About Liquid Web

A Leader In Managed Hosting since 1997

Our Heroic Support technicians are located on-site at each of our data centers.
Liquid Web Official Blog

KB Weekly Wrap-Up 11-28-14
Filed under: News  November 28, 2014

Knowledge Base Weekly Wrap 11-28-14
Sick of Black Friday already? Take a break from the madness and focus on your hosting environment instead. If your infrastructure is updated with the latest release of the Fedora operating system, then our Knowledge Base is the perfect place to go for help with installing popular and useful applications. In this edition of the KB Weekly Wrap-Up, find out how to install PostgreSQL, Cassandra 2, Git, and lsyncd all on Fedora 20.

Don’t see what you need to know? Contact our Heroic Support® team and we’ll help! If you’d like to request a specific article for our Knowledge Base, let us know at support@liquidweb.com.

  • No Related Post

KB Weekly Wrap-Up 11-21-14
Filed under: Heroic Support,How To,In 60 Seconds  November 21, 2014

Knowledge Base Weekly Wrap-Up 11-21-14
Our Knowledge Base not only includes helpful how to articles, but also solves many of the common errors you might encounter while troubleshooting your server. In this edition of the KB Weekly Wrap-Up we’ve solved two errors you might encounter when attempting to connect to a vsftpd server. You can also learn how to resize a Liquid Web Storm Server and how to install phpMyAdmin and vsftpd on Fedora 20.

Don’t see what you need to know? Contact our Heroic Support® team and we’ll help! If you’d like to request a specific article for our Knowledge Base, let us know at support@liquidweb.com.

Log Storage: A Cloud-Based Log Management Tool
Filed under: News  November 19, 2014

Evaluating your server’s log files can help immensely when diagnosing issues and storing those files is often required for security and compliance purposes, however the sheer number of files can be overwhelming. Enter Log Storage, a cloud-based log management tool that offers simplified management of your server logs. Log Storage allows customers to view, search, analyze, and manage all of their logs across multiple servers in one convenient location. A unique offering when combined with the full scope of management of our 24/7/365 Heroic Support®, Log Storage is also easy to set up and operate.

Log Storage Features

  • Manage All Logs in a Centralized Environment
  • Isolate and Analyze Trends
  • Improve and Fine Tune Searching Ability
  • Stop Potential Issues Before They Occur

Our Heroic Support® team developed Log Storage by combining the most useful elements of several different applications in order to create a product specific to the needs of our customers. Logs are directly transmitted to our centralized cloud storage cluster from any location chosen by the customer, where they are available for enhanced search, management, or analysis. We offer a plans that come with 30 GB, 60 GB, 150 GB, and 300 GB of storage.
Liquid Web Log Storage User Interface
Many of our customers have found a myriad of benefits to utilizing Log Storage in their day to day operations. One such customer, EchoDitto, has used Log Storage to manage their large cluster of web servers.

“We found it especially useful when trying to follow patterns or IP addresses behind our load balanced cluster of web servers,” explained Senior Systems Administrator Alan Ivey of EchoDitto. “Otherwise we’d have to have multiple terminals open and hope we didn’t overlook something when comparing each window.”

Log Storage is perfect for customers who have hosting environments that generate a large number of events and often find themselves searching through logs looking for particular information. Log Storage also makes it much easier for customers to quickly find and repair potential issues or problems, spot trends in usage, search for malicious activity, or simply store a large amount of logs for security or compliance reasons. If you’d like to learn more about how you can use Log Storage to simplify your log management, let us know!

Learn More About Liquid Web Log Storage

  • No Related Post

KB Weekly Wrap-Up 11-14-14
Filed under: How To,Knowledge Base,News  November 14, 2014

Knowledge Base Weekly Wrap 11-14-14
Have you checked in with our Knowledge Base recently? New articles are added all the time, written with our customer’s specific needs in mind. This edition of our KB Weekly Wrap-Up features Fedora 20, Logwatch, a solved Apache error, and an in-depth performance comparison of MySQL 5.1, 5.5, and 5.6.

Don’t see what you need to know? Contact our Heroic Support® team and we’ll help! If you’d like to request a specific article for our Knowledge Base, let us know at support@liquidweb.com.

How to Protect Your Ecommerce Site From Holiday Hacks
Filed under: Heroic Support,Industry Insights,News  November 13, 2014

Protect Your Ecommerce Site This HolidayThere have been an alarming amount of security breaches covered by the news over the last year, from the Heartbleed vulnerability to the numerous breaches at USPS, Neiman Marcus, eBay, Home Depot, Target, and other retail businesses. According to Trustwave’s 2014 Global Security Report, 54% of the attacks that took place last year targeted ecommerce systems.

