Proudly Hosting over 100,000 Fast Websites since 2010

How do servers work? A Detailed Guide into Web Servers

how do servers work

Have you ever wondered while browsing your favorite website, that how do servers work? At the mention of web servers, a lot comes to mind as far as the internet is concerned. Web servers play a key role in internet-based communication without which we wouldn’t have any online experience. You wouldn’t even be reading this article. This is because this website is currently sitting on a web server somewhere.

So, every time you visit any site such as Facebook, Netflix, YouTube or even shopping on an online store, always keep in mind that the sites are sitting on web servers hosted somewhere.

So what is a web server?

In simple terms, a web server is a piece of software that is hosted on a computer to serve clients’ requests which are sent via a web browser. Upon receiving client requests via a browser, the webserver, in turn, delivers the web pages to the user that contain a wide spectrum of content including images, sound, and videos.

Through the web servers, users can access the content they desire via a web browser: from steaming movies on Netflix, networking on social sites to buying items on online stores. Thanks to web servers, you can get almost any content to want online.

Let’s go a step further and look in greater detail at how a web server works.

An in-depth look at how a web server functions

Web servers underpin access to all manner of online content, constantly receiving requests and serving content to millions of users at any given time. So here’s how a web server works:

how dns works

Every time you type a domain name in the URL bar and hit Enter, an HTTP request is delivered to a web server associated with the domain name. Your browser acts as an HTTP client which allows you to send the request. Thereafter, the domain name is then translated to an IP address of the webserver by the DNS (Domain Name System). Domain names are preferred to typing the web server’s IP address. And for obvious reasons. It’s far much easier to recall a domain name than try to rack up your brain trying to remember what an IP address for Facebook or Amazon is. Upon receiving the request, the webserver relays the HTTP response to your browser ane renders the content that you had earlier requested. In a nutshell, a web server processes HTTP requests and responds by providing HTML webpages. Examples of popular web servers used in hosting include Apache HTTP server and Microsoft’s IIS.

web server market share

However, Apache takes the lion share and is the most widely used in most hosting companies and most websites.

Web servers can host either a static or a dynamic website. Let’s take a look at each of these in greater detail.

Static vs Dynamic websites

As the name suggests, a static website is one which content is usually static or non-changing.

Usually, a static website comes with a fixed number of pages with a defined layout. Content is mostly written in HTML/ CSS code and a bit of JavaScript/JQuery. The content served by the webserver hardly changes, and the same content is displayed for every user. The content is mostly informational and If any changes are required, then the website administrator has to be well-versed with the coding languages to make any modifications. Every page of the static website is saved separately on the server. Because of their simplistic nature, static websites are fairly easy to develop and won’t require much time and effort in maintenance. Because of the bland and uninspiring nature of static websites, static websites have been long obsoleted and have been phased out by dynamic websites.

Let’s now shift our focus to dynamic websites. A dynamic website is a website that is powered by server-side scripting languages to generate dynamic content. Such languages include PHP, Javascript, and ASP. In this case, webpages are not coded or saved separately. Instead what governs the look and feel and structure of the website is the design or template that is saved separately. The corresponding content is saved separately in databases.

Dynamic websites provide user interaction and the content displayed is dependent upon how users interact with the website.

In a nutshell, dynamic websites are functional and the content served varies from one user to another depending on the user interaction.

The downside to dynamic websites is their complexity. They are much more difficult to develop and require a greater level of expertise to host and maintain them.

Other Server Softwares that work alongside Web Servers

If you are running a static website, a web server is all that you would require. The same cannot be said of a dynamic website. A database server comes into the picture and is necessary for the storage and retrieval of data upon request. It works in the backend and works alongside the webserver, which works on the front-end, to deliver content to users. Examples of database servers include MySQL, PostgreSQL, Microsoft SQL Server, and MariaDB.

The other type of server is the application server. An application server hosts applications as well as associated services that are required by end-users. This server essentially sits between the web server and the database server, handling the customer & business applications and acting as the go-between for the web and database server.

Application servers include Apache Tomcat and Websphere.

How are servers equipped for high performance?

The servers we have talked about are essentially pieces of software that need to be installed on bare-metal hardware to carry out their tasks. Server hardware mimics ordinary PCs and fundamentally works just the same as ordinary PCs. However, since servers are designed to run 24/7 serving thousands of requests per second, they ship with enhanced hardware components and rely on certain configurations to ensure 100% uptime and boosted performance.

Due to their memory-intensive tasks, most servers will usually ship with RAM ranging anywhere from 8 GB to 2 TB with additional expansion slots. Also, they will also come with more storage capacity with hot-swappable drives to store the ever-increasing data that is stored on them. A typical server will usually come with a hard disk capacity of about 4GB with extra slots to cater for expansion or growth in the future. For super-fast processing power, servers ship with Xeon processors with impressive 24 cores for executing tasks at remarkable speeds. It’s also worth mentioning the existence of a redundant power supply option in the event of a power failure and the presence of additional cooling fans to keep the temperature at optimum levels and avoid overheating of the server components.

It would be an oversight on our part if we failed to mention the need for RAID configuration.

RAID, an acronym for Redundant Array of Independent Disks, is a technology that provides fault tolerance. In a RAID setup, multiple hard drives are configured together in such a manner that in the event of disk failure in one drive, no data is lost since data is already copied onto other drives. This aspect is particularly crucial for business websites that store enormous user data and need to always ensure data safety and integrity. A failure in one hard drive in the RAID will not affect the server’s overall performance. Currently, there are up to 6 RAID configurations depending on the amount of storage and the degree of redundancy that you require. The most commonly used RAID configuration is RAID 10. It combines the speed proferred by RAID 0 and the fault tolerance extended by RAID 1. In RAID 10, there are at least 4 drives. Two of these hard drives mirror the other two, implying that you get double capacity and performance of a single drive. The only shortcoming with RAID 10 is that you get to use half the storage capacity.

Another aspect that boosts the efficiency of servers is load balancing.

Load balancing is the process where traffic is routed or distributed efficiently across multiple web servers using certain criteria. A load balancer is the computer system that sits in front of web servers and distributes these requests evenly among different web servers. Load balancing aims to avoid flooding a web server with traffic which may lead to accessibility issues such as poor response times or even total downtime. Load balancing comes in handy in high-traffic websites where multiple web servers sit behind a load balancer and traffic is efficiently distributed across all of them. This leads to the high performance and efficiency of the web servers by alleviating the load that one web server alone would have performed.

What constitutes great hosting?

This is a broad question to answer, but let’s focus on the quintessential aspects that make for an awesome hosting experience.

Top on the list is price. You need to determine the affordability of the various hosting plans and assess the value for money you will get. Second, on the list is customer support. A good hosting company prides itself in offering exceptional 24/7 customer support to its clients. So before opting for a specific hosting company, its prudent to be certain that you will get assistance at any time of the day in the event you run into a hitch.

It also pays to keep an eye on the bandwidth offered by your hosting provider. More bandwidth guarantees faster access times and speed to your website. You also need to know whether the hosting plan offers CMS frameworks such as WordPress, and Magento just to mention a few. These frameworks enable you to design your website on the fly, saving you a copious amount of time and finances that would have been spent hiring a developer. Also, check if the provider is offering add-ons such as SSL certificates, subdomains, website builders and any other nifty additional features that will make your hosting experience pleasant.

As time goes by, cyber threats continue to grow in number and wreaking havoc on websites. You, therefore, need to opt for a security-centric hosting company that will guarantee the security and integrity of your data from malware and breaches.

Also, be on the lookout for the guaranteed uptime that the hosting provider is offering. This will be crucial in ensuring that your site will be up and running for most of the time with minimal downtime as possible. And we all know the implications of downtime on a website: business and numerous customers lost. An ideal hosting company should guarantee 99.9% uptime.

Lastly, its recommended to perform a background check on the hosting providers. Spend time poring over the reviews and ratings of the hosting provider and see what people are saying.

Is the Hosting provider reliable? Do they offer excellent uptime? Is their customer support friendly and helpful? Overall, are you getting value for money?

Top 10 Best WHMCS Themes and Templates

best-whmcs-themes-blog-header

When it comes to the best CRM, Support System and Automation tool for web hosting businesses, WHMCS always takes the lion’s share. It not only allows you to customize your site but also manage your clients and billings. In cloud and hosting business, the value of a quality, visually appealing and easy-to-use theme cannot be emphasized enough. WHMCS themes come in different designs and colors. Thanks to the cloud services whose value keeps increasing each day, hosting is becoming one of the fastest-growing niches, and it’s time to invest in this business.

According to experts’ analysis, cloud hosting will increase by 30% each year for the next ten years. So today, I was able to find themes of outstanding quality and design. These amazing web hosting themes are all you need to leave your website looking useful and fun.

What is WHMCS?

Those familiar with billing in the online business know all too well the value of WHMCS. WHMCS is an all-in-one solution that helps a business efficiently manage its customers, billing, and support. WHMCS is the complete solution for online businesses. It ships with a myriad of features such as:

  • Payment tracking
  • Automated recurring billing
  • Automated account creation and termination
  • Integrated customer support center
  • Statistical reports for businesses
  • Multi-language support for email and control panel
  • A customizable control panel that uses templates

WHMCS Themes: Why you should customize yours?

As a customer, you’ll always desire a seamless experience with WHMCS themes. With a custom theme, you can leverage the various features that ship with it and modify the look-and-feel of the client area.

The main goal of customizing a theme is to revamp the client section and give it some oomph and visual appeal. Additionally, a custom theme will help your brand stand out from the rest. Customizing the theme for your brand can be a daunting task, and it usually recommended to hire a developer or someone with the know-how of tweaking themes to give it a touch of class and improve the overall user experience.

What do you look out for in a WHMCS theme?

Hundreds of WHMCS themes around, and realistically, it’s not possible to sift through all of them. It’s easy to get confused when you are shopping for the perfect theme for your website. However, there are quintessential qualities that an ideal WHMCS theme should have:

  1. Go for themes with a responsive design. This ensures that the website can render perfectly well across various devices such as tablets and smartphones.
  2. An ideal theme should have professional looking and easy-to-read fonts. Steer clear of fancy fonts which will make your visitors have trouble reading and ultimately impact negatively on your business.
  3. Opt for a theme with a sleek and modern design but, avoid fanciness just like in the previous point. Remember, a customer needs to easily get their way around your site with minimal trouble. The design should neither be too simple or too fancy. An overly fancy design can cause confusion and agitation and consequently leave a negative impact. With that in mind, go for a theme with a modest layout, widgets and plugins and a theme that is overall visually appealing. To get it right, have a glance at the demo page, carefully reviewing every feature.
  4. Choose a theme that scores highly on security and performance. In a world of growing cyber-attacks and breaches, this cannot be emphasized enough. It’s therefore prudent to purchase a theme that comes with support, especially a paid theme. The support team will help you fix errors, and perform some tweaks to harden your site.
  5. Premium themes are preferred over free themes. You may get lots of free themes, some replete with all the features that you want, but this comes at a cost. Unfortunately, most of these freebies lack technical support and should you run into a hitch, you will be left to your own without any support from the developers. It goes without saying that this will eventually eat into your budget as you will be compelled to hire a developer to fix the issue.

Top 10 WHMCS Themes and Templates

Having looked at what to look for when searching for your ideal theme, lets jump right in and list the Top 10 WHMCS Themes and Templates.

Hostlab – $99

Hostlab is a multi-purpose theme ideal for web hosting, domain selling, and general online businesses. It comes with a nifty drag-and-drop page builder to get you started in no time and give you a smooth experience as you set up your site. The theme is fully responsive and ships with a myriad of the customizable templates with a style.css file which you can tweak to your preference in order to fit your template look-and-feel. Be sure to find the login and sign-up input fields as well as the domain search field integrated into the theme.

Features that make Hostlab an ideal theme include:

  • One-click demo to help you get started
  • 600 + Google fonts
  • Free custom icons and graphics
  • Free visual page builder
  • Multiple layouts which are fully responsive
  • 4 Homepage examples
  • Compatible with WHMCS version 7.2.3
  • A mega menu is fully customizable with widgets, plugins, and dropdowns that you can add images and text
  • Pricing tables
  • Fully responsive slider
  • Retina ready
  • Full Compatibility with WordPress 4.2 and later versions
  • Very clear, step-by-step documentation
  • Multiple color styles
  • Contact Form 7
  • 24/7 Customer support

Kripdom – $49

Kripdom is tailored for technology and business-centric online businesses. It’s designed for a wide spectrum of online businesses such as web hosting and domain selling. It ships with a visual composer and all the requisite features needed for a web hosting business such as domain search and registration. Included in the theme is a custom WHMCS template which is compatible with WHMCS version 7.8.x. Additionally, you get visually appealing pricing tables that allow you to list the prices and features for different hosting packages.

