This price increase announcement in TLD prices is actually an indication to domain sellers like us that we will have no other option instead to increase our prices, because we are given unjustifiable margins that sometimes are not sufficient to work with.

Well, that’s pretty clear that sticking with out current prices would not be a viable option for us at all. Therefore, creativeON have decided to assess different preferences that where we could cut costs, improve operational efficiency and pass on a smaller percentage of this upcoming rise in TLD prices to you.

The new prices will be updated on this page on creativeON website.

There can be a full-fledged operating system on each of this virtually created server and you may even reboot each server separately or independently.

1 – Why Choose VPS Hosting Instead of Shared Hosting?

Well, there are multiple significant advantages that one can get through VPS but are not provided through Shared Hosting. Scalability is the most valuable advantage of a VPS as the Memory as well as Hard Drive can be upgraded easily whenever you require. Customization is the second top-value advantage of VPS over Shared Hosting. You can easily customize this virtual server same as a Dedicated Servers can be customized, because a virtual server doesn’t share resources. Hosted websites as well s applications over a VPS are more secured and much faster than Shared Hosting.

2 – What Can be Done with VPS?

Any kind of service can be easily managed or hosted from a Virtual Private Server, including (but not limited to) email accounts and website hosting, MS SQL Web Edition, MySQL entry databases or even any other software you want. Every VPS comes with a root access and thus you have full power to control your virtual server as long as the service regulations are followed.

3 – Support with Virtual Private Server

Every Virtual Private Server comes with a full customer support that is provided through email as well as telephone. So, don’t worry about any technical problem as we are always keen in support enquiries.

Difference between Virtualization and Cloud:

“Cloud” is actually defined as a reference which is used for a place or platform of different applications and services. These applications and / or services are actually scalable and are accessed through Internet. These can be specifically made to a particular customer but are hosted as well as maintained by other (third party) provider.

But “Virtualization” is normally defined as a process that is used in creating virtual units. A virtual technology is used to perform this process which includes one or even more than one pieces of hardware. Several areas of current IT infrastructure can apply “Virtualization” in shape of different virtual units like servers, networks, firewalls and storage.

]]> http://creativeon.com/blog/what-is-vps-hosting/feed/ 0 http://creativeon.com/blog/how-to-keep-wordpress-secure/ http://creativeon.com/blog/how-to-keep-wordpress-secure/#comments Sat, 10 Dec 2011 11:44:57 +0000 imran http://creativeon.com/blog/?p=170 ]]> 1 – How to Secure WordPress – WordPress Security

Well, you will have detailed information about how to keep WordPress secure, after reading through this article. You will definitely be able to make your WordPress website or blog nearly impossible to be hacked. The hackers will find it a hard target to get control of the back-end of your website or blog.

A true hacker, that is a master of 01000100 tricks, still has abilities to get control of your website. However, most of the script kiddies can be kept away from your perimeter by following this guide that can ultimately minimize the chances of suffering from any hacking attack. Well, I don’t claim to be a guru but have plenty of experience in this field that has been learned though seeing my websites, which have been playgrounds for:

• Sneaky redirects
• Cloaking
• Various SQL injections
• Clickjacking
• Infected malware or viruses scripts
• Injected links

Even I got my websites totally erased some of the time and hackers injected purely adult-natured content on them. Thus, I got flagged my websites numerous times only due to virus containing materials and search engines also kicked them out of rankings. It really made me thousands of dollars’ financial loss and therefore I took it as a serious matter.

I would highly recommend employing every possible counter measure at your earliest to secure your website or blog running on WordPress platform. Make it a habit of taking backup every time you have to make a change in your blog security. Skip the below mentioned step if you know how to backup, otherwise please scroll below to know this process.

2 – File Permissions

Locking down the directories as well as files is considered as a wise step. You should withdraw writing permissions to wp-content and wp-config.php files immediately and rest of the files or directories should be writable only by you.