With the holidays looming on the horizon and your holiday traffic preparations underway, the last thing you want is a hacked site. Below are the five most common types of hacks that might affect ecommerce businesses this holiday season as compiled by OWASP, the Open Web Application Security Project and the collective knowledge of our heroic security experts. Learn more about these security risks so you can better protect your customers and ensure you have a successful holiday season.

Holiday Hack #1 – Injection

  • What Is It?

    Injection attacks can cause data loss, data corruption, denial of access, and even a complete host takeover that could have negative consequences on your business’s reputation. Injection flaws are easy for attackers to find and happen relatively often. Injection-related attacks are often in the news, much like the recent attack disclosed by Milwaukee-based computer security company Hold Security. They discovered a theft of confidential information from nearly 420,000 websites due to SQL Injections.

  • How Does It Work?

    Untrusted data is injected into a web application and tricks that application into executing commands and accessing data. Often found in legacy code within SQL, LDAP, Xpath, NoSQL queries, OS Commands, XML parsers, SMTP Headers, etc.

  • How Do I Protect Myself?

    Using a safe API can prevent injection attacks, and protections such as ModSecurity for Apache can help in the case of SQL injections. However, it is also vitally important to keep your web applications updated, something that our Heroic Support® can help you maintain. Outdated applications are particularly vulnerable to injection attacks.

Holiday Hack #2 – Authentication

  • What Is It?

    Authentication exploits are widespread and can provide attackers with an authorized user from which they can attack. One method attackers use to gain access to authorized user accounts is a brute force attack, which involves rapid logins against your server. Attackers can also target Session IDs, which keep track of users through multiple requests. Stolen session IDs can be reused to impersonate users on popular websites like Facebook and Google.

  • How Does It Work?

    Attackers take advantage of exposed accounts, weak passwords, or other flaws in the authentication or session management functions to impersonate users. Flaws could be found in the logout, password management, timeouts, account update functions and more.

  • How Do I Protect Myself?

    Protecting your application from session ID exploits requires a strong set of authentication and session management controls, secure communication and credential storage. In addition, services like Brute Force Detection (BFD) watch your log files for failed login attempts and will blog IP addresses that have several in a short period of time.

Holiday Hack #3 – Cross-Site Scripting (XSS)

  • What Is It?

    XSS is one of the most widespread security risks. Attackers hijack user sessions to change websites, insert bad content, conduct phishing and malware attacks, etc. all leading to a negative impact on your website’s reputation. Paypal, as an example, has had to fix XSS vulnerability in their site that allowed the execution of client-side script and browser cookie hijacking.

  • How Does It Work?

    This attack exploits the browser-user trust. Attackers can send text-based attack scripts that execute in the victim’s browser, hijacking the user session.

  • How Do I Protect Myself?

    Follow best practices per OWASP to protect your application from XSS attacks, including properly escaping all untrusted data and including whitelist input validation. In addition, maintaining updated web applications is extremely important because outdated applications are vulnerable to XSS attacks. Our Heroic Support® can help you manage your many applications and their updates.

Holiday Hack #4 – Denial of Service (DoS)

  • What Is It?

    A common attack that allows hackers to bring down a network without needing internal access is Denial of Service or Distributed Denial of Service (DDoS). These types of attacks are particularly worrying because a slow, or even inaccessible website during the holiday season can be devastating. Customers that have experienced debilitating DDoS attacks have found themselves in desperate situations without the proper mitigation techniques.

  • How Does It Work?

    During a DoS attack, attackers flood the access routers with fake traffic until the system overloads and eventually fails. A DDoS attack involves coordinated attacks from many different sources.

  • How Do I Protect Myself?

    The best way to mitigate a DDoS attack is to monitor incoming traffic. Services like our DDoS Attack Protection differentiate between legitimate and malicious traffic. It analyzes traffic that attempts to reach the server and, if the traffic is determined malicious, routes it away allowing only legitimate traffic through. DDoS Attack Protection can prevent the severe negative consequences of a debilitating attack.

Holiday Hack #5 – Security Misconfiguration

  • What Is It?

    Misconfigured security settings are a frequent oversight made when implementing web servers and applications. Easy to exploit, attackers can get unauthorized access to system data or server functionality, allowing them to steal or modify your data slowly over time. This could lead to a complete system compromise.

  • How Does It Work?

