Webhosting Archives - WPBeveiligen

FileZilla FTP, how does it work?

1 March 2024/0 Comments/in Webhosting

FTP stands for File Transfer Protocol. An FTP program like Filezilla (free) allows you to move files from your computer to the server. FTP software can do this in an encrypted manner and is designed to deliver files smoothly, allowing the server to process them calmly.

We want to teach you how to manage an FTP program and have prepared information for you to read to master FTP. Enjoy!

Download Filezilla here.

Filezilla, connecting to the server

To quickly connect to the server and save some files, you can use the main panel you see in FileZilla. This data will not be saved! For that, you need the site manager, which you can find below.

Saving connections

Websites you use frequently can be saved. The program will remember the server, username, and password so that you only need to click on the domain name.

What you’ll find on the server

Initially, you’ll find few folders on the server. The most important one is public_html, also known as httpdocs or root, where the website resides.

That’s where everything visible goes. You may also encounter folders like: CGI, IMAP, POP, BACKUP, STATS, PRIVATE-FTP when starting a new website. This varies depending on the hosting provider or server system, and you can just leave them as they are. You won’t use them as they are server files/folders for the server’s operation.

Simply remember that you need to access the root, http-docs, or public_html to place all your files.

FTP program activities

With many FTP programs, you’ll see a list when you upload. This is a log of the files being uploaded, and you can also read the error messages when you can’t connect. This is helpful because you can see if you are logged in or not and why.

Modifying file permissions (CHMOD)

90% of the files you upload to the server will be read-only, but some files need to be writable by WordPress.

These files pass information or are used for the website’s style or framework.

These files should be set to 775 or 777 using your editor.
To do this, right-click and select “File Permissions.” You’ll have some options to check, but for webmasters who install and manage many websites, it’s easier to use a code.

777 is used for folders that need to be fully writable, such as WordPress’ uploads folders.

Other files will be set to 755, or 644 if they are executable files.

If you want to make the folders completely non-writable, you can set them to 555, which is read and execute only.

What is a DDOS attack?

22 February 2024/0 Comments/in Webhosting

Understanding DDoS Attacks and How Hosting Providers Handle Them

DDoS stands for Distributed Denial of Service, which means that multiple computers continuously send requests to a server until its processing power or bandwidth reaches its maximum limit. Once the server reaches its limit, other requests (visits to websites) become impossible. Despite being fast, a server will continue to process requests until it can no longer handle them.

Can a Good Hosting Provider Be Temporarily Disabled?

Yes, any hosting provider can be affected, and even good hosting providers are susceptible to DDoS attacks because they often host important websites, making them prime targets. With enough people or infected computers, even a fast server with robust security can be overwhelmed, causing it to slow down or become temporarily disabled. This applies to large companies, informational websites, or web services alike.

Why Would Someone Launch a DDoS Attack on Your Hosting Provider?

DDoS attacks are sometimes launched by hackers to disrupt (often large) companies. The motivations behind such attacks can be due to political reasons, personal dislike for a company, or for possible financial gain. DDoS attacks are becoming more common because attackers can launch them easily from the comfort of their computers or network spaces, assuming they can remain anonymous.

DDoS attacks differ from DOS attacks, which are carried out by a single computer. DDoS attacks involve multiple computers or servers under the control of the attacker through a Botnet, which is a network of infected machines (e.g., Trojans, Worms).

What Can Hosting Providers Do About DDoS Attacks?

Hosting providers have several options, each with its pros and cons:

Limiting the server’s speed in sections to ensure only a small number of websites go down at a time. However, this approach can still lead to an overload if a group of websites on the server receives a high number of requests, causing issues even with smaller attacks.
Tightening security measures to reduce the number of requests and limit certain server functions. This approach affects all website owners as it restricts the functionality of their websites.
Employing sufficient staff to monitor the server 24/7 and respond promptly to excessive requests. Some hosting providers adopt this strategy, but it is labor-intensive and costly, which may result in increased prices.

Does a Hosting Provider Have Poor Quality if Uptime Is Not 100%?

Not necessarily, occasional downtime can happen, but it becomes an issue if it occurs frequently or for prolonged periods. A good hosting provider should ensure that the server is quickly restored. This requires well-trained personnel who conduct preventive checks and act promptly when necessary.

Research and experience with various hosting providers have shown that many of them have uptimes ranging from 90% to 99%, which is high considering the constant global activity of internet criminals.

What Can You Do Against a DDoS Attack?

You can take several measures to protect your website from DDoS attacks:

1. Keep your website up-to-date to reduce the likelihood of hackers gaining access to the server.

2. Regularly create backups of your WordPress website. Store them securely at home or use an external backup service provided by your hosting provider.

By taking these precautions, you can minimize the impact of DDoS attacks and ensure the security of your website.

How fast does my website load?

14 December 2023/0 Comments/in Webhosting

You can easily find out whether the slow loading of your website is due to your internet connection or the website itself using the website http://tools.pingdom.com/ (free at the time of writing). After entering your website address, you will see global information, the number of requests, the load time, and the page size displayed clearly at the top of the website.

The speed of your website depends on the slowest file. That’s what you might be waiting for sometimes. Fortunately, the website mentioned above also shows how long it takes to load a file and the size of that file. You need to compare this information to get a good indication of whether the issue is with a file that is too large or if the code is significantly slowing it down.

Errors in code and files that are not in the correct location can take up a lot of time during server loading. This tool is a great way to test your website and see which files need to be optimized to make the website faster!

And for the programmers among us…

You can also see the speed of a website using the “Network” tab in the element inspector of a browser like Google Chrome.

Now that you know how to identify what is slowing down your website and how many seconds it takes to load, you can optimize your website.

