How to increase the WebDAV file limit in Windows

Thu 06 April 17 Comments are Closed

In Windows XP and later, the Windows file redirector has a built-in WebDAV client which can be used to mount a Windows drive letter to our on-line Mobile Office service. When you copy files to this drive mapping, they are stored on our Mobile Office server, which can be accessed from any computer via a drive mapping or via the Mobile Office web interface. When trying to copy large files you might run into a error that says “Error 0x800700DF: The file size exceeds the limit allowed and cannot be saved”. Windows has a built in limit on the size of a file that is allowed to be copied using WebDAV. To change this limit you must edit the a registry subkey which holds the value limit, and reboot your computer. To change this registry setting do the following:

1) Click Start, click Run, type regedit in the Open box, and then click OK.
2) Locate “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters” from the drop-down structure in left pane.
3) Right click on the “FileSizeLimitInBytes” subkey listed in the right pane, then click “Modify”.
4) Click the “Decimal” bubble under the “Base” section.
4) In the “Value data” box, type 4294967295, and then click “OK”.
6) Reboot your computer.

Completing the above sets the maximum you can copy via WebDAV to 4 gig for a single file.

Email Archiving

Wed 24 July 13 Comments are Closed

An email archive is a repository generally kept in a non-productive environment to provide secure preservation of email for compliance and operational purposes. A email archiving system automatically extracts message contents and attachments from incoming/outgoing emails and after indexing, it stores them in read-only format. This ensures that archived records are maintained in their original state.

The active approach adopted by email archiving solutions ensures that the company has a centralized and accessible copy of all its email. This provides additional protection against accidental or intentional deletion of emails by end-users. Email archiving also eliminates the need to search for personal archives on each and every local machine whenever litigation support is requested.

It must be noted that ‘backup’ and ‘archival’ storage serve two different purposes. Backups are intended to save current data against the event of failure or disaster whilst archives protect data so that it can be accessed when needed.

Email archiving is available on all our Email Hosting accounts. The email archiving feature is disabled by default. To turn it on do the following:

1) Login to the “Domain Management” section on the Email Message System for your domain.
2) Click the “Misc” button.
3) Make sure the “Disable Legal Archive” option is unchecked, and then click the “Save” button.

Once you do this, a copy of all incoming and outgoing email for your domain will be kept in a read only archive for 7 years. To access this archive click the “Legal Archive” button within the “Domain Management” interface.

If you require a custom email archive setup, please contact us.  We can set up a email archive that will keep archives for shorter or longer periods or will only archive specific email based on “To”, “From”, or “Subject”.

Email archiving requirements are different based on country, state, and type of business. Be sure to research to find what email archiving is required for your business. One such document to aid in your research is available at: http://www.techlineinc.com/librarypdf/alchemy/3497al_ostermanwhitepaper_0405.pdf

Rate This Entry:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

How to send and receive secure encrypted emails

Mon 01 July 13 Comments are Closed

  Imageway supports multiple technologies to allow secure encrypted sending and receiving of email. To talk to our mail system to send and retrieve email you usually have two options. Option one is using our webmail. Option two is using a 3rd party email client such as Outlook, Mac Mail, or Thunderbird. If you use our webmail, your connection to our mail system is encrypted using a secure web browser connection (HTTPS) automatically. If you use a 3rd party email client, you must tell your client to use IMAP(S), POP(S), and SMTP(S), where “S” is secure. You can find instructions on your domain’s email message center web page on setting up various email clients for a secure connection.

Now that you have your computer or mobile device talking to our system using a secure encrypted connection, you can send emails to anyone on your local domain and it will be secure. For example if “bob@mydomain.com” sends email to “jill@mydomain.com”, the email will reside on the same system, so it will be secure. But what happens if you want to send to another domain, such as “gmail.com”.  This is where things get more complex. When you send email to someone on another domain that is not located on our email system, our system has to talk to another email system using SMTP. In most circumstances this connection is unsecure and is not encrypted.  Our email system will try to make a secure encrypted connection to the other email system if the other system supports it.  If it does not, then an unsecured connection will be used. Most of the big email providers do not support secure SMTP currently, with the current exception being Gmail. Gmail does support secure SMTP.

