TetraHost Bangladesh

The Official Company Blog

Author Archives: aDmin

12 Feb

Website Protection Issue

Today while surfing on internet i came to know that a Bangladeshi Hacker group called “Bangladesh Black Hat Hackers” is hacking Indian Websites and they already hacked around 5000+ website in last few days.

You can read more about the hacker group from the following link:
http://www.banglanews24.com/detailsnews.php?nssl=58bf703fc3de07019c04902398cd94c1&nttl=1202201288166

Some Indian Hackers group has already declared a Cyber War against us and they will also try to hack Bangladeshi Websites. On this post i will also wanted to inform our clients that We always try to secure our server in every possible way. Our NOC is closely monitoring all our servers to protect any hacking attempt.

It is also recommended that all our clients have sufficient protection setup on their website as well. We required you to follow the below steps:

1. Update your anti virus software and scan your machine completely.
2. Change your cPanel Password and set a strong one.
3. Take backup of your files on your machine.

NOW, this is a very important part, those who are using WordPress and Joomla, please update your installation to latest version. We have already written two article on how to protect WordPress and Joomla installation from getting hacked and we want all user to read those two article carefully and apply the protection ASAP.

Here is the article link:

WordPress: http://blog.tetrahostbd.com/2012/01/31/wordpress-protection/
Joomla: http://blog.tetrahostbd.com/2012/02/02/joomla-protection/

If you have any query or facing any problem please contact us via email at support@tetrahostbd.com or sales@tetrahostbd.com (Please send email from your registered email address that you have with TetraHost).

Regards,
NOC, TetraHost.

 

02 Feb

Joomla! Protection

Joomla! is a great CMS that is used worldwide. Now-a-days many user prefer to design their site with Joomla. It is designed simply but still has lots of feature in it. Being one of the most popular CMS can attract bad people to do bad things as well. Actually the issue is not related with the Joomla script but with the extra module/plugin that is available on market for Joomla. At the end it is the site owner responsibility to protect his/her site by hardening the security. I will try to give some security tips on this article and by following these steps you will be able to enhance the security of your Joomla site significantly.

Don’t Forget to Update: Never forget to update your Joomla to latest version. Older version are more valnureable then the newer version.

Rename the default htaccess.txt file: Joomla does come with a default htaccess.txt which has some rules in it. The rules in it will block the majority of well-known attacks against your website.In order to rename the file, Login to your cPanel >> Go to File Manager >> find the htaccess.txt file on your home directory and rename it to .htaccess

File Permission of Configuration File: Make sure to have 600 permission which means read and write permission for the user only on your configuration.php file. You should be able to change the permission from cPanel File Manager.

Install Security Plugins: On the following two links you will find some extension which will help you to secure your Joomla site many way, please try them.

http://extensions.joomla.org/extensions/access-a-security/site-security/site-protection
http://extensions.joomla.org/extensions/access-a-security/site-security/login-protection

Change Default Database Table Prefix: 

Most SQL injections that are written to hack a Joomla! website, try to retrieve data from the jos_users table. This way, they can retrieve the username and password from the super administrator of the website. Changing the default prefix into something random, will prevent (most / all) SQL injections. You can use the EasySQL for Joomla, if you without phpMyAdmin component in order to do this. Download the component to your PC and install it by going to your Admin panel. Now follow the below steps:

i. Go to Components >> Easy SQL
ii. Now, pull down the Command Menu and select REPLACE PREFIX.
iii. Here you will see something following: REPLACE PREFIX `jos_` TO `newprefix_`
iv. You now have to remove the word “newprefix” and set to something else per your choice.
v. Once you set the new prefix, click on EXEC SQL and you are done!

Please make sure you are following the steps properly.

Change Admin Username: By default your administrative username is admin. The majority of the attackers would expect the username to be admin. Changing it will protect you against many attacks. Here is how you can change the username:

i. Login to your Joomla Admin Panel
ii. Go to User Manager from the Home Page
iii. Now, select the Admin User and Click on EDIT
iv. Here you should see the Username field and it will show you the current username, change it to something else and Click on SAVE

From now, you will have to use the new Admin Username to login.

