Archive for Service Notifications

UPDATE: Host-99 Service Maintenance Scheduled

We have completed the scheduled maintenance for Server 23.

Unfortunately, Server 25 is still undergoing maintenance and transfers due to PCI Compliance requirements. Some of those accounts have already been transferred to their new destination. The remaining accounts under Server 25 will be under scheduled maintenance from April 25th, 2016 at through April 30th, 2016 to prevent as less downtime as possible & the transfer process will be slower to move the accounts to the upgraded network.

Server 23 has been completed and no further actions is required from those accounts. Server 23 customers should update their cPanel destination please log into your Host 99 account and navigate to “My Services Details” area and obtain the information there.

We greatly appreciate your patience, understanding during this transition.

Servers that will be affected as of today:
Server 25

Host-99 Service Maintenance Scheduled

Please be advised that we will be performing a scheduled network maintenance during the following date and time:

Starting Wed., April 20th, 2016 at 6 a.m. EST through Monday, April 25th, 2016 6 a.m. EST

Servers that will be effected:
Server 23
Server 25

This maintenance is necessary to perform upgrades on our servers to meet latest stable versions of the following components on our shared hosting platforms.

Server Hardware
cPanel Versions (Security)
Kernel Upgrade
Centos Upgrade From 6 to 7 on some machines from Centos 5 to 7
Network Switches (Gateways)

PCI Compliance Upgrades:
Regarding Host-99 PCI Compliance hosted customers we will be updating the following components on some of our PCI Compliance platforms.

PCI 2.0 to PCI 3.0
PCI Data Security Standard (DSS)
PIN Transaction (PTS) Security Requirements
Application Firewall and Hardening
Security Information and Event Management (SIEM)
Two-factor authentication
Encryption: FIPS-140-2
Internet Load Balancing
Dedicated Spotlight Server
Patching of the required infrastructure and operating system components

During this maintenance we will be moving switches onto a higher capacity switch fabric to enable faster connections to the Host-99 network from all points of the globe.

Action required: No action is required by our customers at this time. Your services will remain online during the upgrade unless otherwise noted. No data or inbound messages will be lost during this time, they will be stored on our mail relay servers until they can be delivered to your mailbox. If any changes are required our server technicians will send out a bulletin stating the requirements and full instructions to follow.

This maintenance will be SERVICE IMPACTING do to propagation of our new DNS servers (MINIMAL IMPACT). During this maintenance window you may experience two separate instances of latency and/or packet loss lasting up to 10 minutes each once we have made the changes.

You can check back from time to time on our Facebook page, Twitter and our blog for any posted updates or announcements. Please we ask all customers not to submit support tickets unless absolutely necessary if you are hosted on these two servers. We are aware of the effects of this maintenance process an each and every account will be restored back to normal operations when completed.

We appreciate your business and we appreciate your patience during this transition.

Great news for our customers: CodeGuard is here

CGlogo_transparent_300px

We are pleased to announce that we’ve added
CodeGuard’s website backup service to your account.

codeguard_cpanel_screenshot

 

 

 

 

 

 

 

 

 

 

“We highly recommend that you use these Free Website Backup Services.”

Trust the leading website backup service in the world!

Automated Daily Backups that never let you down.
CodeGuard offers the most reliable backup on the market – 99.999999999% reliable. We achieve this by replicating your data in secure locations across the world – again and again and again.

Receive ChangeAlerts when content on your site changes.
When CodeGuard takes the daily backup, it compares what is on your website with the last version of your website stored CodeGuard’s system. If any changes are found, CodeGuard emails you with the details!

Use Time Machine to view older versions of your website!
CodeGuard takes a picture of what your website looks like each time it takes a backup. Then, when you need to sort through older versions of your site, it’s much easier when you can look at them!

Get UNDO Power for when anything goes wrong
CodeGuard helps should anything go wrong – deleted files are now recoverable, overwritten files are now obtainable, and if your site is hacked, the malware is easily removable. All of this with nothing to install.

Easily Scan for Malware and Google Blacklisting
You can rest safe knowing that CodeGuard is also looking out for malware. We interact with Google on a regular basis to make sure your site is neither blacklisted nor infected.

Source Code and Database Differential Storage
CodeGuard seamlessly backs up your source and databases. And it does it in an elegant way that saves you space and makes it easy to see changes between each backup/version.

Go to your control panel to get started!

