Search Blog

Blog

Get the latest on what's happening at itomic

Informative commentary on the web industry from the experts at Itomic.

December 30, 2014

Content Delivery Network [Explained]

By Izumi Mitsui

Content Delivery Network (CDN) is a network of servers set up in certain geographic locations that deliver up content to end-users more efficiently according to the location the request is made from.

Itomic_CDN
[Image source: wpbeginner.com]

Loosely speaking it’s like a business having franchise stores. Recently in Perth, we finally got our first Crispy Cremes store (woop!). The business can now deliver glazed goodness to their customers via the geographically closer Perth store instead of providing orders from the eastern states.

How does CDN impact your website?

Using CDN for your website will allow better overall performance and reliability by serving up content quicker for end-users. As a general rule of thumb, faster sites equate to better usability and user experience and therefore better ranking with search engines.

How do I get my website on a CDN?

Generally hosting companies offer their own CDN options. If you are interested on getting onto a CDN with Itomic please give us a bell and let us assist you further.

TAKEAWAY
All website owners should consider speed and performance seriously to ensure the end-users get the best experience possible. Content Delivery Network is a great tool to assist so why not give it a go?


December 29, 2014

Why SEO is like your garden

By Izumi Mitsui

It’s no secret, to keep a flourishing garden, regular attention and nourishment is required on a consistent basis.
If you leave the garden alone for a long time it quickly starts to dry and the colours fade.

The same mindset should be applied when looking at SEO, here are some key reasons why.

SEO should be ongoing because:

SEO Algorithms change

Major search engines are continually updating their algorithms to deliver relevant and helpful content to the end users. Just in 2014 there was over 12 major algorithm changes with Google alone!

End-users are always changing

As search engines evolve it alters the behaviour of your target audience online. Catering for this with optimisation efforts are crucial to keep up with the rhythm of change.

Competition is always moving

If you stay stagnant, it’s likely you are falling behind the pack. There are only certain amount of keywords and search engines that are available for the end-users.
e.g. If you currently rank 3rd for a specific keyword, you need to ensure ongoing SEO work is performed to make sure other optimised pages don’t outrank you.

THE TAKEAWAY; The more time you sow into your campaign the greater your momentum to achieve maximum impact on the search results.

If you’d like to know more or discuss in detail please contact us at anytime.


November 19, 2014

Itomic official closing times for upcoming 2014-15 Xmas and New Year holidays

By Ross Gerring

In common with most other Australian businesses, please be advised of the following official closing times for Itomic for the upcoming holiday (hooray!) season:

Last working day: Friday Dec 19th 2014

First working date back: Mon Jan 5th 2015

Or if you prefer, we’re officially closed from Mon Dec 22nd 2014 – Friday Jan 2nd 2015 inclusive.

We do have some staff members (esp. in Melbourne!) taking extended annual leave beyond Jan 5th, so please bear with us as we come back up to full strength over the course of January 2015.

Itomic is of course a fully-fledged website hosting company, and websites don’t take holidays! Therefore we’ll have at least a skeleton staff on standby to respond over the holiday season in the unlikely event of any mission-critical website hosting issues. In the event that you do spot any such issues with your Itomic-hosted website, just call 1300 ITOMIC, 24/7/365.


November 3, 2014

Itomic risk assessment re: the serious Drupal vulnerability SA-CORE-2014-005 of Oct 2014

By Ross Gerring

On Oct 15th 2014 a serious security vulnerability in the Drupal CMS was reported by the Drupal Security Team:

https://www.drupal.org/SA-CORE-2014-005

with additional articles here:

https://www.drupal.org/drupalsa05FAQ
https://www.drupal.org/PSA-2014-003

The issue also made the headlines of some major news agencies, e.g.

http://www.bbc.com/news/technology-29846539

Itomic hosts and/or supports some 40+ Drupal sites. Within 24 hours of the issue being announced, all Drupal sites covered by Itomic’s Drupal Security Contract (DSC) were patched. Where Drupal site owners did not have a DSC, their sites were patched some time afterwards.