Features that make Kripdom theme tick include:

  • Fully customizable Visual composer
  • Compatible with WHMCS v7.8.x and later
  • Mailchimp integrated
  • Woocommerce 3.3.x ready
  • Bootstrap v4.0 ready
  • W3C validated code
  • Fully responsive layouts with advanced theme options
  • Fullscreen background image
  • Cross-browser compatibility (Google Chrome, Firefox, Safari, Edge, IE 8 and later)
  • Retina ready
  • SEO ready
  • An unlimited choice of colors to pick from
  • Multiple layouts to choose from
  • Powerful admin panel
  • custom banner & slider with carousel 2
  • Domain search and checker integrated with WHMCS
  • Clean, error-free code
  • Free lifetime updates
  • Unique and visually appealing pricing table
  • A unique slider for the VPS reseller. The slider lets you scale up and scale down resources as you monitor the price
  • A shopping/product page included plus other features such as cart and checkout section.
  • A built-in team page for listing team members
  • A unique video overview section for a brief introduction about the company
  • A built-in multi-location data center page already integrated with Google map API
  • Contact form 7
  • 30-day-money-back guarantee
  • 24/7 Customer support

Hoskia – $49

Hoskia is a stunningly beautiful multi-purpose theme that combines aesthetic appeal and functionality. It is tailored for technology-related online businesses such as web hosting, and domain search and selling. It is fully compatible with WHMCS 7.8.x and ships with a free WHMCS custom template. Like all the aforementioned themes, it comes packed with all the features necessary for web hosting such as domain search & registration. The colorful pricing tables allow you to display the various hosting plans alongside their features and hosting prices. Furthermore, the theme comes with different blog layouts, shopping, and other handy features.

Features that make Hoskia stand out from the pack includes:

  • Fully customizable visual composer
  • WPBakery Page builder
  • 1-click demo import
  • 100% Fully responsive theme
  • Redux theme options
  • Multiple blog page layouts
  • Retina ready theme
  • SEO ready
  • Child themes included
  • Woo-commerce 3.3.x ready
  • Contact 7 form
  • Superb browser compatibility
  • MailChimp Ajax integration
  • Unlimited color schemes
  • Clean, error-free code
  • Unlimited Google fonts
  • Fancy and colorful pricing tables
  • Datacenter page fully integrated with Google API
  • WC3 validated code
  • Great, well-written documentation
  • Translation enabled
  • Free lifetime updates

HostCluster – $39

With more than 10 demos and multiple layout options, HostCluster can be considered one of the most versatile WHMCS themes capable of handling almost any functionality: web hosting, domain registration & transfer, crypto hosting and so much more. Arguably, HostCluster is one of the best themes for online businesses. You can build your website from the ground up with prebuilt sections thereby saving you a lot of time.

Further, it comes with both a front end and back end drag-and-drop visual composer. There are hundreds of theme options, elements & plugins for various functionality.

The theme can be quite complicated and offers advanced features which may require quite some time making sense of. However, this takes care of those businesses with a variety of services to offer and varying degrees of customizability.

So, what features make Hostcluster cool?

  • 1-click demo importer
  • Fully responsive for all devices with up to 5K resolution
  • Optimized and clean code which make it a fast & easy-to-use theme
  • Eye-candy CSS animations
  • Multiple color schemes and skins
  • A sleek attractive and versatile mega menu
  • A fully responsive revolution slider
  • Presence of WPBakery front and backend editor
  • Superb typography
  • The theme is GDPR ready
  • Multiple layout options
  • 600 + Google fonts
  • PHP-Ajax Contact form
  • MailChimp integration
  • Redux theme options
  • Compatibility with Contact form 7
  • Perfect documentation
  • Innumerable widgets. plugins and so much more!
  • RTL languages
  • Tons shortcodes for further customization
  • 24/7 Customer support

Linksy – $49

Linksy is a theme crafted for domain registrars, web hosting providers, local ISPs and to some extent, VoIP services. It incorporates nifty features such as a beautiful revolution slider, service plugins and loaded with tonnes of shortcodes to extend the functionality of basic features such as pricing tables, contact form, plan description, FAQ section, etc. You can create unique pages from the ground up using the handy visual builder. It ships with a clean code that makes the theme blazing fast and easy to use. The theme comes well recommended for the following companies:

  • Web hosting & domain registrars
  • Telecom companies: ISPs, Mobile & VoIP service providers
  • A.I and IoT tech startups

Linksy ships with the following features:

  • A fully responsive theme with a dynamic, multi-purpose revolution slider
  • ‘Team’ plugins that allow you to showcase the makeup of your Company team.
  • Free Google fonts and sleek icons
  • Custom widgets
  • Free PSD files
  • A cool dynamic accent color scheme
  • AccentPress plugin that displays your social account fans and subscribers number
  • Plugin for Instagram feed
  • Stellar support

Pixelogic – $49

If there was ever a theme that was crafted specifically for WHM, then Pixelogic is one. Pixelogic is a powerful and responsive WHMCS theme that you can use to create a larger than life web hosting site.

It comes fully compatible with WHMCS-Bridge plugin which acts as an intermediary between WHMCS and WordPress. Pixelogic handles the usual web hosting tasks such as sign up, log in, provisioning, billing, and support and firmly lets you take the wheel and steer your business. Pixelogic ships 10 predefined color schemes for your site, and powerful theme options that give you innumerable customization styles. It also has a free visual builder which helps you get started in no time with a handy drag and drop feature.

Summary of the key features:

  • A drag and drop visual composer that allows you to easily set up your site.
  • Fully responsive and SEO ready
  • Retina display
  • A sleek and multi-purpose revolution slider.
  • WHMCS integration using WHMCS bridge.
  • 2 custom homepage layouts which also come included in the demo.
  • Unlimited color scheme options giving you a vast array of colors to choose from and style your site to match your brand colors.
  • Powerful and advanced Theme Options panel that gives you immense control in the customization of your site
  • Clean HTML5 and CSS3 code
  • Compatibility with Contact form 7
  • Stunning fonts & icons
  • Parallax effect
  • Custom CSS for additional styling
  • Multiple layouts for pages and blog posts
  • Tonnes and tonnes of shortcodes
  • Inclusion of bootstrap components
  • CSS animations
  • Ready for translation to any language
  • Fast and professional 24/7 support
  • Perfect documentation

SlickHost – $129

SlickHost is fluid and fully responsive WHMCS built web hosting and domain registrar business in mind. It ships 10 hosting style formats and custom CSS settings to further revamp the look and feel of your site. Furthermore, it comes with a quick setup template that allows you to build your site in no time. It is SEO optimized to ensure better chances of ranking high on Google and also ships with RTL multi-language support. The theme has been built using clean code using HTML5, CSS3, JQuery and lot of animations.

Major features include:

  • Responsive layout and fluid design (Based on percentages and not pixelation)
  • Integration with WHMCS v7.3.
  • Clean code using HTML5, CSS3, jQuery, animation and media queries.
  • A custom affiliate page.
  • Social media integration with 19 buttons of popular social platforms such as Facebook, Twitter, and Instagram.
  • Built-in animation elements for giving your site a fancy look and feel.
  • 10 different layouts for hosting plans.
  • Multi display options.
  • CSS mega menu.
  • Tonnes of shortcodes.
  • Unlimited customizability underpinned by HTML snippets.
  • Quality guides and documentation
  • 24/7 Customer support

CloudHost – $20

CloudHost is a responsive WHMCS theme that lets you build your beautiful and sleek hosting website in no time. It comes fully integrated with WHMCS and replete with all the features required for a web hosting site such as domain search and registration, domain transfer , log in and sign up sections as well as billing and customer support sections. The theme is fully customizable with awesome and cool fonts and icons.

Key features include:

  • Responsive and fluid design
  • WHMCS integration
  • Numerous free Google fonts
  • Flat design
  • Lifetime updates
  • Custom CSS for extra functionality
  • A neat and simple UI design

HostWind – $20

HostWind is a clean and professional WHMCS theme that is customer-centric. It is fully responsive with a user-friendly UI and clean code. It ships with all the features and elements needed for hosting sites such as Sign up and login sections, domain search and registration, testimonials and pricing tables to mention a few. Moreover, you get a vast array of color schemes, neat fonts, and icons to add a touch of professionalism and visual appeal.

Core features of HostWind

  • Responsive design that is easily customizable
  • Visual composer 5 that lets you easily build your site block by block
  • 1- click demo importer
  • Clean and professional code
  • Integration with Contact Form 7
  • Google fonts
  • Over 2400 custom icons
  • Cross-browser support
  • Integration with WHMCS
  • Quality documentation
  • 24/7 customer support.

Hostiko – $39

Ranked as one of the best themes for 2018/2019, Hostiko comes with sleek features that allow you to create a beautiful and polished web hosting site. It ships with quality and comprehensive documentation and 15 days money-back guarantee.

So, what makes Hostiko stand out from the rest ?

Hostiko comes with the following features:

  • Fully responsive design
  • Domain search with whois Data
  • Domain search with Ajax
  • Interactive VPS slider that allows to to select your package and display the Hosting price
  • A mega menu option
  • A revolution slider for banners
  • Built on bootstrap 3.x
  • Flat design
  • Numerous Google fonts
  • Clean and simple code
  • WHMCS bridge supported
  • 1-click demo
  • Header and footer builder
  • Fast and SEO ready theme

Read: How to install a WHMCS Template

Best WHMCS themes: Final Recap

The market hosts a wide array of WHMCS themes. As such, it can be hard to find the ideal that brings out your brand’s pictures. For such, we have made the work easier for you by researching the top ten WHMCS themes for your site. These themes top the list in terms of user-friendliness, sound design, and multiple useful features. Grab any theme from our list and enjoy tweaking your site and give your business the attention it deserves.


Thank you for reading this post! Did you end up installing any of the themes from the above list? Let us know in the comments section below.

P.S. We offer free WHMCS licenses with our cPanel reseller hosting plans.

How to Fix DNS_PROBE_FINISHED_NXDOMAIN error in Google Chrome?

fix-chrome-error

Browsing the internet should be an easy, fun and hassle-free affair. However, that is not always the case. You may have probably stumbled upon a rather frustrating and disappointing ‘DNS_PROBE_FINISHED_NXDOMAIN’ error as you went about surfing the internet, cutting short your enjoyable browsing moment . This error hinders you from accessing your desired website, leaving you feeling stuck and vexed. It can also manifest in other browsers such as Firefox, Microsoft Edge and Safari browser. Thankfully, a few solutions abound that can help you get out of this quandary.

What is ‘DNS_PROBE_FINISHED_NXDOMAIN’ error?

The “DNS_PROBE_FINISHED_NXDOMAIN” is an error that points to a non-existent domain. In simple terms, the DNS server is unable to find the IP address associated with the domain name in question. This error is mainly caused DNS server misconfiguration or incorrect internet settings on your PC.

The DNS server performs DNS translation. Simply put, it resolves or translates domain names such as yahoo.com to an IP address associated with the domain name such as 98.138.219.232. Every time you type in a domain name in your browser’s URL, the DNS server springs to action and queries its database for the matching IP address for the domain name. When it finds it, it automatically resolves the domain name to the IP address of the domain’s web server and fetches the web page that you requested.

In the event that the DNS server cannot find the associated IP address, the error is splashed on your Chrome browser. The NXDOMAIN in the error, means a “non-existent” domain.

How to fix the ‘DNS_PROBE_FINISHED_NXDOMAIN’ error?

With that cleared up, let’s now explore some of the fixes that you can apply to resolve the error.

Restart DNS client on your PC

The first step you might consider taking is restarting the DNS service on your PC to fix the ‘DNS_PROBE_FINISHED_NXDOMAIN’ error.

To achieve this, follow the steps below:

Open the ‘Run’ dialogue box by pressing Windows Key + R

Type services.msc and hit ENTER

open-run-dialog-box

Locate and right-click on the DNS client service and select ‘Restart’ option.

restart-dns-client-service

NOTE: In some instances, the Restart option may be greyed out as you can see from the snapshot above. If that’s the case, then follow the rest of the steps outlined below

Run command prompt as Administrator. To do this, type cmd in the search taskbar. Next, right-click on the ‘Command Prompt’ option and select ‘Run as Administrator’.

run-cmd-as-administrator

On the command prompt console run the commands below in succession

net stop dnscache
net start dnscache
Change the DNS server and configure the PC to use Google’s DNS servers

If the first method fails, you might consider changing the DNS server settings that you are using. Naturally, your ISP will automatically assign you a DNS server. If you run into this error, you might consider using Google’s 8.8.8.8 or the newly launched Cloudflare’s 1.1.1.1. Switching to these DNS servers has been known to resolve the error.

