IP address. The cost of this address is typically being passed down to the end user. SNI is able to change this paradigm by indicating what hostname the client is connecting to at the start of the handshake process. This allows a server to have multiple certificates all installed on the same IP address. Users on shared servers, that support SNI, will be able to install their own certificates and bypass the need for a dedicated address. While this saves on the cost of the dedicated IP address, this also helps reduce the need for extra addresses.
Multi-Domain Certificates (UCC/SAN)
As an alternative to SNI we have also taken steps to improve our support for multi-domain certificates. These allow users to add multiple domain names to a single certificate, and multi-domain certificates can be installed onto shared IP addresses. Within both cPanel & WHM, users can quickly create self-signed, multi-domain certificates and can additionally generate signing requests that they can then take to their SSL provider to have their permanent certificate created.
A new feature in our cPanel area for Simple Servers customers. Simply enter your OneClickSSL voucher number and let the plug-in do the rest – You will have an SSL Certificate installed and active on the site in seconds.
Our web team have been burning the midnight oil to produce a new admin area for our customers.
We hope this makes things easier, it certainly looks better!
Please let us know if you encounter any bugs though.
We have installed our first stable version of Magento 1.8 this morning, here are the release notes from the Magento site.
We will be running more performance tests in the next few weeks.
Magento 1.8 is already available to our customers via our auto installer.
Magento Community Edition 1.8
This new edition improves tax calculations, boosts product quality and stability, enhances performance, and advances security for the rapidly growing Magento community.
Key highlights include:
Enhanced Tax Calculations
Magento Community Edition 1.8 improves tax calculation accuracy for VAT merchants and eliminates potential rounding errors that can be confusing to buyers. Knowledge Base updates also provide more guidance on tax configurations and Canadian tax requirements, enabling you to more fully benefit from the native Magento tax engine.
We made approximately 350 functional improvements that boost product quality in key areas, including the web store, shopping cart, admin order creation, import and export functionality, web API components, and payment methods.
Magento Community Edition 1.8 enables a better shopping experience through faster page-loading in the checkout process and optimized cache adapters for single server systems, which minimize the number of cached pages that must be refreshed when product updates are made. The performance of the 1.8 administrator panel is also improved for those of you with large product or order databases.
Through a number of enhancements, we also strengthened the security of Magento Community Edition. A full list of enhancements is available in the magento release notes.
Updates to the Alpha Release
A few new updates were made to the alpha version of Magento Community Edition 1.8. We removed the requirement to have globally unique category and product URL keys, giving you greater flexibility in your URL structures. We also incorporated the recent USPS API patch, DHL code updates, and the latest Redis backend cache code, now called Cm_Cache_Backend_Redis. We have also included Cm_RedisSession, a Redis session storage module.
The Samsung 840 EVO 750GB is a tour de force in solid-state technology, combining for the first time vast capacity by ssd standards, with super fast performance, and at an approachable price.
The Samsung EVO is spearheads a second-generation of solid-state drive to use the more affordable TLC flash chips. It allows an increase in capacity and reduction in price. And a surprise when it comes to performance.
Samsung is still accelerating the development of flash memory, now introducing its second generation of TLC solid-state storage before any other brand has even shown its first.
Three-layer cell (TLC) NAND flash can be a useful compromise to increase storage capacities and lower costs. But the 3-bit version of multi-layer cell (MLC) flash has an intrinsically slower write speed and shorter overall lifespan.
For better performance and longevity, there’s still Samsung’s 840 Pro Series with its more familiar two-layer MLC technology. But we found that in performance terms at least, the Samsung EVO can hold its head up high against the 840 Pro; and with it, all current leading SATA 6Gb/s solid-state drives.
The use of TLC flash has here allowed a long-awaited extension in storage capacities. As well as the familiar sizes of 120, 250 and 500GB, Samsung has added 750GB and 1TB sized drives.
The latter becomes the first truly terabyte SSD, since Crucial’s competing flagship M500 series includes additional built-in over-provisioning that brings the available space on its largest SSD to just below the terabyte mark, at 960GB.
Recommended prices for the Samsung 840 EVO Series SSDs start at £86.99 for 120GB, then £148.99 for 250GB, £289.99 for 500GB, £415.99 for 750GB and £509.99 for 1TB.
