WooCommerce oops!

A critical vulnerability has been discovered in WooCommerce prior to version 5.5 (the current version). You can read about it here, but they don’t give much info on what might happen.  I dug into the code and I think that if someone exploited this on your store, they could have access to order, customer, and administrative information via a cleverly crafted search string.

CloudLinux - CloudLinux Blog - New vulnerability discovered - the fix for  CVE-2016-8655 for CloudLinux OS 7 is here with KernelCare



It is extremely important that if you have WooCommerce installed you upgrade to 5.5.1 as a matter of urgency.  Once these vulnerabilities become public, the baddies know about and start using them.Please don’t ignore this.  And while you are at it, check that WordPress is at version 5.7.2

If you subscribe to the 123Host WordPress Management service, I have already upgraded WooCommerce for you.

WHMCS knowledgebase icon mod

Maybe, one day WHMCS will be complete. In the meantime users have to do their own modifications to make it work to suit.

In this case, the 123host knowledgebase category icons looked boring and unintuitive

I understand that these are categories that contain articles and pedantically the folder icons are correct. But the labels already tell us there is more than one article, so we can get creative without compromising the UI.

Isn’t this prettier and more intuitive?

Modifying your template is easy-peasy. Of course the file to edit depends on which template you are using. I am going to assume twenty-one and that you have a child template twenty-one23host

First thing, make a backup if you are worried, but these are template files so it is easy to roll back to the parent version.

If it doesn’t already exist in your child theme, copy /templates/twenty-one/includes/knowledgebase.tpl to your child theme /templates/twenty-one23host/includes/knowledgebase.tpl and then open that file to edit.

At about line 18 you will find

                    <span class="h5 m-0">
                        <i class="fal fa-folder fa-fw"></i>

replace it with

                   <span class="h5 m-0">
                            {if $category.name eq 'Domains'}
                                {$caticon='fa fa-globe'}
                            {elseif $category.name eq 'Email'} 
                                {$caticon='fa fa-envelope'}
                            {elseif $category.name eq 'Hosting'} 
                                {$caticon='fa fa-server'}
                            {elseif $category.name eq 'Security'} 
                                {$caticon='fa fa-lock'}
                            {elseif $category.name eq 'Setup'}
                                {$caticon='fa fa-cog'}
                            {elseif $category.name eq 'WordPress'} 
                                {$caticon='fab fa-wordpress'}
                            {/if}
                              
                            <i class="{$caticon}" aria-hidden="true"></i>

We have used Smarty to do some string comparisons and set the fontawesome icon based on the result. Notice that the WordPress icon needs fab, the others don’t. Also notice that we have improved accessibility by adding aria-hidden="true" to hide the icon from machine readers – there’s no need to bog them down with decorative stuff – take note WHMCS (they won’t).

You may have more or less categories and will need to tweak it accordingly. This works and isn’t hard to maintain when a new category is added.

Grab the fontawesome icon code from https://fontawesome.com/v5.9/icons

What is an IP address?

From: Mozilla, the makers of FireFox

Every time you are on the internet, IP addresses are playing an essential role in the information exchange to help you see the sites you are requesting. Yet, there is a chance you don’t know what one is, so we are breaking down the most commonly asked questions below.

What is an IP address?

Your IP address is a unique identifier, kind of like a mailing address, associated with your online activity. Any time that you use the internet (shopping online, sending emails, streaming TV), you’re requesting access to a specific online destination, and in return, information is sent back to you. How does that work? Well the IP stands for Internet Protocol, which lays out the standards and rules (yes, otherwise known as the protocol) for routing data and connecting to the internet. This protocol is a set of rules each party needs to follow to allow for a bi-directional flow of data.

Does it travel with you?

No. Your IP address is only associated with one location unless you are using a VPN (we will get more into that later). When you are at your home and connecting to the internet you pay for, you are using one. However, if you check your email at home in the morning, then scan the news at a local coffee shop while waiting for your coffee, and then work from an office, you will have used different IP addresses at each location.

Does your IP address change?

Yes. Even if you are only using the internet at home, the IP address for your home can change. You can contact your internet service provider (ISP) to change it, but even something as routine as restarting your modem or router because of internet connection problems could result in a change. You can find out your current IP address here.

Can more than one device have the same IP address?

This is a bit of a tricky question — the answer is both yes and no. More than one device can share the same external (public) IP address, but each device will have its own local (private) IP address. For example, your ISP (internet service provider) sets your home up with one external IP address. Since your router is what actually connects to the internet, the IP address is assigned to your router. Your router then assigns a local IP address to each device that is connected to the internet at a time. The external IP address is what is shared with the outside world. Your local IP address is not shared outside of your private home network.

Can we run out of them?

When the Internet was first designed it used ‘version 4’ addresses. These are 32 bits, which means that we could have up to 4.2bn addresses. This seemed like enough at the time, but is nowhere near enough in a world where the average U.S. household had 11 connected devices.