For Windows

If you are on a Windows system, follow the steps below

Press Windows Key + R to open the Run dialogue.
Type ncpa.cpl and hit ENTER.

run-ncpa.pl-windows

This opens the network connections window displaying the network interfaces on your PC.

network-adapters

Right-click on the active network adapter and select ‘Properties’

network-properties

On the next Window, click on the ‘Internet Protocol Version 4 (TCP/IPv4)’ option and click on ‘Properties’.

tcp-ipv4-settings

On the next Window, click on ‘Use the following DNS server addresses’

change-dns-servers

Key in Google’s Primary DNS server as 8.8.8.8 and secondary address as 8.8.4.4 and click ‘Ok’

For Mac

For Mac users, head out to System Preferences as shown :

mac-system-preferences

Click on the Network Icon and later locate and click on the ‘Advanced’ tab at the bottom left section as shown.

mac-network-settings

Click on the DNS tab and append Cloudflare’s DNS addresses as indicated below

mac-dns-servers

For IPv4 1.1.1.1 and 1.0.0.1
For IPv6 2606:4700:4700::1111 and 2606:4700:4700::1001
Renew your System’s IP address

Given that the error is majorly a client-side DNS glitch, you might consider flushing your DNS cache and renewing your PC’s IP address. To achieve this, follow the steps below.

For Windows

Fire up your command prompt by pressing Windows Key + R and type cmd and hit ENTER.

run-cmd

To release your current IP address, run the command ipconfig/release. The command triggers the disconnection of your PC from your wired or wireless network.

ipconfig-release

Next, flush your DNS cache by executing the command ipconfig/flushdns.

ipconfig-flushdns

If all went as expected, you will get a notification that the DNS resolver was successfully flushed.

Finally, to renew your IP address, issue the command ipconfig/renew. Your PC will acquire a new IP address as it reconnects with your network.

ipconfig-renew

For Mac

Releasing and renewing your IP on Mac is also fairly simple. Click on ‘System preferences’

mac-open-system-preferences Locate and click on the Network icon and select the “Advanced” option.

mac-open-network-settings

Proceed and click on the TCP/IP tab and then click on the ‘Renew DHCP’ button.

Just like in Windows, you can easily flush your local DNS cache on the command-line, although this varies slightly a little. The equivalent of command prompt on macOS is called the terminal. To launch the Terminal, click on ‘Utilities’ and click on ‘Terminal’

mac-open-utilities

Then run the command:

dscacheutil -flushcache
Reset Chrome flags

Occasionally, experimental features can get in your way and prevent you from accessing any site as you go about browsing. A simple workaround to this issue is to reset the experimental features back to their default state by going to chrome://flags on your URL. When the ‘flags’ page launches, click on ‘Reset all to default’

open-chrome-options

Temporarily disable your Antivirus or VPN

Your favorite Antivirus software or VPN service can override your internet settings or even interfere with the DNS settings from your ISP. It is therefore prudent to temporarily turn off your VPN or Antivirus for a moment and see if this fixes the DNS_PROBE_FINISHED_NXDOMAIN error in your Chrome browser

Check your Hosts file

The ‘hosts’ file is a plain text file existing on your local machine that translates IP addresses to hostnames. By default, the entries in this file are commented and modifications are only done during testing, for instance when you want to see how a website will be rendered when hosted by a different server. Changes made to this file only affect your PC and not the DNS server. If you are experiencing the DNS_PROBE_FINISHED_NXDOMAIN error, it’s worth checking the hosts file and ensure the website that you are trying to browse is not listed there.

For Windows

To edit the hosts file, Run your text editor as Administrator. In this example, the text editor is Brackets.

run-text-editor

Open the hosts file located in C:\Windows\System32\drivers\etc\hosts

host-file

Ensure that the website you are accessing is not listed. If it is defined, delete the entry and save the file

For Mac

For Mac users, launch your Terminal and run the command below to open the hosts file

# sudo nano /private/etc/hosts

Again, ensure that the site you are accessing is not listed there. If it is listed, comment it or delete it entirely and save the file

Restart your Router and PC

If all else fails, then reboot your PC and even your router or access point. Restarting these devices clears quite a sizeable amount of cache memory which may help solve the error.

Conclusion

We do hope that this guide was insightful and provided tips on how to resolve the DNS_PROBE_FINISHED_NXDOMAIN error that occurs on Google chrome browser. As you have noticed, these are simple and easy-to-follow workarounds that will help you clear the error and let you to resume your smooth and enjoyable browsing session. Your feedback is most welcome.


I hope this guide helps you in fixing the DNS_PROBE_FINISHED_NXDOMAIN error in Google Chrome. If you have any questions please feel free to ask them in the comments section below.

Also, do take a look at some of our other most popular guides such as, 12 Simple Tricks for WordPress Security and 16 Easy Ways to Speed Up WordPress.

12 Simple Tricks for WordPress Security- [Keep WordPress Safe in 2019]

Ultimate Guide to WordPress Security

While having a website hacked may be just a minor headache for a beginner blogger, it’s a major disaster for a business. For example, if an online company possesses private or sensitive customer data, losing it to hackers is a nightmare that could lead to a reputation blow, fewer sales, and, in some cases, legal consequences.

That’s why many entrepreneurs, bloggers, and other people looking to establish their own website ask this question:

“Is WordPress secure enough?”

Well, one can’t answer this question with a quick and simple answer. It’s a complicated topic because, even though WordPress is fairly secure out of the box, it gets a bad rap for being vulnerable to a range of issues; most of these issues are related to the fact that the platform wasn’t initially created as a platform for doing business.

On top of that, many WordPress users tend to make pretty bad choices when it comes to security, and they contribute to the myth that the platform is inherently unsafe for business use. This, added with the fact that WordPress is the most widely used content management system (CMS), may create some problems for the platform’s image as a secure one.

For example, the recent Hacked Website Report 2018 found that WordPress-powered websites accounted for 90 percent of all hacked CMS sites last year.

Hacked CMSs in 2018 Graph
Credit: Hacked Website Report 2019

However, a closer look at the reasons why so many WordPress-powered websites were hacked reveals something interesting. According to the report, most of the vulnerabilities were caused by user-related reasons, including:

  • A failure to update the system
  • A lack of maintenance by webmasters
  • Vulnerabilities in plugins and themes installed by website owners
  • Misconfiguration issues.

These findings suggest that many of the security problems that give WordPress a bad reputation have nothing to do with the CMS. For example, as the report found, more than 36 percent of hacked websites based on WordPress had an outdated version of the system.

This mistake is quite common: in fact, the Reuters News website was hacked back in 2012 because of an old WordPress version that lacked the latest security patches that protected it from attacks. Apparently, the system sent the users at Reuters a lot of notifications about the newer version, but for some reason, they chose not to act.

“If organizations ignore those notifications and stay on an outdated version, then they put themselves at risk of these sorts of breaches,” Wall Street Journal quoted Mark Jaquith, one of the WordPress security experts, as saying.

So, instead of suggesting that WordPress has some security shortcomings, findings like these rather mean that many of the platform’s users ignore essential security requirements, hoping that developers would take care of everything. Unfortunately, this is not the case because there’s no 100 percent secured CMS, so users should also take charge of maintenance of their websites to ensure maximum security.

That’s why we’re going to review the latest WordPress security mersin escort advancements and methods in this article. Since you as a user of the system is responsible for keeping it secure and your business alive and thriving, we thought we’d give you everything you need to know to stay protected.

So, take a look at the following tips to lock down your website and keep hackers away.

WordPress Security Issues that You Need to Protect Your Website From

The following list contains many of the most important security issues that WordPress users face these days.

  • Outdated System
  • Brute Force Attacks
  • Weak Passwords
  • Inactive users

How to Secure Your WordPress Website

1. Always Update Your CMS

We’ve already touched upon this issue above, but it deserves a separate section due to the prevalence. While it makes perfect sense to install updates to get the latest security patches from WordPress developers, many users of the CMS choose to avoid them because of many reasons (for example, many think that updates could undermine the stability of the system).

That’s why WordPress accounted for 36.7 percent of the infected CMS, according to Hacked Website Report 2019.

Outdated CMSs
Hacked Website Report 2019

This finding once again proves that some owners of WordPress-powered websites are notorious for ignoring updates and exposing their businesses to avoidable risks. So, the solution here, although pretty simple, is also tremendously important for the success of your online business:

Install updates. Always install updates.

So, the next time you see a notification about a new update released by WordPress developers, make sure to click on “Install.”

2. Techniques Against Brute Force Attacks

A brute force attack is one of the most popular methods for hacking a website because it’s one of the easiest ones. Simply explained, it’s a trial-and-error method that includes trying a plethora of usernames and passwords until some of them work, to gain access to a website.

Unfortunately, brute force attacks are on the rise; for example, their number has increased by 400 percent in 2017. Many of these attacks targeted websites in the finance industry where hackers could gain significant rewards, but any WordPress website is a potential target because of the login page.

So, there are many methods which you can use to defend your website here.

Introduce the Multi-factor Authentication (MFA)

MFA tries to increase the security by adding an extra layer of protection, typically in the form of login confirmation code sent to your phone or a prompt that you have to tap on a screen of your device. This means that if a hacker succeeds at stealing your login information during a brute force attack, they still won’t be able to access your website, because, well, they don’t have your phone.

MFA is a highly effective method for protecting user accounts; in fact, Google has recently introduced 2-step verification, or essentially MFA, to increase the security of Google user accounts. The company also teamed up with the University of California to assess the performance of MFA in preventing account takeovers, and here’s what they found.

https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/05/infographic@2x.png
Credit: Google, the University of California, San Diego

 

As you can see, the method could be very effective at preventing hackers from getting access to your account, so considering introducing 2-step authentication at your WordPress website as well.

Install a Firewall Solution

Blocking a brute force attack before it gets to the server is important to prevent crashes or website speed issues. One way to do this is to install a WordPress firewall plugin that evaluates the incoming traffic and prevents access for hackers.

There are two types of firewall solutions suitable for the job: application-level and DNS-level. The first respective type of plugin analyzes the traffic before loading WordPress scripts, thus minimizing potential damage from an attack. Next, the second respective option is more efficient because it prevents bad traffic from winding up on your website by routing it through own cloud proxy servers.

3. Force Users to Come Up with Strong Passwords for Their Accounts

Also, remember that strong passwords are another way to reduce the risk of a brute force attack. While it may take some time for hackers to find out the passwords your users use to access their accounts, they can certainly do it.

There are two ways to make sure that all passwords used on your WordPress are secure. First, you can use secure generators like Random Password Generator to create complex password options for yourself. Second, you can also prevent your users from having weak passwords by installing a plugin called Force Strong Passwords.

4. Log Out Idle Users Automatically

Inactive and idle users are one well-known source of brute force attacks. When a logged in user stays inactive for a long period of time, it becomes possible for a hacker to get unauthorized access by running cookie or session hijacking. As a result, they can obtain login information and more.

This is a serious concern since a lot of people don’t really put much thought into this, especially if they are the only users on a website. By thinking that their website is insignificant for hackers or disregarding the importance of logging out, they’re giving hackers a chance to get login credentials.

Thankfully, there’s a plugin called Inactive Logout, and its name pretty much says it all: it enables the admin to change idle timeout time, thus eliminating inactive users from the site.

Also, you can add a “wake up!” message to the user, notifying that they will soon be logged out. So, by having a plugin controlling the idle time on your WordPress site, you can significantly reduce the risk of session or password hijacking.

5. Change Default WordPress Admin Login URL

WordPress admin area is a popular target for brute force attacks. If hackers succeed at breaking your admin login data, chances are you’ll never regain the control over your website and all the hard work you’ve invested in it would be lost. Once a hacker knows that your website is powered by WordPress, they immediately know that your login URL is www.yousite.com/wp-login.php.

One effective way to reduce the chance of someone hacking into your admin panel is to change the default admin login URL so the attackers won’t be able to find it. For that, you can install a plugin called WPS Hide Login.

It’s pretty straightforward to use and configure. For example, once you’ve installed it, a new option will appear under general settings, called “WPS Hide Login.” Click on it and you’ll open the tab of the plugin where you can change the admin login URL.

Change WordPress login url

When you create a new URL and save the changes, non-connected Internet users won’t be able to access wp-login.php and wp-admin directory and get a 404 error page. Only those who are logged in are able to do that. Remember that you can put pretty much anything in the black space to make it a new URL, so feel free to let your imagination wild.