Important: WordPress 4.2.2 Security and Maintenance Release

WordPress 4.2.2 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

Version 4.2.2 addresses two security issues:

  • The Genericons icon font package, which is used in a number of popular themes and plugins, contained an HTML file vulnerable to a cross-site scripting attack. All affected themes and plugins hosted on WordPress.org (including the Twenty Fifteen default theme) have been updated today by the WordPress security team to address this issue by removing this nonessential file. To help protect other Genericons usage, WordPress 4.2.2 proactively scans the wp-content directory for this HTML file and removes it. Reported by Robert Abela of Netsparker.
  • WordPress versions 4.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. WordPress 4.2.2 includes a comprehensive fix for this issue. Reported separately by Rice Adu and Tong Shi.

The release also includes hardening for a potential cross-site scripting vulnerability when using the visual editor. This issue was reported by Mahadev Subedi.

Thanks to those who have practiced responsible disclosure of security issues. WordPress 4.2.2 also contains fixes for 13 bugs from 4.2. For more information, see the release notes or consult the list of changes. Download WordPress 4.2.2 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.2.2.

SNI (Server Name Indicator)

We are proud to announce Host 99 will be fully supporting Server Name Indication.

What is SNI support?

SNI (Server Name Indication) support allows you to host multiple SSL certificates for different domains on the same IP add ress. At the start of the “handshake” process, SNI indicates the hostname to which the client connects. Users who are on shared servers that support SNI can install their own certificates without a dedicated IP address.

In order to experience the full benefit of SNI, all operational servers must run an operating system that supports this functionality, such as CentOS 6.

server-name-indication-sni

 

 

 

 

 

 

(SNI) is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other Service over TLS) to be served off the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS.

Name-based virtual hosting allows multiple DNS hostnames to be hosted by a single server (usually a web server) on the same IP address. To achieve this the server uses a hostname presented by the client as part of the protocol (for HTTP the name is presented in the host header). However when using HTTPS the TLS handshake happens before the server sees any HTTP headers. Therefore it is not possible for the server to use the information in the HTTP host header to decide which certificate to present and as such only names covered by the same certificate can be served from the same IP address.

In practice, this means that an HTTPS server can only serve one domain (or small group of domains) per IP address for secured browsing. Assigning a separate IP address for each site increases the cost of hosting, since requests for IP addresses must be justified to the regional internet registry and IPv4 addresses are now in short supply. The result is that many websites are effectively prevented from using secure communications over IPv4. IPv6 naturally deals in blocks of IP addresses at a time so is unaffected by this issue.

How SNI fixes the problem

SNI addresses this issue by having the client send the name of the virtual domain as part of the TLS negotiation. This enables the server to select the correct virtual domain early and present the browser with the certificate containing the correct name. Therefore with clients and servers that implement SNI, a server with a single IP address can serve a group of domain names for which it is impractical to get a common certificate.

SNI was added to the IETF’s Internet RFCs in June 2003 through RFC 3546, Transport Layer Security (TLS) Extensions. The latest version of the standard is RFC 6066.

(SNI) will only be available to Non PCI Compliant Regulated Accounts at this time. More details regarding SNI will be posted periodically on our blog and social media.

Email Client Configuration – Email Over SSL (Now Required)

We have now implemented a strong suite for email over SSL. The change is simple and it allows you to protect your emails with stronger encryption. All email accounts must be set to allow SSL. We highly recommend using POP over IMAP for these configurations

When setting up your email client to send and receive email over SSL the following ports will need to be used:

“My Server Requires Authentication” must be checked and active (Thunderbird does not require this setting)

Incoming Port List:

  • POP: 995
  • IMAP: 143
  • Security IMAP Type SSL: STARTTLS

Outgoing Port List:

  • POP: 25 or 26
  • IMAP: 26 or 993
  • Security IMAP Type SSL: STARTTLS

Make the changes for Microsoft Outlook to resemble the configurations in the image below.

change_settings
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

In Thunderbird:

Make sure your settings look like the image below. Be sure to accept any SSL certificates if asked. The SSL certificate will not be a domain dedicated SSL. It will be for the server your account is hosted on for best practices for virus spam protection.

thunder_bird_configuration

 

 

 

 

 

 

 

 

 

 

 

 

 

 

All other email clients are to be set to the settings above or similar. If you are not able to get the SSL to work on your particular client please contact your local I.T. for support. Host 99 only offers support for it’s configurations not the email client itself.

Server 23 Security Notice (PHP 5.4 Server Update)

In order to better serve our customers, Host 99 is making an important upgrade in your server's default configuration. The default version of PHP employed by our servers will be updated to PHP 5.4. This change will ensure a more secure and stable hosting environment going forward.

