Archive for the ‘Web Hosting’ Category

« Older Entries

Mail Spam Prevention with RBL/DNSBL

Friday, March 5th, 2010

RBL stands for Real-time Black-hole List, this is a term for DNS based systems designed to assist in the prevention of email abuse. The first such system was created by Mail Abuse Prevention System (MAPS) LLC. The generic name for such services is DNSBL.

The RBL usually lists server IP addresses from ISPs whose customers are responsible for the spam and from ISPs whose servers are hijacked for spam relay. The DNSBL consists of a DNS based system containing lists of IP addresses whose owners refuse to stop the proliferation of spam whether this is by running their mail servers as open relays, or by allowing their users free outbound access to port 25.

In the case of E-mail there are distributed projects on the Internet which monitor where spam mail is originating from and add these to a real time list which can be checked when deciding whether to accept or deny mail.

Most spam on the Internet originates from two places:

  • Virus/Trojan infected machines which appear to be running normally to a user but are also sending spam out to the Internet at large after being fed a list of addresses/spam e-mail from a remote operator.
  • Professional spammers. Who send spam out from their own systems up to any limits by ISP or any compromised mail server.

The RBL identifies these machines by their internet address and adds them to a list that can be checked in real time by an e-mail server. If a server has been listed as a spam host the mail will be refused immediately. This means less overhead on e-mail systems and a lot less spam for end users. It also generally means less “fake” bounce messsages that users receive when spam is forged to come from them.

As subscribers to the DNSBL, ISPs and companies will know from which IP addresses to block traffic. Most traffic blocking occurs during the SMTP connection phase. The receiving end will check the DNSBL for the connecting IP address. If the IP address matches one on the list, then the connection gets dropped before accepting any traffic from the IP address.

Below are the lists of few RBL/DNSBL sites.
SpamCop – http://www.spamcop.net/
The Spamhaus Project – http://www.spamhaus.org/
Mail Abuse Prevention System LLC – http://www.mail-abuse.com/
The Spam and Open Relay Blocking System – http://www.sorbs.net/
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Tags: , ,
Posted in Web Hosting | No Comments »

How to hide Apache and PHP Versions from remote users

Sunday, November 1st, 2009

Hide Apache Information

To hide the information, add/change the following two apache directives in Apache configuration file /etc/httpd/conf/httpd.conf

ServerTokens ProductOnly
ServerSignature Off

Now you need to restart your web server using the following command

# service httpd restart

Now the output for apache header looks like below

Server: Apache

Hide PHP Version in Apache from remote user’s requests

In your php.ini (the typical path is /etc/php.ini) locate the line containing “expose_php = On” and set it to Off:

expose_php = Off

Now you need to restart your web server using the following command

# service httpd restart

After making this change PHP will no longer add its signature to the web server header. Though, this step in itself will not make your server more secure, it will prevent remote hosts to easily see that you have PHP installed on the system and what version of Apache you are running on your web server.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Tags: , ,
Posted in Linux, Web Hosting | No Comments »

Free Web Hosting Offer for .IN Domains

Tuesday, October 27th, 2009

Web hosting like any other commoditised service available on the Internet today, is tagged as a low cost option to enabling your presence on the web. Although, there are a plethora of low cost web hosting companies online today offering you GBs of space for pennies they simply cannot provide prompt and effective support to their clients due to such ‘hit and run’ selling methods.

At Diadem, we have worked hard to build a strong foundation for our web hosting service based on an untiring and a long term commitment to enable our clients to avail the most efficient hosting services which they have come to appreciate and trust from us.

In keeping with this continued focus to providing our clients with innovative web hosting services, we are pleased to offer our FREE web hosting service to clients booking a .IN domain with us. Our FREE web hosting plan is a win-win  proposition by enabling our clients to evaluating our hosting services and upgrading to a paid solution, after they find our services to meet their needs.

