Firewalls 9 Tips So You Don’t Get Booted from Your Site

Firewall Frustration

Firewalls provide excellent protection and generate great consternation. Face it. We’d love a world with unfettered access to all the things we want. At the same time, just the thought of strangers running their fingers over our private possessions and information raises the hair on the back of our necks. So the best security solutions hide themselves from legitimate users. That’s the rationale behind fingerprint and face recognition logins. Similar unique identifications exist for the online world. That’s why it frustrates us so much when our face or finger fails to grant us the access we expect.

In our role as hosts Barbara and I see that frustration associated with firewall problems more than any other system. A typical scenario involves a client email or phone call desperately asking why a website fails to load. Of course, like the car that behaves well when taken to the mechanic, we don’t see a problem. Firewalls strike again!

Firewalls and the Cloak of Invisibility

Making something invisible protects it from unwanted attention. Camouflage works that way in nature and humans use it in all kinds of applications, from military to hiding cell phone towers that look like trees. So, our firewall hides your website from hackers. Of course, when your website disappears in front of you, you may think the server went down or something much less charitable.

With multiple servers and even more websites, we see this kind of thing all the time. Sometimes an entire server just disappears and we need to politely explain to the server that it needs to talk to us. Really, some days it feels like the servers act like a bunch of ill behaved children.

Things to Know

Knowledge proves the best defense against firewalls and their foibles. Here’s a list:

  • A good firewall trusts no one. It’s not you but everyone poses a potential threat and everyone includes, well, everyone.
  • The server knows you by your IP (Internet Protocol) address. Unless you pay for a static IP, your internet provider will change your IP for a long list of reasons, including their own schedule to change IP addresses. Most customer lockouts happen because of a changed IP address.
  • You can get your current public IP address from IPChicken, Google, or What’sMyIP. We also added your IP information at the bottom of all the pages on LyonsHost.com.
  • If you know that your IP address doesn’t match your white listed (allowed) address, get new and temporary addresses white listed before you work extensively on your website. This applies for travel or even moving between home and office.
  • When in doubt, check your website from another network. Disconnect your smartphone or tablet from your local network and connect to a separate network, like cellular or a neighboring WiFi network that you can access. Connecting with another provider make an especially effective test because that can uncover other possible issues.
  • How you behave matters. The average website user will never raise the attention of the firewall. On a server each function gains access on a specified port. Port 80 carries regular http (web page) traffic. Email goes in and out on another handful of ports (that’s another topic). The same is true for FTP, SSH, telnet, etc…. If you connect to a user account on two or more ports, you better belong there. Port knocking (as in, “knock knock, are your home.”) gets immediately blocked.
  • So many passwords, how do you remember yours? We use 1Password from Agilebits but you can choose from many similar products. The server looks for brute force and dictionary attacks. One or two mistakes can be forgiven but you don’t want someone standing at your door picking the locks. That means the account will be locked to all access from your IP for too many failed logins. Know your password or call us for a secure password reset.
  • Cross site scripting attacks connect unaffiliated websites to each other for attacks on other servers or to hijack traffic. Ultimately the nefarious goal involves some kind of criminal mischief. Normally a hosting customer avoids tripping this security measure, but an innocent action can look threatening to a nervous firewall. More likely, that cool plug-in you found at “Bob’s Free Plug-Ins” or “Truckloads of Great Free Themes” had something hidden in the code. Always vet anything you add to your website for validity. Most legitimate themes, plug-ins and templates come from providers who are well known to the community supporting the content management system you use.
  • Don’t spam people. I say this frequently. If your email address gets too many bounced messages (indicating bad addresses) too close together, you will be locked out of email. Everyone “fat fingers” an email address. That’s not the issue. If you send hundreds of messages and you can count on a lot of them bouncing back, clean your list.

Firewalls are not Your Enemy

With all the threats to your hosted services, firewalls really protect your interests. Knowing a little about these threats helps you avoid looking like a threat to your own website. That means that your website and email won’t mysteriously stop working when you have that 2:00 am inspiration. Also, if your website suddenly disappears, check to see if it loads on another network. If you do encounter a firewall problem, report it with your current IP and we can usually clear you within minutes.

