Category Archives:
Tutorial & Guides

Virtual Private Server(VPS) is more and more popular choice because of the advanced requirements from webmaster. However, not everybody fully understand the service and always have to switch over again and again.. Here we will give out some basic explanations for different types VPS plans and compare two of the most popular ones — Managed and Unmanaged VPS.

What's VPS? It means the hosting provider divide a single dedicated server into multiple virtual machines via some virtulization technologies like Vmware, OpenVZ and XEN etc. Each VPS machine works independently with its own operation system, we can install softwares and run server side tasks just the same as on actual computers. From hosting company, they always configure multiple service plans with different features such as managed vps, unmanaged vps and semi-managed vps plans. But, what does that exactly mean? If we're going to choose either service, we must understand it properly.

Managed VPS. Idealy, the hosting company will be responsible for side by side support on the server such as security update, server maintenance and all stuff. However it varies a lot in actual service offer. Most of the time it's only available with a control panel and customer manage services under the GUI interface without having to deal with command line, that's how hosting company explains "managed" in their words. Unlike the expected level support, the host might do nothing unless requested. We will have to monitor the VPS ourselves.

Unmanaged VPS. Just prepared with pre-installed OS with SSH or remote desktop connection enabled server. With unmanaged vps, we are responsible for everything on the server such as software configurations, maintenance and any other trouble shooting work. Because no hosting control panel available, most working is done via SSH connections.

Semi-managed vps. Actually this type service doesn't exist in live hosting plans. Even it's something between the above two services, I can only expect extra support from hosting groups. As for now, it's not a popular term any more for most service provider.

Managed vs Unmanaged VPS

which is suitable for me? As learned from above explanation, if we're professional in server managing and be able to configure all stuff well on server, unmanaged server is good enough and it will reduce our budget a lot. But most of the time, people just need a more powerful server for growing up website, they don't want to manage the server or spend lots of time in learning it. In such case, managed would be right choice since it will help us setup services in quick time. There's no bad for either service, we just need to choose the best one with our needs. There's no need to debate which is better and which is not.

Best VPS server plans

We introduced several popular vps providers on this vps hosting posting. But we would like to give out a new list on this holiday special.

Arvixe.com – Affordable managed VPS server with standard configurations. The arvixe VPS plans include both windows on websitepanel and linux on cpanel. The arvixe vps servers come with leading offers like free domain name registration and unlimited data transfer etc.

IXwebhosting – IX VPS servers are Actually some kind cloud platform based, there we have choice to use cpanel or plesk. Or we can choose to use neither and sign up as unmanaged server! For now, IX offers holiday's promotion where we can save 50% for the first month service of X4 plan.

Greengeeks – Leading green hosting provider with affordable vps server plans. There're multiple vps solutions from greengeeks and we can choose to sign up managed or unmanaged. Price is as low as $19.95/mo, we can even get further discount by applying their promo codes!

WordPress is a fantastic platform with a huge variety of plugins and themes which allow for a fantastic experience for you and your readers. However, if you follow poor security practices, it can all turn to custard pretty quick. In this article I will take a look at some of the main causes of WordPress security issues and how to lock your blog down to avoid such issues.

So, what’s the problem?

In a complex CMS environment like WordPress, where end users are running software on a range of different sever environments, with a range of different themes and plugins, and 3rd party software there are going to be vulnerabilities. When unsavoury types find a means to gain access to your site using these, you are going to have problems. To avoid these problems it is essential that you keep your core WordPress install, all plugins and all themes updated.

If you have a vulnerable WordPress install, hackers can:

• Execute arbitrary code on your site
• Inject arbitrary web script or HTML and edit your posts
• Cause a denial of service (crash, CPU & Bandwidth)
• Inject and execute SQL commands
• Allow remote attackers to obtain sensitive data such as passwords
• Redirect users to arbitrary web sites and conduct phishing attacks
• Persistent cross-site request forgery (CSRF)
• Create hidden posts on your site only viewable to search engines creating a link network directed at the hackers site
• Embed a backdoor, to gain future access to your site even after vulnerabilities are patched
• Embed encrypted code in your php core and theme files

What are the main causes?

As mentioned above, the primary root cause is outdated software, i.e. Your core WordPress install, plugins, and theme files. This is why we are seeing a range of WordPress related services that essentially make it much easier to keep your software updated… WP remote, and InfitniteWP being two great, and free options for this.
Some other common causes are:

• Downloading themes from untrusted sources, these often have backdoors encrypted into the theme files
• Accessing your WordPress site from an infected computer
• Having a weak password attached to the main admin account

Where to find out more about these vulnerabilities?

There are currently 30 known vulnerabilities in the core system files of WordPress 3.X, and if your WordPress has not been updated to the most recent version, you may be venerable. To see a list of the known WordPress vulnerabilities view the list provided by Secunia, or if you want to follow the main development of WordPress, and get instant updates about any critical patches, subscribe to the WordPress development blog.