    There are numerous ways attackers can exploit misconfigured settings, including in the web server, application server, database, application framework, and custom code. They can exploit default accounts, unpatched flaws, unprotected files, directories, and more.

  • How Do I Protect Myself?

    Ensuring it is fast and easy to deploy secure environments, maintaining updated software, securely separating components, and periodically auditing your security can help avoid security threats – all of which our Heroic Support® team can guide you through. In addition, setting up a secure firewall will help you protect your entire hosting environment.

Our Heroic Support® team is well versed in protecting our customers against these and other common security exploits. Knowing the importance of the upcoming holiday season for ecommerce businesses, we’re here to help you find out if you’re vulnerable and to implement protections for your sensitive data, 24/7/365.

LiquidWeb.com Scavenger Hunt
Filed under: Contests  November 10, 2014

Hunt through our new website and find the answers to the each day’s clue for a chance to win our prize pack of NEW Liquid Web gear, including our new messenger bags, sunglasses and an 8GB credit-card sized flash drive! Share your answers on Facebook or Twitter throughout the week. The first five people to answer all five clues will win!

LiquidWeb.com Scavenger Hunt Prize Pack

How to Play:

  1. Starting immediately, one clue will be posted each day this week at Noon (EST) on both Facebook and Twitter in the form of a Clue Photo. They will also be added to this blog post.
  2. Decipher each clue and search our new website for the answer to the riddle.
  3. Submit your answer each day via Facebook or Twitter:
    • Via Facebook: Share the Clue Photo with your friends, making sure its security settings are PUBLIC so Liquid Web can see it. Include the answer to that day’s clue in your post along with #LWSiteHunt.
    • Via Twitter: Retweet the Clue Photo, including both your answer to the clue and #LWSiteHunt.
    • Also include your LW Brand Store username in each submission, so you are eligible to win the prize. If you do not have a username, sign up here: LiquidWeb.com/shop.
  4. Check in every day this week at Noon for the next clue. The last clue will be on released Friday, November 14th.
  5. The first five participants that solve every clue and correctly submit their answers will win our Prize Pack, pictured above. The winners will be individually contacted. All other winning participants will be awarded with 100 Liquid Web Bucks usable on great items from LiquidWeb.com/Shop, so keep playing!

Clue 1:

LiquidWeb.com Scavenger Hunt Clue 1

Clue 2:

LiquidWeb.com Scavenger Hunt Clue 2

Clue 3:

LiquidWeb.com Scavenger Hunt Clue 3

Clue 4:

LiquidWeb.com Scavenger Hunt Clue 4

Clue 5:

LiquidWeb.com Scavenger Hunt Clue 5

Rules & Regulations:

  • Submit your answer each day by sharing or retweeting each day’s Clue Photo and including your answer with the #LWSiteHunt hashtag.
  • Submissions must include Liquid Web Brand Store username to be eligible to count as a completed item. If you do not have a username but wish to participate, please register at Liquidweb.com/Shop.
  • Winners will be notified of their winning submission via reply on Facebook or Twitter from Liquid Web.
  • The contest will begin at Noon (Eastern) on November 10th and last until 5pm (Eastern) on November 14th or until we have awarded all of our prize packages.
  • All entries must be unique with YOUR LiquidWeb.com/Shop username written on them.
  • Liquid Web employees and Employee family members are ineligible to win.

Legal Disclaimer

KB Weekly Wrap-Up 11-7-14
Filed under: How To,Knowledge Base,News  November 7, 2014

Knowledge Base Weekly Wrap-Up 11-7-14
As always, we’ve stocked our Knowledge Base this week with articles designed to help you through every step of your hosting process. In this edition of our Knowledge Base Weekly Wrap-Up you can find articles helping you to protect your server from POODLE, how to install Varnish and Docker, and take a tutorial on managing a Linux server with systemd.

  • How to Disable SSLv3 for Apache and Exim to Protect Your WHM/cPanel Server from POODLE

    Learn how to protect your server from POODLE, or Padding Oracle On Downgraded Legacy Encryption, by disabling SSLv3 for Apache and Exim.

  • How to Install Varnish 4 on CentOS 7

    Learn how to install Varnish, an HTTP accelerator designed to improve the performance of dynamic websites, on CentOS 7.

  • How to Install Docker on Fedora 20

    Follow our step-by-step instructions to Install Docker, a container-based software framework for automating deployment of applications, on Fedora 20.

  • Tutorial: An Introduction to Managing a Linux Server with systemd

    Take our tutorial on managing a Linux server with systemd, a system management daemon that provides a standard for controlling the Linux boot process.