Password Protect Administrator Directory: You can protect your Joomla Administrator folder with Directory Protection feature of cPanel which will add extra layer of security. You can enable the protection by going cPanel >> Password Protect Directories.

Limit Admin Access: As Joomla administrator folder is one of the most important folder, so we suggest to limit the admin access with IP. Only the allowed IPs will be able to access the admin folder. Here is how to do this:

i. Create a .htaccess file under the Joomla administrator folder
ii. Put the following code in it

order deny,allow
allow from 0.0.0.0
deny from all

Please change the allow IP with your IP. You can find your IP by accessing the following site: http://www.whatismyip.com

Backup Regularly: TetraHost do take weekly backup of your content but it is always better to take regular backup of your working database and Joomla contents. Unfortunately if it got hacked then, you can easily restore your site from the latest backup you’ll have for it.

Uninstall Unused Extension: It is recommended that you uninstall any unused extensions complete from the account. It will reduce the chance for getting attacked.

That’s it! You are protected now. If anyone have any more tips please share with us by commenting on this article.

31 Jan

WordPress Protection

WordPress is one of the most popular CMS script available now. It has great feature, can be installed and handled easily. We have seen many of our customer using WordPress for their site. Once your site is getting popular, intruders will always try to break your protection. So it is very important that you have sufficient security protection enabled for your WordPress site. On this post, i will try to give some tips which will help you to protect your WordPress blog from getting attacked or hacked.

Always Update: WordPress does release new update frequently and one should update his/her script as soon as the update is available.

Change Permission: Make sure to have 600 permission which means read and write permission for the user only on your wp-config.php file. You should be able to change the permission from cPanel File Manager.

Install Security Plugins: These are some very important security plugins which must be installed on a WordPress site.

1. Better WP Security: http://wordpress.org/extend/plugins/better-wp-security/

2. WordPress Firewall Plugin: http://wordpress.org/extend/plugins/wordpress-firewall/

3. WordPress Antivirus Plugin: http://wordpress.org/extend/plugins/antivirus/

4. Secure WordPress Plugin: http://wordpress.org/extend/plugins/secure-wordpress/

5. Wp-Malwatch Plugin: http://wordpress.org/extend/plugins/wp-malwatch/

Protect the Admin Folder: You can protect your WordPress Admin folder with Directory Protection which will add extra layer of security. You can enable the protection by going cPanel >> Password Protect Directories.

Limit Admin Access: As WordPress admin folder is one of the most important folder, so we suggest to limit the admin access with IP. Only the allowed IPs will be able to access the admin folder.

Here is how to do this:

i. Create a .htaccess file under the WordPress admin folder
ii. Put the following code in it

order deny,allow
allow from 0.0.0.0
deny from all

Please change the allow IP with your IP. You can find your IP by accessing the following site: http://www.whatismyip.com

Backup Regularly: TetraHost do take weekly backup of your content but it is always better to take regular backup of your working database and wordpress contents. Unfortunately if it got hacked then, you can easily restore your site from the latest backup you’ll have for it.

Remove WordPress Version: Hackers are smart enough to crack the wordpress blog even if they came to know the wordpress version. so its always safe to remove your wordpress version. Here you go for it:

Go to Appearance > Editor and choose the Header.php file and delete below code from the source code to hide your WordPress version:

<meta name=”generator” content=”WordPress <?php bloginfo(‘version’); ?>” />

That’s it. Follow the above steps and you are secure in all way with a WordPress site!

20 Jan

New Server Configuration

As promised before im here to let you know about our new server configuration.