Tips to lock down your blog

• Back up your site regularly – Ensure you know how to rebuild the site at any time
• Keep the WordPress core system updated
• Keep all themes and plugins updated
• Avoid using themes from untrusted sources, they often have backdoors encrypted into them, this is particularly common with pirated premium themes found on file locker sites like Mediafire and RadidShare.
• Use a strong password and don’t use it on other sites
• Ensure the computer you are using to access the WordPress site on is malware and virus free
• Monitor your server and user statistics, and investigate suspicious activity
• Deny access to theme and plugin folder directories with a blank index.html file
• Remove your WordPress version from your meta description
• Protect your WordPress wp-admin folder using your htaccess file

There are also some great plugins that help enhance the security of your WordPress install. The best options which I have personally used on sites include:

• Wordfence
• Bulletproof
• Better WordPress security
• Lockerpress

If your website is wordpress based, hope this article will help. Original article posted on this wpforce page.

To most wordpress users, the Akismet is the default and most important plugin to deal with spam commenting. Our web hosting blog site is also based on wordpress and Akismet is configured as default. However, as the incoming spam commeting growth, the backend mysql database size grows up rapidly. It shocked me a lot as I haven't done anything special to the database. After a bit research, I found the problem is on commentmeta table where all Akismet blocked comments history stored. From the online docs, Akismet should store comment details there until they're deleted or approved, so I tried to clear all spam in the queue, However, there's no change on the size.

Finally, I found a useful query to clear the history on wordpress froum:

DELETE FROM wp_commentmeta WHERE meta_key LIKE '%akismet%'

This sql delete statement will clear all akismet history in commentmeta table, in case you're concerned with the big size problem, you can get a peace sleep with it. We can either run this query every few days or create a cron job in cpanel and run it automatically.

Is Akismet bad plugin?

Absolutely not. Being one of the earliest and most efficient spam-fighting plugin, Akismet is serving thousands of blogs. Personally, the plugin blocked over 10 thousand spam comments in 6 months. Because of this, I don't have to manually determine which comment is spam then move it to that queue. Akismet is only bad for the history size problem, if the developer could fix this problem then everything is perfect.

How to deal with wordpress spam commenting?

Spam is headache to every webmaster as it always wastes our lots of time, if we ignore it some time, something terrible might happen to our service especially when we set approvement without moderation. Most spam-fighting plugins are configured to deal with real people, for example to add authentication fields before commenting. However such methods can not block spam bots, that's why there're still rubbish comments in the moderation queue. Akismet is by far the most efficient plugin to block such commenting, there's just one click to clear them all. So overall, the following methods are MUST to deal with wordpress spam commenting

1. Install Akismet – Always remember to activate this plugin after our WP blog installed. Although akismet will not delete the spam comments directly, we will save time in determing spam comments manually.

2. Keep wordpress core up to date – Always remember to update wordpress to latest version as it fixed lots of bugs from previous version.

3. Add Captcha or math commet protection plugins – People will have to pass the verification before commenting. This will stop those inpatient spammers.

4. Authentication before commenting – This would be the most strict methods. Only registered users be able to comment to your articles. However, it's only good method for popular websites that gains lots of daily traffic because they never lack of readers. For new blogs, this blocking methods will result in less communication between you and your visitors.

Above are recommended methods to deal with wordpress spam commenting, however that's not all. Just do your own research and choose the best method for your site!

Running a successful web hosting business is not an easy task because it requires huge investment in both hardware/software as well as advanced server professionals employment. But, thoese rules only apply to a formal and ethical company. If you have played around a bit in web hosting you might have found it's not that hard to start a business with it. That's why there're so many new setup brands in the industry and caused lots of complaints by users.

Unlike the reputable hosting provider who have their own datacenter and server equipments, a starter company may just rent a single dedicated server or VPS to start their business. They don't have to invest a lot to prepare the basic environment. Once it's ready to accept customer, they will try to spam the internet to get orders. It's absolutely very important to avoid such hoster in case of any potential problem. In this thread, we're going to discuss how to detect if your hosting server is virtual or dedicated. If you're hosted on a virtual server, you're probably with a inept service and you should pay serious attention to it.

How to check if you're hosted on virtual or physical server?

Because of the fast development with virtualization tech, it makes almost no difference between gest and host server. However, no matter how we virutlize the physical server, there's still some difference to check out.

For example If we have access to server end we can run this imvirt script to load the environment information directly. It will tell if the OS is virtualized from the popular technologies such as Virtual PC, VMware, EMU/KVM, Xen, OpenVZ/Virtuozzo etc. It's by fast the most popular script for virtualization checking.