To ensure outgoing email to another domain is sent securely you have two options:

1)      Imageway Mail Vault – Our built in encryption system allows you to send encrypted emails by storing the outgoing email on our server, and then our email system will automatically send an email to the person receiving the email, notifying them to click a web page link to read the email.  Once they click the link they are taken to a secure (HTTPS) website where they can read and reply to the email after they have been verified. You can send secure email using the Imageway Mail Vault by clicking the “pad lock” button in our webmail into the locked position. If you are not using our webmail, then we can set up a trigger word in the subject, where when the subject contains a specific word (for example “secure:”) then your outgoing email will be encrypted. You must contact us to have this trigger subject word setup for your domain. When this is setup, any email client can send encrypted outgoing email, including mobile devices by using this trigger word.

2)      PGP (Pretty Good Privacy) – If your 3rd party email program supports it, you can use PGP. PGP requires you to create a key which you install in your email client. When you send email using PGP, the email program encrypts your email before it leaves your computer. For the receiver to un-encrypt your email and read it, they must have your public key which must be installed on their PGP supported email program. Due to these additional requirements, we do not suggest PGP if you want an easy and universally supported method of sending encrypted emails. We suggest using the Imageway Mail Vault above if you want a easier to use solution that is universally supported.

To ensure incoming email was sent securely from another domain, you have two options:

1)      If you are using our webmail (not the Mobile Office) and you see a “pad lock” icon next to the email sender or subject, then the email system that sent the email supported the ability to talk to our system over a secure encrypted connection and your email was sent securely. You should notice emails coming from GMail will have a pad lock icon, this is due to the fact Google’s GMail supports the ability to talk to our email system using a secure encrypted connection.

2)      If you are not using our webmail, then you will need to look at the full email headers for the “X-Encryption: SSL encrypted” text. You can search online to find out how to view email headers for your specific email program.  If you are using Mac Mail, you can add any email header to be shown in your email view by going to the “Viewing section” of the Mail preferences, choose the “Custom setting”, and then add the “X-Encryption: SSL encrypted” text. This is a nice feature Mac Mail supports.

Using the methods above, you can have a secure end-to-end encrypted email connection which provides additional security to your business. These advanced features are included with all our email packages.

Rate This Entry:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

How to password protect a webpage location

Mon 15 April 13 Comments are Closed

There are times for security reasons when you might want to limit access to a specific file or directory by using a login and password.  One reason to do this would be to protect your WordPress installation, by limiting access to the wp-login.php script.  Adding the following to your webpage root .htaccess file will require login access to the wp-login script:

<FilesMatch "wp-login.php">
 AuthType Basic
 AuthName "Secure Area"
 AuthUserFile "/home/example/.htpasswds/webpage/wp-admin/.htpasswd"
 require valid-user
 </FilesMatch>

Additionally you can protect all files within a specific directory by putting the .htaccess file in the directory (for example /wp-admin/ directory in the case of WordPress) you want to password protect with the following:

AuthType Basic
 AuthName "Secure Area"
 AuthUserFile "/home/example/.htpasswds/webpage/wp-admin/.htpasswd"
 require valid-user

You just put the above information into a “.htaccess” file and upload to your location of choice. To create the “.htpasswd” file with users and passwords, please use the following online utility: http://www.htaccesstools.com/htpasswd-generator/

 

Rate This Entry:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

How to limit webpage access by a specific IP address

Mon 15 April 13 Comments are Closed

There are times for security reasons when you might want to limit access to a specific file or directory by IP address.  One reason to do this would be to protect your WordPress installation, by limiting access to the wp-login.php script.  Adding the following to your webpage root .htaccess file and it will limit access to the wp-login script to a single IP address:

(ensuring you replace 100.100.100.101 with your own IP address)

<FilesMatch "^wp-login.php$">
	Order Deny,Allow
	Allow from 100.100.100.101
	Deny from all
</FilesMatch>

Or to protect the administrator login page for Joomla instead of WordPress add:

<FilesMatch "^administrator/index.php$">
	Order Deny,Allow
	Allow from 100.100.100.101
	Deny from all
</FilesMatch>

Additionally you can protect all files within a specific directory by putting the .htaccess file in the directory (for example /wp-admin/ directory in the case of WordPress) you want to protect with the following:

Order Deny,Allow
Deny from all
Allow from 100.100.100.100
  • Optional: You can enter partial IP Addresses, such as, 100.100.100. This allows access to a range of addresses.
  • Optional: You can add multiple addresses by separating them with comma’s.
100.100.100.101, 100.100.100.102

You can also accomplish the above by using rewrite rules inside the .htaccess file, for example:

Single IP address access

To allow access from a single IP address, replace 123\.123\.123\.123 with your own IP address:

RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
 RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
 RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123$
 RewriteRule ^(.*)$ - [R=403,L]