Don’t see what you need to know? Contact our Heroic Support® team and we’ll help! If you’d like to request a specific article for our Knowledge Base, let us know at support@liquidweb.com.

  • No Related Post

KB Weekly Wrap-Up 10-31-14
Filed under: How To,Knowledge Base,News  October 31, 2014

Knowledge Base Weekly Wrap-Up 10-31-14
Happy Halloween! Our technical writers have been producing more helpful articles than ever this last week, but don’t be spooked by all the information jam-packed into our Knowledge Base – it’s easy to find what you need. Today’s KB Weekly Wrap-Up features instructions on listing all jobs in cron and displaying MySQL storage engines. In addition, we can help you upgrade to MariaDB 10.0 and install any storage engines you’ll need.

Don’t Get Left Out in the Cold! Prepare Your Ecommerce Site for Holiday Traffic.
Filed under: Heroic Support,How To,Industry Insights,News  October 29, 2014

It’s that time of year again. Halloween is almost upon us – and that means the holiday shopping season is quickly approaching. If you’re running an ecommerce business, then your holiday promotions are probably well underway, but have you considered how your planned promotions will affect the performance of your website? If everything goes to plan, your website should experience a substantial influx in traffic as consumers begin their shopping sprees. More traffic is a good thing for your business, but what if you experience too much traffic all at once? The worst thing that can happen during this key retail season is the loss of revenue that results from a down website. The key to taking advantage of your incoming traffic without crashing your site is to optimize your server for high traffic loads with flexible hosting infrastructure.

After you prepare your site for upcoming holiday traffic, make sure you know how to protect yourself from the most commonly seen security risks, including injection, authentication, cross-site scripting, denial of service, and security misconfiguration.

  • Bring Your Content Closer to Your Customers

    Sometimes distance really does matter when it comes to the speed of your website. No matter where your website is hosted, customers accessing it from far away might see latency when they visit. Page load times can directly affect your bottom line. Studies have shown that a one second delay in page response can cause a seven percent decrease in site conversions. In addition, a slow loading site is more likely to lead to page abandonment. The last thing you want during the holiday season is a customer who clicks away because of a slow site.

    A content delivery network, or CDN, can improve the speed of your website for customers visiting from far away. CDNs continuously pull and cache content from your server and distribute it to secure servers around the world. When a customer from across the globe attempts to access the site, they will only have to pull information from the server closest to them – rather than from the origin server thousands of miles away – meaning a faster loading website and a happier customer.

  • Scale Up and Down As Needed

    While your current server setup may be more than sufficient to handle your current traffic load, it still may not be enough to handle the traffic you’ll see over the holidays. The best solution is a flexible hosting plan, like those we offer with our Storm Cloud Servers. Our Storm Servers allow for easy resource scaling up or down as your ecommerce site needs. Simply scale up just before the holiday traffic spike, and scale down again once the traffic subsides. The beauty of the Storm Servers is you only pay for what you need, giving you the flexibility to completely control your resources.

  • Evenly Distribute Your Traffic

    As your traffic increases due to your holiday promotions, you run the risk of overloading and crashing one of your web servers. To prevent all that traffic from crashing your ecommerce site, think about investing in a load balancer. A load balancer can evenly distribute your traffic across multiple web servers, preventing any one server from being overloaded. Additionally, if one web server does happen to fail, the load balancer will redistribute your traffic amongst the rest of your servers. Spreading your traffic out among all of your servers will not only help keep your website up and running during the holiday season, but will also reduce overall latency for site visitors – an important factor during the pivotal holiday season.

  • Test, Test, Test

    If you’re not sure what your hosting infrastructure needs to be ready for the holiday season, let our Heroic Support® know. We can help test your current setup and figure out how to best optimize it for increased traffic. A few changes with your caching or plugins might significantly lower the resources your website needs, allowing more resources to be devoted to serving your incoming customers. We can help you test your website and infrastructure before the busy season and catch any problems before they even occur.

  • Don’t Forget to Back Up

    After you’ve followed the above steps to prevent your website from crashing during the holidays, be sure to also back up your data to a secure and offsite location. While we hope you won’t have to use it, up-to-date backups can help you get back online quickly if disaster occurs. It’s easier to enjoy the holiday season if you know your database of important customer information is safe and could be easily restored in minutes.

The holiday season is the most important time of the year for many retail businesses. Make sure your website can withstand the increased traffic so your business can enjoy the benefits of a successful holiday shopping season. As always, our Heroic Support® is here to help 24/7/365.