The buffer size is relatively large, so that with most daily operations it should not be readily depleted. But if it is, it simply puts write operations back to regular TLC speeds. For reference, the original 840 Series with its unaided TLC flash had sequential write speeds of around 250 MB/s.
Since this dedicated part of the drive only works in SLC mode, Samsung assures us it will have better endurance than short-lived TLC – around 100 times longer life.
The two smallest drives each get 3 GB of TurboWrite Buffer, while the 500, 750 and 1000 GB capacity versions get 6, 9 and 12 GB respectively of fast-write buffer.
Besides some clever data juggling used to bolster write speed, several other changes have been noted for the Samsung 840 EVO when compared to the original 840 Series.
The controller is now designated MEX rather than MDX, still based on a three-core ARM processor and with clock speed increased from 300 to 400 MHz. This is said to assist in management of the larger capacities, as well as deal with the shift to a new 19nm NAND process.
We also understand that the controller now has more housekeeping automation hard-coded into it, rather than being programmed and run by firmware.
The controller is backed by more DRAM cache for the largest drives, taking 256 MB cache for the smallest 120 GB capacity, 512 MB again for the 250 and 500GB models; and now featuring 1 GB of LPDDR2 memory for the 750 GB and 1 TB capacity SSDs.
Idle power consumption is said to be reduced, while temperature sensing deliberately slows the drive down when it gets too hot under load. Dynamic Thermal Guard looks like a similar technology to the adaptive thermal monitoring used in Crucial’s latest M500 series SSDs.
When we first tested the Samsung 840 EVO, we were almost downcast to find comparable performance to the previous-generation Samsung 840 Pro. But we were not immediately aware of the technology inside, based on TLC flash like the cheaper 840 Series; not 2-bit MLC like the 840 Pro Series. Things were looking interesting again.
Looking at the other extreme, of very small files, we found that 4 kB random reads had just about doubled in number, from 22 to 41 MB/s with the 840 EVO.
That’s with a single queue, a good indicator for real-world performance still, as your PC spends a lot of time working randomly with many one-off small files, not just large sequential transfers or even multi-threaded small random read/writes.
Increasing queue depth to QD=32, the 840 EVO also approached its Pro-labelled mentor. Random 4 kB reads now hit 405 MB/s and writes were 367 MB/s. Which means the 850 EVO is now officially in the 100,000 IOPS league with its 104k IOPS read result.
(litter lout) litterer: a person who litters public places with refuse.
As ever the team have been busy adding new servers into our latest rack, we do seem to create rather a mess though!
As always we made good in the end though.
Our latest new rack went live August 1st 2013. This will further expand our dedicated and shared infrastructure and link to our existing Gbit external and internal network. As per our other racks with have redundant switching, Diverse A/B power and diverse networking.
Pictures below during set up and install
We are in the process of signing off all the paper work for our new 1,575 sq ft Head Office. Set only 1.5 miles from our Data Centre and set in the Worcestershire country side.
This really gives us an edge being even closer to our primary Data Centre than we are now. With the added benefit of a dedicated fibre line direct to our Data Centre giving us GBit connectivity
Our planned moving in date is mid August
Images of both floors:
We have just launched our most powerful and condensed Magento cluster to date. We have nick named it ‘Godzilla’. This beast really is special with an all latest gen SSD raid ten storage and the very latest Oct Core Intel Cpu’s.
This beast sits in a 2u space and thanks to 100% SSD architecture we can offset the power reduction from not using traditional 15k SAS drives with the high CPU pull.
It’s amazing that we have been able to pull so much power from only a 2u space. Of course we only used the latest 12th Gen Dell Poweredge servers for this install.
We had a demanding brief: blazing fast page load and tough enough to deal with big levels of concurrency and fend of regular DDOS attacks.
We have achieved this with a mixture of Litespeed, varnish, memcache and cloudflare. All built on our tried and tested, highly secure and optimised Magebox platform.
Two of the biggest caching plugins in WordPress have what we would classify a very serious vulnerability – remote code execution (RCE), a.k.a., arbitrary code execution.
It appears that a user by the name of kisscsaby first disclosed the issue a month ago via the WordPress forums. As of 5 days ago both plugin authors have pushed new versions of their plugins disabling the vulnerable functions by default. The real concern however is the seriousness of the vulnerability and the shear volume of users between both plugins.
There are a few posts, released within the past few hours that do a great job of explaining what the issue was and what was being exploited. You can find some good after action thoughts on Frank Goosens’ blogand on Acunetix’s blog as well.