Changing the login URL with this plugin won’t make any changes to the website because it simply intercepts page requests from non-connected users.

6. Limit Login Attempts

Another way to lock down your WordPress admin login page and dramatically reduce the chance of getting hacked is to limit the number of times someone can try to log in. If a hacker launches a targeted attack on your website and tries to guess your login data, chances are high that they will succeed, given enough time. So, it’s your duty to deprive them of that chance by putting a limit in place.

Thankfully, limiting login attempts is very easy even if you’re not an experienced WordPress user. For example, all you have to do is install a plugin that lets you do just that. One good one is called WPS Limit Login, and it comes from the creators of WPS Hide Login plugin introduced in the previous section.

It allows specifying a certain number of allowed failed login attempts before the admin panel is locked, as well as how long the lockdown lasts. It’s advised to allow only a few failed attempts, while you can set the blockage of a particular IP address at one hour. This will make conducting a successful brute force attack extremely difficult, and chances are that the hacker can stop trying.

7. Change WordPress Database Prefix

A WordPress installation creates eleven tables in the MySQL database, with all of them having the same default prefix: wp_ (wp_options, wp_users, wp_posts, wp_comments, etc.). The names of the databases describe their purpose; for example, wp_posts is where your blog posts are stored while wp_users is where you can find the information about users.

Most WordPress users don’t change the prefix because they don’t know that hackers can exploit this to their advantage and get access to websites (this is called SQL injection vulnerability). SQL injection vulnerability provides the hacker with an ability to “inject” SQL code through an input which is accessible by users of the site and execute it using the SQL server where the eleven databases are stored.

To retrieve private data of website users, a hacker can enter SQL code in a sign-up form instead of the email address. The website may execute the code and return the content inside wp_users to the hacker, thus creating all sorts of problems for the website owner. That is, of course, if the database table prefix is default in your website.

To prevent SQL injection attack and keep your data stored in the database safe, you can change the prefix by following these steps (before you do that, though, it’s highly recommended to back up the contents of the database):

  • Open WordPress root directory and find wp-config.php file
  • Open it and find the prefix line, e.g. $table_prefix = ‘wp_”
  • Change the prefix (letters, underscores, and numbers are allowed; for example, “wp_n1m7c42”
  • Rename all table prefixes.

To reduce the risk of your site being hacked further, be sure to rename all of the WordPress database tables you have whose names begin with default values.

The last step here is to replace the old names of tables in the options table. To speed up this process, feel free to use the following SQL query:

SELECT * FROM ‘wp_n1m7c42_options’ WHERE ‘option_name’ LIKE ‘%wp_%’

As you can see, the query seeks to find the default value – ‘wp_’ and replace them with the example used earlier in this section: wp_n1m7c42.”

The last step here is to double-check everything to make sure that your database is working perfectly.

8. Monitor Admin Activity

If your WordPress website has multiple users, it’s totally worth tracking their activity to see what they’re doing as well as spot such security issues like unauthorized users. For example, if an admin adds a user that does something suspicious or commits an unauthorized action themselves, you’ll be able to identify that.

Since WordPress doesn’t have default plugins for that, you need to install a plugin like WP Security Audit Log.

It provides real-time user monitoring and enables to identify the following changes:

  • Menu and widget changes
  • Post and page changes
  • Category and tag changes
  • User activity, including login, logout, terminating other activity sessions and failed logins
  • Registration of new users, deletion of existing users, and modifying their accounts
  • Changes in user profiles, including display name, role, email, and password
  • WordPress settings changes
  • Changes in themes or plugins
  • Site file changes.

In other words, you have an opportunity to track pretty much everything that other users do on your website, which is exactly what you need to reduce the risk of someone undermining its security. If someone does something that they’re not supposed to, you’ll know about that action quickly.

9. Hide the UserName

One sure-fire way to give access to your WordPress admin account to hackers is to let them know the username. Here’s the problem: when you create a new user in WordPress, the CMS uses it to rewrite the URLs to the pages that have content created by that user (for example, these could be pages written by a specific author).

As a result, a random visitor – that means a hacker, too – can see the user name in the address bar in their browser. For example, let’s suppose that your username is peterjohnson. Here’s what page with your content will look like in the address bar:

www.example/author/peterjohnson

With this information, the task of hacking into the admin panel becomes much easier because they have half of the information required to succeed. So, you need to hide it by following these steps:

  • Go to the user’s profile page and check whether First Name and Last Name fields are filled
  • Click on Display Name Publicly to view the drop-down menu where you can choose how your username appears in pages. Here, it’s important to select something different from your admin username
  • Change the user_nicename entry for the changed username from the database. To do that, you need to go to the Databases section and login to your hosting provider
  • Click on phpMyAdmin, select your database, and go to wp_users table (please note that the name of the table could be different if you followed the above tip and changed the database prefix)
  • The first column in the table is Edit, click on it
  • Change the user-nicename to a name that is different than the current username
  • Find the Go button below the table and click on it to save the changes you just made.

Another way to change the username is by issuing a special command in MySQL. For example, let’s once again suppose that you have an account with the following information: username: peterjohnson, First Name: Peter, Last Name Johnson.

Here’s the command:

UPDATE `wpdb`.`wp_users` SET `user_nicename` = ' peter-johnson' WHERE `wp_users`.`ID` =3.

As pretty much anything else with WordPress, you can also use a special plugin for hiding your username. For example, the smart Archive Page Remove can help you remove automatically generated archive pages (Author-based, category-based, tag-based, etc.) for posts.

If someone tries to access the removed pages, they will get the 404 error.

10. Always Use Secure Hosting

Poor-quality web hosting is a major reason why WordPress websites get hacked. Indeed, the foundation on which you run your website is critically important for your security because the provider also plays a decisive role in preventing and identifying attacks from hackers.

Since the selection of hosting options today is quite large, you should look for ones that provide the following features that maximize the protection:

  • Uptime monitoring
  • Detection and mitigation of DDOS attacks with DDoS protection services
  • Intrusion detection systems that identify suspicious activity
  • The requirement of only encrypted connections (SSH and SFTP) for direct site access
  • Automatic ban of IP addresses after more than five failed attempts to log in
  • Restrictions that prohibit to run PHP in common directories.

If your existing hosting provider doesn’t have some of these features or lacks security-related support, you should consider moving to a more secure solution to increase the security of your website.

“Moreover, keep in mind that security-related features shouldn’t affect the performance of your site,” says Adam Morrison, a web security expert from Trust My Paper. “You know very well that Internet users don’t like to wait for a website to load.”

11. Have Google Let You Know About New Pages on Your Website

This is an easy and effective technique that you can use right now. In some cases, hackers add new pages to a website that an owner can’t see in the frontend or backend, so they can continue their activities without anyone knowing about it. However, there’s one way to detect new pages that were added without an admin’s permission: Google Alerts.

Since new pages get indexed in Google, you can set an alert to know if someone is messing up with your website without your permission. All you have to do is go to Google Alerts, add your site in the top bar, select additional options such as language, and set How Often to As-it-happens. Also, select All Results in How Many fields because you need to receive all indexed results.

Now, you’ll get quick notifications when a new page from your website gets indexed by Google.

12. Protect Your Website Effectively and Proactively

Of course, we can’t cover every single WordPress security technique here, but these are definitely the ones that you should consider implementing first because they help to mitigate and avoid the most common brute force attacks. Also, we hope this guide helped you to understand the significance of staying up-to-date with WordPress security solutions and being an active player when it comes to protecting your online business from hackers.

Even though WordPress-powered websites comprise a large part of those that were hacked last year, it’s safe to assume that many attacks could have been mitigated if the owners followed the latest security recommendations. So, now you’re in a much better position to start strengthening the security of your website.


I hope this guide helps you secure your WordPress site if you have any questions please feel free to ask them in the comments section below.

If issues like these are not something you want to be dealing it, take a look at our managed WordPress hosting plans that let you run your business without having to worry about your server or web hosting.

Managed vs Unmanaged VPS- Which is The [Right Choice ]For You?

managed vs unmanaged vps

As your website begins to grow and continues to attract more views, you may probably want to shift from a Shared Hosting plan to a VPS Hosting plan to leverage the reliability, power, and functionality of a dedicated server at a much lower cost. Before we proceed further let’s define a VPS.

What is a VPS ?

To get a better sense of what a VPS is, let’s have a look at the extremes of Web Hosting.  The most basic form of web hosting in shared hosting. In shared hosting, you have one server that is split into multiple accounts that serve different customers. All these customers share the server resources such as disk space, CPU, and RAM.  Shared hosting is less expensive and is mostly preferred when you are just starting out with a new website. However, it is restrictive when it comes to customization and when the main server is affected, all the other customer servers are affected as well.

On the other extreme end of Web Hosting are Dedicated Servers. Here, a single customer gets the entire server to themselves; there’s no sharing of server resources with other customers. Additionally, a dedicated server gives a customer gets 100% control of the server and allows them to make system tweaks according to their preferences. A dedicated server is a powerful solution for websites that run heavy applications and enjoy massive traffic. However, dedicated servers do come at a higher price point.

To balance the advantages of shared hosting with dedicated server hosting, a hybrid approach was conceived. And this is VPS Hosting. In VPS hosting, a single server is segmented into several virtual servers know as Virtual Private Servers. Each VPS is entirely different from the rest of the virtual servers. It has its own copy of the Operating system, functions differently from the other servers and does not share its resources. Also, A VPS offers a high degree of customization and users can easily log in and scale their resources such as CPU, RAM and disk space in anticipation of increased traffic and deployment of more applications. Virtual Private Servers have become hugely popular among medium to large sized companies which want to leverage the benefits of dedicated hosting at a much lower cost.

In your search for the most reliable and powerful VPS hosting plan, you might have probably bumped into two confusing VPS terminologies that left you a bit confused. These are  Managed and Unmanaged VPS Hosting. Let’s dive in and explore the differences between the two in turns.

Managed VPS Hosting

managed vps service gives you peace of mind
A Managed Service ensures that you can focus on your business.

In Managed VPS Hosting, the web hosting provider handles all the server-related issues. Despite the benefit of having the technical know-how of managing your server, managed VPS Hosting makes your workload lighter by doing all the heavy lifting.  Managed VPS Hosting is more like an auto-pilot. Upon take off, the auto-pilot does pretty much everything as it guides the plane through its flight path, monitoring its speed and altitude and making all the necessary adjustments along its flight path to ensure that the plane flies safely. This takes off a significant workload off the pilot’s shoulders. Like the auto-pilot in the airplane, the web hosting provider’s experts take care of your server’s resources and monitor your server round the clock for any issues as they make the necessary updates and upgrades accordingly.

Managed VPS Hosting is mostly beneficial to non-technical customers who have little or no knowledge of setting up and configuring the server and its applications. Even more so, users who have little time on their hands to handle their VPS.

Key services that are usually handled in managed hosting include:

Advantages of Managed VPS Hosting:

Managed VPS hosting brings with it a lot of goodies on the table that will leave you a worry-free customer:

  • 24/7 round the-clock-monitoring by your web hosting provider gives you peace of mind and guarantees you 99.99% uptime of your VPS.
  • Non-tech-savvy users need not worry about the setup and configuration of the VPS since server maintenance is delegated to well-trained experts of the web hosting company.
  • Managed hosting offers a high degree of scalability. This means that you can get server resources like CPU, RAM, and bandwidth whenever you need them in line with your VPS requirements.
  • You get to enjoy a myriad of server tweaks in that will boost your server’s performance and capacity to accommodate more traffic.
  • Server maintenance and monitoring are cost-effective as it accords you more time to attend to other tasks.

Unmanaged VPS Hosting

unamanaged vps is for geeks
An unmanaged vps is a great option for geeks.

As the name suggests, in Unmanaged VPS Hosting the responsibility of managing the VPS is taken away from the provider and placed on the customer.

The customer is
escort eskişehir responsible for everything on the VPS. From the setting up of the server, configuration of applications to monitoring the VPS. The web hosting provider’s responsibility ends at providing network connection and the virtualization platform.  This is synonymous with the airplane’s auto-pilot being switched off and control handed back to the pilots. In effect, the pilots will be in full control of the plane. This is where the pilot’s training kicks in to guide the plane throughout its flight path and eventual safe landing.  

Similarly, unmanaged VPS hosting requires a highly-skilled and tech-savvy individual with a decent amount of knowledge of how to configure and manage the VPS alongside other various services and applications that come with the VPS. The user has an unlimited degree of freedom to do as they please on the server.