We now have version 6 IP addresses, which have 128 bits per address. Unfortunately, version 4 and version 6 can’t talk to each other directly, so people are going to need version 4 addresses for a long time.

Should you hide your IP address?

You don’t need to hide your IP address, but there are some times where you may want to. The most common reason is privacy. In the U.S., Congress overruled privacy regulations designed to protect the privacy of broadband users. Internet service providers can see your browsing habits, what you are using the internet for, and how long you spend on each page. This communication is not encrypted, so third-parties can see what website you’re visiting. One way to combat this is DNS-over-HTTPS (DoH). This encrypts your DNS (Domain Name System) traffic, making it harder for ISPs to see the websites you are trying to visit. For US Firefox users, by default your DoH queries are directed to trusted DNS servers, making it harder to associate you with the websites you try to visit.

There are also situational reasons to hide your IP address. You may want to hide it when traveling. A VPN will also give you more privacy when connecting to WiFi to stream and shop while you explore the world.

May 2021 newsy thing

Thanks for your ongoing support for 123host by being a customer. 123host is your classic “small business”, which means I can give personalised support and be agile, not necessarily having rigid policies. I get the opportunity to watch projects progress from an idea to fruition…you aren’t an anonymous username to me.

Why you should invest in a .com.au domain name - eBranding.com.au

Keep in mind that pretty soon plain .au domains are going to become available.  For example I will most definitely register 123host.au.  If you have a .au domain (.com.au, .org.au etc) already, you will be given first option to grab your domain in plain .au.  You don’t have to do this, but I don’t think it will be expensive.  I will update everyone when I hear more.

While we are on domains, some of you are going to receive an email from the domain registry, emailing on behalf of 123host.  It seems they have done an audit of ABNs and Business Numbers used to register .au domains and have identified those that have expired or are invalid for some reason. There are about 30 people with domains that won’t be able to be renewed if their details aren’t updated.  This is completely out of my hands and I am happy to give you some ideas if you do receive one of these emails.  The first thing to do is not panic, in most cases it will be easy to resolve if you want to keep the domain – contact me.

I learned something recently, but first some background. If you have a multi-word domain, especially if it has the same letter at the end of one word and the start of the next, it can be hard to read when written e.g. beattheearthheart.com.au (I just made that up). Many of you would have had me suggest Camel Case, so the domain would read BeatTheEarthHeart.com.au – this is perfectly legitimate and doesn’t need any settings or anything…just get in the habit of writing your domain like that. It is much easier to read and more memorable.

But I learned there are other lettering cases too.

camelCase, PascalCase, snake_case, kebab-case - notacje w kodzie - YouTube

As I mentioned, my favourite, Camel Case; “TheQuickBrownFoxJumpsOverTheLazyDog”. But did you know that there is also Snake Case? “the_quick_brown_fox_jumps_over_the_lazy_dog”? I didn’t. So I did a bit of research and discovered the delightfully named Kebab Case “the-quick-brown-fox-jumps-over-the-lazy-dog”. I suggest you drop this bit of trivia into a conversation one day to appear very smart and geeky.

I know I waffle on about awesome customer service and truly try to live up to the 123host slogan of “giving the level of customer service I wish I received elsewhere“. I shake my head when I send an email somewhere and they auto respond “you should receive a reply in 48 – 72 hours“. I reckon I am living up to the 123host promise; during May, 58% of support tickets were answered within 1 hour and 73% were answered within 4 hours. I am pretty happy with that. To open a support ticket you can either log into the client area at https://123host.com.au (this verifies you) or send an email to support@123host.com.au – if it is an email, I may ask you to verify yourself if I need to make any critical changes.

CleverReach® Official Newsletter Plugin for WordPress

WordPress continues to dominate as the software of choice. Please make sure your are keeping your plugins and the WordPress core up to date (Currently 5.7.1) or you may suffer the same fate as a new 123host customer whose site had been shut down elsewhere because out of date plugins had allowed malware to be inserted into his site. Keeping things up to date is relatively easy. Log into your WP dashboard and you should be notified of anything out of date. Updating is a couple of clicks.

If you want it to be even easier, subscribe to the 123host WordPress management service. I keep everything up to date for you and help with other administrative and security related tasks. You receive a monthly report on all the activity carried out. It is only $55 per year and includes some bonuses like a Divi license and any other perks I spot for subscribers. More information at https://blog.123host.net.au/wordpress-management/

Change the sort order of domains in WHMCS

WHMCS is popular software used to manage a web hosting business. It works, but it can be clunky and the company frustrates me with what appears to be a culture of denial about problems. I am posting this so that hopefully other WHMCS users can find a solution to a hair-tearing problem that the company hasn’t fixed despite it being brought to their attention.

The problem:

Now that there is about 500 domains available managing them and keeping them in any sort of meaningful order is close to impossible. Wholesale prices are regularly changing and maintaining just that can be tricky. The issue is that the domains are in some sort of random order, it seems to be based on the order in which they are added to the system. That is fair enough, there has to be some sort of default, but then re-ordering them should be easy, but it is a nightmare.