Between the two plugins they’re looking at something close to 6 million downloads, granted not all current and some will be updates, but assuming even 25% are unique sites that’s an impressive number for any plugin. The real issue comes in that it applies to any WordPress blog that has comments enabled.
If you’re using a third-party service, like Disqus, this won’t affect you. A really simple way to test is leave yourself a comment like this:
<!–mfunc echo PHP_VERSION; –><!–/mfunc–>
This means I can pass any commands I want to your server and they’ll execute, hence the term remote command execution (RCE).
Replace my echo with an eval and encode a payload and now it’s a different ball game. Case in point, a backdoor shell, all while going via your comments and bypassing all other authentication controls.
Again, not an issue to be taken lightly, this is a very serious vulnerability, further exasperated by the fact that any user can exploit it. The easiest way to protect yourself is to upgrade. You can find the latest updates on the WordPress.org repository:
Top marks to the plugin developers for acting quickly on the issue. Now it’s your turn end-users, update!
This is a guest post written and contributed by CloudFlare. CloudFlare makes it easy for any site to be as fast and secure as the Internet giants.
CloudFlare, a web performance and security company, is excited to announce our partnership with Simple Servers! If you haven’t heard about CloudFlare before, our value proposition is simple: we’ll make any website twice as fast and protect it from a broad range of web threats.
Today, hundreds of thousands of websites—ranging from individual blogs to e-commerce sites to the websites of Fortune 500 companies to national governments—use CloudFlare to make their sites faster and more secure. We power more than 65 billion monthly page views—more than Amazon, Wikipedia, Twitter, Zynga, AOL, Apple, Bing, eBay, PayPal and Instagram combined—and over 25% of the Internet’s population regularly passes through our network.
CloudFlare is designed to take a great hosting platform like Simple Servers and make it even better.
We run 23 data centers strategically located around the world. When you sign up for CloudFlare, we begin routing your traffic to the nearest data center.
As your traffic passes through the data centers, we intelligently determine what parts of your website are static versus dynamic. The static portions are cached on our servers for a short period of time, typically less than 2 hours before we check to see if they’ve been updated. By automatically moving the static parts of your site closer to your visitors, the overall performance of your site improves significantly.
CloudFlare’s intelligent caching system also means you save bandwidth, which means saving money, and decreases the load on your servers, which means your web application will run faster and more efficiently than ever. On average, CloudFlare customers see a 60% decrease in bandwidth usage, and a 65% in total requests to their servers. The overall effect is that CloudFlare will typically cut the load time for pages on your site by 50% which means higher engagement and happier visitors.
Over the course of 2011, CloudFlare identified a 700% increase in the number of distributed denial of service attacks (DDoS) we track on the Internet (see the chart below). As attacks like these increase, CloudFlare is stepping up to protect sites.
CloudFlare’s security protections offer a broad range of protections against attacks such as DDoS, hacking or spam submitted to a blog or comment form. What is powerful about our approach is that the system gets smarter the more sites that are part of the CloudFlare community. We analyse the traffic patterns of hundreds of millions of visitors in real time and adapt the security systems to ensure good traffic gets through and bad traffic is stopped.
In time, our goal is nothing short of making attacks against websites a relic of history. And, given our scale and the billions of different attacks we see and adapt to every year, we’re well on our way to achieving that for sites on the CloudFlare network.
Any website can deploy CloudFlare, regardless of your underlying platform. By integrating closely with Simple Servers, we make the process of setting up CloudFlare “1 click easy” through your existing Simple Servers Cpanel dashboard. Just look for the CloudFlare icon, choose the domain you want to enable, and click the orange cloud. That’s it!
We’ve kept the price as low as possible and plans offered through Simple Servers are free. Moreover, we never charge you for bandwidth or storage, therefore saving you tons via reduced bandwidth costs.
For site owners who would like to take advantage of CloudFlare’s advanced offerings, we also offer a ‘Pro’ tier of service for $20/month. The ‘Pro’ tier includes all of the ‘Free’ tier’s offerings, as well as extra features like SSL, full web application firewall and faster analytics.
We’re proud that every day more than a thousand new sites, including some of the largest on the web, join the CloudFlare community. If you’re looking for a faster, safer website, you’ve got a good start with Simple Servers, but the next step is to join the CloudFlare community