Help

Deflect y eQPress

Sobre Deflect

El proyecto Deflect es un servicio que disminuye las afectaciones de un “Distributed Denial of Service” o Ataques distribuidos de denegación de servicio (DDoS). DDoS se refiere al intento de hacer un aparato o red (network) no disponible para el usuario. Deflect neutraliza los cyberattacks contra medios independientes y defensores de derechos humanos. Su objetivo es crear una respuesta técnica, dirigido por las comunidades, a la censura de voces en línea causadas por ataques DDoS.

Es un servicio para ONGs, grupos de la sociedad civil, blogueros activistas y grupos mediáticos independientes. Creado por la asociación sin ánimo de lucro de seguridad digital eQualit.ie, el servicio es una solución gratuita.

Antecedentes:

La mayoría de los grupos defensores de los derechos humanos y de los grupos mediáticos independientes no tienen los recursos económicos o técnicos para mitigar los ataques de denegación de servicio (DDoS). En respuesta, Deflect fue creado para proveer este servicio de forma gratuita. Estos ataques—iniciados por ‘bots’ infectados—pueden inhabilitar páginas web e impedir el acceso a usuarios. Más esto puede intimidad a propietarios de páginas web y vulnerar la libertad de expresión en internet.

Los servicios comerciales de mitigación de los ataques de denegación de servicio (DDoS) son costosos y pueden alterar los términos del servicio web si consideran que esa página web tiene muchas visitantes. Muchos de nuestros clientes acuden nuestro servicio después de haber tenido una mala experiencia con algún servicio comercial conocido.

El método:

Instalamos cachés proxys inversos repartidos en una colección de proveedores de hosting de bajo costo distribuidos geográficamente. Cada uno de los anfitriones (host) tiene una funcionalidad equivalente, aunque todavía están averiguando cuales son los proveedores de mayor calidad. Usando short-time-to-live DNS (el corto tiempo de vida del sistema DNS), cachés distribuidos, aislando algunas IP y otras buenas prácticas identificadas, los servicios Deflect multiplican clientes, y al mismo tiempo, a bajo coste para Deflect y de forma gratuita para los clientes.

Diseño:

Deflect está diseñado como un sistema fácilmente reproducible, robusto, de bajo coste y no propietario (software libre) que proporciona protección a múltiples páginas web, a las que llaman “origins”. El sistema fue creado para mantenerse neutral ante diferentes servidores web (con algunas limitaciones que se explican a continuación). Se ha construido usando Debian 6 VPSs, a los que llaman “edges” y un servidor controlador al que llaman “controller”. El componente de caché se encuentra bajo el servidor de tráfico Apache.

Protección ofrecida:

  • Absorbe el 99% del tráfico destinado a tu página web; Comprueba algunas estadísticas de tráfico aquí.

  • Oculta la ubicación de tu servidor (dirección IP).

  • Impide el acceso público a los paneles de redacción (p. ej. /admin, /login, etc.)

  • Filtra las peticiones malignas a través de fail2ban, learn2ban y conjuntos de reglas iptables.

Deflect en acción:

Para acceder a la página protegida de Deflect:

  1. Introduce la dirección de la página web en el buscador.

  2. El sistema de nombres de dominio (DNS) recuperará un alias señalando a nuestro conjunto de servidores de almacenamiento. Uno de estos servidores es seleccionado mediante la técnica Round Robin DNS.

  3. Si se permite el acceso a la página solicitada y el servidor de almacenamiento tiene el contenido de la página en su caché, responderá inmediatamente al buscador. Si el contenido no está guardado en el servidor de almacenamiento, se solicitará a la “origin” y se mandará al buscador.

  4. Si la dirección no está autorizada, se muestra una página de notificación.

La imagen que se muestra abajo ofrece una sencilla explicación:

Detalles y limitaciones

Componentes almacenados:

Deflect maneja páginas web compuestas por muchos elementos, incluyendo hojas de estilo en cascada (CSS), Javascript, archivos multimedia y grandes ficheros binarios. Los componentes de las páginas alojados en diferentes dominios (“widgets”, rastreadores de tráfico, etc.), se gestionan de manera regular.

Actualmente, Deflect almacena respuestas de 10m, que se pueden ajustar para localizaciones individuales (largas para archivos binarios que rara vez cambian, más cortas para foros online por ejemplo).