Here it is:
======================
Processor: Intel Xeon-SandyBridge E3-1270-Quadcore [3.4GHz] | More Info
Motherboard: X9SCI-LN4F Intel Xeon SingleProc SATA
RAM: 8GB – Hynix DDR3 2x4GB DDR3 x8
Hard Drive: 1 TB HDD – 2 x 500 GB Western Digital WD Caviar RE4
Uplink Port: 100 MBPS Dedicated Port
OS: CentOS 6.0-64 Bit
Control Panel: Latest cPanel/WHM

Server Main IP: 50.97.95.98
Datacenter Physical Location: Texas, Dallas
Datacenter Name: Dallas 5, Server Room 02
Datacenter: Softlayer, USA.
======================

Here is some picture of our Datacenter from Softlayer’s Flickr Album:

DC Build Week 1
DC Build Week 2 & 3
DC Build Week 5 & 6
DC Build Week 7
Softlayer’s new HQ and DC Completed
Dallas 05

Enjoy the lightning fast service with our new server!

18 Jan

Server Upgrade

As you know already, our main server which is “hera.ihostman.com” will be moved to a better hardware. We have already ordered the new server from our Datacenter which is Softlayer, USA. The new server physical location is Texas, Dallas. We have chosen Dallas location because the connectivity from Bangladesh is fast then any other location. We will inform you about the new Server Configuration very soon via our blog post.

We are expecting to start the transfer process from 20th January, 2012 at mid-night 12.00 AM(GMT +6). Please note, We do not expect any downtime during the transfer process. We will take every steps to keep all our client account up and running smoothly/properly.

To make the process faster, we may take down the following two service for 24-48 hour:

1. cPanel
2. FTP Server

So, while both the service set to down, user will not be able to access cPanel or upload any file to server using FTP. It is also recommended not to update any site while we ran the transfer process to avoid any file missing issue. Please note again, HTTP service or Web Access will stay up during this process.

We are expecting to complete the transfer process in 24hours time. As soon as the transfer process is completed, we will update the DNS Server.

*** Update regarding the transfer process will be informed via our blog post.

We hope to have your full co-operation during the transfer process.

 

Regards,
NOC, TetraHost

01 Jan

Happy New Year 2012

Another year passed! I hope it was a wonderful year for you and the coming 2012 year will be even better. We did had a great time serving our client last year and it feels awesome to see the happy hosting client 🙂 On new year we will come with new plans and even better service, that is a promise!

I wanted to share the following google video with you all:

Thanks again for using TetraHost.
Happy New Year 2012

Ashraful Insan (Rony)
TetraHost Bangladesh

 

31 Dec

New Service Plan

We are very pleased to announce that, effective from January 1, 2012, we will be offering all new plans. Its time to have more space on less price. All the offers are valid for both new and old client. Our existing client will be able to enjoy their current plans as long as they want. If anyone want to switch their account to a newer plan, please throw us with a sales ticket at sales@tetrahostbd.com

### New offers at a Glance:

Web Hosting:

Package Name: Planet – 1
Quota: 1000 MB
Bandwidth: 20000 MB
Price: 1200

Package Name: Planet – 2
Quota: 2000 MB
Bandwidth: 40000 MB
Price: 1800

Package Name: Planet – 3
Quota: 3000 MB
Bandwidth: 60000 MB
Price: 2400

Package Name: Planet – 4
Quota: 5000 MB
Bandwidth: 100000 MB
Price: 3000

Details information available at: http://www.tetrahostbd.com/hosting.html

Reseller Hosting:

Package Name: Earth – 1
Quota: 15000 MB
Bandwidth: 300000 MB
Price: 7000

Package Name: Earth – 2
Quota: 20000 MB
Bandwidth: 400000 MB
Price: 9000

Package Name: Earth – 3
Quota: 30000 MB
Bandwidth: 600000 MB
Price: 12000

Package Name: Earth – 4
Quota: 50000 MB
Bandwidth: 1000000 MB
Price: 16000

Details information available at: http://www.tetrahostbd.com/reseller.html

Radio Hosting:

Package Name: Radio – 128
User Limit: 128
Bitrate Limit: 32
Quota: 1000 MB
Bandwidth: 20000 MB
Price: 7000