But, most of the time we don't have server access for shared hosting environment. What we do? Here we highly recommend some probe softwares that doesn't require root permission. What to use? PHPsysinfo is definitely the primary consideration. With this software will see clearly how much diskspace/memory on the server and what kind of cpu/ram it has, it will also tell us what kind of server kernel being used as well as the live resource usage and system alerts. Based on the cool info, we can easily judge if the server is virtual or physical. How do we judge?

First, we can look up the server kernel. Many VPS will show up the virtual type in kernel description such as "Linux let 2.6.32-5-xen-amd64", that means the server is XEN based VPS. However, not all server will tell the truth, so we need to move to next step. We need to look up the overall amount RAM and Disk space. If the number is too small, it's definitely not a dedicated server or at least not a quality dedicated server.

Nowadays, most hosting companies have updated their server hardwares with up to date products. By using SAN technologies, the total disk space on shared server is always very big. A standard shared hosting server should like this for most cases "Disk ≧500GB, RAM ≧8GB", the server CPU should be Intel i7 for best performance.

As we know, the shared server is always serving over one hundred hosting accounts with several hundreds of websites. If the overall resource is too little, customer will run into problems quickly.

Above are some basic methods to detect if your hosting server is virtual or physical. Of course, if we search a bit more, there're many other ways provided by professionals. We always discuss if a hosting service good or not. It's actually not that hard, just sign up and check out the server specs. If the basic but the most important server hardware can't meet the basic requirements for hosting server, then nothing will be good.

Tips for novice to choose right hosting service

A. go with the popular brands, don't change to a new hoster because they offer more for less money.

B. Do further research to your interested company, find both positive and negative comments from their clients.

C. Contact pre-sales support and ask few questions to check their profesinoality and responding speed, you can try out both chat/ticket and email support if all available.

Lastly, if you're still not sure how to choose, contact me on this site and I will answer your questions in earlist time 🙂

Unlimited hosting is a popular offer from most hosting companies. While it brings lots of customers to service providers, it's been opposed by many professionals on hosting forums. Why? Because lots of people take the unlimit stuff seriously and post negative reviews after getting warned. If you're interested in unlimited hosting plans and hope to get well with it, let's read below.

Unlimited Hosting Features

If we pick up a hosting website like hostgator then navigate around we'll see most offers are unlimited like number of hosted domain names, database, email accounts and monthly traffic etc. More and more webhosts are offering further services including free website migration, free domain transfer to highlight their outstanding support in customer service. Especially for newly setup brands, the "unlimit" is almost a must standard to get business.

Unlimited Hosting Cons

See, there's so many great offers from unlimited hosting plans and should be the best choice in web hosting in theory, but why there're so many complaints from clients and being opposed by webmasters? Well, it can be learnt in two sides.

From hosting companies, they always just show up their "great offers" but hide the actual limits on website. Even we ask from pre-sales support they won't reply us directly but just trying to persuade us to sign up. Once we run into problems because of the unlimited stuff they will encourage the upgrade service. It's definitely unethical by doing that.

From Client side, there're many novice and don't have further understanding to hosting. If the hosting company gives out an attractive offer, people will follow up easily. We might not need that much but just feel it will be better choice.

Because of above factors, we can easily get into unlimited problems and finally we have to change service. If we can't learn something from the experience we might run into another problem service.

How can we use unlimited hosting correctly?

Just keep in mind nothing is unlimited, everything has a limit. The difference is just the amount we can get. Take the disk space for instance, 10GB would be the max limitation for shared hosting plan with most companies. The unlimited bandwidth is based on the server overall traffic usage. For example the server A is allocated 100GB bandwidth per day and there're 100 websites on same server. If 99 websites just use 1GB traffic, then our traffic limit is 99GB on the server. The vice versa, if the 99 websites used 99GB then only 1GB left to us and if we use more, it can be considered overloading. the overall resource is just shared by all websites.

Before we are ready to use something unlimit, we should evaluate how much we're going to pay with the service. if we pay $1/mon for 100GB space, how's that doable from hosting company? Always keep in mind the hosting company must be profitable first for any kind offer.

Unlimited vs Limited, which is better?

While everything has a limit, unlimited service is more popular on the market. Definitely, if the hosting provider can provide an actual limit on their website, it's more safe to users. In that way people will do carefully and reduce potential complaints. There're very few providers with clear usage limits on website. If we check around we'll find the limit is very strict. 1GB or 3GB is the popular limits, but we can get up to 10GB with unlimited hosting plans. On this point, the unlimited hosting has more advantages.

So basically, we can't say unlimited hosting is bad and limited hosting is 100% perfect. There's no fault with unlimited hosting itself, we just need to understand how much we need correctly and avoid over use the resource. If we need over 10GB disk space and more traffic, up level hosting plans are right choice. Instead of complaining to hosting provider, we might evaluate our actual needs and the basic logic of business.