Cookies:

Aunque Deflect actualmente ignora las cookies, devolviendo el mismo objeto del caché independientemente de la presencia de cookies en la petición del cliente, se puede configurar sobre la bases de dominio y de ruta. Podemos habilitar un tratamiento único para las diferentes cookies para una página o para parte de una página, pero de esta forma inhabilitamos eficazmente nuestra capacidad de almacenar esa página o parte de esa página. No obstante, la página seguirá estando protegida por nuestro análisis firewall. Las cadenas de búsqueda se tratan como parte de la URL—diferentes cadenas de búsqueda serán siempre consideradas como objetos únicos y almacenadas como tal. Las respuestas a las peticiones POST nunca se almacenan.

¿Funciona?:

Puedes saber si Deflect está prestando sus servicios a una página mirando a los encabezados HTTP (usando “Inspeccionar elemento” en Chrome o  en Firefox). Verás una Vía: cadena que devuelve un servidor de almacenamiento individual que presta servicio a la página web solicitada. Será parecido a esto:

Via:http/1.1 prometeus1.deflect.ca (ApacheTrafficServer/3.2.4 [uIcMsSfWpNeN:t cCMi p sS])

La respuesta de almacenamiento, en el caso de arriba [uIcMsSfWpNeN:tcCMi p sS], se puede interpretar aquí.

Capa de conexión segura (SSL/TLS):

Deflect también soporta SSL. Para más información, vea el soporte de capa de conexión segura (SSL/TLS).

Sistema de nombres de dominio (DNS):

DNS está configurado para tener un tiempo de vida corto para permitir la rápida adición o la eliminación de nódulos al conjunto de servidores de almacenamiento. Cualquier otra pregunta, por favor visita nuestra sección de preguntas más frecuentes o mándanos un correo y haremos todo lo posible para contestarla.

Personalizaciones de Deflect:

Con el tiempo, iremos desarrollando perfiles para diferentes servidores web. Entretanto, podemos proporcionarle personalización para:

  1. Dominios y sus alias (www.supágina.org, supágina.org)

  2. Caché “tiempo de vida” (TTL)

  3. Localizaciones protegidas (/admin)

eQPress

Sobre eQPress

EQPress es una segura infraestructura de hosting gestionado por un equipo cualificado y protegidos bajo la red de mitigación de Deflect DDoS contra botnets y otros intrusos malintencionados.

Basado en la popular plataforma WordPress, hosting sitios web de eQPress son fáciles de administrar y ofrecer funcionalidades adicionales para mejorar su control sobre su sitio y su seguridad.

Con eQPress, usted puede conseguir un sitio web o blog, e incluso una plataforma de blogging con varios blogs gestionados por diferentes usuarios.

Alguien que califica para la protección bajo los términos de los criterios de elegibilidad de Deflect pueden crear o migrar uno o más sitios web a la eQPress plataforma para protegerlos de ataques DDoS y otros tipos de ataques. Para crear o migrar un sitio web sobre eQPress, debes registrarte con Deflect primero. Cuando el registro se haya completado, puedes contactar a un representante de Deflect para crear un nuevo sitio para migrar su sitio a eQPress.

Deflect términos de servicio:

En breve

  • La protección de Deflect se ofrece a grupos de la sociedad civil e individuos que trabajan para defender los derechos humanos y crean medios de comunicación independientes. También proponemos nuestros servicios para ayudar a promover la democracia; los derechos de las poblaciones de minorías y desfavorecidas; y más ampliamente los principios consagrados en la Carta Internacional de derechos humanos.
  • No utilice Deflect para invadir la privacidad o violar los derechos de los demás, promover la discriminación, violencia y, más ampliamente, las violaciones de los derechos humanos de los demás.
  • Operamos según nuestros principios (principios de DDoS de enlace) y la política de privacidad y seguridad de Deflect (enlace). Al continuar usted acepta estos términos.

eQualit.ie Inc. es una corporación canadiense que proporciona una denegación distribuida de servicio (DDoS) mitigación servicio llamado Deflect (en lo sucesivo denominado “Deflect” o el “servicio”) a individuos, organizaciones y empresas dedicadas a actividades de promoción que empoderar a la sociedad civil o cuya comunicación o comportamiento pretende defender los derechos humanos y las libertades. Al registrarse para el servicio de Deflect, o descargando software de nuestros repositorios de código público, usted acepta los términos de servicio; nuestra política de seguridad y privacidad; y cualquier otras políticas y procedimientos que podemos adoptar y publicar.