Multiple IP address access

To allow access from multiple IP addresses, replace 123\.123\.123\.xxx with your own IP addresses:

RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
 RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
 RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.121$
 RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.122$
 RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123$
 RewriteRule ^(.*)$ - [R=403,L]

If your IP address changes, or you have a very large amount of possible IPs you’re connecting from, you can protect your WordPress site by only allowing login requests coming directly from your domain name. Simply replace example\.com with your own domain name

RewriteCond %{REQUEST_METHOD} POST
 RewriteCond %{HTTP_REFERER} !^http://(.*)?example\.com[NC]
 RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
 RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
 RewriteRule ^(.*)$ - [F]

 

Rate This Entry:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

PHP Web Development

Thu 20 December 12 Comments are Closed

What is PHP? PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. If you are new to PHP and want to get some idea of how it works, try the introductory tutorial. After that, check out the online manual. Our servers at Imageway have been heavily optimized to run PHP as quickly as possible.

We suggest before publishing your PHP website to our servers you create a local test environment where you can test your PHP website first.  If you have a Windows desktop, then we suggest you use WampServer (http://www.wampserver.com/en/). This software is a Windows PHP web development environment. It allows you to create web applications with Apache2, PHP and a MySQL database. Alongside, PhpMyAdmin allows you to manage easily your databases.  WampServer allows you to test your PHP project against various versions of PHP and MySQL very easily. If you are using Linux, Unix, or MAC X then we suggest you use XAMPP (http://www.apachefriends.org/en/xampp.html) for your PHP test environment.

If you install “WampServer” or “XAMPP” on Windows or Mac OS X, be sure to edit the MySQL database “my.ini” configuration file, and add (or change) this line:

lower_case_table_names=2

Once you edit the “my.ini” be sure to restart WampServer or XAMPP.  This needs to be set before you create any databases for a project.  The reason you need this set on Windows or Mac OS X is because we run Linux/Unix servers which are case-sensitive. We have our servers set to “lower_case_table_names=0”, which means MySQL will operate and create things in a case-sensitive way.  Windows or Mac OS X (by default) is not case-sensitive, and you could run into issues when you convert projects created on Windows PHP/MySQL to PHP/Linux/Unix MySQL.  The way to avoid this is to set “lower_case_table_names=2” on your test server.  For more information please see: http://dev.mysql.com/doc/refman/5.5/en/identifier-case-sensitivity.html.

For writing your PHP code we suggest you use Netbeans (http://netbeans.org/), which is available for multiple operating systems. Netbeans is a complete IDE (integrated development environment) that allows you quickly and easily develop desktop, mobile, and web applications in various languages. For more information about NetBeans features for PHP check out: http://netbeans.org/features/php/index.html.

A software framework is a universal, reusable software platform to develop software applications, products and solutions. There are several PHP frameworks, but the one we suggest is CodeIgniter (https://ellislab.com/codeigniter). We suggest this framework because it is a simple framework to use, and has a small footprint (less overhead to slow down your program). The larger fuller frameworks can be slower because of the additional overhead (with the exception of the C based framework Phalcon).

If you want a software versioning  and revision control system, then we currently offer “Subversion”. Subversion can be setup on your existing Imageway hosting account by contacting us.  We will setup the server software for you, so you will have the ability to connect and access your own running Subversion server. If you have a Windows desktop, then we suggest using TortoiseSVN (http://tortoisesvn.tigris.org/) to interact with the subversion server. If you want a good paid solution that works with multiple operating systems, then we suggest looking at SmartSVN (http://www.smartsvn.com/).  In addition, Adobe Dreamweaver has built in Subversion support. For more information about using subversion with Dreamweaver, check out: http://helpx.adobe.com/dreamweaver/kb/subversion-resources-dreamweaver-cs4-cs5.html.

Lastly, do not forget to program using good PHP security practices. A good website to start with is: https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet#DRAFT_CHEAT_SHEET_-_WORK_IN_PROGRESS

All of the above will help you get started with creating PHP applications. Our servers have been heavily optimized for PHP and MySQL through various methods. So once your application has been developed and tested locally, you can upload all the data to our servers so it will be available on the Internet for everyone to use.

Rate This Entry:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Optimizing Magento

Wed 03 October 12 Comments are Closed

Magento is a very popular eCommerce application. It offers a great deal of customization and abilities from initial install. Here are a few suggestions for optimizing a Magento installation.