Are you planning any Holiday promotions?

  • No Related Post

Let the Professionals Help: Six Solutions to Help Secure Your Server
Filed under: Heroic Support,How To,Industry Insights  October 24, 2014

We can help you secure your server AND learn more about the most common security risks, including injection, authentication, cross-site scripting, denial of service, and security misconfiguration.

In our previous post celebrating National Cyber Security Awareness Month we discussed six simple things you could do on your own to secure your server. While our DIY security tips in that post can be extremely helpful in securing your server, we couldn’t end the conversation without mentioning a few solutions that play a very important role in server security. The following six items are not only important to include in your security plan, but many of them are invaluable in the fight to protect your data.

  • Firewalls

    Firewalls act as the first line of defense for your server, protecting your data by filtering traffic according to a customizable set of rules. With the firewall in place, a barrier is created between your server and the rest of the Internet. Any traffic that attempts to connect to your server is analyzed, and if it is deemed malicious, that traffic is blocked. Our Heroic Support® team can help you set up either our physical Cisco firewall for your dedicated server, or our cloud-enabled firewall for a Storm® cloud server. You can also see our Knowledge Base for help enabling firewalld, a newly implemented firewall, on CentOS 7. In either case, firewalls are necessary for securing your hosting environment against unauthorized third-party access.

  • DDoS Attack Protection

    Denial of Service or Distributed Denial of Service attacks (DoS or DDoS) are common types of attacks that allow hackers to bring down a network without having to gain internal access. There is no way to prevent these attacks from occurring and no way to anticipate whether you’ll be a target, so DDoS Attack Protection is necessary if you wish to avoid downtime in the unfortunate event you are attacked. A DDoS attack occurs when hackers flood the access routers with fake traffic and overload the system until it fails. Our DDoS Attack Protection system works to differentiate between legitimate and malicious traffic by monitoring a selected network of IP addresses and analyzing traffic that attempts to reach the server. In addition, our Heroic Support® team works with our customers during attacks and regularly tweaks the system to ensure it is working effectively.

  • SSL Certificates

    An ecommerce business has to reassure its customers their private data will be kept safe and secure or risk losing business. SSL Certificates are the standard for online security, encrypting online transactions to prevent data exposure to hackers. We sell a number of different types of SSL Certificates from GlobalSign, one of the most respected names in the industry. Our SSL Certificates even come paired with Netcraft’s continually updating phishing detection to provide real-time alerts that warn site owners when their websites becomes compromised, ensuring even more protection for your customers’ sensitive data.

  • PCI Compliance

    A website that is PCI Compliant promises customers that your business has taken all the necessary steps to protect their data when shopping online. The Payment Card Industry’s Data Security Standards (PCI DSS) require businesses to protect customer data through requirements for both their hosting infrastructure and server configuration. We offer a scanning service that can verify your server meets all the PCI DSS requirements, so you can reassure your customers their data is safe. See our Knowledge Base for more explicit information on how to ensure your electronic payments are PCI DSS compliant.

  • Virtual Private Network (VPN)

    A virtual private network, or VPN, is a tunneled private network of remote sites or users utilizing a public network, like the Internet, to connect to each other. A VPN uses encryption to secure your computer’s connection to the Internet and guarantees that all of the data you’re sending and receiving over the VPN is secured from any potential prying third parties. A VPN can be an extremely useful for a growing business to increase productivity without sacrificing security. Learn how to configure your Liquid Web VPN with the help of our Knowledge Base.

  • ServerSecurePLUS™

    Add additional security services and modifications to your server with ServerSecurePLUS™, an exclusive Liquid Web product. ServerSecurePLUS™ greatly enhances the security, reliability, compatibility of your server through daily CSX scans and a number of server hardening initiatives including email protection, service hardening, brute force detection, and secured access via SSH, FTP and RDP. Saving you hours of installation time or the hassle of hiring a system administrator, ServerSecurePLUS™ guarantees that your server’s important data will be protected.

  • The goal of National Cyber Security Awareness Month is to spread awareness of cyber threats so consumers can learn how to protect themselves. Depending on your business, one or two simple things, like a firewall or SSL certificate, can go a long way to ensuring your server is secure against many of the common cyber attacks seen today. Let us know if you have any further questions about cyber security – our 24/7/365 Heroic Support® is always here to help.

    Have you ever been the target of a cyber attack?

    • No Related Post

Page 1 of 151234510...Last »

Copyright © 2011 Liquid Web, Inc. All Rights Reserved.