La obligación del usuario (usted):

Cada sitio web que utiliza los servicios tendrá un representante (debidamente autorizado para actuar en nombre de la organización representada por la web) que:

  • tendrán acceso las configuraciones perfil de Dashboard para su sitio web y que
  • tendrán acceso a y control sobre el correo electrónico principal asociado con el registro de ese sitio web.

Nosotros sólo tomaremos las instrucciones del representante del Web. Se dará preferencia a las comunicaciones realizadas a través de Deflect, o, si el dashboard de Deflect no está disponible, a través de correo electrónico de la dirección de correo principal asociado con el sitio Web.

Cuando, por cualquier motivo, el representante de la página web es incapaz de continuar actuando en tal capacidad, un nuevo sitio web representante será establecido y autenticado por eQualit.ie. Nos podrás contactar utilizando el formulario de ‘Contact Us’ en la página web eQualit.ie.

Este es un servicio gratuito trabajada por algunas personas muy dedicadas y con exceso de trabajo. Le pedimos que usted trata personal eQualit.ie y sus socios con cortesía y respeto.

Utiliza estos servicios sólo en la medida permitida por la ley y de acuerdo con nuestros términos de uso.

Su contenido de web no puede contener material third-party copyright o el material de otros sin el permiso del dueño del material, a menos que tienes permiso de publicar el material. Estamos obligados a cumplir con las leyes de copyright que pueden resultar en la suspensión del servicio a un sitio web—cualquier violación será comunicada.

Nos otorgas un derecho libre para usar, copiar, archivar y mostrar los datos únicamente con el propósito de permitir los servicios de Deflect bajo estos términos.

Usted es responsable de la exactitud, exhaustividad y pertinencia de sus datos. Debe mantener confidencial su contraseña de la cuenta y la información, y no compartirla con ninguna otra persona excepto el representante autorizado del sitio Web.

No vas a incluir contenido prohibido por estos términos o introducir malware a través de nuestros servicios. Usted es responsable de asegurarse de que el contenido que publique en los sitios web que utilizan nuestros servicios adhiere a estos términos y nuestro manifiesto.

Si creemos que sus datos contienen malware o contenido prohibido podemos eliminar sus datos y el sitio web de Deflect. Generalmente se revisa contenido en respuesta a las quejas. Si recibimos una queja sobre el contenido de la web nos podemos en contacto con usted para obtener más información y darte una oportunidad de explicar su contenido. Después de esta revisión podemos decidir terminar su cuenta y poner fin a su uso de nuestros servicios. Por favor informe cualquier contenido abusivo a abuse@deflect.ca.

Usted tiene el poder y autoridad para registrar su sitio de Internet para Deflect.

las obligaciones de eQualit.ie:

eQualit.ie opera de acuerdo con sus principios de DDoS y ponen la mayor importancia en seguridad de datos, tu privacidad; y tu exigencias técnicas y de servicios.

Nos obligamos a seguir proporcionando el servicio de Deflect para evitar ataques contra su sitio web, siempre y cuando no viole las condiciones establecidas.

Nuestra política de privacidad y seguridad explica cómo tratar sus datos y proteger su privacidad. eQualit.ie está sujeto a la legislación canadiense y hacemos todo lo posible para proporcionar el máximo nivel de privacidad.

Nos obliga a proveer un servicio de DDoS robusto y seguro, construido en tecnologías open source.

Se dedican todos los esfuerzos para mantener su sitio web en línea durante un ataque de DDoS.

Siempre te informaremos por correo electrónico o, si procede, sobre el teléfono o cualquier otro medio de comunicación, antes de adoptar medidas especiales de mitigación(migration). Si una clave PGP, siempre usamos este en comunicaciones por correo electrónico.

Mantendremos corrientes su red y todos sus servicios relevantes, se instalará el software más reciente y se instalará parches de vulnerabilidad como y cuando se encuentren disponibles.

Haremos nuestra ayuda disponible para apoyar el uso de Deflect y responderemos a las entradas dentro de 3 horas entre lunes a viernes.