On the other side of the coin, unmanaged VPS hosting is not recommended for beginners with limited technical knowledge as this will be a huge deterrent in their quest to getting things up and running. An ideal workaround for them would be the earlier discussed Managed VPS Hosting where the technical aspect is handled by the web hosting provider. Tech-savvy users will usually find this plan a walk in the park especially in setting up services like LAMP stack (Linux Apache MySQL and PHP), WordPress CMS and configuring features like SSL certificates, Firewall, CDN, site backups and DNS settings among many other aspects.

That said, let’s have a look at the merits and drawbacks of the unmanaged VPS model.

Advantages of Unmanaged VPS hosting

Unmanaged VPS hosting favors clientele with technical knowledge of the workings of a VPS; from the initial server setup to deployment of applications and monitoring the system. It also accords the tech-savvy clientele the freedom to do whatever they please with the VPS provided the tasks are within the Terms and Conditions of the Hosting provider.

Since the clientele handles the bulk of the workload, then unmanaged plans tend to be cheaper than Managed VPS plans.

Disadvantages of Unmanaged VPS hosting

Since unmanaged VPS hosting requires a decent amount of knowledge in setting up, maintaining and monitoring the VPS, it’s not ideal for non-technical users or beginners.

Additionally, setting everything up from scratch makes the clientele lose enormous amounts of time which could have been used in more beneficial tasks such as marketing the business and making strategies for business growth. Furthermore, constant monitoring of applications and servers may be strenuous for the user.

For these aforementioned reasons, individuals and companies would prefer the insurance that comes with Managed Hosting so that the can have peace of mind that their VPS will be running seamlessly, and any issue will be attended to without delays.

Weighing Options

Do you need managed hosting?

Having looked at both Managed and Unmanaged VPS hosting services, it’s up to the clientele to decide what to opt for and what to compromise. One of the key considerations is cost.

Although Managed VPS Hosting is more expensive than unmanaged hosting, over time, this price gap has tremendously narrowed, and users can trade in cost for reliability and risk assurance from the hosting provider. Also, If setting up and configuring the server is going to eat a lot into time meant for business, then Managed VPS Hosting is the most preferred option as far as time management is concerned. Security is also another crucial factor to consider. Are you comfortable managing the security of your VPS or would you rather have your provider manage the risk for you?

Wrapping up

While Managed VPS Hosting may come off as slightly more expensive, users will have no qualms opting for it since they will have the peace of mind that their VPS will be professionally managed, and all security issues will be dealt with to avert system downtime.

This is the utmost deal breaker because businesses cannot afford downtime in a heavily competitive online platform.

16 Easy Ways to Speed Up WordPress – (Ultimate Guide for 2019)

How to Speed Up Wordpress

The page load time of any website is an important factor to increase traffic & conversion for any web site. Visitors always prefer browsing sites that are fast and load quickly. If your site is not loading within an acceptable time limit then you are going to lose visitors and potential buyers forever. Therefore for good page views, users experiences and for better SEO rankings, one must test a site rigorously to remove bottlenecks and thereafter optimize the site for speed under different circumstances before going live. In this guide, we will explore 16 easy ways to speed up WordPress.

Why is a fast site important?

You will appreciate why page load time is so important after going through following key points:

  • A 1 second delay in page load time reduces your site’s conversions rate by 7%, page views by 11% and customer satisfaction by 16%.
  • When Mozilla configured its site to load 2.2 seconds faster, the download of Firefox browser increased by 60 million per year.
  • Amazon’s revenue increased by 1% for every 100 ms decrease in page load time.
  • Search engines like Google, rank sites with quicker load time than with a site with slow load time. Therefore to increase your sites SEO ranking, consider improving page load time of your site.

A high page load time means visitors will leave your site even before it loads. To capture visitors attention and to convince them to stay on your site, you must configure it to load ideally under 2 seconds. The following section will guide you to find your sites speed, causes of page slowdowns and ways to decrease the page load time of any WordPress site.

Check your Current Website Speed

Before we start troubleshooting we must first figure out what the problem is. If you are trying to measure the page load time of your site through any browser, you will most likely find it to be quite okay. However, this may not be accurate because the browser may serve you cached content of your site that enables quicker load time and this does not simulate the experience that a first time visitor may encounter on your website.

Further, different geographic location will experience different page load times depending on the server’s location if your site is not using a content delivery network(CDN).

Therefore before you start optimizing your site for speed, first analyze the page speed score with the available tools and also find the bottlenecks that your site is experiencing.

There are few great online tools available to generate a detailed report on page speed. I personally use GTmetrix and Pingdom. Both are free and offer great detail and insights into the factors contributing to high load time. 

Using both these tools are incredibly simple.

GTMetrix

Visit GTMetrix and enter the URL of your website and hit Analyze. Depending on how busy their service is, it may take anywhere between 30 seconds to a few minutes for them to analyze your website. Once the test completes you will be presented with a result as follows.

gtmetrix-speedtest-results

You will see 2 scores in your report, a PageSpeed Score and a YSlow Score. Focus on the PageSpeed score and try to bring it as close to 100% as possible. Below the report, you will find various factory contributing to the load time along with how much of optimization do they need and their priority. The goal is to get as many of them to Grade A as possible.

Pingdom

Pingdom is another great tool when it comes to testing your website’s load times. The biggest advantage of Pingdom over GTMetrix is that Pingdom allows you to test your website across multiple geographical locations. Once again, testing is incredibly simple, just visit Pingdom Tools and enter your URL and hit Start Test. 

Pingdom will provide you 4 different parameters in their reports. 

  • Performance Grade
  • Page Size
  • Load Time
  • Requests

pingdom-test-results

In addition to the score, you will also receive a list of pointers and factors that can be improved upon.

Choosing the Right Web Hosting Provider for Speed Up WordPress.

Choosing the right web hosting service is of utmost importance even before you start optimizing your WordPress site. If your website is running on outdated software powered by low-end commodity-grade hardware and overloaded servers, anyone using this type of provider will experience slowness, it’s just a matter of time. 

While Shared Hosting is a perfectly fine platform to start running your WordPress site on till you get some traffic to grow, there are a few important pointers that you should keep in mind before choosing a Shared or Managed WordPress Hosting.

  • Make sure the company uses SSDs or Solid State Drives. It is 2019 and there is simply no reason why you should host your website on servers running age-old spinning drives. SSDs have been proven to be over 10x faster as compared to Hard Disk Drives or HDDs.
  • Since you are in a shared environment, there should be some kind of user isolation. The company must use an LVE (Light Weight Virtualized Environment) such as CloudLinux & CageFS to isolate each user and allocate them a set amount of resources. This ensures that your site does not suffer in case another user starts using up excessive resources.
  • Using the latest and optimized software stack. As of writing this post, PHP 7.3 is the latest version of PHP and your web hosting should at the very least support 7.2. Along, with the latest version of PHP a few other tools that will aid in lowering your load times are Nginx the high-performance alternative webserver to Apache, using HTTP/2, Brotli Compression and PHP OPCode caching.
  • Another important factor that users very often overlook is the inclusion of DDoS protection with their hosting service. DDoS attacks are becoming increasingly common each day and even a small attack can take your website offline for hours. In hosts in such a case will either show you the door and remove your site from their platform or send you a massive DDoS protection bill. It always helps to make sure that your hosting provider is already protected against such attacks.

If you are the DIY-Hacker kind, you can also choose to host your WordPress site on a VPS and use something like a ServerPilot or Webuzo control panel to manage it. This DIY approach can be cheap but be prepared to spend hours keeping everything secured and updated at all times.

Lastly, if your site is popular and gets a lot of traffic and you have the budget then you should probably look into a dedicated server as one of the options by taking advantages of the bare-metal performance. This option is usually available in both managed and unmanaged variants depending on what your exact needs are.

Optimize Your Plugins and Usage

Plugins are an integral part of WordPress. Plugins in WordPress allows you to add functionalities to sites very easily but on the flip side, they can cause a lot of performance issues if you are not selective while choosing the right plugins for your sites.

The first step is to reduce the number of plugins and only use and install plugins that are absolutely required. Lesser the number of plugins, lesser is the job that your server has to do while presenting your website to a visitor and faster is the speed.

Using a plugin profiler such as query monitor, you can debug and see which plugins are running a large number of database queries that potentially maybe taking a long time to execute itself. 

Once you have installed & activated query monitor visit your website while you are logged in to your WordPress admin area. On the top bar, you will see the time it took to generate the page along with a lot of additional details.

wp-query-test-results

On the bottom, you can further check and analyze the time taken by each script and database query to complete.

Another easy alternative is to deactivate all plugins and activate them one at a time and after each activation the speed test using either Pingdom or GTMetrix. By analyzing the report of the speed test, you can pinpoint the plugins that are consuming heavy resources in the server and directly affecting the page load time of your site.

Use a Lightweight Theme

A lightweight, clean and minimalist theme that is already optimized for speed on both frontend and backend is important while you start optimizing a WordPress site for good speeds. There are thousands of lightweight theme that are available freely to choose from. Of course, you can also start building a lightweight theme from scratch. But in the process of choosing or building a theme, you must look into the following aspects.

  • Use a minimal theme with only the features that you need and nothing that you don’t. A theme that is bloated with features and looks beautiful may be poorly developed and will bring your site down to its knees.
  • Avoid themes with a lot of imagery. Images add a considerable about of time to your website load times. Look for themes that use CSS for most of its design aesthetics and keeps the use of static images to a bare minimum.
  • Look for a theme built on top of well known and widely used frameworks that are already optimized to deliver the best performance, such as Bootstrap & Genesis frameworks.

Optimize your Images

The size of images on your site contributes to the size of the web pages and the size of the web page is directly proportional to the page load time. The solution is to reduce the size of the original images without compromising the quality by choosing a suitable image format and size. The PNG image format is uncompressed and the quality is better while JPEG is compressed with little loss of quality of the image.

You can optimize images manually by using tools like Adobe Photoshop. However, there are few awesome plugins available that can take care of optimizing images before you place them in a page. Two such free plugins are WP-SmushIt and my personal favorite EWWW Image Optimizer. that can automate the process of optimizing images while you upload them in your site.

 Let’s check out how to install and configure it through the WordPress dashboard.

Login to the WordPress admin panel and click Plugins->Add New from the left sidebar. Type the word ‘ewww’ in the search box and hit the ‘Enter’ button. Hit the ‘Install Now’ button to proceed with installing the plugin.

 

Install EWWW image optimizer

Now activate the plugin by clicking the ‘Activate’ button.

Activate EWWW image optimizer

Once you are done with installation and activation, click Settings->EWWW Image Optimizer from the left sidebar. The EWWW Image Optimizer Settings page will provide you with various options for optimizing images. Review all the options on the settings page, and then click Save Changes from the bottom of the page.

Henceforth, EWWW Image Optimizer plugin will optimize any new images that you upload.

Install a High-Performance Caching Plugin

WordPress pages are dynamic that means every time a page is requested by a user an HTML page is generated on the fly. This step involves connecting to the database, retrieving data from the database and generating an HTML page by applying CSS and JS. When you have a lot of traffic to your site, building a page for every request will slow down your site considerably. Therefore instead of repeating the steps every time to generate pages, a caching plugin can save a copy of generated HTML in a temporary file. The subsequent request for the page is served from the temporary file without repeating the steps to generate HTML pages all the time.

There are a lot of caching plugin available freely that you can choose from. WP Fastest Cache is one such plugin that we have grown to love and recommend highly.

To install WP fastest cache, login to the WordPress admin panel and click Plugins->Add New from the left sidebar and type the word ‘WP Fastest cache’ in the search box situated in the right top. Finally hit the button ‘Install Now’ from the very first result.

Install WP Fastest Cache

Once the installation is over, activate the plugin by clicking the ‘Activate’ button.

Activate WP Fastest cache

The WP fastest cache menu will be visible in the left sidebar. Click it to start configuring the plugin. To start configuring WP Fastest Cache Options, you first need to enable the cache system by ticking it. There are a lot of other options available that you can choose according to your requirements.

Configure WP fastest cache

The preload options will compile all of the PHP code with database calls into a static HTML file for faster delivery. Don’t turn it for all the contents but only turn on the items that are visited most often.

Preload Options

For New post, it is recommended to clear all the cache for the entire site since it is possible that the post may be displayed in other sections like homepage, page listing or tags and so on.

New Post options

In case of an updated post, instead of clearing all the cache, just clear the cache of the page, its categories, tags, and homepage. 

Update Options

Once you are done with choosing rest of the options for WP Fastest Cache, hit the submit button at the bottom of the page and you are done with configuring the plugin which in turn will create cached content for your site and as a result the pages will be served much faster and you can verify this with a Pingdom test.