.IN domains are gaining in popularity and if you already have a .com or any other extension booked for your organisation, you should definitely consider a .IN version of that domain as well. This offer is also relevant for companies located outside India who wish to have a presence in the Indian market and a .IN domain is a great way to begin promoting their foray into Indian markets. More details and signup options are available on our Free Web Hosting page but as this is a limited period offer, I urge you to book your domain early to prevent any disappointments.

Free Web Hosting worth Rs. 999 with every .in Domain Registration.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Tags:
Posted in News & Updates, Web Hosting | No Comments »

Email and server security features on Diadem servers

Wednesday, October 14th, 2009

Diagram of Various Tiers of security in datacenter network and at server level

security

At Diadem Technologies we take extreme precaution and safeguard of our mailing services to ensure continuous and reliable availability of our mailing services to our clients. We have all our servers located in the world’s leading datacenter which has a very secure environment with various levels of physical and hardware based protection to keep your data safe from different attacks and vulnerabilities. The servers have multi core Xeon processers and have RAID10 array of HDDs for complete data redundancy so that a hard disk crash would not affect the server operations and would not result in any loss of data on the server.

The servers are restricted to be accessed via the Public network so that no unauthorized access to the servers can be made. We use a secure encrypted VPN (virtual private network) connection that connects to the private backend network and hence the servers are only accessible to the legitimate admin users at our end.

For network level protection we have in place perimeter hardware firewalls by CISCO systems to block external threats along with CISCO GUARD DDOS (Distributed Denial of service) and CISCO Tipping point IPS (Intrusion prevention system). CISCO GUARD DDOS protects from requests that make a computer resource unavailable to its intended users and brings down the server to halt. CISCO Tipping point IPS is an advanced Intrusion prevention system that is used extensively in critical networks to monitor network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. Network-based IPS, for example, will operate in-line to monitor all network traffic for malicious code or attacks. When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass.

After passing through the various levels of security mentioned above we have more additional security features on the physical server for protecting the server /server applications and the inbound and outbound mails.

  • At the server we have robust software based firewalls that have been customized to add another level of security in the server.
  • We have SMTP connection tracking system to check all the connections that are being made to the server for sending or receiving mails. At this level various parameters of a mail are checked like if the IP of the sender is blacklisted in any third party Anti SPAM website, if the sender has a valid mail server, if the reverse DNS of the sender email server is valid.
  • We have enabled greylisting on the server to cut down on SPAM mails before they can enter the server. We have advanced content filtering along with anti spam software, antivirus, malware and anti root kit signatures that are updated regularly to block emerging threats immediately.
  • Once the mail is scanned with the above filters, we implement a new and unique technique to authorize defined servers only to server your emails through the use of SPF records. Any other servers would not be able to send or receive any mail on behalf of your domain. This will cut down spoofing of your emails.
  • At the last stage we have SMTP authentication enabled that allows mails to be relayed through our servers only for those who are intended to send mails hence reducing the unwanted relaying of mails.

The above illustration highlights our commitment to ensure that we provide our clients with the best of breed technologies to ensure spam free, virus free, efficient and continuous availability of our mailing services for their operations.

If you are interested in knowing more about our web hosting services and plan details, you can look us up at www.diadem.co.in.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Tags: ,
Posted in Linux, Web Hosting | No Comments »

Quick tip to check if your site is indexed by Google

Tuesday, July 28th, 2009

To quickly determine whether your site is still in Google index, just perform a Google site search for its entire URL. e.g. a search for

[ site:www.diademblogs.com or site:diademblogs.com ], for instance, returns the following results:

Results 139 of 39 from www.diademblogs.com. (0.25 seconds)

If your site is displayed as a result when you perform a Google site search for your URL, then it’s included in google index, which is the first step in getting your site listed on Google search results.

If your site is not listed in the Google index or if you would like to enable Google to spider your site frequently for fresh content, signup for the google webmaster tools at http://www.google.com/webmasters/.