See the circled handle below? The way they have it set is that you have to grab that, one at a time, and drag it to the position you want the domain.

Imagine trying to do that for 500 domains that are not in alphabetical order but you want them to be. It would be hard enough if it was simply a long list, but in a browser where you have to drag and scroll at the same time…forget it.

A solution:

This solution is a bit complex and not for the faint of heart, but if you are running a server you should have the skills to be able to follow quite easily.

Firstly, and do I even need to say this, back up your data. We are going to do that anyway, but is it possible to have too many backups?

Jump into PHPmyAdmin open the table tbldomainpricing and export it as a CSV file. This is a backup, but we are also going to manipulate it, so make a copy if you want.

Open the table in a spreadsheet, I used Google Sheets because it is so easy. Once opened you will see that column A is the domain ID, Column B is the domain name and column H is the sort order.

The first thing I did was to order the sheet by Column B, A->Z as that is what I am after, an alphabetical list.

We can immediately see the scale of the problem, ideally, Column H should be sequential numbers, it is way off.

Fortunately with spreadsheets, filling a column with sequential values is trivially easy. Firstly put the number 1 in row 1 and 2 in row 2 like this. (They yellow is just highlighting).

Next select both row 1 and row 2. The easiest way is to hold the shift key and click H1 then H2 it will look like this

The important thing to note is the handle on the bottom right of the blue square. Grab it and drag it down, all the way to the bottom of the column…yeah it is tedious, but it is easy.

If you want to test, you can always drag it a little way and let it go to see the outcome.

Once you have dragged all the way to the bottom and released the handle your domains will be have the database order column (Column H) in sequential order, assuming the domain name column (Column A) was ordered alphabetically as well.

Now is your opportunity to bump any popular or featured domains to the top of the WHMCS list. Simply change the value in Column H to 0. You can have multiple identical valued domains, they will be kept in numerical order then ordered alphabetically. I am not going to elaborate on the logic here…if you aren’t following, you really shouldn’t be messing with databases.

We are ready to save the sheet or if you are in Google Sheets, you need to download it as a CSV – click file > download and in your browser you may have to click save file.

Now we are going back to PHPmyAdmin and the database. Most importantly, make sure you have that original CSV file as a backup or another way to restore your database.

Empty the tbldomainpricing table and import your CSV file, that should get your WHMCS domains in alphabetical order on your site.

Of course, it would be easier if WHMCS came up with a way to do this painlessly, and they might, but I won’t hold my breath when despite conceding the current process is difficult, their attitude is “If we receive feedback from other users in this vein then it will only help informing our prioritisation of such work.”

Reaching the limits

A few months ago I set a challenge to beat the 123host support ticket response time of 51.7% within 1 hour and 82.7% within 4 hours.

Thank you so much for getting back to me so quickly!! Legendary as always. Katherine M-S.

It isn’t like all stops have been pulled out to try to beat earlier metrics, but those stats keep tumbling.

Steve!! It worked!! Thank you!!! I really appreciate how patient you’ve been with me. Sally S.

January 2021 – almost 69% of customer support tickets answered within an hour! That’s unheard of!

Within 4 hours, 95.4% of the 83 support tickets opened during the month had been answered.

It is getting harder to get better, but we’ll keep trying.

My word, you are a superstar! Thank you dearly!!!!! Nelle G.

Because I forget

It isn’t important until I remember to post the support ticket stats.

This is November…

63% heard back from me in under an hour and 93% received their first reply in less than 4 hours.

Happy customers :o)

You. Are. The. Actual. Best. Nelle G.

Thanks Steve! You are too good 🙂 Emma D.

I just wanted to say…. you are an outstanding human being! Michael G.

Thank you! What an amazing job you’ve done, I’m so grateful! Missy R.

The great customer service continues

The 123host mantra is “to give the level of customer service we wish we received elsewhere” because, let’s face it, most internet customer service sucks. It takes days to get a response to your inquiries…if you do get a reply.

Not at 123host. Pretty happy with these stats for September 2020.

Over half of tickets received their first answer within 1 hour. An incredible 82% were answered within 4 hours and 93% were answered within 8 hours. During September the average first response was 2.2 hours.

And it is all done with Australian staff…

Divi theme…I’m getting interested

If you use WordPress you need to have a theme. There are thousands and thousands of them ranging from the free default theme through to expensive premium themes.

One popular theme is Divi and the associated Divi builder. I’ll be honest and admit I don’t know a lot about it apart from having tweaked a few Divi sites, so I can find my way around it.

But I do own a lifetime multi-site Divi license that I purchased for 123host.com.au customers who subscribe to the WordPress management service I offer.

As part of that I was also added to the Divi mailing list. As a rule as soon as I get the first email from something like this I unsubscribe, but in this case I have actually found them to be a bit useful, so I pick the eyes out of the content.

I keep adding their freebies to the Divi pack customers have access to and today I found out they have a YouTube channel with a load of tutorials which look like a great resource for getting your Divi on.

I might check it out…