Enable GZIP Compression

Gzip is a file compression format when enabled your web server serves a compressed version of your static web assets such as css, javascript, html & xml files. Using gzip compression, it is possible to compress the size of a web page by as much as 70% making it smaller and thus it will be delivered faster to the end user. When Gzip compression is enabled the browser checks to see if the content-encoding: gzip HTTP header is present, if it is, it will load up the compressed pages and unzip it before displaying it in the browser. This results in a considerable reduction in bandwidth usage as well.

The caching plugin, WP Fastest Cache that we have discussed earlier automatically compresses web pages using Gzip compression. However, you can also enable this by adding the following code in your site’s .htaccess file.

AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

Use a Content Delivery Network (CDN)

The page load times for your website for users all across the world will vary. This is due to the geographical location on your server. Those who are close to the location of the server will experience faster load time than with users who are farthest from the server location.

A content delivery network or CDN consists of a chain of servers distributed across the globe. These chain of servers cache the static content like CSS, JS or images and store a copy of it across all the servers in their network. Whenever a visitor requests a page, the static contents are served from the server that is closest to the visitor. We have been using AWS’s CloudFront as our CDN of choice and it has been working well for us however a few other simpler alternatives worth checking out are MaxCDN & BunnyCDN.

Keep your WordPress Core, Plugins & Themes Updated

WordPress is a well maintained open source project and releases new versions with bug fixes, security patches, and performance improvements regularly. The same is true for WordPress theme and plugin. It is always a good idea to keep your core WordPress files, themes, and plugins updated to the latest version. By doing so, you are making sure that your WordPress site does not become slow or vulnerable to any potential security threats.

Embed Media to an External Service

Although it is possible to upload and stream media files like audio or video to any WordPress site itself but by doing so not only accounts for your bandwidth usages but also increases the size of your site. Instead, you should always host the media files such as videos or audios on an external site like YouTube, Vimeo, DailyMotion, SoundCloud.

What you need to do is just copy the video URL and paste it inside the WordPress post. WordPress will automatically embed the video into the post.

Use Object Caching for Highly Dynamic Sites

While serving pages to visitors, WordPress connects to the database, retrieves the required data through database queries which can start to be quite time-consuming if you have a highly dynamic and high traffic website such as a forum or membership website. It is possible to overcome this bottleneck by using an object-cache such as Redis, which is an open-source, in-memory data structure used to cache results from the database.

An object-cache can remove this bottleneck by storing the results of a query in its cache and for subsequent page requests, database results are served from this cache. If the result of a database query is not found in the Redis cache then it is served by the database engine and is added to Redis cache subsequently.

Whenever a visitor requests the same page again, the results are served from the Redis cache without need to query the database again. When the database is updated the Redis objects for the query in the cache is invalidated to prevent the cache data being served to another user.

Use PHP OPCode Caching

Whenever a page is requested by a visitor, PHP loads the scripts compile it into bytecode and then executes the page. Without any opcode caching mechanism, the process is repeated for every request which is very inefficient.  Using a PHP OPCode caching mechanism such as Zend’s OPCache, APC or xCache significantly improves the performance of PHP by saving the precompiled script into bytecode in memory. This eliminates the need for PHP to load and parse the script for every request.

Most modern hosting providers will offer support for Zend’s OPCache by default, if not you should move to a provider that does.

Use Lazy Loading for Images

Another way to improve your page load times is to use lazy loading. If your website consists of a large number of images, photo galleries, and videos in your site, what lazy loading does is that instead of loading all the images or videos at once, it downloads those images and videos which are visible on the browser’s screen while replacing other images and videos with a placeholder image.

When the user scrolls down the page, it will load the images one by one those are now visible in the browser. There are a lot of free plugins available that you can choose to add lazy loading to your WordPress site.

Use a Web Application Firewall

Cloudflare is more than just a CDN. The optimization features of Cloudflare allows you to enhance the performance of any WordPress site beyond what a traditional CDN can do. The ‘Bypass Cache on Cookie’ feature of Cloudflare allows complete cache of pages those are not logged in allowing your server not to regenerate pages when the pages are effectively static. Cloudflare also provides a DNS service that is highly reliable. 

Further, Cloudflare’s DNS level firewall protects your WordPress site from malicious attacks even before they reach your site. Cloudflare can effectively protect your WordPress site from brute force attacks and Distributed Denial of Service attacks (DDoS) attacks.

Use the Latest PHP Version

While you will be able to host and run WordPress of most hosting services, not all always run the latest version of PHP that is available. The latest version of PHP 7.2 is multiple times faster than earlier versions is even by WordPress.

All our WordPress hosting plans allow you to use the latest version of PHP right up to 7.3 however if some of your plugins are not compatible with the latest version, you can also switch to 7.2 or 7.0.

In case, you are hosting the WordPress site in your own server then always install the latest version of PHP to take the advantages of performance gains as compared with its previous versions.

Disable Pingbacks and Trackbacks

Pingbacks and trackbacks are two features of WordPress that is used to communicate with another site in the form of notification, but it is also a major source of spam notifications. The notification will be in the form of email but are also be delivered directly to the WordPress admin dashboard. These are mostly unnecessary and add clutter to your database.

It is very easy to turn off pingbacks and trackbacks by navigating to WordPress admin dashboard by clicking Settings -> Discussion. Now, deselect the option that says “Allow link notifications from other blogs (pingbacks and trackbacks) on new articles”.


Conclusion

The most important reason to reduce your page load times is to improve user experience and which in turn helps your search engine rankings. Even if you were to implement just a few of the above tips and tricks, you will still see a large improvement and reduction in your page load times. I hope you enjoyed this post, go ahead and try out these techniques and let us know what your page load times are.


 

[The Ultimate Guide] How to protect your site from DDos attack?

How to protect your site from DDos attack

DDoS attacks are not new in the cyberspace world. The past five years have seen a surge in these attacks and the DDoS landscape keep evolving as time goes by.

So, what is a DDoS attack? 

A DDoS (Distributed Denial of Service) attack is a nefarious cyber-attack that intentionally seeks to disrupt the normal flow of traffic to a server or blocks access of normal service by users by flooding or overwhelming the intended target with a flood of packets. DDoS attacks leverage the use of botnets to carry out these malicious attacks.  A botnet, portmanteau of robot and network, is a network of compromised Computer systems infected with malware designed to bring down systems. Botnets are designed by hackers to flood the target computer systems & servers with IP packets causing disruption of access to networks, applications and by normal users. DDoS are very notorious and are known to cause devastating effects especially to large corporations. A DDoS attack can take down an e-commerce website for several hours causing huge losses to the business. It can also lead to a loss of internet connectivity and access to critical server resources.

History of DDoS Attacks

The first ever DDoS attack was engineered by a 15-year-old boy called Michal Calce in the year 2000 and was done purely for bragging rights. It temporarily took down huge sites like CNN, Yahoo, and eBay.

One of the most notorious and debilitating cases of DDoS attack was the DDoS attack on Dyn, a DNS provider, that led to inaccessibility of major internet sites across most parts of Europe and North America. The DDoS attack began on 21st October 2016 at 11:00 UTC and lasted till 13:20 UTC. It later resumed at 15:50 UTC and went up till 17:00 UTC. The primary source of the attack was pointed to a botnet of internet connected devices which were infected with the Mirai malware. A huge number of IP addresses flooded Dyn’s network with massive TCP and UDP packets that targeted port 53 which is the native DNS port. So severe and sophisticated was the attack that it took down top websites such as CNN, PayPal, Heroku, Spotify, Airbnb, Reddit, GitHub, HBO, SoundCloud to mention just a few.  The attack affected users across Europe and America but was eventually contained and normal services were restored.

However, we cannot emphasize more the extent of damage it had on end users and the Companies alike. GitHub, a popular development platform suffered a catastrophic DDoS attack that was occasioned by a record-breaking 1.35 Tbps of traffic on their systems. Yeah, you heard it right. Unlike in Dyn, this attack was contained within 8 minutes and normal service was restored.

Who’s at risk of a DDoS attack?

An average PC user need not worry about a DDoS attack. However, businesses of all sizes from small to enterprises stand to lose revenue and suffer a possible plummeting of their Shares in the market due to the downtime of their services. To mitigate this risk, they must, therefore, invest heavily on security measures to counteract such attacks

How do you know that you have fallen victim of a DDoS attack?

DDoS attacks hit their target without much of a warning. You cannot prevent a cyber attacker from sending malicious packets to flood your system and render its services unavailable. However, there are tell-tale signs of a system that has been compromised by a DDoS attack. Let’s have a look at how you can diagnose a DDoS attack.

“DDoS attacks cannot be prevented, but only mitigated.”

Service Unavailable Error

When a server goes down, one of the first clues is the “Server Unavailable” error when you try to browse it in a web browser and this may be persistent for a long time duration. In other cases, the server may be reachable, but its services may be degraded leading to slow connections. This anomaly can be diagnosed further using the netstat command in both Windows, Linux/ Unix Systems.

Netstat is a network command tool the displays active TCP and UDP ports on which a server is listening on, IP routing table, Ethernet statistics and both IPv4 and IPv6 statistics. Without any arguments, the command displays all active TCP ports on which the server is listening.

To check for unusual IPs connecting to your system run

$ netstat -an 

netstat-command  

The above output is of a normal/expected output showing TCP and UDP active connections.  If a DDoS attack has occurred, you would notice a huge number of IP addresses connected to the same port

tcp        0    197. 76. 11 34:22         38.248.152.106:41286    TIME_WAIT
tcp        0    197. 76. 11 34:22         38.248.152.106:41287    TIME_WAIT
tcp        0    197. 76. 11 34:22         38.248.152.106:41288    TIME_WAIT
tcp        0    197. 76. 11 34:22         38.248.152.106:41289    TIME_WAIT
tcp        0    197. 76. 11 34:22         38.248.152.106:41290    TIME_WAIT
tcp        0    197. 76. 11 34:22         38.248.152.106:41291    TIME_WAIT
tcp        0    197. 76. 11 34:22         38.248.152.106:41292    TIME_WAIT
tcp        0    197. 76. 11 34:22         38.248.152.106:41293    TIME_WAIT
tcp        0    197. 76. 11 34:22         38.248.152.106:41294    TIME_WAIT

From the above output, we can see one IP that is flooding the system on port 22 with meaningless IP packets and the connection is continually timing out.

Zero Network Traffic

Another way you can spot a potential DDoS attack on your PC is a loss of network traffic or packet loss to your website or server.

If you try pinging any website or its address, you will also discover that it is either timing out entirely or resulting in loss of packets.

ping results

Checking Nginx/Apache/webserver logs

Another way you can verify that a DDoS attack has occurred is by examining web server log files. But before we examine the log files, we can check the clients connected to our server by running the command below

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

netstat web connections

If you see an unusually high number of connections. more than you have been experiencing, then it’s likely that you could be a victim of a DDoS attack.

For Apache, you can access the apache access logs to view the client IPs sending requests to your web server using the command below

tail -n 500 /var/log/apache2/access.log | cut -d' ' -f1 | sort | uniq -c | sort -gr

netstat-nginx

Use the same command to access Nginx access log files as shown

tail -n 500 /var/log/nginx/access.log | cut -d' ' -f1 | sort | uniq -c | sort -gr

netstat-web-connections

Once again, if you are getting a high number of IP address sending requests to your web server, then definitely you could be a potential victim of a DDoS attack.

Protecting yourself from a DDoS attack

Having looked at some of the ways you can use to point out a DDoS attack, let’s now look at ways in which you can prevent your system from falling victim of such unprecedented attacks.

Tweaking Nginx Parameters

If you have a server running on Nginx, a few modifications will come in handy in mitigating DDoS attacks. Let’s have a look

Modifying worker_process connections

One of the parameters you might want to consider modifying is the worker process as well as the no. of worker connections in the /etc/nginx/nginx.conf configuration file. In anticipation of DDoS attacks, the value of worker_ connections should be set to a higher value to handle DDoS attacks. For instance, the value can be set to 10000 as shown below

events {

        worker_connections 100000;

}

Additionally, consider modifying the fs.file-max attribute in the /etc/sysctl.conf file and limit the number of connections as shown

fs.file-max = 50000
Limiting the rate of requests

This is arguably one of the best avenues of preventing DDoS attacks in the Nginx web server. It works by limiting the number of requests from a specific IP address in a given time duration. If the limit is surpassed, then Nginx drops these requests. The limit_req_zone directive is tweaked to limit the number of requests as seen below

limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m;

server {

    # ...

    location /login.html {

        limit_req zone=one;

    # ...

    }
}

The above command will create a memory space called one which can accommodate 160,000 unique IP addresses. The rate=30r/m directive implies that only 30 requests in a minute are permitted.