Nuestro objetivo es hacer Deflect disponible a usted todo el tiempo. A veces por razones fuera de nuestro control, o para el mantenimiento necesario, nuestros servicios pueden llegar a ser temporalmente no disponibles.

Te notificaremos por correo electrónico de todas las interrupciones programadas y de emergencias a nuestros servicios y procuraremos mantener tales interrupciones a un mínimo.

Read More

Creating a Hosts File Entry

If you wish to access your domain before your DNS has been updated, you can update your local ‘hosts file’, which will allow your computer to view your new site. Follow the appropriate instructions below.

Please note that this will work only with HTTPS and not with HTTP.

If you need any help with this procedure (for example because nslookup is not installed in your system and you can’t figure out what the IP of your SFTP server is), we are ready to help: please contact us through the Dashboard or send us an email.

OS X:

  1. Open Terminal
  2. Launch the following command (replacing SFTP_host with the address of your SFTP host you received in your activation email):

    $ nslookup SFTP_host

  3. The result will be something like the following output. The last line contains the IP address of your SFTP host, which you will need to add to your hosts file (numbers arranged in this form: XX.XX.XX.XX).

    Server:        YY.ZZ.XX.ZZ
    Address:    YY.ZZ.XX.ZZ#53

    Non-authoritative answer:
    Name:    grwtrcweg.deflect.ca
    Address: XX.XX.XX.XX

  4. Type ‘sudo nano /private/etc/hosts’
  5. Press Ctrl+Shift+V to take you to the end of the file
  6. Enter the text ‘XX.XX.XX.XX <yourdomain>’ (replacing `XX.XX.XX.XX` with the actual IP of your SFTP host and <yourdomain> with the URL of your website).
  7. Press Ctrl+x to exit
  8. Press y to save

Alternatively you can download the Hosts preference pane helper from here: https://github.com/specialunderwear/Hosts.prefpane/downloads

Windows:

  1. Launch the Command Prompt and enter:

    C:\>nslookup example.com

    whereby you need to replace example.com with your SFTP host address.

  2. The result will contain the IP address of your SFTP host, which you will need to add to your hosts file (numbers arranged in this form: XX.XX.XX.XX).

    Address: XX.XX.XX.XX

  3. Click “Start” button
  4. Click “All Programs”
  5. Click “Accessories”
  6. Right-click on Notepad and then click Run as administrator.
  7. If you are prompted for an administrator password or for a confirmation, type your password, or click Allow/Yes.
  8. Open the Hosts file. Discover the location for your version of windows here (https://en.wikipedia.org/wiki/Hosts_(file)#Location_in_the_file_system)
  9. Enter the text ‘XX.XX.XX.XX <yourdomain>’ (replacing `XX.XX.XX.XX` with the actual IP of your SFTP host and <yourdomain> with the URL of your website).
  10. Click Save on the Edit menu. (If using Windows 7, you will need to click Save on the File menu.)

Linux:

  1. Open a terminal.
  2. Launch the following command (replacing SFTP_host with the address of your SFTP host you received in your activation email):

    $ nslookup SFTP_host

  3. The result will be something like the following output. The last line contains the IP address of your SFTP host, which you will need to add to your hosts file (numbers arranged in this form: XX.XX.XX.XX).

    Server:        YY.ZZ.XX.ZZ
    Address:    YY.ZZ.XX.ZZ#53

    Non-authoritative answer:
    Name:    grwtrcweg.deflect.ca
    Address: XX.XX.XX.XX

  4. Open the file /etc/hosts with vim or your favourite editor as root:

    $ sudo vim /etc/hosts

  5. Add the following line, replacing `XX.XX.XX.XX` with the IP address of your SFTP host, `example.com` with the URL of your website and `example` with the name of your website:

    XX.XX.XX.XX example.com example

  6. Ensure that the nsswitch.conf file is correct. The nsswitch.conf file controls in which order services will be consulted for name service lookups, in our case we are looking for the “hosts” service:

    $ grep host /etc/nsswitch.conf hosts: files dns

    Check that “files” comes before “dns”. If it doesn’t, edit the file to obtain the above result.

