Heartbleed Explained: What WiredTree Clients Need To Know About The Critical OpenSSL Vulnerability

Posted by Rachel Gillevet on April 15, 2014

OpenSSL HeartbleedLast week, security researchers announced the discovery of a critical vulnerability named Heartbleed in the open source cryptographic library OpenSSL. OpenSSL is the de facto standard library for SSL encryption on Linux servers. Vulnerable versions of OpenSSL were used by web servers including Apache, Nginx, and LiteSpeed, the 6.X branch of the CentOS Linux distribution, as well as numerous other applications and distributions.

The vulnerability could potentially be exploited to allow access to sensitive information in a server’s memory, including authentication credentials and the private keys used by SSL for encrypting communication.

In this article, we’d like to clarify the potential risks to WiredTree clients and discuss how hackers may have been able to exploit the Heartbleed vulnerability. Continue reading

The Monthly Round-up: March’s Best Web Design/Development, CMS, and Security Content

Posted by Rachel Gillevet on April 3, 2014

wwwThis past March, the world celebrated the 25th anniversary of the web, which definitely got us a little bit nostalgic. In the last quarter century, the web has grown exponentially and technology has evolved in ways that we never could have imagined. Up until recently, the idea of people going on the internet using multiple devices every day would have seemed crazy, yet that is the new reality and responsive design has become one of the biggest design trends as a result. The growth of content management systems, led by WordPress, has put an entire generation of businesses, both big and small, on the web. Who would have seen that coming in the eighties? In that spirit, we’ve collected the most useful and informative web design/development, CMS, and security content from March to help you look forward. Enjoy and don’t forget to follow us on Twitter, Facebook, and Google + for the same great content the rest of the month.

Web Design and Development

How to Know When Your Web Design is Done - My eyes were starting to lose focus. It was 2:00 in the morning. My hands were coated with pastel dust. An inch of cold coffee sat in the mug next to me.

Continue reading

SSDs Explained: The Technology Behind Lightening Fast Hosting

Posted by Rachel Gillevet on March 27, 2014

Solid State DriveEvery bit of data that your web server sends to browsers is stored on a disk drive or is generated from the processing of data stored on a drive. It might be stored as a file sitting on a drive — an image, for example, or it might be in a database, which also lives on a disk drive.

When a browser requests information from a web server serving a static site, the assets required to build the page are pulled from a hard disk into RAM and sent out over the network. When the site is dynamic, like a WordPress site, pages are built from a combination of code execution and database calls. If the site streams video and audio, the data is also loaded from a disk drive.
Continue reading

How We Protect Managed Linux Servers From Rootkits

Posted by Rachel Gillevet on March 24, 2014

6002480524_95931770e5_bYou don’t have to worry about rootkits because we run nightly security scans of all our managed servers, but we thought you might be interested to know what a rootkit is and how we protect your server from them.

It’s notoriously difficult to hack a properly secured Linux box, but not impossible. Online criminals are a smart and motivated bunch, albeit with a depressing lack of ethics. If hackers do find their way past the security of a Linux server, it’s in their interest to be stealthy. The longer they have access to the server, the information it contains, and the network hosting it, the more data they can glean and the more mischief they can cause. Continue reading

An Introduction To The Piwik Analytics Platform

Posted by Rachel Gillevet on March 20, 2014

Piwik-logoThere’s no doubt that Google Analytics is far and away the most popular analytics tool. It is powerful and ties in well with Google’s other tools, is free, and is straightforward for even novice website owners to integrate with their site.

But, Google Analytics isn’t perfect. The most common concern business site managers have is that by using Google Analytics, they are giving up a lot of potentially sensitive information to a third-party. There’s no evidence Google has ever misused the data they glean from sites using Google Analytics, but for some businesses, the idea of handing over the keys to the kingdom is worrying. Continue reading

Protect Your Brand As New Top-Level Domains Roll Out

Posted by Rachel Gillevet on March 18, 2014

4848301878_6f678cd4d8_oUntil recently there were 22 top-level domains. Throughout 2014 that number will increase rapidly, with over 100 new gTLDs slated for launch in the coming months. gTLDs have been live for several languages for a while now, including Arabic and Chinese. Later this month, new English-language domains will start coming online, with .guru, .bike, .ventures, and .clothing available for registration. By the time this article is published, .camera, .photography, and .lighting will have entered the early availability phase. Each month of 2014, we can expect to see more domains released.