To help make this transition as smooth as possible, we are giving all customers some time to upgrade all PHP applications to insure compatibility.

This upgrade will take place on August 3, 2014 at 12 am EST standard time.

1. Why are you making this change?

The default version of PHP that our servers are currently utilizing; PHP 5.2 ; has been deprecated for some time. As such, we would like to see your sites enjoying the security and performance benefits of the newer versions of PHP which we already have available on the server.

2. How can I make sure my sites will work?

You will need to perform tests and research or contact the script developers or companies on which scripts you use to insure all applications are compatible.

3. Will my site experience any down time?

The update between PHP versions is simply a one step process. Downtime is estimated to one hour for the server itself. Applications that are not compatible with PHP 5.4 will fail to load properly once the change is performed. Again, while we will make every effort to offer better security, it is you as the customer to have all software updated to meet PHP 5.4 requirements please take immediate action to insure your website is fully functional with PHP 5.4

4. Who can help me update my site/script to use a newer version of PHP?

While we can assist you with changing the version of PHP your script utilizes, we will not be able to recode your site to be compatible with newer versions of PHP. You should contact the script's author/developer to inquire as to whether or not they currently have or plan to re-design their code to utilize later versions of PHP.

Server23 (Maintenance) Completed

Server 23 maintenance has now been completed. All email and spam controls have been updated and restored to fully functional status. We do appreciate your patience during this period.

Server (Maintenance) Scheduled

maintenance

Server 23 is scheduled for maintenance on July 9, 2014 @ 12 am EST. This is an unexpected maintenance scheduled for issues found with the servers Spam and Email systems network connections.  Due to this non disclosed issue it is required for repair and email interruptions may occur. We will update periodically regarding the repairs and updates. No other servers are effected at this time. We do apologize for any inconvenience this may cause.

Zen Cart v1.5.3 Released!

PCI Compliance
v1.5.0 is PA-DSS certified.
v1.5.1 was an optional update, not submitted for formal re-certification.
v1.5.2 was released as a beta only, and not submitted for formal re-certification.
v1.5.3 began re-certification but encountered delays, and is being released before certification is finalized. It includes stronger password handling with blowfish encryption, and many other improvements for security and performance and compatibility.

A final PCI-Certified version will be released (with a new version number) in hopefully only a couple months. This release is going out now so the community can benefit from the many improvements, including PHP 5.4 and PHP 5.5 compatibility, to keep up with current server upgrades happening with many hosting companies.

More Information Can Be Found on the Zen Cart website.

Maintenance Update!! (#3)

Server 26 old disk was successfully mounted and we have started to prepare data transfer to the new HD. Currently we are copying all the files to the new disk and the entire restoration will be completed within a few hours. (Accurately transfer without loss of data) We will update again once the entire process is completed.


 

==============PREVIOUS ANNOUNCEMENT (#2) ===================

Server 26 will require several hardware replacements to be fully restored. Our team is moving through these quickly. Our support and social media teams are working with customers to address any residual effects of the server reboots as well. It’s time like these that we realize most that it’s our customers who make Host 99 great–and when we appreciate you the most.

All accounts will be moved to a new server with much more resource and updated hardware. This action will require time. We do understand time is money and emails equals business. We are working around the clock with a full team to get server 26 restored and stable enough to transfer all accounts to the new server.

We know you’ve heard it before (and you’ll hear it again), but thank you for your support and patience.

 

==============PREVIOUS ANNOUNCEMENT ===================

It has been confirmed that Server 26 is experiencing high disk I/O wait. The server is actually up and functional. Due to ” high disk I/O wait” the server may seem unresponsive at times. May show an error such as “The site could be temporarily unavailable or too busy. Try again in a few moments. If you are unable to load any pages, check your computer’s network connection. If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.”

At this time we are preparing for HD replacement to restore access to all accounts. The rough graph below shows the ” high disk I/O wait” process and what is all involved. Again, we do apologize for the inconvenience and as expected the scheduled maintenance was required.

Server (Maintenance) Reminder

This announcement is a reminder. That Server 26 is currently being updated with known security vulnerabilities and hardware replacement due to previous failures a few weeks ago announced on 05/15/2014.  We do understand the inconvenience of the server being non functional but it is inevitable for the server to be fully operational without interruptions when hardware and updates are required.