Change for the New Year

Change Ahead

Change happens. As Nobel laureate, Bob Dylan famously sang his lyric, “The times, they are a changin’.” The entire field of technology consists of little more than constant change. Therefore, it should come as no surprise that LyonsHost is making changes as well.

Perpetual development marks the biggest change to our business. We still believe in teaching our clients to get the most of online tools. After building many sites for our association and small business clients, we realize that “teaching a man to fish” fits many client’s goals but sometimes a client happily pays for the fish on his plate without catching it himself. We recently started experimenting with perpetual development plans with great results.

What is perpetual development?

Legacy (outdated) software represents both security challenges and potential friction for us. Because older generations of software made upgrades very time consuming and sometimes outright tricky, some clients put off the inevitable. Delays make updates harder and more expensive for websites. So we found a solution and called it perpetual development, and it solves many legacy software problems. We provide clients like you with custom pricing to cover most normal ongoing changes for your project. That way, if you need a software update, we take care of it. Did your favorite website plugin stop providing updates? We can find a new one for you and set it up. Want to change a website theme? We do that too.

Sounds expensive? We spread the development costs over the year with a smaller deposit. That makes a very affordable solution for small organizations. Consequently, you get a lower development price without a deposit in the following years. That makes it easier to plan your budgets. We even include training and support costs in your plan. We can review your actual resource usage and make adjustments each year.

Ready to learn more? Contact us now and let’s get started. Contact Us

 

Content Management Makes it Happen

About Content Management

I recently fielded a question which asked how WordPress and other content management systems (CMS) work. That opportunity reminded me that the simple questions need answers as much as the more complex issues I often address. In case you were wondering, here are the basics.

Building Blocks

WordPress, Joomla, Drupal and other LAMP (Linux apache MySQL and PHP) content management systems (CMS) build pages with PHP, which is PHP Hypertext Preprocessor. (My apologies for the acronyms.)

Your web browser understands hypertext and a couple related scripting languages like Javascript and CSS (cascading style sheets). Mostly, your web browser gathers addresses from the servers you visit and displays the text and images in the hypertext. HTML, the basic building block of web pages stands for hypertext markup language.

PHP allows web developers to create hypertext and to “preprocess” instructions that translate into more hypertext. For a simple example, if you create a page that asks a reader to enter two numbers or some text, the server can calculate or add your newly input text to that page. PHP also performs relatively powerful and flexible functions as a scripting language. For some rather technical reasons, it doesn’t really qualify as a programming language which raises another topic for another time.

A WordPress website contains a lot more than some text and a few numbers, so it needs a way to keep all that information organized. Most CMS developers choose to keep that information in a database. It works like a huge file cabinet. You get a spot to keep user information. Another place in the database keeps the posts that you write. There’s even a place in the database to keep track of pictures and colors you choose for text or backgrounds.

What about the LA part of LAMP? Linux, like Windows or Mac OS is the operating system that runs the web server. apache (lower case “a”) is the web server software.

Assemble the Pieces

So, WordPress is a collection of PHP scripts which make web pages. MySQL stores those pages and other functional information.  In reality, many WordPress websites are built around two page designs (a page and a post). The database stores the content of each page or post with specific instructions about image placement, which images to include and text formatting. That way, you get a very neat and tidy website with many pages that keep a consistent visual appearance.

Joomla! and Drupal function in much the same way as WordPress. As a rule, content management systems perform the same tasks. They differ only in how the user interface, the way you and I interact with the site, with links and buttons, are organized. I find that WordPress makes the easiest CMS for small offices and organizations that don’t require complex access rules.

I like Joomla for websites with special rules for different levels of access to read or create content. For example, if you need separate areas of your website for the general public, paid members and board members, and maybe separate committee areas where users are prohibited from posting in other areas, Joomla controls that kind of access with ease.

Drupal powers some very powerful websites and allows developers great flexibility. As Spiderman is often reminded, great power comes with great responsibility. I find Drupal websites tend to become centered around the needs of the developer instead of the end user, more often than Joomla or WordPress sites.