In common with the experience of others (see the FAQ), Itomic noticed that some sites (4, to be precise) had already been patched, but not by us. This was a clear indication of  interference by hackers. First they used the security vulnerability to write a malicious script (a single file) to the hosting account, then they closed the backdoor to other hackers by patching the vulnerability. This technique might have tricked some website owners into thinking that, because their websites were patched, everything was fine. In each of the 4 compromised websites Itomic was able to quickly and easily delete the malicious scripts.

All Drupal sites hosted and/or supported by Itomic, including the 4 above, were individually reviewed for malicious activity. This included the use of the tool Drupalgeddon. No additional malicious activity was discovered. 

We acknowledge that, just because no additional malicious activity was discovered, this does not guarantee that some of the sites were not compromised in ways we have not yet been able to detect. That said, because of our prompt action and follow-up site reviews, we deem this to be very unlikely.

If indeed there are some sites on our systems that remain compromised, we’re as confident as we can be that our hosting systems and procedures are extremely well equipped to a) detect and report any significant malicious activities emanating from the compromised sites, and b) prevent those malicious activities from negatively impacting other hosting accounts on the same hosting server.

Here’s a quick overview of why Itomic hosting is superior website hosting. With the odd exception (for legacy and/or decommissioning reasons) all our servers use/employ:

  1. CloudLinux, arguably the most secure operating system for shared and dedicated website hosting.
  2. suPHP and CageFS. These make it theoretically impossible for an infected hosting account to interfere with other hosting accounts or the broader server environment. 
  3. OSSEC. Intrusion detection system.
  4. Maldet. Realtime malware detection.
  5. OpenNMS. Performance and health monitoring.
  6. KernelCare. Rapid automatic patching of core server software.

Additionally,

  1. In collaboration with our advanced tech support partners in the USA (a very successful 10+ year relationship), we have a 24/7 human response team in place to deal with critical issues.
  2. With the odd temporary exception, our hosting policy is to only run a single CMS-type per server. So for example we have Drupal-only servers and WordPress-only servers. This has two primary benefits: 1) we can optimise the hosting environment for that particular CMS, 2) security issues with one CMS-type do not impact other CMS types.

Above we’ve described what Itomic does to protect the website assets of our valued clients. And yet the fact remains that if a person (or ‘bot’) is in possession of a valid username and password, all the above provides little or no protection. Which is why always using very ‘nasty’ (hard to guess) passwords is imperative for all persons who login to electronic systems – especially those with elevated privileges such as administrators or super-users. We acknowledge that really nasty passwords are, by definition, hard to remember. We therefore strongly recommend the use of password management systems such as LastPass or other reputable alternatives. If you’re not comfortable with electronic systems storing all your passwords, here’s an article about how to create and remember good ones.

Are you knowingly using a relatively easy-to-guess password? We urge you to change it today.


October 17, 2014

Myth Busting Paypal [Protip]

By Izumi Mitsui

Over the years I’ve noticed there’s a common misunderstanding of Paypal which resulted in some kick-back as a payment method selection. I’ll address the 3 topics most often covered in conversations.

Myth 1 – I have to sign up to Paypal to use it. 

FALSE. This is the conversation that comes up the most. While it makes it more effortless if you do own an account (with pre-filled fields etc), you can choose to pay as a guest.

 paypal_itomic

Myth 2 – I can’t use my credit card with Paypal 

FALSE. Refer to the graphic above, paying as a guest allows you to pay with your standard credit cards (VISA, MASTERCARD, AMEX and DISCOVER)

Myth 3 – Paypal is not recognised enough around the world 

FALSE. Paypal is used by a myriad of companies globally across numerous industries/markets. A comprehensive list of Aus companies that use Paypal see here https://www.paypal.com.au/where-to-shop-with-paypal/ (I bet you’ll recognise more than a few of your favs in the list) 

Development Cost Advantages

When developing an e-commerce solution using Paypal will allow you to avoid the following costs: 

  • Merchant account with the bank. | Costs vary depending on the bank.
  • Payment gateway programming | Costs vary depending no the bank.  
  • SSL Certificate - to handle sensitive information such as payment details in an encrypted format

I hope this serves to be helpful information in understanding Paypal better. 
Got questions? Let’s chat!