We are currently finishing up the servers repairs and updates and will be fully functional in a short while. If you have any questions please do not hesitate to contact support for assistance. We do appreciate your business and your patience during this time.

 

cPanel Login Failure (License Error) RESOLVED

We are currently experiencing a bug in our license file verification system.

Servers effected are as follows:

1. Server 22
2. Server 23
3. Server 24
4. Server 25
5. Server 26
6. Server 31
7. Server 63

Zones Effected:
1. Zone 3
2. Zone 7

These are being addressed by cPanel and will be fixed as soon as possible. The cPanel license error does not effect website up time. Only section effected is the cPanel platform. We do apologize for the inconvenience.

Server Maintenance Scheduled (All Servers)

The OpenSSL team announced seven vulnerabilities covering OpenSSL 0.9.8, 1.0.0, 1.0.1 and 1.0.2 (i.e. all versions) earlier today.

The most serious of these is a potential man-in-the-middle attack CVE-2014-0224 which is being referred to as CCS Injection. Both Google’s Adam Langley and the original reporter of the problem have write ups that give more technical detail.

Host 99 technicians will be applying the required patch to all Host 99 servers to insure all servers, websites, accounts that use SSL are protected against CVE-2014-0224 and all the other vulnerabilities announced today. Everyone who uses OpenSSL in their software or on their server should upgrade as soon as possible; the OpenSSL team has released new versions today and Host 99 is implementing these patches immediately.

During this time all websites, accounts should not experience any downtime. In any case if performance shows sign of being slow or lagging. This is the reason for that. We do understand the importance of performance and we will work as fast as possible to insure all servers are protected and downtime is minimum if any.

We do appreciate your patience during this time.

Server Reboot (Maintenance) Required

Due to possible severe found issues with Server 26, we are forced to reboot Server 26 to find any possible issues that may be related to hardware or networking with the server. Due to high loads and connectivity issues we are forced to reboot and run “Maintenance” to insure the server is fully operational. The server has not been rebooted for more then 300 days which is usually beyond our allotment. We insure you the server will be functional as soon as humanly possible.

We will be performing several software updates on our servers this today at 3pm EST, 2pm CST, 12pm PST. The maintenance is required in order to keep the servers secure and up-to-date and functional. The Host 99 website , blog and support forum will be available during this time. We expect only a very short interruption of our service processing (i.e. while the web server software is restarting) and maintenance is being performed.

At this time it is unavoidable and is required. We understand the importance of the downtime and we do apologize for the inconvenience this may cause. We will keep our announcement section, blog and Social media sources updated regularly. If you have questions please submit a support ticket (Update Current Tickets) and we will answer as soon as we possible can regarding your questions.

We appreciate your patience during this procedure.

Host 99 Technical Security & Annalists Team
Host-99.com® | a E-Online Source solution
PCI Certified Hosting | Level 1 Compliant
Security and PCI Specialists

SSD Business Hosting Platform (Coming Soon)

Host 99 is proud to announce the soon to be released SSD Business Hosting Server Platform Servers are now in the insight of our new SwiftServer platforms soon to release. Stay tuned for these updates and releases.. Hosting has taken a turn for the best with speeds up to 300 times faster then all servers Host 99 provides at this current time.

Keep visiting http://www.host-99.com/ for these updates and grab your SSD Platform as soon as it is available. Limited to PCI Regulated accounts only at this time.

X25-V-SSD

CloudFlare

Host 99 has partnered with CloudFlare to provide additional website protection while accelerating your site. Free!

host-optimized-badge-150px

 

 

 

 

What is CloudFlare?

CloudFlare is a service that improves your website’s performance and security. CloudFlare acts as a proxy between your visitors and our servers and can cache content and filter malicious traffic before it hits your origin server.

CloudFlare is suitable for all websites, including dynamic websites. We have partnered with CloudFlare and have implemented the service into our control panel. This means you can try the service with just a few clicks. If you are ever unhappy you can turn CloudFlare off as easily as you turned it on.

Advantages of the CloudFlare system

Site Performance Improvement: A typical website on CloudFlare loads twice as fast.

With-and-without-CloudFlare

Bot and Threat Protection: CloudFlare uses data from third party sources, as well as the data from its community, to identify malicious threats online and stop the attacks before they even get to your site.

Threat-Reports

 

 

 

 

 

 

 

  • Spam Comments Protection: CloudFlare leverages data from its own community and from third party resources to reduce the number of spam comments on your site.
  • Alerting Visitors of Infected Computers: CloudFlare alerts human visitors that have an infected computer that they need to take action to clean up the malware or virus on their machine.
  • Always Online Mode: In the event that a server is unavailable, visitors should still be able to access your site since CloudFlare serves the visitor a page from its cache.
  • Lower CPU Usage: As fewer requests hit your DreamHost server, this lowers the overall CPU usage of your account.
  • New Site Analytics: CloudFlare’s system keeps statistics on each hit and offers special insight into search engine crawlers and threats.

Who can use CloudFlare?

CloudFlare can be used by anyone with a website and their own domain, regardless of your choice in platform.
All Host 99 hosting plans INCLUDE CloudFlare security for FREE. Why wait? Take this offer and add the security to your website and be trouble free.

Two Factor Authentication (Implemented)

two-factor-authentication-diagramTwo factor authentication is fully implemented at Host 99. Your account at Host 99 is now secured including your billing and cPanel logins with added phone authentication, and use 2FA to ensure that your account stays in your hands.

Learn More

 

Industry Standards are Changing to 2048-bit

Old 1024-bit SSL certificates will no longer be supported by browsers in 2014

There is a new standard in town. All certificates from here on out will be at least 2048-bit encryption (or ECC), rather than the older 1024-bit. This is a new requirement that will be permanently in place by January 1, 2014, set forth by the one and only Certificate/Browser (CA/B) Forum. All new certs and renewals that are being issued are already 2048-bit, so no need to worry.

Overall, this is good news, because this just simply means SSL is getting stronger. As computers continue to become more powerful, the old 1024-bit certs become more vulnerable to being hacked by sophisticated computer processing capabilities. So, the easy answer is to beef up encryption so that these computers aren’t powerful enough to hack….it will take another 10-15 years or so before a computer would have enough muscle to even think about it again.

What do you need to do?

First, you need to determine if you have any active 1024-bit certificates. Then depending on when those certificates expire, you will need to renew or reissue by October 1st, 2013.

  • If you are buying or renewing before January 1, 2014, you will just need to use a 2048-bit Certificate Signing Request (CSR) when buying/renewing.
  • If your certificate expires after January 1, 2014, you’ll need to revoke and reissue the certificate with a 2048-bit key length certificate by October 1st, 2013. It is 100% absolutely FREE to do this and you will still get all of the time remaining on your current cert. All you have to do is login to your control panel and reissue your certificate and use a 2048-bit CSR.

Your step-by-step instructions:

We just want to make sure you are 100% clear on what to do, so we made some step-by-step instructions.

  1. Check if you have a 1024-bit certificate expiring before January 1, 2014. You should receive an email from us if you do, but you can also check using this SSL Certificate Checker to check the key length of your cert. If yes, proceed to #2.
  2. Make sure your server can support a 2048-bit certificate. Most servers can handle it, but in some cases it might not be able to. If you are not sure, just contact our support team by logging into your Host 99 Client Area.
  3. Revoke your current certificate and then reissue. After you revoke the certificate from your server, login to your control panel on our site and reissue the cert in question.
  4. Generate your CSR. Make sure to use a 2048-bit CSR and you should be all set. You will not have to go through the vetting process again and you will get all the time remaining on your current cert. Please do this by October 1st, 2013.

In a nutshell

  • Renew certificates with a 2048-bit key length that expire before December 31, 2013.
  • Revoke and Reissue all 1024-bit certificates that expire after January 1, 2014 by October 1, 2013.

Please act promptly as this will be easy to forget and the certificate will be at risk of not being recognized by all browsers soon. If you have any questions at all, please do not hesitate to submit a support request to our support staff via your Host 99 Client Area.

Thank you for your cooperation,
The Host 99 Security Team

Domain Registration Price Increase

Effective July 1st, ORG, NET, NAME Domain Registry prices will increase. Tomorrow is the day that the domain registry prices for the .com, .net and .biz TLDs go up by circa 50 cents. All domains including renewals and pending invoices will also be increased to meet the new threshold. We do apologize for the inconvenience on the domain registration and renewal costs. This method and decision is out of any providers control.

The TLD’s effected are as follows:
Pricing Update Results
Updated Domains with TLD .com – xxx Affected
Updated Domains with TLD .net – xxx Affected
Updated Domains with TLD .biz – xxx Affected

If you have any questions regarding these price increases please submit a support ticket to the Domain Registration Support Team and they will be happy to assist you.

Best Regards,
Mark Hampton | Service Representative

Host-99.com® | a E-Online Source solution
PCI Certified Hosting
Security and PCI Specialists