Changes to .htaccess

Enable Output Compression

In your .htaccess file for Magento you will find a section of text starting with the line, <IfModule mod_deflate.c> and ending at </IfModule>

This section of code can be used to turn on Apache’s mod_deflate module, which provides compression for text, css, and javascript. You will want to uncomment (remove the # symbol) multiple lines so that it looks like this:

<IfModule mod_deflate.c>############################################
## enable apache served files compression
## http://developer.yahoo.com/performance/rules.html#gzip

# Insert filter on all content
SetOutputFilter DEFLATE
# Insert filter on selected content types only
AddOutputFilterByType DEFLATE text/html text/plain text/xml
text/css text/javascript

# Netscape 4.x has some problems…
BrowserMatch ^Mozilla/4 gzip-only-text/html

# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip

# MSIE masquerades as Netscape, but it is fine
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

# Don’t compress images
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary

# Make sure proxies don’t deliver the wrong content
Header append Vary User-Agent env=!dont-vary

</IfModule>

Note: Some of the lines were word-wrapped by the web browser. You may want to copy and paste to make sure everything is on the correct lines.

Enable Expires Headers

First-time visitors to your page have to make several HTTP requests. By using the “Expires” header you make the components  of the requests cacheable. This avoids unnecessary HTTP requests on subsequent page views.

You want to find the area of the .htaccess file that starts with <IfModule mod_expires.c> and ends with the first </IfModule> you see after it, and make it look like this:

<IfModule mod_expires.c>############################################
## Add default Expires header
##http://developer.yahoo.com/performance/rules.html#expires

ExpiresActive On
ExpiresDefault “access plus 1 year”

</IfModule>

Note: Some of the lines were word-wrapped by the web browser. You may want to copy and paste to make sure everything is on the correct lines.


Magento Administration Tweaks

Merge CSS and JS

This particular tweak will reduce the number of HTTP requests on your eCommerce site. If you are using a Magento version prior to 1.4.x, the free extension Fooman_Speedster can be used, if you are running a later version of Magento follow this:

  1. Login to your administration area and go to – System > Configuration > Developer
  2. Under “JavaScript Settings”, change “Merge JavaScript Files” to yes.
  3. Under “CSS Settings”, change “Merge CSS Files” to yes.
  4. Finally you will want to clear your Magento cache.

Enabling Flat Catalog

The model Magento uses to store customer and product data results in longer than average SQL queries and more reads. Enabling the Flat Catalog option for Categories and Products will merge product data into one table, therefore improving performance.

  1. Login to your administration area and go to – System > Configuration > Catalog
  2. Under “Frontend”, change “Use Flat Catalog Category” to yes.
  3. Under “Frontend”, change “Use Flat Catalog Product” to yes – this is optional.
  4. Finally you will want to clear your Magento cache.

Database Maintenance Tips

One of the main issues with Magento sites running slowly, is a database that has become large and difficult to use for sending/retrieving data from.

Here are a few tips for reducing the size of your Magento database.

NOTE: Please be sure to backup your database before performing any of the following changes.

Database Logs

There are several tables used by Magento for logging. While logging is very important regarding knowing what has and is going on with your store, the logs can become large very quickly, so regularly maintenance can be of great assistance.

Here are the tables for logging:

log_customer
log_visitor
log_visitor_info
log_url
log_url_info
log_quote
report_viewed_product_index
report_compared_product_index
report_event
catalog_compare_item

Database Log Cleaning using Magento Administration

  1. In Magento Administration go to System > Configuration
  2. In the left menu under Advanced click on System
  3. Under “Log Cleaning”, change “Enable Log Cleaning” to YES and configure the Save Log for 14 days.
  4. Click “Save Config”

log.php Utility

Magento provides a shell utility that can be configured using Cron or run manually to clean the database logs.

Manually

Log into your account via SSH and cd to the Magento root directory then type:

php -f shell/log.php clean

You can use the -days switch to specify how many days back to save

Cron

This is an example only:

php -f /home/yourcpanelusername/public_html/path/to/magento/shell/log.php

Note: The above line is on one line and may have been word-wrapped by the web browser. You may want to copy and paste to make sure everything is on one line.

Database Cleaning via phpMyAdmin

Using phpMyAdmin offers more flexibility and efficiency when working with databases.

  1. Login to the database admin
  2. Click on the database associated with your Magento installation
  3. Now select these tables:

log_customer
log_quote
log_summary
log_summary_type
log_url
log_url_info
log_visitor
log_visitor_info
log_visitor_online

  1. Below the tables listed, click on the drop-down box “With Selected:” and select Empty
  2. You will get a confirmation screen, click Yes.