Tags: ,
Posted in SEO, Web Hosting | No Comments »

A Beginners Guide to Domain Name Registration

Tuesday, July 14th, 2009

A brief primer on domain registration services and tips to ensure that you have complete control of your online web assets.

Firstly, the techie stuff :) . The main purpose of a domain name is to provide symbolic representations, i.e., recognizable names, to mostly numerically addressed Internet resources. This  allows any resource (e.g., website) to be moved to a different physical location in the address topology of the network, globally or locally in an intranet, in effect changing the IP address. This translation from domain names to IP addresses (and vice versa) is accomplished with the global facilities of Domain Name System (DNS).

Top-level domains

Every domain name ends in a top-level domain (TLD) name, which is always either one of a small list of generic names (three or more characters), or a two-character territory code  Top-level domains are sometimes also called first-level domains.

Few Examples of TLDs : [ .com  .in  .net  .org  .net  .asia  .edu  .biz  .info  .edu ]

Domain Name Registry Services

A domain name registry, also called a Network Information Center (NIC), is part of the Domain Name System (DNS) of the Internet which converts domain names to IP addresses. It is an organisation that manages the registration of Domain names within the top-level domains for which it is responsible, controls the policies of domain name allocation, and technically operates its top-level domain. It is potentially distinct from a domain name registrar.

A domain name registrar is a company, accredited by the Internet Corporation for Assigned Names and Numbers (ICANN) or by a national ccTLD authority, to register Internet domain names. These “retail” companies are often distinct from the “wholesale” domain name registry operator.

ICANN has authority over generic top-level domains, or gTLDs. Examples of gTLDs include .com, .net, .org and .mobi. ICANN does not have authority over ccTLDs, or Country Code Top-Level Domains, although it is quite common for domain name registrars to offer ccTLD registration services as well. Most registrars provide DNS hosting service, but this is not required, and is often considered a separate service.

ICANN is the Internet Corporation for Assigned Names and Numbers. Headquartered in Marina Del Rey, California, United States, ICANN is a non-profit corporation that was created on September 18, 1998 in order to oversee a number of Internet-related tasks previously performed directly on behalf of the U.S. government by other organizations, notably the IANA (Internet Assigned Numbers Authority).

Now, for the interesting bit. Domain name registrations involves registering a domain name with an approved registrar. The process is broken down into the following steps:

  1. You have to chosse a unique domain name that is not presently owned by anyone else.
  2. Find a company that registers domain names from ICANN accredited registrars and do some market research before registering domains with them . Few examples few ICANN accredited registrars are:
    • eNom, Inc.
    • Network Solutions, LLC
    • Register.com, Inc.
    • Directi Internet Solutions Pvt. Ltd. d/b/a PublicDomainRegistry.com
    • You can gather more information from http://icann.org/
  3. Verify the  information and control that you would get about your domain upon registration. Few details that you should obtain upon the domain registration are:
    • Domain management control panel login details from where you can set your nameservers or use other features like managed DNS service, etc.
    • You should get the Authorization Code for your domain which is a Secret code for your domain required if you wish to transfer your domain name from the current registrar to a new host.
  4. Always ensure that the Administrative as well as the technical contact information that you provide are valid and the e-mail ids are functional since all the correspondence related to your domain would be made to this e-mail id.
  5. You can register a domain name for maximum of 10 years at a stretch (this might vary for some extensions, like .in, .co.in where the maximum period of domain registration is 5 years).

Domain Name Transfer Procedure:

At times, domains are sold to another organization or sometimes the name of a company might change. Most registries require a letter of permission from the old owner to hand over control to the new owner. The procedures for Transfer of ownership will depend on the registry.

Domain Name Lock:

This facility helps to keep your domain secure from disgruntled ex-employees and hackers. Once you activate Domain Lock, no changes to your domain is permitted. Your domain has unlocked by you before the domain can change hosting, contacts, registrants or even transfer out to another registrar.