Keep Learning

If you want to read more, you can choose from many books and websites about WordPress, Joomla and PHP/MySQL. I’d encourage you to look through one to satisfy your curiosity. You can also download a copy of WordPress open the scripts with a basic text editor. You may find the code pretty easy to read, with a nearby reference. If you want to try it out for yourself, click the link below and order hosting. We will always answer your questions. Who know? You may create something wonderful.

Get hosting

 

Fair Use Doesn’t Mean Grab What You Want

Fair use seems obscure, but the idea constantly comes up in conversation around me. I  frequently contribute advice and observations to Quora.com, a question and answer website. At any given time, Quora ranks me as a “Most Viewed Writer” on a number of topics. Because of our work at LyonsHost, copyrights and usage draw passionate responses from me. It’s important stuff to know before taking content from other sources and a concern of ours as hosts of many websites.

The two most important rules to follow about reusing internet content are:

  • When presented with uncertainty about use, don’t.
  • If you need clarity on usage, speak to a copyright attorney.

I’ve collected three of my recent answers below about Fair Use. I think the answers stand on their own, but if you want context, you follow the links to the original questions.

Fair Use Rant

No. No. No! This has nothing at all to do with the kind of image. The term is “fair use.” It’s all about the use of the images or other copyrighted work which matters.

I came across this rather clever demonstration/explanation of fair use several years ago. It is well worth your time to watch and understand the point. It’s worth noting that this example uses Disney animation without permission from several closely guarded films to make an excellent point while thumbing its metaphorical nose at the biggest and by reputation, nastiest guard dogs in copyright. Enjoy.

Which Images?

Fair use refers only to how an image is used, not to any other quality of the image. In other words, a copyrighted image can be used fairly without royalty if the use of that image falls into one of the categories considered “fair use” under United States copyright law. Many (maybe most) other nations do not recognize fair use.

The use of Adsense or any other advertising is a red herring (a diversion from the central topic).

You need to determine if an image is protected. You need to understand if your use is considered “fair use” in the nation in which you are based. Finally you must determine if you are not paying for a license, if you have the financial means and stamina to defend yourself against claims of infringement and if any of the headaches are worth it. Just because your use is fair, doesn’t mean that some over eager licensing entity won’t try suing you.

In summary, the image cannot be fair use. How and where you use an image will determine if the use is fair. Just because you are right, doesn’t mean that someone won’t try to take you to court.

What About Samples?

No, samples for mixes are not considered fair use and there are numerous judgments on record which have received mainstream press to support that statement.

Unless you are:

  1. Teaching
  2. Reporting about
  3. Satirizing

a given work of art (visual , written, or performance) can not be used without permission. There is no maximum amount that you may borrow for free.

Get permission and you can do whatever your license allows. It doesn’t get any simpler than that.

 

Game Day Specials

Game day arrives with great fanfare. This season starts with a win away from home and a hurricane. How do you beat that? I think some great LyonsHost email and hosting discounts will go the distance. We look forward to a great game and a great season. Take advantage of these discounts and save more than enough for something special after the game.

Game Day discount on Business Class Email

For a limited time, new clients who order business class email qualify for a free email user when you pay for two user accounts. All levels of users get big inboxes, webmail and full mobile compatibility powered Open-Xchange. Open-Xchange mail comes with all the power features you really want and real people who answer your support calls. If you didn’t think email could be exciting again, you haven’t seen our features. Click the button to order.

Order Email Now

Website Hosting

Website newbies and veterans alike can choose from two great options for web hosting. Get started with WordPress and one free email account for only $50 with the code wpgd16. WordPress makes web publishing easy. Change your layout, add custom features and forms, share photos or videos and even add a map to your business or next event. It’s a professional tool with an easy learning curve. Best of all, you can always call LyonsHost for support and advice for making your website great.

If you want more flexibility for building your website or if you want to choose from over 100 free web applications like content management (CMS), customer relationship management (CRM) and and the ability to send backups straight to personal cloud storage for safety, you can order any of our larger web hosting plans or a Virtual Private Server (VPS) and get 25% off your order for new websites with code whgd16.

Call us if you have questions but order soon. These discounts won’t extend past Bowl Season. Enjoy this game day and take advantage of these great offers today.

Order Cub Hosting Order Pride Hosting Order VPS Hosting

 

WordPress and WHMCS integration by i-Plugins