Limiting connections rate

To further enhance the performance of Nginx, you can limit the rate of connections emanating from a single IP address. The directives limit_conn and limit_conn_zone is tweaked to put a limit to the number of IP address connections.

limit_conn_zone $binary_remote_addr zone=one:20m;

server {

location /admin/ {

limit_conn addr 20;

}}
Adjusting timeout parameters

Slow connections have a severe impact on the Nginx server. These connections keep connections open long enough such that the server cannot accept any more inbound connections. The attributed client_body_timeout, as well as client_header_timeout, are tweaked to lower values

server {

client_body_timeout 10s;

client_header_timeout 10s;

}

Limiting the size of HTTP requests

Huge HTTP requests are often a precursor to a DDoS attack. To mitigate this issue,

Buffer values existing in the Nginx Configuration are limited as follows

client_body_buffer_size 200K;

client_header_buffer_size 2k;

client_max_body_size 200k;

large_client_header_buffers 3 1k;
 Limiting connections to backend servers

When used as a load balancer, you can limit the number of connections made to the backend servers. For example, you can tweak the settings such that no more than 150 connections are made to the 2 backend servers shown below

upstream domain {

server 10.200.50.2:80 max_conns=150;

server 10.200.50.3:80 max_conns=150;

queue 20 timeout=5s;

}

The max_conns attribute specifies the no. of connections that can be opened up by Nginx to the server. The queue attribute limits the no. of queued requests when all backend servers have reached the connection threshold. The timeout parameter specifies the duration thay a request can be maintained in the queue.

Blacklisting IP addresses

This is yet another effective method of warding off DDoS attacks. If you suspect that a range of IP addresses are responsible for the attack e.g from 197.232.64.20 to 197.232.64.154,  you can block the IP range as shown

location / {

    deny 197.232.64.0/24;

    # ...

}

Using the CSF Firewall in cPanel

A few tweaks can be made to the CSF firewall to block IP address that have numerous connections

On the terminal, Open the CSF configuration  file using your most preferred text editor

$ vim /etc/csf/csf.conf
Restricting the number of concurrent connections

Restriction of the number of concurrent connections coming from a single unique IP would be very effective in mitigating  DDOS attacks. It’s therefore prudent to reduce the value of CT_Limit to a reasonable level. In this case, the value has been set to 50

CT_LIMIT=50

This implies that the maximum possible number of connections per given IP address is 50. Since the value is not arbitrary, feel free to change the value according to your settings.

Changing the connection tracking interval CT_INTERVAL

This refers to the Connection Tracking value. This should also be set to a fairly reasonable value because if set too low, false positives may be generated and can lead to the blocking of legitimate connections.  A value set to 30 is recommended.

CT_INTERVEAL=30
Allow protection for a specific port using the CT_PORTS directive

To allow protection for a specific port, you can define that in the configuration parameter called the ‘CT_PORTS. For instance, in most cases, DDOS attacks will be directed web and DNS servers.  In such cases, the ports to be defined for default installation are 53 and 80

In the below example I am tweaking the protection for web server both for normal and SSL connections

In the example below, the protection for web server ports (80 & 443) has been tweaked both for normal HTTP and SSL connections.

CT_PORTS=80,443
Enabling SYNFLOOD

SYNFLOOD is disabled by default in CSF. To prevent the server from suffering a SYNFLOOD attack, enable it temporarily as shown below

SYNFLOOD = “1" 

SYNFLOOD_RATE = “30/s” 

SYNFLOOD_BURST = “30" 

What the above settings suggest is that If 30 connections are received from an IP/sec for 30 times, then the concerned IP is going to be blocked. Again, this value is just arbitrary.  You can adjust the SYNFLOOD_BURST value according to your server capacity.

You can set a limit for the number of connections to a specific port by checking the  CONLIMIT”. value

CONNLIMIT = 80;20,443;15 

In the above example, 20 connections are limited to port 80 and 15 connections limited to port 443 from a single IP address.

Now that we are done with all the modification, we need to restart the CSF firewall service to make the changes effective with the new settings. To achieve this, run the command below

/etc/init.d/csf restart

Configuring Apache mod_deflate to enhance server performance

If you are looking at boosting or enhancing your server’s performance, consider enabling mod_deflate in Apache configuration. The module compresses content from the web server before serving it to the browser for clients to access it. Compression makes it possible for all browsers to download it in a much faster way.

Apart from serving your pages much faster, the lower bandwidth associated with compression will be taken into account by search engines. This will consequently lead to higher page rank in Google and other search engines

By default, mod_deflate comes included with Apache. To verify this run the command

$ apachectl -t -D DUMP_MODULES | grep deflate

You should get the output below

 deflate_module shared

apache-mod-deflate

If you do not get such output, open the following configuration file

/etc/apache2/mods-enabled/deflate.load

Ensure that the following line in uncommented as shown

LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so

install mod_deflate

To make the changes effective, restart Apache web server

sudo apachectl restart 

To achieve the full benefits of mod_deflate, we need to instruct the Apache web server which files need to be compressed. It is recommended that HTML, CSS and Javascript files should be compressed. Although the default configuration is already defined for these, it not configured for the options below

Compression Level – This defines the level of file compression which is between 1 to 9 with 1 being the lowest compression level

Mem Level – This defines the amount of memory required by zlib for compression

Window Size – Specifies the window size for zlib compression

Out of the box, the default compression level is set to 9, Mem level set to 9, and  Window size set to 15.

These are already set to their highest value, implying that your server is still not yet at its optimal setting and quite a lot of resources will be gobbled up. we, therefore, need to reduce the values to these parameters.

DeflateCompressionLevel 7
DeflateMemLevel 8
DeflateWindowSize 10

Save and restart Apache web server.

Testing the compression

To make sure that our mod_deflate module is working as expected, we are going to log in to a server and open the terminal.

Next, navigate to the document root

$ cd /var/www/html  directory.

Next, download a sample js file http://code.jquery.com/jquery-3.2.1.js to the directory

$ wget  http://code.jquery.com/jquery-3.2.1.js

wget-jquery

As seen above, the file size is 268039 bytes

Now head out to another Linux PC in your network and run the command below

wget --header="Accept-Encoding: gzip" http://SERVER_IP/jquery-3.2.1.js

The SERVER_IP is the IP of the server above where we downloaded the JS file

compressed-jquery

As you can see, the JS file size has been listed as 104285 bytes, which is less than half the original file size!  Compression is working as expected and your server is working at an optimal compression level without compromising or affecting the performance of the Apache web server.

Use a DDoS Protection Service

If your website is being attacked, you can sign up to use dedicated DDoS protection services such as CloudFlare, Incapsula & Stormwall.pro.

These services stand as a proxy or shield in front of your website and filter all traffic that reaches your site. The setup is usually very straight forward and involves you changing your nameserver to the nameservers provided to you when you sign up with either of the services mentioned above and letting all traffic pass through their network. The service will filter out all bad traffic and only send legitimate traffic to your website.

However, this may not be a feasible solution if you are looking to protect your entire server that hosts multiple websites and clients. Which is when you need a DDoS protected hosting provider.

Use a DDoS Protected Hosting Provider

Of course, the easiest way to protect yourself against any kind of DDoS attack is to host your website with a hosting provider that includes DDoS Protection. Such provider will usually have their entire network protected against DDoS attacks and as a website or server owner you need to make any changes or adjustments to protect your website against attacks.


We hope this post has been helpful and you have learned something from it. Have you ever been a victim of DDoS attacks? Let us know in the comments section below.

If you are looking for a hosting provider that offers DDoS protection as standard with all of it’s hosting plans, look no further than Host4Geeks.

[How to fix] Your PHP installation appears to be missing the MySQL extension?

How to fix Your PHP installation appears to be missing the MySQL extension

Your PHP installation appears to be missing the MySQL extension, is a common issue that many users face after installing WordPress. This happens when the PHP installation on the server is missing the required MySQL extension that is required by WordPress to make connections to the MySQL database it is connected to.

Worry not, this is quite easy to fix. There are different ways to fix this depending on the kind of hosting plan you are on.

How to fix on Shared Hosting

If you have installed WordPress on a shared hosting account, this error is most likely being caused by the MySQL extension being disabled on your hosting account. In order to enable it, please do the following steps.

Step 1: Login to your cPanel account.
Step 2: Look for the option “Select PHP Version” & click on it.

cpanel-select-php-version
Step 3: Once there, change the PHP version to Current from the dropdown as shown below.

change-php-verison-to-native
Step 4: Once you have selected the PHP version as current, tick on the option that says “mysqli” and/or “mysqlnd” from the options presented and click save. cpanel-enable-php-mysql-extensionStep 5: Check your WordPress installation and the error should be gone.

Note: If your cPanel does not have the Select PHP Version option, you will have to contact your web hosting provider to have it enabled for you. All of Host4Geeks’ web hosting plans already come with this feature enabled.

How to fix on a cPanel Server

If you are on a cPanel server that you have root access to. You will need to enable and install the MySQL PHP extension using the EasyApache 4 interface in your WHM.

Step 1: Login to your WHM as root.

Step 2: Search for the option “EasyApache 4” & click on it. You will see a page as below:

search-for-easyapache-4-option-in-cpanel

Step 3: You will see a highlighted box “Currently Installed Packages”, click on the ‘customize’ button as shown below:

customize-easyapache4-options

Step 4: Once there, select ‘PHP Extensions’ and in the search box type mysql, you will see the mysqlnd options, as seen below:

search-for-php-mysql-extension

Step 5: Select the required mysqlnd extension as per your requirement of the PHP versions. You can simply select all the version that are displayed, this will cause no problems.

Step 6: Once you have select the mysqlnd extensions there click on “Review”, scroll down and click on “Provision” button. you will see the page as below:

cpane-easyapache-4-review-page

easyapache-4-provision

Step 7: Once finished, click on done and check your WordPress installation and the error should be gone.

easyapache-4-provisioning-completed

How to fix on a CentOS Server

If you are running your WordPress site on a CentOS VPS without any kind of control panel. Your first step would be to check the PHP version that you are running.

# php -v

Will show you the PHP Version you are currently running. In our case, this is PHP 7.0. We need to install the PHP-MySQL extension for PHP 7.0. We can do this using the following command:

# yum update
# yum install php70w-mysql

Once installed, restart your web server, for Apache it is:

systemctl restart httpd

Or

service httpd restart

After restarting, your WordPress site should work properly.

How to fix on a Ubuntu Server

If you are running your WordPress site on an Ubuntu VPS without any kind of control panel. Your first step would be to check the PHP version that you are running.

# php -v

Will show you the PHP Version you are currently running. In our case, this is PHP 7.0. We need to install the PHP-MySQL extension for Php 7.0. We can do this using the following command:

apt-get update
apt-get install php7.0-mysql

Once installed, restart your web server, for Apache, it is:

service httpd restart

After restarting, your WordPress site should work properly.


I hope this guide was able to help you resolve the issue with your WordPress site, if you have any questions please feel free to ask them in the comments section below.

If issues like these are not something you want to be dealing it, take a look at our managed WordPress hosting plans that let you run your business without having to worry about your server or web hosting.

How to install Varnish on cPanel? – [The Definitive Guide in 2019]

how to install varnish on cpanel

People love fast loading sites. This is especially true for customers visiting e-commerce websites. An average customer will be happy, more satisfied and will likely to visit your site again thus increasing your conversion rate. On the flipside, users have no patience for slow loading websites.  According to Google, 53% of consumers are likely to abandon sites that take more than 3 seconds to load. This shows how crucial site performance is. In fact, so important is site performance that Google has made site speed a factor in ranking websites to give consumers the best user experience. As a web administrator, you would, therefore, need to do everything possible to boost your site’s performance for higher rankings and enjoy a higher conversation rate.

Installing Varnish on cPanel?

What is Varnish?

Written in C language under FreeBSD license, Varnish is a free and open source HTTP accelerator that was built for speeding up dynamic and content heavy sites that get massive traffic. Essentially, Varnish acts as a reverse proxy for your web server. Varnish accelerator sits at the front of your web server and serves requests by a factor of about 300 to 100 times, thereby easing the workload of your CPU. It receives HTTP requests and answering them from the cache. If a request cannot be answered, it is forwarded to the backend whereupon a response is fetched, stored in the cache and later delivered to the client. When a response is cached, it is delivered in microseconds, many times faster than your typical web server.