The Domain Lock section is password-protected, meaning only the authorized user can access this section. The username and password to the account is not enough. It asks the user additional queries like “what’s your mother’s maiden name?”; “your pet’s name is…” and so on. Facts that only you know.You should always ensure that your domain is locked until you specifically request for unlocking it to your registrar.

Domain Privacy

The last factor you need to consider is the possibility of somebody looking for you on the web.  Anyone can search for domain owners on the WHOIS website.  Depending on what you have going on, you may not want to make this information accessible.  In this case, you could opt for domain privacy which will keep your domain name private on the WHOIS database.  A registrar typically charges an additional fee for this service, but you might find it to be worth the extra costs.

Diadem Technologies Pvt. Ltd.(www.diadem.co.in) is a value added partner of multiple accredited ICANN registrars namely eNom, Inc. and ResellerClub and has over 5k+ domains under its management. You can send us your domain related queries at support@diadem.co.in and we can give you expert advice on how to effectively secure and retain control of your online web assets.

Tags: , ,
Posted in Marketing Tips & Advice, Web Hosting | No Comments »

Checklist before you shift your website between web hosts

Thursday, May 28th, 2009

It can be somewhat of a nightmare when you have to migrate from one web hosting provider to another if you are getting more features and services which are not available with your present web host. But before you take the leap of shifting your website, following is an important set of TODOs which can save you considerable heartburn and help ensure minimal downtime when you shift your webhost:

  1. Ensure that the new webhost meets all your needs, like storage space, bandwidth, down times, support for the operating system and applications that run on your web site, support for scripts and an adequate number of email accounts and auto responders.
  2. The next step would be to back up all your website content/DB on your current server to a secure location. Make sure you get all your email  downloaded to local machine as it may not be possible to restore mails from another server, databases and website files.
  3. Upload all your files and databases to the new server and make sure you retain all the file permissions as they were on your old siteso that you don’t end up with scripting errors. Arrange a test environment to test the scripts, contact pages, and databases connection and check for incompatibility issues between applications on your old server and your new one, before you make the necessary DNS change.
  4. You need to plan for the downtime that would result from this event. DNS updates take up to 48-72 to propagate globally across the Internet. Let your customers and website visitors know of this planned upgrade. Make the move when your traffic would be the least (ideally during weekends or holidays).
  5. Check if mail services for your domain is running on the new hosting provider so that you don’t lose any email messages, when you make the transition.
  6. If your domain name registration is a part of your old hosting plan, then you might want to move your domain to another third party provider since moving your site to a new web hosting provider means that your domain name company remains the same while your web hosting provider changes. If your domain name was registered using a third party domain name registration company, then this is not an issue.
  7. If your site is dynamic, DNS update delays can cause data lose if you are not careful. Some customers may see your old site while others have access to the new one. To minimize such occurrences, disable your site  on the earlier webhost with a message on a static page so that these users cannot update the old DB on the server.
  8. If you plan to migrate more than one domain, make sure you start the process with enough time to spare for the DNS update delays and take expert help on this issue.
  9. Make sure all the visitors to your old webhost are being redirected to your new site before canceling your current web hosting provider. It is best to keep both sites up and running in parallel for at least one weeks, it will help you to retrieve data if there are any issues. Take a final backup of all your site content and database before canceling your current web hosting provider.
  10. Check your site on Google to ensure that the links indexed by Google are still working well. Sometimes, the links spidered by Googlebots on your previous webhost (especially if you are on a dedicated IP), show a ‘404 nage not found’ error, which might cause all your organic SEO efforts get washed away in a single instance.

Hopefully, the above tips would help you understand the importance of planning in advance to the smallest detail, if you intend to shift webhosts anytime in the near future.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Tags: , ,
Posted in Web Hosting | 1 Comment »

Greylisting – A great way to block incoming spam emails

Monday, May 18th, 2009

Greylisting is a new weapon to use against spam. With this new shielding method, by which you may block out huge amounts of spam, you are sure to please your email users!