Package Name: Radio – 256
User Limit: 256
Bitrate Limit: 32
Quota: 2000 MB
Bandwidth: 40000 MB
Price: 10000

Package Name: Radio – 512
User Limit: 512
Bitrate Limit: 32
Quota: 3000 MB
Bandwidth: 60000 MB
Price: 15000

Package Name: Radio – 999
User Limit: 999
Bitrate Limit: 32
Quota: 5000 MB
Bandwidth: 100000 MB
Price: 25000

Details information available at: http://www.tetrahostbd.com/radio.html

 

Best Regards,

Sales Desk, TetraHost.

 

26 Dec

Price increase for .COM & .NET domains!

Few days ago, we were notified by our mother domain registrar that, VeriSign, Inc. will be increasing the cost to register .com and .net TLD’s effective from January 15, 2012. Here is part of the announcement:

DULLES, VA — (MARKET WIRE) — 07/14/11 — VeriSign, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure services for the networked world, today announced, effective Jan. 15, 2012, an increase in registry domain name fees for .com and .net, per its agreements with the Internet Corporation for Assigned Names and Numbers (ICANN).

This will be the third price increase, by Verisign, in the last few years. Adding to this, recently the USD Dollar Rate has increased significantly as well. A few month ago it was 70tk per USD but currently it is something around 80tk per USD.

Up until now, we have absorbed the cost of these price increases, however, we can no longer continue to absorb these price increases. We were trying to manage it within ourselves but with both Verisign Price increase and USD Dollar Rate increase we are forced to increase our Domain Registration cost for .COM and .NET

We would also like to mention that we are not going to increase the price heavily at all. Our price will remain same on USD rate which is 10$ but in BDT the price would be 800tk(previously it was 700tk). Effective from January 14, 2012, all existing domain registrations maintained by TetraHostbd.com will increase to the new rate of BDT 800tk/year per domain for .COM and .NET. The new price will be applicable for both, single and multiple(Domain Reseller) domain registration.

Thank you for your understanding. If you have any questions about this notice, please do not hesitate to reply this blog post.

Regards,

Ashraful Insan (Rony)
Sr. Systems Administrator
TetraHost Bangladesh

30 Sep

Server Maintenance – cPanel/Apache and Kernel Update

We will be updating cPanel/Apache and Kernel of all the servers to latest version. User should not face any issue while update processes is in progress but high load is expected and sites can be slow in the meantime.

We will need to reboot the server once the update progress is complete. We are expecting 2min of downtime for each server. User will not be able to connect to their site on that time.

Here is the server schedule reboot time:

### moon.ihostman.com – 11:00am (GMT +6)
### shout.ihostman.com – 11:15am (GMT +6)
### mars.ihostman.com – 11:30am (GMT +6)
### hera.ihostman.com – 11:45am (GMT +6)

We will update this thread once the Maintenance is Complete.

==========================
Update # 1
moon.ihostman.com – Completed Successfully and Server is working fine. Any issue found at user end, please contact our support desk.
==========================

==========================
Update # 2
shout.ihostman.com – Completed Successfully and Server is working fine. Any issue found at user end, please contact our support desk.
==========================

==========================
Update # 3
mars.ihostman.com – Completed Successfully and Server is working fine. Any issue found at user end, please contact our support desk.
==========================

==========================
Update # 4
hera.ihostman.com – Completed Successfully and Server is working fine. Any issue found at user end, please contact our support desk.
==========================

Maintenance completed.

Regards,
TetraHost System

07 Jul

Atmail is now available at TetraHost!

AtMail, the most advance open source webmail client is available now at TetraHost. All Email user will now be able to use AtMail by login to their webmail. AtMail is an open source webmail client for IMAP mail servers. It utilizes Ajax to deliver an intuitive, simple user interface. The interface is very attractive with more powerful features which will give users more reason to use Webmail client!

AtMail at Webmail View:

Inside view of AtMail: