Author: Steve Davis

Another crack at reducing spam

 

There are pathological people who are quite happy to spoil something good for everyone else if it is to their advantage. The internet in general is a great example of that and spam in particular.

On a good day, I receive about twice as many spam emails as legitimate emails. On a bad day it is worse.

Add to that there are constant attacks on the server and websites by people who are trying to hack a site so it will send spam, adding to the problem, and it is an ongoing pain in the arse.

RBL SPAM filtri | DNSBL | DNS blacklist | Hitrost.com
It makes a blog post more interesting to have some sort of image, but don’t be fooled, this is grossly inaccurate. The ratio of spam to legitimate email (for me) should be reversed.

In an effort to reduce the incoming spam count I have enabled one of the RBL’s (Realtime Black Lists).

The risk is always that it causes too many false positives – marking legit email as spam – and becoming a headache in itself.

If this works, it should be obvious within a day or so. Stand by for an update 😛

Awesome customer support continues

 

A lot of people say a lot of nice things about the exceptional customer service at 123Host.au (you can read them there).

It all comes down to the philosophy to give the level of customer service we wish we received from others, because we all know that in general, customer service sucks.

I am always really proud of the 123Host.au support ticket response times and whenever I think it probably can’t be improved…guess what.

March 2022 – over 68% of tickets replied within 1 hour and almost 97% replied within 4 hours!

“Within 1 hour” sounds good, but there were 68 support tickets opened in March and

I might give myself a pay rise.

123Host.au is live

 

It has been a long time coming but finally direct .au domains are available.

As well as having 123Host.com.au or 123Host.net.au, I now have the short, sweet and cool (I think) 123Host.au

Map of Australia with .au superimposed

The process to register a direct .au domain is a little confusing, here is the (hopefully) understandable version.

If you want to register example.au you can try as long as there is no other example.??.au domains registered.

If a domain does already exist such as example.com.au then there is a specific procedure to register example.au. The first and most important thing is for the owner of the .com.au to get a token from https://priority.auda.org.au/. These tokens prove that you are the owner of the .com.au.

If you are the only person who has example.??.au then you will get the direct .au immediately.

However if someone else has example.net.au then this page https://www.auda.org.au/tools/priority-status-tool explains the process to sort out who gets the direct .au.

Should you own .com.au and .net.au then the trick is to apply for .au with one of them and decline to apply with the other.

Let’s add one more thing…if you don’t own example.??.au and want example.au and no one else applies for it. you can register it after September 20th. I can help you get to the front of the queue.

Yeah it is complex and confusing. I am wrapping my brain around it and can help, contact me at 123host.au (see what I did there?)

Why “feature request” sites suck

 

I use some software that mostly does the job but has some really clunky flaws. In an effort to contribute something and also help others, I often make suggestions and invariably I am referred to a feature request site where you list your request and other users vote on it to determine the popularity of an idea. The company claims this is used to determine whether or not to implement the feature.

Any company that uses a features request site and regards popularity as a measure of whether to implement a feature has a flawed business model using a flawed process.

For a start, this site is likely used by a tiny number of users of the software, so any “popularity” is based on those who likely already want a feature (why else would you visit?), care enough to request it and even know that you can.

Further, since when has popularity had any bearing on whether or not a feature is worth implementing? This is a trap for developers where they are stuck in their thinking and won’t consider a novel idea that might be a game-changer. I am not suggesting that my ideas are.

Let’s look at an example from a company that I will call WHMCS, the worst offender, in my experience. There is no surprise that there is exactly the same issue at cPanel, who just happens to have a financial stake in WHMCS…go ahead, tell me this isn’t organisational culture gone bad.

WHMCS revamped their request site. It must have been a bit embarrassing to have 7 year old ideas not being acted on despite a large number of up-votes. Someone came up with a political style solution; they hid the date :o)

Also, if they decline an idea (despite it being popular) they then hide all the comments and shut down any further comments. It is the equivalent of sticking their fingers in their ears and saying “ummm ummm ummm”.

So, two of the top 3 highly requested features have been declined i.e. popularity doesn’t really have anything to do with it at all.

[UPDATE]

Three years later (July 2023) and they still refer me to the feature request site and I still respond with a link here.  But out of curiosity I wondered if anything had changed (LOL)
Short answer?  No.  And it has actually gotten worse. Four of those items (including the most popular, which is still being investigated) are 10 years old and the fifth is 5 years old.  They also close them when declined, so there is no interest at all, no matter how popular and item is.

[/UPDATE]

[ANOTHER UPDATE]

Look how well things have progressed in February 2024

[/ANOTHER UPDATE]

The entire process is disrespectful to the very people who have kept your business alive. If your tech support people aren’t switched on enough to say “Hey, thanks for the idea, I will forward it to our developers” instead of “Add this to the feature request site and let’s see how popular it is” your tech support sucks along with your company’s culture.

The process is inherently flawed and I won’t participate.

The purpose of this post is so I have a link instead of having to type out a rant every time I want to explain how I feel about their suggestion

cPanel phishing scam

 

No matter who you are hosted with, please don’t be taken in by a new phishing scam trying to get your cPanel login.

It is a pretty convincing copy of a genuine notification that you have filled your disk space and has the subject WARNING The domain “(example).com.au” has reached their disk quota.

At first I thought the 123host server was sending them, so I was confused as the accounts weren’t full and the date was wonky. I eventually discovered that one of the links in the email is to a site with a fake cPanel login (the pink highlight). 

A good thing to help spot a fake, though they may fix this, is that the dates are inconsistent (yellow highlight).

Screenshot of fake cpanel email

Four customers had contacted me asking why their disk is full, in each case it wasn’t.  So this is definitely a thing.  I have since had a bunch more reports of the same thing.

You can always check how much disk space you are using in cPanel.

If you receive one of these ignore it.  If you are a 123host.com.au customer you can send it to me to double check for you if you want.

If you have received it, clicked the link and entered your cPanel login details, you need to let me (or your hosting service) know URGENTLY so your cPanel password can be changed.

Bastards!

WooCommerce oops!

 

A critical vulnerability has been discovered in WooCommerce prior to version 5.5 (the current version). You can read about it here, but they don’t give much info on what might happen.  I dug into the code and I think that if someone exploited this on your store, they could have access to order, customer, and administrative information via a cleverly crafted search string.

CloudLinux - CloudLinux Blog - New vulnerability discovered - the fix for CVE-2016-8655 for CloudLinux OS 7 is here with KernelCare



It is extremely important that if you have WooCommerce installed you upgrade to 5.5.1 as a matter of urgency.  Once these vulnerabilities become public, the baddies know about and start using them.Please don’t ignore this.  And while you are at it, check that WordPress is at version 5.7.2

If you subscribe to the 123Host WordPress Management service, I have already upgraded WooCommerce for you.

WHMCS knowledgebase icon mod

 

Maybe, one day WHMCS will be complete. In the meantime users have to do their own modifications to make it work to suit.

In this case, the 123host knowledgebase category icons looked boring and unintuitive

I understand that these are categories that contain articles and pedantically the folder icons are correct. But the labels already tell us there is more than one article, so we can get creative without compromising the UI.

Isn’t this prettier and more intuitive?

Modifying your template is easy-peasy. Of course the file to edit depends on which template you are using. I am going to assume twenty-one and that you have a child template twenty-one23host

First thing, make a backup if you are worried, but these are template files so it is easy to roll back to the parent version.

If it doesn’t already exist in your child theme, copy /templates/twenty-one/includes/knowledgebase.tpl to your child theme /templates/twenty-one23host/includes/knowledgebase.tpl and then open that file to edit.

At about line 18 you will find

                    <span class="h5 m-0">
                        <i class="fal fa-folder fa-fw"></i>

replace it with 

                   <span class="h5 m-0">
                            {if $category.name eq 'Domains'}
                                {$caticon='fa fa-globe'}
                            {elseif $category.name eq 'Email'} 
                                {$caticon='fa fa-envelope'}
                            {elseif $category.name eq 'Hosting'} 
                                {$caticon='fa fa-server'}
                            {elseif $category.name eq 'Security'} 
                                {$caticon='fa fa-lock'}
                            {elseif $category.name eq 'Setup'}
                                {$caticon='fa fa-cog'}
                            {elseif $category.name eq 'WordPress'} 
                                {$caticon='fab fa-wordpress'}
                            {/if}
                              
                            <i class="{$caticon}" aria-hidden="true"></i>

We have used Smarty to do some string comparisons and set the fontawesome icon based on the result. Notice that the WordPress icon needs fab, the others don’t. Also notice that we have improved accessibility by adding aria-hidden="true" to hide the icon from machine readers – there’s no need to bog them down with decorative stuff – take note WHMCS (they won’t).

You may have more or less categories and will need to tweak it accordingly. This works and isn’t hard to maintain when a new category is added.

Grab the fontawesome icon code from https://fontawesome.com/v5.9/icons

What is an IP address?

 
From: Mozilla, the makers of FireFox

Every time you are on the internet, IP addresses are playing an essential role in the information exchange to help you see the sites you are requesting. Yet, there is a chance you don’t know what one is, so we are breaking down the most commonly asked questions below.

What is an IP address?

Your IP address is a unique identifier, kind of like a mailing address, associated with your online activity. Any time that you use the internet (shopping online, sending emails, streaming TV), you’re requesting access to a specific online destination, and in return, information is sent back to you. How does that work? Well the IP stands for Internet Protocol, which lays out the standards and rules (yes, otherwise known as the protocol) for routing data and connecting to the internet. This protocol is a set of rules each party needs to follow to allow for a bi-directional flow of data.

Does it travel with you?

No. Your IP address is only associated with one location unless you are using a VPN (we will get more into that later). When you are at your home and connecting to the internet you pay for, you are using one. However, if you check your email at home in the morning, then scan the news at a local coffee shop while waiting for your coffee, and then work from an office, you will have used different IP addresses at each location.

Does your IP address change?

Yes. Even if you are only using the internet at home, the IP address for your home can change. You can contact your internet service provider (ISP) to change it, but even something as routine as restarting your modem or router because of internet connection problems could result in a change. You can find out your current IP address here.

Can more than one device have the same IP address?

This is a bit of a tricky question — the answer is both yes and no. More than one device can share the same external (public) IP address, but each device will have its own local (private) IP address. For example, your ISP (internet service provider) sets your home up with one external IP address. Since your router is what actually connects to the internet, the IP address is assigned to your router. Your router then assigns a local IP address to each device that is connected to the internet at a time. The external IP address is what is shared with the outside world. Your local IP address is not shared outside of your private home network.

Can we run out of them?

When the Internet was first designed it used ‘version 4’ addresses. These are 32 bits, which means that we could have up to 4.2bn addresses. This seemed like enough at the time, but is nowhere near enough in a world where the average U.S. household had 11 connected devices.

We now have version 6 IP addresses, which have 128 bits per address. Unfortunately, version 4 and version 6 can’t talk to each other directly, so people are going to need version 4 addresses for a long time.

Should you hide your IP address?

You don’t need to hide your IP address, but there are some times where you may want to. The most common reason is privacy. In the U.S., Congress overruled privacy regulations designed to protect the privacy of broadband users. Internet service providers can see your browsing habits, what you are using the internet for, and how long you spend on each page. This communication is not encrypted, so third-parties can see what website you’re visiting. One way to combat this is DNS-over-HTTPS (DoH). This encrypts your DNS (Domain Name System) traffic, making it harder for ISPs to see the websites you are trying to visit. For US Firefox users, by default your DoH queries are directed to trusted DNS servers, making it harder to associate you with the websites you try to visit.

There are also situational reasons to hide your IP address. You may want to hide it when traveling. A VPN will also give you more privacy when connecting to WiFi to stream and shop while you explore the world.

May 2021 newsy thing

 

Thanks for your ongoing support for 123host by being a customer. 123host is your classic “small business”, which means I can give personalised support and be agile, not necessarily having rigid policies. I get the opportunity to watch projects progress from an idea to fruition…you aren’t an anonymous username to me.

Why you should invest in a .com.au domain name - eBranding.com.au

Keep in mind that pretty soon plain .au domains are going to become available.  For example I will most definitely register 123host.au.  If you have a .au domain (.com.au, .org.au etc) already, you will be given first option to grab your domain in plain .au.  You don’t have to do this, but I don’t think it will be expensive.  I will update everyone when I hear more.

While we are on domains, some of you are going to receive an email from the domain registry, emailing on behalf of 123host.  It seems they have done an audit of ABNs and Business Numbers used to register .au domains and have identified those that have expired or are invalid for some reason. There are about 30 people with domains that won’t be able to be renewed if their details aren’t updated.  This is completely out of my hands and I am happy to give you some ideas if you do receive one of these emails.  The first thing to do is not panic, in most cases it will be easy to resolve if you want to keep the domain – contact me.

I learned something recently, but first some background. If you have a multi-word domain, especially if it has the same letter at the end of one word and the start of the next, it can be hard to read when written e.g. beattheearthheart.com.au (I just made that up). Many of you would have had me suggest Camel Case, so the domain would read BeatTheEarthHeart.com.au – this is perfectly legitimate and doesn’t need any settings or anything…just get in the habit of writing your domain like that. It is much easier to read and more memorable.

But I learned there are other lettering cases too.

camelCase, PascalCase, snake_case, kebab-case - notacje w kodzie - YouTube

As I mentioned, my favourite, Camel Case; “TheQuickBrownFoxJumpsOverTheLazyDog”. But did you know that there is also Snake Case? “the_quick_brown_fox_jumps_over_the_lazy_dog”? I didn’t. So I did a bit of research and discovered the delightfully named Kebab Case “the-quick-brown-fox-jumps-over-the-lazy-dog”. I suggest you drop this bit of trivia into a conversation one day to appear very smart and geeky.

I know I waffle on about awesome customer service and truly try to live up to the 123host slogan of “giving the level of customer service I wish I received elsewhere“. I shake my head when I send an email somewhere and they auto respond “you should receive a reply in 48 – 72 hours“. I reckon I am living up to the 123host promise; during May, 58% of support tickets were answered within 1 hour and 73% were answered within 4 hours. I am pretty happy with that. To open a support ticket you can either log into the client area at https://123host.com.au (this verifies you) or send an email to support@123host.com.au – if it is an email, I may ask you to verify yourself if I need to make any critical changes.

CleverReach® Official Newsletter Plugin for WordPress

WordPress continues to dominate as the software of choice. Please make sure your are keeping your plugins and the WordPress core up to date (Currently 5.7.1) or you may suffer the same fate as a new 123host customer whose site had been shut down elsewhere because out of date plugins had allowed malware to be inserted into his site. Keeping things up to date is relatively easy. Log into your WP dashboard and you should be notified of anything out of date. Updating is a couple of clicks.

If you want it to be even easier, subscribe to the 123host WordPress management service. I keep everything up to date for you and help with other administrative and security related tasks. You receive a monthly report on all the activity carried out. It is only $55 per year and includes some bonuses like a Divi license and any other perks I spot for subscribers. More information at https://blog.123host.net.au/wordpress-management/