  7. Check that your changes produced the wanted effect with this command:

    $ ping -c 1 example.com

    The result should be something like this (with XX.XX.XX.XX being replaced by the IP of your SFTP host):

    PING example.com (XX.XX.XX.XX) 56(84) bytes of data.

Read More

Migrating Your WordPress Site to Us

If you already have a working WordPress site that you wish to move to eQPress, the first thing you need to do is sign up with Deflect and specify that you would like to move your existing website to eQPress, providing us with the first and last name of your admin (they don’t have to be the official ones!). It would be also helpful to know if your WordPress instance contains a single website or is a multi-site with subdomains (http://sub.example.com) or subdirectories (http://example.com/sub).

This post contains information for migrating your website to eQPress. If you need any help, don’t hesitate to ask for our support.

What we need:

  1. A database dump of your existing WordPress site. You may need to request this from your existing hosting provider if you do not have the facilities to make a database dump yourself, or you can follow these instructions.
  2. The complete backup of your existing WordPress site files, which you can easily obtain by following this guide.

If you want, you can use a plugin to obtain your database dump and website backup. There are many such plugins for WordPress, and you can pick the one you prefer from this list.

Read More

How to Flush Your Local DNS Resolver’s Cache

If your computer cannot reach a certain website this could be because your local DNS resolver’s cache contains an outdated record. For example, you updated your DNS records to point to eQPress but instead you are seeing your old website. This is when flushing your DNS cache will speed things up.

Mac (OS X)

In the Command Terminal, type one of these commands:

sudo killall -HUP mDNSResponder
sudo discoveryutil udnsflushcaches

sudo dscacheutil -flushcache
sudo lookupd -flushcache

Windows

Run the following command in a Command Prompt window:

ipconfig /flushdns

Read More

Moving Your Site to HTTPS

HTTPS (adding an S for “secure” to HTTP) is an internet communication protocol that protects your users’ connections to your website. Data sent using HTTPS is secured in that HTTPS provides 3 layers of protection:

  1. Encryption: while the user is browsing a website, nobody can see their conversations, track their activities in the website, or steal their information.
  2. Integrity: data cannot be tampered with as it travels from your website to the user’s computer and vice versa.
  3. Authentication: ensuring that your users are really communicating with your website. This layer of protection prevents man-in-the-middle attacks and stops attempts at attracting your users to connect to a fake site or to download falsified files.

While the purpose of enhancing security is certainly a very good reason to move your website to HTTPS, consider that this could also slightly improve your website’s ranking.

TL;DR – How to activate HTTPS on eQPress

If you already have generated an HTTPS certificate for your website, you can install it via the Deflect dashboard. By following the procedure to install your TLS certificate, your website will be accessible on HTTPS.

If you don’t have an HTTPS certificate yet, you can contact us through the Deflect dashboard or send us an email and we will generate it for you.

Keys and Certificates

For TLS (formerly SSL) to work, you need a private key and a public key. After the public key is signed by a certificate authority, your public key becomes your certificate. The private key and the certificate need to live on the server that your website is hosted on, so the web server software that sends your web pages to your visitors can also create the secure (TLS) connection to the browser to secure the link. If you know how, you are free to generate your keys and then send them to us through the Deflect dashboard. Otherwise, we are happy to generate the key pair for you.

Certificate Authority

To generate a free certificate signed by a certificate authority, the easiest way is to use Let’s Encrypt, a free, automated, and open certification authority run for the public’s benefit.

If you prefer to have your HTTPS certificate signed by a different certification authority, here’s a short list of services that will sign it for you:

RapidSSL
NameCheap

Analytics and Tracking

If you use analytics tools like Google Analytics, you will want to update the URL that you are tracking from HTTP to HTTPS. Make sure you do this both in analytics and Google Webmaster Tools.

Read More

Recommendations for Improving Your WordPress SEO

When it comes to search engine optimization (SEO), choosing the right WordPress theme framework becomes critical. Genesis does a great job of doing all the right things for search engine optimization (SEO). You will want to add some kind of analytics tracking to your site so you can gain insight about who is visiting your site and how your site is being used. Typically most people use Google Analytics, but if you are considering to use it in your website, please consider that eQPress Console already shows you some statistics and that Google Analytics, as well as other tools for website statistics, track users and can violate your readers’ privacy. If you decide to use one of these tools, Genesis provides a field on the Theme Settings page (wp_footer) to enter your analytics tracking code.