• CHMOD – All files to 644
• CHMOD – All directories to 755
• CHMOD – wpconfig.php to 750

Well, CHMOD – wp-content can’t always be 777 and it varies on different conditions like if any plugin requires changes in this folder, a proper numerical value can be assigned manually to every directory or file requires by that plugin. Ideally 644 should be used for wp-content folder. But it will not allow a plugin to make updates in this folder. You may change permissions to 777 to allow your plugin to modify changes in the folder but please immediately revert these permissions to 644 after the plugin gets it done.

3 – MySQL Database

You must choose a different password and username for every single database in your WordPress, if you have more than one databases on the same server. If any hacker, somehow, gets into any database of your website on your server, he may have access to other websites as well and it may result in serious damage to all websites only because of same password and username. So keeping different login details for every website or database is a wise thing.

4 – WordPress Security Plugins

1 – Exploit Scanner

This is a smart plugin that searches every comment and post of your website for anything suspicious. The current active list of all your plugins is also examined by this plugin to find any unusual filename. The plugin doesn’t remove anything itself but it leaves this step on user.

2 – Secure WordPress

The installation of your WordPress gets beefed up through this plugin as it removes any error it finds on login pages. It also hides the actual version of WordPress running on your server and adds a file to plugin directories called “index.html”. Some other functions of this plugin are listed below:

• It removes wp-version from everywhere except admin-area
• It removes Windows Live Writer
• It removes a directory called Really Simple Discovery
• Theme update information that can be seen by non-admin users is also removed by this plugin
• Plugin update information also gets removed through this plugin for non-admin users
• Core update information also gets removed through this plugin for non-admin users
• It also works efficiently in blocking all bad queries that could harm your website
• It also amends scripts and stylesheets that contain version on URLs (only on frontend)
• Backend dashboard of all non-admin users don’t get wp-version details because of this plugin

3 – WordPress Firewall

Web requests are normally investigated by this plugin with simple heuristics (specific to WordPress) just to recognize and stop any malicious attack. Though some powerful modules can also be used for this purpose but usually these generic modules don’t get installed on your server and are also difficult to manage by beginners. But several pathological-looking phrases are intelligently blacklisted and whitelisted by this plugin, based on their appearances in a page request. It actually alleviate 0-day attacks and doesn’t work towards upgrading or replacing prompt, but still can bring you a tension-free sleep at night.

4 – Block Bad Queries

Black Bad Queries plugin, which is also renowned with abbreviation BBQ, works efficiently against malicious URL requests to protect your WordPress website. Excessively long strings in URLs are carefully checked by this plugin that reduces chances of malicious attacks.

5 – Login Lock

Numerous security enhancing features can be achieved through this well-popular plugin, including:

• It blocks IP addresses if it is involved in making excessive failed login attempts
• It strongly monitors login attempts
• It ensures enforcing strong selection policies while creating your WordPress admin password
• Idle users are forcibly log out from the backend panel after a considerable number of minutes (that are specified during configuration)
• You may forcibly log out all of your website users and also enforce them to change their respective passwords before their next login attempt
• You can easily unblock any IP address manually which was previously blocked by this plugin

6 – AskApache Password Protect

You should not use this plugin if you are a beginner as it is purely for advanced users and therefore is optional in this list. But if you are comfortable using AskApache Password Protect plugin, then I recommend using it because another layer of protection is added by this plugin after configuration which gives you even more secure website.

5 – Securing your wp-config.php File

The security of your wp-config.php file can be improved by adding authentication salts and unique keys. The information that actually is stored by different system cookies will be encrypted by these security keys. WordPress becomes smart enough in identifying your PC because of this encrypted information. If, somehow, a hacker manages intercepting your WordPress cookies, the control over backend-panel would not be given by an efficient obfuscated cookie created by this plugin.