In name, as well as operation, greylisting is related to whitelisting and blacklisting. What happens is that each time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a “421 Envelop failure”-message (This happens at the SMTP layer and is transparent to the end user). This, in the short run, means that all mail gets delayed at least until the sender tries again – but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later.

Spammers often adapt to this technique but that does not really make greylisting useless. This delay in new sender contacts also gives you a lot of extra power. This may be an hour, but in this hour there is a large chance that the mass mailer/spammer has been identified by the more conventional anti-spam software. Thus, when he retries it, is likely that we will know that the mail is a SPAM mail.

Three pieces of information from a delivery attempt, referred to a as a triplet are used to uniquely identify the relationship between a sender and a receiver:

  • The Envelope Sender.
  • The sending host’s IP address.
  • The Envelope Recipient.

Perhaps the most significant disadvantage of greylisting is the fact that, like some other spam mitigation techniques, it destroys the near-instantaneous nature of email people have come to expect. A customer of a greylisting ISP can not always rely on getting every email in a pre-determined amount of time. However, the original specification for email states that it is not a guaranteed delivery mechanism and not an instantaneous delivery mechanism. This means that greylisting is a perfectly legitimate process and does not break any protocols or rules. Traditionally, greylisting is very good at flushing out poorly configured mail servers that cannot maintain state, queue email correctly, or retry delivery within a reasonably short time. Mail servers that are properly configured and fully conform to SMTP generally have no problems with greylisting techniques and delays are very small so as not to be a problem.

Some MTAs, upon encountering the temporary failure message from a greylisting server on the first attempt, will send a warning message back to the original sender of the message. The warning message is not a bounce message, but it is often formatted similarly to one and reads like one. This practice often causes the sender to believe that the message has not been delivered, when in fact the message will be delivered successfully at a later time.

Also, legitimate mail might not get delivered if the retry doesn’t come within the time window the greylisting software uses, or if the retry comes from a different IP address than the original attempt. When the source of an email is a server farm or goes out through an anti-spam mail relay service, it is likely that on the retry a server other than the original server will make the next attempt. Since the IP addresses will be different, the recipient’s server will fail to recognize that the two attempts are related and refuse the latest connection as well. This can continue until the message ages out of the queue if the number of servers is large enough. This problem can partially be bypassed by identifying and whitelisting such server farms in advance. However, it is not possible on a distributed network the size of the Internet to maintain a complete list of all such server farms.

It needs to be noted that such SMTP delivery server farming techniques can be construed as breaking RFCs detailed above since the original sending machine has absolved itself of the responsibility of mail delivery by tossing it back into the pool, which breaks the state of the mail delivery process.

Tags: , , , ,
Posted in Linux, Web Hosting | No Comments »

Load Balancing Overview

Tuesday, April 14th, 2009

Load balancing is a technique to spread work between two or more computers, network links, CPUs, hard drives, or other resources, in order to get optimal resource utilization, maximize throughput, and minimize response time. Using multiple components with load balancing, instead of a single component, may increase reliability through redundancy. The balancing service is usually provided by a dedicated program or hardware device (such as a multilayer switch).

One of the most common applications of load balancing is to provide a single Internet service from multiple servers, sometimes known as a server farm. Commonly load-balanced systems include popular web sites, large Internet Relay Chat networks, high-bandwidth File Transfer Protocol sites, NNTP servers and DNS servers.

Load balancer is usually a software program or a hardware device which is listening on the port where external clients connect to access services. The load balancer forwards requests to one of the “backend” servers, which usually replies to the load balancer. This allows the load balancer to reply to the client without the client ever knowing about the internal separation of functions. It also prevents clients from contacting backend servers directly, which may have security benefits by hiding the structure of the internal network and preventing attacks on the kernel’s network stack or unrelated services running on other ports.

A variety of scheduling algorithms are used by load balancers to determine which backend server to send a request to. Simple algorithms include random choice or round robin. More sophisticated load balancers may take into account additional factors, such as a server’s reported load, recent response times, up/down status (determined by a monitoring poll of some kind), number of active connections, geographic location, capabilities, or how much traffic it has recently been assigned. High-performance systems may use multiple layers of load balancing.