There are other great theme frameworks that are just as effective as Genesis, but if you choose not to use a framework or prefer to build your own theme, then you should use a plugin such as wordpress-seo by Yoast and use that to further optimize your pages and posts for SEO. The plugin has a ton of options which can be a bit overwhelming, but typically the defaults are fine. The plugin will also analyse your pages and give you recommendations on how to improve your content, title and other aspects of the page to make it better for SEO. There are lots of tutorials on using the plugin and of course the author of the plugin is a great source for learning about SEO: https://yoast.com

A couple more recommendations: in addition to a Google Analytics account for your site, you should also create a Google Webmaster Tools account and link it to your analytics account. And the other thing is to create a sitemap.xml file. The search engine crawlers look for that to more accurately index your site. The wordpress-seo plugin will create one for you, but there are simpler plugins to get this task done such as google-sitemap-plugin.

Read More

Choosing a Canonical Website Address

Canoni-what?

Canonical is the word used to describe the one address that you want the world to go to when they look you up. The typical choices are whether to use www in front of your domain or not. The classic example follows:

http://www.example.com/

or

http://example.com/

Choosing what your canonical website address (URL) will be is totally up to you. It’s a preference and there’s no right answer. As you can see by looking up at your browser’s location bar now, eQualit.ie has chosen a URL without www. If you start taking notice of the other websites you visit, you’ll probably see that there’s no regular pattern. Google chooses www. The wordpress.org team chooses non-www. It really doesn’t matter. What does matter is making that choice early and sticking with it.

Considering the Apex

One unique factor (with respect to hosting on) in your decision-making process is whether or not your domain will be hosted by a DNS company that supports pointing the non-www (officially called the apex record) address to a CNAME. If your DNS host does not support this feature, we recommend you choose www to be your canonical website address.

References

Here’s an article at Google Webmaster Tools called Use Canonical URLs that will help you to learn more about their view of canonical URLs.

Also, Matt Cutts provides some very helpful insight and a FAQ about SEO and URL canonicalization.

Read More

Changing Your Database Password

We are serious about our passwords here at Deflect. You might have noticed our 23 random character passwords for your WordPress admin user we generated during the installation of your site. That’s the kind of password that will keep your site safe from brute force and dictionary attacks. The random.org site provides some tools for generating super long passwords.

So why would you ever want to change your database password? Typically you won’t ever need to because we set it initially during installation to another unique 23 random character string. But there might be a good reason to change it. The one that comes to mind is Heartbleed. So, here we go…

Changing Your Database Password

Warning: Changing your database password can disable your site. Make sure you know what you are doing or send us an email if you need help

  1. Log into adminer. For example, if your site is example.com then go to https://example.com/adminer/.
  2. You can get your DB username and current DB password by SFTP’ing to your site and looking in your wp-config.php file which is located in the wordpress directory.
  3. Click on the “Privileges” link.
  4. Click on the “Edit” link beside “localhost”.
  5. Make sure the “Hashed” checkbox is unchecked.
  6. Use KeePassX or random.org to generate a long random password. Copy it and paste it into the Password field, then scroll to the bottom and click the Save button while simultaneously…
  7. Pasting the password you just set in adminer into your wp-config.php file on the line with define(‘DB_PASSWORD’, ‘password’); by replacing “password” with the new password.
Read More

First Steps with Your eQPress Site

Your shiny new eQPress site is ready to go! Now what? Here are some recommendations.

  1. Enable “pretty” permalinks under “Settings” -> “Permalinks”.
    Typically “Post name” is a good option, but you can choose whichever setting you prefer other than “Plain”. The reason for doing this is two-fold: on the one hand, your URLs just look nicer, on the other hand this could also increase your performance because this type of URL has better chances of getting cached.
  2. Next install a plugin to protect your website against comment spam. Anti-spam is easy to use, needs no configuration and just works.

Now that you’ve made some initial steps, you can take some time to read the official guide: First Steps with WordPress

Read More

The Best Options for Email Subscriptions with WordPress

The best option is to use MailChimp to manage your subscriber lists and also to send the emails. There are plugins that can integrate with your MailChimp account but even that is unnecessary if all you want is to add email addresses and then send emails when you write a new blog post. The way it works is MailChimp will check your RSS feed every day for new posts and when one is found it will automatically send it to everyone on your list.