Here are some tips to make your website faster:

1. Resize large images using Photoshop.
2. Deactivate and remove unused plugins.
3. Review errors with the element inspector and fix them.
4. Ensure that links to files are correct.
5. Enable a caching plugin like WP Super Cache.
6. Use a security plugin to ban bots (fake visitors).
7. Load as much code as possible from your own domain instead of externally.

Remember, less is more when it comes to website speed optimization!

PHP update required, now what?

1 September 2023/0 Comments/in Webhosting

Are you sitting behind the computer with a cup of coffee or tea to provide your website with a new piece of text, suddenly there is a message in your admin that you need to update the PHP.

Even worse, you see a warning: WordPress has detected that your site is using an insecure version of PHP…

How do I update PHP then?
Which PHP version do I have now?
Can I ignore this message?

Read on and find out!

How should I update PHP then?

It is up to your web host to update php to a new version.
In short, send your hoster a message asking if your website can be set to PHP 7+. (Note: requirements will get higher in the future)

Which PHP do I have now?

You can see the PHP version that is currently being used by installing the Display PHP Version plugin. This can easily be done via the plugin management of WordPress.
After installation and activation, a piece of text (See outlined image below) will appear in your dashboard with the PHP version.

Is it possible to use a higher PHP version with my website?

It is important that your plugins, theme and WordPress are up to date. Then you have the greatest chance that your website is ready for it.
Therefore make a backup of your website before you start updating if you haven’t done so in a while have.

PHP is therefore arranged by my hoster, is my hoster negligent?

No, it is not negligence if your hoster has not yet updated the PHP version. When adjusting to a new PHP, websites sometimes go wrong because they are not properly maintained by you or your web administrator.

I don’t have time for it, the update will come sometime

WordPress is getting stricter. To ensure that websites are safe for users and visitors.
Now they give a warning on the dashboard, but soon the minimum requirements for PHP will also be implemented in plugins.
This means that plugins or themes cannot even be installed if your website is still running on an old PHP.

Okay, first my website suddenly had to have https, now this again!

Https, php, security.. none of that was necessary before

The times when you made or had a website made that you didn’t have to look at for 5 years are over. (was a great time 🙂

The internet has gained so much power and influence because everyone uses it daily that times have changed.

We shop online these days, we learn online, we use the internet as a guide for many things in our lives.

Many devices can no longer even function without internet!

It is extremely important that hackers cannot interfere. That your smartphone, tablet or computer is not hijacked by a hacker or infected with a virus.

I don’t have the time or inclination to update and keep up with WordPress!

Leave it to us. We are active full-time in maintaining WordPress websites. We make sure that your website is up-to-date, that you have backups if something happens and that the hoster can upgrade to the latest PHP without any problems.

Click here to have your WordPress website secured and maintained by us.

An outdated php on the server, is that really unsafe?

22 August 2023/0 Comments/in Webhosting

Just for your information: At the time of writing, the PHP 7.3 engine is the latest PHP version. In this article, we are not discussing the code itself but specifically referring to the engine that executes PHP.

Various security services, online scanners, and even WordPress itself immediately respond to the release of the latest PHP version by labeling the PHP 7.2 engine and previous PHP releases as insecure. But is that really the case?

With red letters and icons, various services draw your attention to the fact that you are using an outdated and potentially insecure version of PHP.

WordPress also does its part by discontinuing support for PHP 5.6 and displaying warnings in your dashboard.

The site diagnosis tool in WordPress raises a critical note about using outdated PHP, not only in terms of version differences but also for intermediate updates.

How seriously should we take outdated PHP? What is outdated about PHP?

Support, development, and security patching for PHP 5.6 and 7.0 ended in late 2018.

The lack of support and security patching for older PHP versions is therefore a serious issue when it comes to the security of your website and even the web server itself.

Once hackers discover a vulnerability, they can exploit it repeatedly!

Hackers, especially automated scripts, infect, modify, or compromise website after website with viruses. It’s only a matter of time until they come across your site on Google, test it, and infect it if your website is running on the outdated PHP engine.

Okay, so outdated PHP versions are insecure?

Are there already known issues, hacks, or vulnerabilities for older PHP versions?

During our research, it seemed that there are very few known vulnerabilities.

We are aware that vulnerabilities are exploited by hackers and are often only shared among them, so many vulnerabilities may not be publicly known…

However, we found a website that registers weaknesses, vulnerabilities, and issues of PHP versions.
And there are not just 2 or 20…

This website displays a LARGE NUMBER of weaknesses, issues, and vulnerabilities – at the time of writing, there are 600+ registered, and this number will only continue to grow due to the lack of support for old PHP versions!

Updating to the latest PHP version is not a luxury, but an important key to keeping your website and server secure.

Additional Information

The role of your web host in updating to the latest PHP release

Your web host is responsible for the current PHP version, but not every host is quick to update the server to the newer PHP versions. In some cases, you may need to ask for it.
Note: if you have an unmanaged server, you or your server administrator are responsible for updating the PHP engine.

Your role in updating to the latest PHP release

If your website contains outdated plugins or themes, there is a risk that the website will no longer function after the PHP update.
How often does that happen? Our experience is that 1-3 out of 100 sites do not work after a PHP update (by the way, neither we nor our clients experience these issues because they keep their websites quite up-to-date).

What to do if your WordPress website no longer works after the PHP update

The solution to get your website working again is simple if you are accustomed to using FTP software. You need to manually update your WordPress and plugins. New updates are often compatible with newer PHP versions.

Why manually through FTP software?
Because your website is not working, you cannot do it through the admin panel 😉

What you need to do is manually replace WordPress or your plugins via FTP/directly on the server. (Make a backup first)
PS: Rename the old plugin by adding a “-” before the name and then upload the new plugin. In the case of the WordPress core, put it in a different folder and upload the latest WordPress release.