The new domains are not uncontroversial, but there’s no doubting that they represent a great branding opportunity for businesses. Or at least they do if companies can secure their own brands. We all remember the days of the cybersquatters, who would snatch up the domains of prominent companies in the expectation of a large payout. That was a hassle when their were only 22 top-level domains to keep an eye on. When there are hundreds it’s going to get much worse. Continue reading

The Monthly Round-up: February’s Best Web Design/Development, CMS, and Security Content

Posted by Rachel Gillevet on March 4, 2014

periodicalsAs the web keeps growing at an incredible pace, the amount of individuals and businesses looking for hosting increases every single day. For many, a new site starts with web design and development while figuring out a way to manage your content. But once that’s done, you’re going to want to keep your site and all of its information secure. To help you out on this journey, we collect the most useful and informative web design/development, CMS, and security content each month. Here’s the best from February. Enjoy and don’t forget to follow us on Twitter, Facebook, and Google + for the same great content the rest of the month.

Web Design and Development

3 Ways Your Web Design Can Better Connect You to Your Audience - How do people recognize good web design? There is a big difference between good and bad design. Many people can identify a good design, but they don’t know what makes the difference. Continue reading

The Monthly Round-up: January’s Best Web Design/Development, CMS, and Security Content

Posted by Rachel Gillevet on February 4, 2014

winter in branAfter the first month of 2014, it’s looking like this year won’t be too different from last year. There was another high-profile security breach, web development and design continues to evolve at a furious pace, and people are branching out and trying all sorts of new content management systems. For that reason, we’ve collected a number of articles from January that we think you’ll find useful and should you get acclimated to what’s going on in 2014. Enjoy and don’t forget to follow us on Twitter, Facebook, and Google + for the same great content the rest of the year.

Web Design and Development

When Design Best Practices Become Performance Worst Practices - Your design team has come up with a gorgeous prototype for the next iteration of your home page. It conforms to known design and usability best practices, and your testers loved it in the lab. You push the design to your live site and the results are … well, a little disappointing. Continue reading

What’s So Great About HTTP 2.0?

Posted by Rachel Gillevet on January 20, 2014

5065834411_d12669d487_bThe way we use the web has changed radically over the last few years. Where once a web page was mainly comprised of a few static resources that were loaded once and from a small number of servers, many pages are now complex combinations of resources loaded from multiple servers with extensive interactive components.

HTTP, the Hypertext Transfer Protocol, was designed for an older web and was not built with today’s complex interactive sites in mind. While HTTP 1.1, the current version, has given great service, it’s time for something new. HTTP’s old-fashioned assumptions about the nature of the web causes sites to be slower and less responsive than they should be, forcing browser manufacturers and web developers to implement hacky solutions to work around its deficiencies. Continue reading

SEO Fundamentals: Understanding Google’s Link Disavowal Tool

Posted by Rachel Gillevet on January 16, 2014

7905320090_4c7802b4f7_bBeing a great webmaster doesn’t automatically mean that you’re an SEO expert. The skill that leads to the creation of a popular blog or magazine, or a successful eCommerce store, are not necessarily the same skills that are required to do well in the SERPs (search engine results pages). Naturally, many people turn to professional search engine optimizers to help them rank.

The SEO industry is a mixed bag. There are many conscientious and expert SEOs out there, but there are as many, if not more, shady blackhats who will advise a site owner to behave in ways that are contrary to Google’s Webmaster Guidelines. Ill-advised webmasters often take on the role of SEO themselves, and not knowing the pitfalls will often shoot themselves in the foot by engaging in SEO techniques they find on forums and SEO blogs. If you don’t know what you’re doing, discriminating between valid white-hat SEO and black-hat tricks can be difficult. Especially since Google is constantly updating its algorithms, and what we could get away with a couple of years ago will now earn a penalty. Continue reading