MailChimp is very powerful and easy to use. Here are some articles that will help you get started.

The next best option is to use the Subscription feature that’s part of the JetPack plugin. You will need a WordPress.com account to use it but it’s very easy to sign up for one. The plugin will guide you through the process. Click this lovely link to read more about JetPack Subscriptions

Read More

Creating Your New WordPress Site

Whether you are a first time WordPress user or not you may need to build your new site while your existing site continues to run. If you immediately update your DNS settings to point to eQPress without having migrated your website yet, what you’ll see is a default installation of WordPress. That’s probably not what you want. So, you have a few options when it comes to building your new site.

  1. You can update you local computer’s hosts file during the migration so your browser loads the site at eQPress. Here’s an article that will help.
  2. If you can withstand a bit of downtime then putting up a “coming soon” page is by far the simplest. Just point your DNS to the IP address supplied in the Welcome email and read this guide.
  3. If neither of these options suit you, send us an email or contact us through the Dashboard, and we’ll change the settings of your eQPress site so it will respond to dev.example.com. This will let you work on it and keep your current site active. When you are ready to switch, we can make the necessary changes to the database so the site responds to example.com.

We have written a follow-up to this article which explains the whys and hows of migrating your WordPress data. There’s also a more in-depth section on the WordPress Codex about moving a WordPress site.

Read More

Learning WordPress

Here are some great resources for learning how to use WordPress.

The Official WordPress User Manualhttps://make.wordpress.org/support/user-manual/
This is a living document created and maintained by the amazing and dedicated WordPress.org team.

Easy WP Guide – https://easywpguide.com/
You won’t find any talk of HTML, PHP or creating WP Themes here. What you will find is an easy to follow WordPress manual that will help you understand the basics of editing your site content.

Codex for the WordPress Projecthttp://codex.wordpress.org/
The online manual for WordPress and a living repository for WordPress information and documentation.

WordPress TVhttp://wordpress.tv/
Videos from WordCamps and more about our favourite CMS and blogging platform.

WP 101http://www.wp101.com/
Some free but mostly pay access video tutorials about learning the ins and outs of WordPress.

Read More

Restricting Access to Your Website

There are times when you want to prevent the world from seeing your website. One reason might be that you are in the process of designing and developing and don’t want to share your progress with the world, since it might not be ready for all eyes. Another reason might be that you only want registered users to have access to view your content. The following plugins can help restrict access to your WordPress website:

Ultimate Coming Soon Page – http://wordpress.org/plugins/ultimate-coming-soon-page/

Restrict Site Access – http://wordpress.org/plugins/restricted-site-access/

Read More

Removing the WordPress admin User

Brute-force login attempts are typically carried out against the “admin” user. “Admin” used to be the default username of the first administrator created when installing WordPress, but now the installation asks you what you want to name it, and on eQPress it will be your administrator’s name and surname (not necessarily the “official” ones!).

If you have an old WordPress installation that you have migrated to eQPress, though, your website could still have an “admin” user. By removing this user, you will force the malicious hackers out there to guess not only your password but also your username. Here’s how to rename your “admin” user:

  1. Sign into your wp-admin as the admin user.
  2. Use the “Users->Add New” screen to create a new user.
  3. Provide a new username that’s not “admin”.
  4. The new user’s role must be set to “administrator”.
  5. Specify a super long passphrase. You can follow this guide to create a secure one.
  6. Click “Add new user”.
  7. Sign out as the “admin” user.
  8. Sign in as the new user.
  9. Delete the old “admin” user and assign all posts, pages and comments to your new admin user.
Read More

Protecting Your WordPress Website

Hosted behind the Deflect network, eQPress is designed to prevent your site from getting attacked or hacked. Security is best practiced as a series of countermeasures against known vulnerabilities or threats. We provide the essential underlying protective layers and the rest is up to you. There is no protection against a weak password, so…

The single most effective way to keep your WordPress website secure is to use strong passphrases. Use a password manager such as KeePassX, so you don’t need to remember those crazy long passwords. Alternatively, you can use your brower’s built in password manager (but keep in mind that if you don’t use a Master Password to protect it, all your passwords will be visible to anybody who may access your computer). To generate a long and random passphrase that is secure enough, you can use KeePassX itself or just click here to have 5 passwords generated automagically.

eQPress Console plugin provides a feature to put your site into lockdown mode, which makes all files and directories unwritable by the web server.