You will want to perform this database log cleaning on a regular basis. Utilizing the cron job option will ensure it is done without the need to perform any manual tasks. You will want to be sure you have properly setup this cron.

Rate This Entry:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

How do I optimize or repair a MySQL database

Wed 03 October 12 Comments are Closed

You can manage your databases by utilizing our web based online database tool at: https://database.imageway.com

Optimize Tables

  1. Select the database you want to optimize from the list in the left column, which should take you to the “structure” tab for the database.
  2. Select the tables you wish to optimize by checking the check box in front of each one, or clicking on Select All if you want to optimize all of them.
  3. On the drop down box that says “with selected…” select “Optimize Table.”  This will optimize the table and take you to a new screen.

Repair Tables

  1. Select the database you want to repair from the list in the left column, which should take you to the “structure” tab for the database.
  2. Select the tables you wish to repair by checking the check box in front of each one, or clicking on Select All if you want to repair all of them.
  3. On the drop down box that says “with selected…” select “Repair Table.”  This will repair the table and take you to a new screen.
Rate This Entry:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

 

Can I block an IP or an entire region or country from seeing my site?

Wed 03 October 12 Comments are Closed

Yes, you can block visitors per their IP address. Countries will have a specific IP address range, and you can use that information to block all or some of their IP’s.  There are more than one way to do this:

Blocking a Country or Region using PHP

Searching the internet, we found a unique solution for blocking countries and regions via IP addresses with some PHP coding.

Visit http://timtrott.co.uk/block-website-access-country for more details about this method, including example code.

Blocking a Country or Region with htaccess Deny Rules

Another way to do it is to block IP ranges in the .htaccess file for your site.

For a current list of IP addresses by country, please visit http://www.countryipblocks.net/

On the resulting page, click the “.htaccess deny” link for the desired country. This is the exact code you should paste in your .htaccess file.

Usually the .htaccess in your webpage/ folder is best, as it can protect all your addon domains and subdomains.

I have a specific IP I want to block.

To block multiple IP addresses, list them one per line by editing your .htaccess file, for example:

order allow,deny
deny from 127.0.0.1
deny from 127.0.0.2
deny from 127.0.0.3
allow from all

You can also block an entire IP block/range. Here we will not specify the last octet in the .htaccess file.

deny from 127.0.0

This will refuse access for any user with an address in the 127.0.0.0 to 127.0.0.255 range.

Instead of using numeric addresses, domain names (and subdomain names) can be used to ban users.

deny from isp_name.com

It bans users with a remote hostname ending in isp_name.com. This would stop all users connected to the internet via isp_name.com from viewing your site.

If you only want to allow certain IPs to connect to your website, you can set an option for deny from all, which will deny everyone.

This must be done by coding your .htaccess file as follows:

deny from all
allow from 70.24.291.52
allow from 216.130.49.223 #my house

Using .htaccess to block an entire range or name is likely to lock out innocent users. Use with caution.

Rate This Entry:
1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
Loading...

Optimizing Joomla

Wed 03 October 12 Comments are Closed

Joomla is a popular CMS that is highly extensible and customizable. Here are some steps to optimize your Joomla installation, and reduce the CPU consumption of this script.

  • Enable Caching
    • This is probably the most important. You can lower the footprint of your site on the server noticibly by enabling caching. This should be enabled at all times.
  • Change your template
    • Some templates may look nice, but they can use up to 70 images per page request, each of which generates an HTTP connection to the server. When many people visit your site, you will end up consuming enough CPU to cause the server’s load to rise. You should consider clean template styles instead of image heavy templates.
  • Disable Gzip compression
    • The CPU has to work harder to compress each of your pages before it sends it out. If you have Gzip compression enabled, an extra overhead is added to each page request.
  • Be careful about components
    • Many components are heavy CPU consumers, and will cause your site to raise the server’s load. Make sure you’re only using the minimum amount of components that are necessary to the operation of your site.
  • Do not use statistics components
    • These use a lot of SQL queries to constantly update and display your site statistics. Use Awstats or Google Analytics to track users.
  • Optimize Forums
    • If you are using a forum bridge/extension such as FireBoard or something similar, make sure to require visitors to register before they are allowed to search and post, and employ captchas for your board.

These steps are not guaranteed fixes to bring a site to normal CPU consumption, but they will drastically reduce the amount of CPU consumed by a Joomla installation. If there are any questions about this, please don’t hesitate to contact support.

Rate This Entry:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...
back to top
×