What is caching and what are its benefits?

Caching is the practice that involves the storage of files in memory to be served or used again. Storage of files in memory boosts the speed of access by making easily available to client requests, instead of files being downloaded over again. A classic example of caching is when a user browses a website. In the background, objects like JavaScript files, stylesheets and images are stored in the browser’s cache to eliminate the need of having to download them again. By so doing, the webpages load faster, and this reduces the server load and bandwidth usage.

Varnish takes caching to a whole new level. When a user visits a web server for the first time, the web server will serve the HTTP request, but Varnish will save a copy of the client request. The next time someone visits the same page, Varnish will automatically take note that the requests have been made earlier and will expeditiously respond by serving a cached version of the request. This action accelerates the speed by up to an extraordinary 300 to 1000 times!  What this also implies is that should the site experience immense traffic, it will be better equipped to handle the request without impacting negatively on the site speed and server resources such as CPU. The amount of CPU required to return a cached result is much lower compared to serving a new request altogether.

Varnish can also act as a load balancer, thereby speeding up websites by storing the cache in RAM. This fundamental ability to serve requests by caching requests is what enhances your site’s performance and speed. 

In addition to its performance capabilities, Varnish comes with a flexible configuration language called VCL. With VCL you can seamlessly configure policies which determine how incoming requests will be handled by the HTTP accelerator.

Varnish supports modern versions of Linux, FreeBSD, OS X as well as Solaris and derivatives of Solaris.

A few notable companies that use Varnish on their sites include Wikipedia, Reddit, Vimeo, and Facebook to mention but a few.

In this guide, we will dive in and see how to install and set up Varnish 6.2 as a proxy on your cPanel server.

Let’s jump right in!

Installing Varnish HTTP Cache

Before proceeding to install Varnish, ensure to do a pre-flight check of the prerequisites needed.

Prerequisites

  • Server running cPanel
  • Root SSH access to the server.

Step 1. Installing EPEL release

The first step in installing Varnish 5.2 is to ensure that the EPEL repository is installed on your system. EPEL is an acronym for Extra Packages for Enterprise Linux. This is done by executing the command below

# yum install -y epel-release

Additionally, you can use the command below

Step 2. Installing Varnish on CentOS 7

Next, we are going to install pygpgme package which will handle GPG signatures as well as yum-utils which is a collection of handy features.  To achieve this, Run the following command

# yum install pygpgme yum-utils

varnish requirements installation As of writing this article the latest version of Varnish available for CentOS 7 / RHEL 7 is 6.0.3-1and is available from packagecloud.io.

# wget --content-disposition https://packagecloud.io/varnishcache/varnish60lts/packages/el/7/varnish-6.0.3-1.el7.x86_64.rpm/download.rpm
# rpm -i varnish-6.0.3-1.el7.x86_64.rpm

After successful installation, run the following command to verify if varnish is running

# systemctl status varnish

varnish running after installation

Usually, the executable will be located at  /usr/sbin/varnishd path  and configuration files will be located at /etc/varnish path.

To confirm the path of Varnish executable run

# which varnishd

To check the version of Varnish installed, run

# varnishd -V

varnish version check

Step 3. Configuring Apache webserver to work with Varnish HTTP cache

The final step is to configure Apache webserver to work with Varnish. Apache runs on port 80 by default. We need to change this to a different port so that only Varnish runs on port 80. In this example, we will change the default httpd port in CentOS 7 to listen to port 8080.

This can easily be achieved using the ‘sed’ command

# sed -i "s/Listen 80/Listen 8080/" /etc/httpd/conf/httpd.conf

Next, edit the Varnish environment config file and locate the VARNISH_LISTEN_PORT parameter.

# vi /etc/varnish/varnish.params

Change the default value from 6081 to 80

varnish default port change

Save and Exit the text editor

Next, make Apache web server as the default back end server. Open the file below

/etc/varnish/default.vcl 

Navigate to the backend default section as shown and set the  .host attribute to point to your server. In my case, the IP address is 38.76.11.19

varnish vcl edit after install

Finally, restart the Apache web server as well as Varnish Cache for the changes to take effect

# systemctl restart httpd

# systemctl restart varnish

Step 4:  Testing Varnish Cache

To verify that Varnish is working with Apache Web server use the curl command as shown

# curl -I  http://server-ip-address

curl results after installing varnish

You can also verify that Varnish is running on port 80 and your web server is running on port 8080 using the ‘netstat’ command as shown

netstat after varnish install

After verifying Varnish and Apache Web server is running as expected, Head out to your Cpanel and Click on ‘Tweak Settings’ located on the sidebar

varnish install cpanel tweak settings

Click on the ‘Settings’ tab and change the default port from port 80 to 8080.

varnish install port change

This wraps up our guide on how to install varnish on cPanel. Hope this was helpful to you, if you have any questions please ask them in the comments section below.


If you are interested in using or installing Varnish cache along with your cPanel server, this can be installed on our Managed VPS servers. All our Managed VPSes come with cPanel / WHM and are monitored and supported 24×7 by our experts. Let us do the heavy lifting while you grow your business. Check out our plans.

Earn Over $100 a day with Reseller Hosting

earn-money-with-reseller-hosting.png

Leverage is everything when you’re starting a new business – whether that’s a new full-time operation or just a side hustle.

And while there are plenty of business opportunities out there that offer a lot of leverage, none of them offer quite as much as a reselling web hosting services. Especially right out of the gate.

About as turnkey a business opportunity as you’ll find today, it’s possible to hit the ground running with a reseller hosting package and start making $100 a day (or more) inside of your first 30 days. And thanks to unique scalability opportunities reseller hosting offers, the sky is the limit when it comes to maxing out your passive income with this kind of business.

If you’re thinking about diving headfirst into the world of web hosting reseller opportunities but aren’t quite sure of where to start – or how to start – we’ve put a lot of the pieces to the puzzle together for you in this quick guide.

Why resell web hosting services?

Each and every day, thousands and thousands of businesses and entrepreneurs are looking to build new websites and all of them have to start with a web hosting package. Designing and developing a new website is one thing, but a website will NEVER go live until it is placed on a web hosting service.

And that’s what makes the web hosting such a lucrative operation, and a big part of why becoming a reseller of web hosting packages offers you so much leverage.

As a reseller, you’ll essentially be purchasing storage space and bandwidth established web hosting servers and then packaging it up to sell to individual clients. You’ll be offering all the same services that traditional web hosting companies offer, but because you are a reseller you won’t have to handle any of the technical heavy liftings when it comes to maintaining, improving, or optimizing of that server.

Bottom line – You get all the benefits of offering web hosting to entrepreneurs desperate for this service without any of the downsides of having to run or maintain a full-blown web hosting operation.

It doesn’t get much better than that!

Covering the ABCs of Becoming a Web Hosting Reseller

It’s absolutely impossible to have any success in business today without having an active online presence, and that means – at the very least – having your own business website set up.

The Website

web-hosting-website

While it may be very exciting to have your own website designed by a professional web designer, it can also quickly turn out to be a very costly affair. A good website, that is responsive – works seamlessly across all devices, adheres to modern web 2.0 standards can easily cost upwards of $2000, to begin with. I don’t recommend spending that amount of money on a website when just starting out. Instead, go to ThemeForest, do a search for web hosting templates and you will have an entire list of extremely well designed professional themes and templates that you can easily customize for your brand. The average price for most well-designed themes in Themeforest is around the $45 mark.

Pro Tip: Look for a theme that has a WHMCS compatible template accompanying it, such as the Hostio Theme.

The Billing System

whmcs

Now that you have a brand spanking new website, we will need a CRM or a billing system to go along with it. A billing system will process your orders, automatically set them up, do the recurring billing, all without you having to spend hours each day creating new invoices, sending them to your clients and following up for payments. The de-facto tool of choice for the entire web hosting industry has always been WHMCS.

WHMCS or Web Host Manager Complete Solution, is an all in one automated client management, billing, support platform specifically designed for web hosting companies. It handles everything from signup to termination due to non-payments. Host4Geeks is an Authorized WHMCS Partner and we bundle a free WHMCS license with our Premium Reseller Hosting plans. If you were to purchase a license directly, it starts at $18.95 /mo and changes as you grow.

Installing, setting up and customizing WHMCS is beyond the scope of this post but you can find a lot of helpful information on our knowledgebase.

You will be using the accompanying WHMCS theme bundled with your purchase from Themeforest, to get the WHMCS interface to look like your website.

The Business Plan

The next thing you’ll need to become a web hosting reseller is a business plan to start gobbling up as many customers and clients as possible, as inexpensively as possible so that you can start bringing money into your new bootstrapped business.

Because of the web hosting world is so competitive you’ll have to come up with a hook or Unique Selling Position that attracts customers that have an almost endless amount of options to pick and choose from.

Maybe you want to offer more resources at a better price, maybe you’ll want to offer optimized hosting packages specifically for different niches or industries, or maybe you’ll want to do business specifically with only brand-new online entrepreneurs or established veterans.

How you find your hook is entirely up to you, but in as crowded and cluttered a market space as the web hosting world you’ll absolutely need one to succeed.

The Reseller Hosting Plan

Secondly – and only after you come up with your competitive advantage – you’re going to need to look for an actual web hosting reseller account you can sign up for.

There is a plethora of option when it comes to web hosting companies out there offer reselling packages, which means tracking a new account down isn’t going to be all that difficult. But not all are made equal. Your reseller hosting plan is the core, the backbone of your business and you want this to be firmly reliable and stable, after all, your business and your reputation depend on this. We have an infographic guide on how to choose your reseller hosting provider that covers the most important pointers that you should look for when choosing your reseller hosting provider.

Just make sure that you are choosing a web hosting platform that can offer the deliverables you are promising with your hook or competitive advantage. You want some flexibility to be able to offer your clients and customers something special, and you also want to only partner with web hosting operations that have a rock solid reputation as far as technical service, support, and uptime are concerned.

The Payment Gateway

A payment gateway is going to be necessary to run and operate your reseller business. You can get started with something as simple and as straightforward as a PayPal Business account, but once you start to move real volume you’ll want to look into a more robust merchant account or payment gateway. There are plenty of options to pick and choose from (with pros and cons for each), and that’s something you’ll have to figure out later down the line.

Look for a payment gateway that either already integrates with WHMCS, your billing software or offers a WHMCS integration. Take a look at our listing and comparison of the best payment gateways for a web hosting company.

A Couple of Tips and Tricks to Help You Hit the Ground Running

While you’ll definitely be in the web hosting business when you start up this kind of operation, at the end of the day the most important thing you can focus on personally is the marketing and advertising of your operation.

Everything else (and we mean EVERYTHING else) can be outsourced reliably, even to overseas virtual assistants or agencies, but the lifeblood of your company – and the foundation of your success – is going to be entirely dependent on your ability to bring in new customers and then keep them for as long as possible.

Bootstrapped entrepreneurs are going to want to look for inexpensive ways to hit the ground running, and a great way to boost cash flow right out of the box is to partner with web designers and developers in your local area that are obviously going to need hosting packages for themselves and all of their clients.

These are the kinds of initial clients you can hook up with pretty easily (especially if you’re willing to cut them in on a great deal) that can push a ton of business your way, generating a lot of positive cash flow almost instantly that would have been hard to drum up otherwise.

Traditional marketing and advertising approaches aren’t a bad way to go, either. Paid advertising – particularly PPC advertising – can be incredibly effective, as long as you carefully track your metrics and focus on conversion optimization.

Joint Venture opportunities (partnering with search engine optimization agencies, online marketers, and the like) can be another approach to take. You’ll be gaining instant access to a flood of potential customers you might not have had access to otherwise, opening up the door to a lot of leverage that can boost and build your business faster than you would have thought possible before.

How to Build and Grow Your Reseller Hosting Operation

At the end of the day, building and growing your reseller hosting operation is going to be a lot easier than a lot of people make it out to be.

To begin with, your costs when you purchase your storage and bandwidth from a hosting provider are going to be fixed. This gives you a lot of flexibility as you’ll know exactly what your expenses are going to be right out of the box, and because you will be able to create the packages and plans you offer your clients you’ll be able to control how much profit you add on every package.

New resellers regularly find it easy to sign up a hundred clients or more in their first month of business, especially when they joint venture with already existing operations with a built-in customer base or local web developers.

That’s just three new clients for you every day for a month, and if you’re charging $10 a month for web hosting packages through your reseller account and signing up just 10 users daily you will be bringing in $3000 a month – or just over $100 every day.

As you can see, this is the kind of business opportunity that gives you every opportunity to make a mountain of money in a hurry and without a lot of upfront expense on your behalf, either.