If you want to check your website for known malware, blacklisting status, website errors, and out-of-date software, you can use one of these third-party scanners:

Read More

Debugging the Dreaded “White Screen of Death”

If you are here because you recently installed a plugin, then take a look at this flow chart.

Both PHP errors and database errors can manifest as a white screen, a blank screen with no information, commonly known in the WordPress community as the WordPress White Screen of Death (WSOD).  Here are some basic steps you can follow to begin debugging this problem if it’s not been caused by a new plugin that you’ve just installed:

  1. SFTP to your document root (contact us through the Dashboard or send us an email if you’ve lost your SFTP credentials).
  2. Change into the wordpress directory.
  3. View or download the php-errors.log file.
  4. Take a look at the last few lines of the error log to determine the cause of the white screen.

You might see a very specific PHP error which will provide a line number in the file that’s causing the problem. At this point you can:

  1. Download the file that’s causing the problem.
  2. Go to the line that was listed in the error log.
  3. Fix the issue.
  4. Upload the file back to the server.
  5. Test your website.

If the white screen does not go away, repeat all of the steps above. Sometimes there could be more than one error.

Read More

How often is my site backed up?

Backup are important so we take a multi-layered approach. The first is an enterprise level solution which encrypts all data and transfers the archives to Amazons S3. We retain 30 daily backups, and 15 weekly backups which will allow you to restore from archives that are up to 3 months old.

The next layer of backups is done at the virtual machine level. We take full image snapshots every night which includes all website data. The 3rd layer is live replication. That’s happening in real time at the database level and on a regularly scheduled basis for files.

In the event of a catastrophic failure it’s possible that you could lose some recently uploaded files. Your content will be replicated immediately so any blog posts or pages you create would not be affected by a server failure unless you were in the middle of creating it when the failure happened.

Read More

When will my WordPress core get updated?

WordPress periodically releases maintenance updates. These are typically for significant bug fixes or security issues. Since these upgrades might have security implications, and because WordPress’s popularity makes it susceptible to an exploit being quickly released, we attempt to apply these upgrades as quickly as possible.

Here’s what the different versions look like:

  • Major release: 4.1
  • Maintenance and/or security release: 4.1.1

Our goal is to upgrade all websites within 6 hours of when a version addressing security issues is made publicly available. All sites will be upgraded no later than 24 hours from the time when the official announcement is made on the WordPress Project’s News blog.

Major releases provided by WordPress can significantly affect its compatibility with plugins and themes. Typically there are no security patches applied therefore the urgency to upgrade is lower. We will provide guidance via our announce mailing list of how the upgrades will eventually be applied to all websites hosted on the platform.

Read More

Antispam Recommendations

Spam is a bummer, as we’re sure most of you agree. Here are some antispam tools we’ve personally used. This first one is great.

Anti-spam

Pros

  • super simple, no configuration
  • integrates seamlessly with any theme
  • free

So far no cons. Crazy, right?

Another strategy is to use 2 plugins together. For example, we’ve had excellent results using Antispam Bee and Spam Free WordPress. Antispam Bee alone sometimes misses spam posted by a spambot and since a blog can receive thousands of these per month, even a small percentage can mean quite a lot of spam removal to deal with. By adding Spam Free WordPress into the mix, you can pretty much eliminate automated (spambot) comment spam. Unfortunately, this plugin fails to catch some of the manual spam added by real people, which is where Antispam Bee shines, since it’s using the Project Honeypot which publishes a list of the top URLs, domains, and keywords being promoted by comment spammers. Project Honey Pot also publishes a list of the top IP addresses being used by comment spammers.

Plugins

Antispam Bee

Pros

Cons

  • doesn’t always work against automated (spambots) comment spam
  • support seems to be non existent or only in German

Spam Free WordPress

Pros

  • blocks 100% of automated (spambots) comment spam
  • free

Cons

  • may need some work to fit in with your theme
  • can be tricked by human spammers (actual people paid to add spam manually)

Service

Akismet

Pros

  • free for personal use
  • integrates seamlessly with any theme

Cons

Read More