Session Persistence:

An important issue when operating a load-balanced service is how to handle information that must be kept across the multiple requests in a user’s session. If this information is stored locally on one back end server, then subsequent requests going to different back end servers would not be able to find it. This might be cached information that can be recomputed, in which case load-balancing a request to a different back end server just introduces a performance issue. One solution to the session data issue is to send all requests in a user session consistently to the same back end server. This is known as “persistence” or “stickiness”.

Fortunately there are efficient approaches to solve this problem. In the very common case where the client is a web browser, per-session data can be stored in the browser itself. One technique is to use a browser cookie, suitably time-stamped and encrypted. Another is URL rewriting. Storing session data on the client is generally the preferred solution; then the load balancer is free to pick any backend server to handle a request.

To know more about Load balancing options , pricing  and how it could ensure more availability and redundancy to your mission critical data check our load balancing services at www.diadem.co.in.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Tags: , ,
Posted in Web Hosting | No Comments »

What is a content delivery network?

Tuesday, March 31st, 2009

CDN stands for content delivery network in which there a farm of servers separated geographically which helps in faster organizing, storing, and streaming web site content (images, text, video and other static content) to end-users. Rather than serving content directly from the host server to the end-user, the Content Delivery Network moves the content source from the host server to a node that is geographically closer to the end-user. This minimizes the distance the data has to travel, avoiding network traffic jams, and decreasing latency.

Key Benefits of a Content Delivery Network:

A. High-Quality Content and Media Rich Web Sites:

CDN places content as close to the end-user as possible, making downloading, streaming, and web site load times faster and more consistent. This allows web sites to include richer, more creative content without sacrificing performance.

B. Broader Geographic Reach:

CDN pushes content to server nodes placed around the world, optimizing the speed and reliability of content delivery to end-users regardless of location. This is especially advantageous as Internet subscriber rates continue to increase globally.

C. Cost-Effective, Performance-Neutral Scalability:

CDN spreads its workload over multiple servers in diverse locations, so increases in content demand does not slow down or compromise delivery.

What are the advantages of using CDN over standard Internet content delivery?

CDN delivers content more efficiently than standard Internet content delivery, letting businesses meet the growing demand for rich, online media that require large bandwidths. Standard Internet delivery sends content data over general Internet routes from the host server’s location to the end-user’s location. This takes into account neither the host server’s proximity to the end-user, nor possible traffic jams between the two. CDN, however, moves the content from the host server to a node that is geographically closer to the end-user. This avoids potential network congestion and decreases latency, increasing delivery speed and providing consistent and reliable file transfer times. In addition, as a solution created specifically for content delivery, CDN includes tools that provide more content management and delivery control, helping with content monetization.

Who should be using a CDN?

CDN is ideal for any company or individual that wants to make content available on the Internet, particularly those with sites that utilize caching, streaming, and downloading services. This includes a wide variety of industries and applications, including:

  • Social Networking
  • Gaming
  • E-commerce
  • Entertainment
  • Software Development
  • Financial Services

Content Formats:

CDN supports multiple content formats for streaming media and progressive downloads.

Formats for Streaming Media

  • Windows Media Player
  • Flash Media

Formats for Progressive Downloads

  • Windows Media Player
  • Flash Media
  • DivX
  • H.264
  • Move Media Player
  • Microsoft Silverlight
  • QuickTime
  • MP3
  • RealSystem G2
  • RealPlayer
  • Real Networks
  • HTML
  • TXT
  • GIF
  • JPG
  • PDF

Supported Delivery Protocols

  • HTTP
  • RTMP
  • MMS

Diadem Technologies in association with Softlayer Technologies Inc. is providing Content delivery services to its clients for their richmedia  and streaming media applications.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Tags: ,
Posted in Datacenter, Web Hosting | No Comments »

« Older Entries