The following code should be inserted or added anywhere within your wp-config.php file (better putting it on top):


define('AUTH_KEY', '_@*#^I:E');
define('SECURE_AUTH_KEY', '6YF0UH`Y');
define('LOGGED_IN_KEY', 'yuM{IAjT');
define('NONCE_KEY', '3=kz9=1N');
define('AUTH_SALT', '#+Cc@48R');

6 – Restricting Bruteforce Attacks

Bruteforce attacks are normally defined as numerous possibilities of hacking user / pass of a WordPress website. The log files over your server can be checked to view all such failed attempts. Well, “Login Lock” plugin can be your best choice in this situation as it may prevent all bruteforce attacks to become successful. The plugin blocks an IP address after making a specific number of failed login attempts.
I must recommend you using unusual symbols(like @![]\=)_+*%^)in combination of alphabets and numbers while creating your password. Choosing a proper username is also a wise thing to do because “root”, “administrator” or “admin” are the more common usernames that are targeted by bruteforce attackers. So I recommend using a different username.

Well, this setting can’t be changed within your admin panel of WordPress website and mysql tool must be used to make this change happen in your phpmyadmin area. First find the database related to your WordPress installation, then search wp-users, locate username “admin” by clicking on the browsing icon, then the word “admin” should be replaced with your new desired username written under the “user_login” column.

Create .htaccess File in WP-ADMIN


# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

Save the above-created file with the name .htaccess which then should be uploaded to wp-admin folder in your WordPress installation.

7 – Do Frequent Backups

Make a habit of taking frequent backups of your WordPress website and if you, somehow, don’t do this, then a serious damage or a successful hacking attempt may result in losing your website. There are number of advance as well as powerful and simple plugins that can be used for this purpose.

8 – Hacked WordPress

If you have lost your website because someone has hacked it, the first step should be “TAKING DOWN YOUR BLOG IMMEDIATELY”. You may get rid of any injected malicious code on your website by performing this step only because most of the hacks are backed or run through executable scripts. These scripts get installed with several files in your WordPress installation.

You may also prevent your readers or viewers to get affected through these malicious scripts as they may harm their computers immediately after they visit an affected page over your website. You must take your site down immediately and creating “.maintenance” file is an easiest way for this purpose. It may be created in your root path of WordPress installation. Just write the reason of taking your website down at the moment. Write some technical reason like “maintenance mode and will be live back in couple of hours”, because mentioning the word hacked may upset your visitors.

The website visitors may also be notified by renaming the existing index.php file with any other name (that doesn’t exist in the same path) and creating another index.php file. This newly created file will be carrying your message for your website visitors to explain current situation.

All the above-mentioned steps should be employed and plugins should be run. The next step should be changing everything in your MySQL, WordPress and hosting (password and username). Normally footer and / or header files contains the injected malicious codes and therefore both of these files should be thoroughly checked for such codes. Immediately remove them.

After making sure that everything has been changed and every above-mentioned step has been employed, you may put your WordPress website back into action. If the problem is still there, you must immediately go for a fresh WordPress installation.

9 – Webmaster Tools Aid

Google’s webmaster tools are the efficient way of checking crawl errors, keyword significance and malware reports. Therefore get your WordPress blog or website listed there at earliest. If you see some unusual words like pharma or adult nature words in your keyword significance reports, then consider that your site has been hacked.

Though you have been hacked but you are unaware of this fact only because your pages are appearing to you normally the same contents are appearing differently on search engines like Google. An option “Fetch you website as Google” can be used within your webmaster tools admin, it will bring you the exact picture of your website which is seen by Google search engine and you will understand that if your website is being clocked or not. Anything suspicious to your website may also be checked through having a look at your cached version in different search engines like Bing, Yahoo or Google.

CreativeON is the 1^st choice in Pakistan for Web Hosting and it’s working from last 10 years. It has best quality Name in hosting industry as well. In 2006-2007 when the entire ISP’s (all over the Word) occupies the port 25 (By default port for SMTP) and at that time Creativeon enabled the alternate SMTP port 587 for our clients so that they can send an Email using our servers. It was the best solution for our clients and they are very happy with us.

In the start of August, 2011 Wateen occupied almost all ports and after that thousands of hosting clients are facing problem. The one of the major problem is that they are unable to send emails within same domains. We and other companies complained hundred’s time but as usual not good response from their side. They are not willing to resolve it and the giving pathetic solution to their client that they need to buy a Static IP.

We recommended to all our clients if the Emails are priority of your business than you must need to leave Wateen and go to any other internet solution.

Local business owners have to opt for ‘.pk domain’ since they are doing business in Pakistan because this way your business gets listed in Pakistani directories over the search engines and the local customers can easily find you and ultimately giving you the required business.

There are endless amount of good and short domain names available for your .pk domain registration purpose. Even the brand-able names are too available in abundance.

There is hardly any price difference between other extensions (such as .com, .org, .edu, etc) and .pk domain extension. The difference between the .pk domains and .com is Rs. 230 a year.

.pk domains help fully to get highest rankings for local business listings in all search engines.

creativeON is offering .pk domains at much economical prices and thoroughly supports the clients in registration and other customer and technical supports matters.

This is undoubtedly a great step and a true add-on service for the clients of Myhosting.com. It is obvious in today’s scenario that a wrong click may harm the website and might also destroy countless hours of work unless you do not have a secured and reliable website restore is there with you.

After this mega and beneficial launch of the website restore service, the webmasters across the world are laced with the power to turn back time and relapse to a secure restore point with this latest launch by myhosting.com.

Myhosting launches Website Restore service is readily available to all those clients who have shared web hosting accounts running on Windows 2008 or Linux plus the associated MySQL, Microsoft SQL or PostgreSQL Databases. The backup data gets stored on a secondary server.

The website restore feature is quite simple and user-friendly with simple interface and functionality that appears to be much familiar to the users of Windows System Restore or Mac Time Machine.

This features gets the users create a full website snapshot or restore point. By using this service, the errors or problems like corrupt tables, lost files and database errors are now the things of the past.

The announcement of the acquisition was made by the company earlier today mentioning that the company has acquired the open source could software developer Cloud.com. Although the terms of the acquisition have not been disclosed by the company, but it got confirmed that cloud.com was acquired by Citrix.

The selling price of cloud.com on which Citrix bought it is more than $200 million.

A week back, cloud.com had made the announcement of the new vice president Christian Reilly and after one week, the enterprise was sold to Citrix.

Cloud.com is widely famous for its cloudstack product line which helps service providers install and manage simple, economical cloud services.

After the acquisition, Citrix announced that this acquiring would further establish Citrix as a leader in infrastructure for the cloud provider market.

The reports suggest that Ensim Unify Cloud Manager is a platform which manages the cloud services.

The press release issued by the company says that the software lets the service providers manage, create, activate, configure and administer the cloud services. The cloud manager is laced with the astonishing features such as multi-tenant enablement, automated provisioning, privilege management, and delegated administration.

With the launch of this software, it is said that the system administrators would ne be feeling at ease to enhance the service levels and operational efficiencies by automating repetitive tasks.

CEO of Ensim, David Wippich said in a statement, “In addition to server virtualization, private, public, and hybrid environments must be supported by service providers to remain competitive. With many components, tools, and variations available today, service providers need a single platform that enables them to offer a wide variety of industry leading products and services from vendors such as VMware, Citrix, Microsoft, and others. Ensim’s comprehensive suite of cloud management solutions allows integration of service provider and enterprise-scale management tools, via a centralized, role-based, easy to use, web management interface.”

The decision of launching the new data center in Richardson came up after the company held a mammoth opening ceremony of its newest Portland data center. After the addition of the upcoming data center of Richmond, ViaWest web hosting company now owns and operates 22 data centers which pushes the company to further heights of success.

The reports express that the facilities include 500,000 square feet of raised floor space – 110,000 of which lives in the area of Dallas.

The latest data center ‘Synergy Park’ consists of 85,000 square feet of first class space plus the high density power configurations, disaster recovery office space and 24-hour on-site support. In addition to all this, this data center also has the access to the top notch network providers like AT&T and Savvis.

Synergy Park data center would be offering the endless services including the ones like cloud web hosting solution, colocation, complex hosting, and even managed services.