SSL stands for Secure Socket Layer and is the underlying technology that enables a website to use the HTTPS protocol. Why is this important? A website with an HTTPS URL provides website visitors with a secure connection for private transactions. It is essential for any type of online sales or exchange of private data.

Windows 2008 server relies on IIS to serve websites to users, and in order to configure a Windows server for SSL, you need to enable it in IIS.

“The implementation of SSL has changed from IIS 6.0 to IIS 7.0.  On Windows Server 2003, all SSL configuration was stored in the IIS metabase and encryption/decryption happened in user mode (required a lot of kernel/user mode transitions).  On Windows Vista and Windows Server® 2008, HTTP.sys handles SSL encryption/decryption in kernel mode, resulting in up to 20% better performance for secure connections.  “

Read the rest at Learn IIS

Photo: stock.xchng

Continue reading: How to enable HTTPS on a Windows server

So far we have covered Linux, Windows, BSD, and Solaris. Another server operating system worth mentioning is Mac OS X Server. Although most tend to think of OS X as a desktop OS, there is a server version that has the same Unix-like structure and stability as other BSD distributions. The main difference is that it has customized visual configuration utilities.

A virtual host allows an administrator to host multiple websites on a single box. By default, Apache will only host one site. There are three steps to configuring a virtual host in Apache. They are:

1. Edit the DNS
2. Create the stie folder
3. Configure the virtual host

This is standard for Apache, but the process differs depending on the operating system. For example, on Mac OS X, the default folder for websites is /Library/WebServer, which is drastically different from the /var/www common on many Linux distributions. You can change this setting and many others to suit your preferences. For the the full how-to wiki article, see macos-x-server.com.

Source: macos-x-server.com”>macos-x-server.com

Continue reading: How to setup a virtual host in Apache on a Mac OS X Server

Cookies are very important for dynamic websites. They allow you to set parameters for user interaction. With cookies, your website can remember visitors and show them appropriate data, ads, and even specific pages. By default, cookies only last for a single browser session. With the CookieExpires Apache directive, you can set the length of time.

With a dedicated server, you can put the directive into your Apache configuration file, but this is not an ideal setup because it will control cookies for all websites on the server. The better method is to use an .htaccess file for each site.

Add the directive to your .htaccess file or create a new file:

CookieExpires expiry-period

Replace “expiry-period” with the number of seconds (i.e. 432,000 for 5 days) or you can insert as follows:

CookieExpires 2 weeks 3 days 7 hours

Source: Apache.org

Continue reading: How to set cookie expiration in Apache

Question: How do I install FTP on IIS 7.5 in Windows?

Answer: IIS (Internet Information Service) is a set of Microsoft’s Internet-based services. As a web server, it is second only to Apache HTTP Server, serving 29% of all websites. In addition to HTTP services, it also includes FTP. On Windows Server 2008, installing FTP is pretty painless. Just follow these easy steps:

1. Click Start on the taskbar and select Administrative Tools -> Server Manager
2. In the Server Manager window, click Roles to expand it and then select Web Server (IIS).
3. Now in the Web Server (IIS) pane, go to Role Services and click Add Role Services.
4. Now expand FTP Server in the Select Role Services page.
5. Choose FTP Service and click Next.
6. Finally, click Install and Close.

It is that simple. Now, you should have an FTP service running and ready to start receiving clients. In a future post, we will learn how to configure an FTP server.

Source: Learn IIS

Continue reading: How do I install FTP on IIS 7.5

Many people who manage websites also have other jobs, and even those who do not frequently find themselves traveling and away from the comfort of their own home Internet connection. In such situations, users sometimes find themselves behind firewalls that prevent them from accessing certain services, including web hosting control panels like cPanel.

The reason for the restriction is usually not to prevent people from specifically accessing cPanel but rather just a general blocking of any “unnecessary” ports by the network’s firewall. JAP4CPANEL (or simply JAP) allows you to access cPanel, WebHostManager, and webmail all through port 80, acting as a proxy between your network and your server.

With JAP, you will be able to access cPanel no matter where you are. It is available for PHP4 and PHP5 and also requires cURL, which is installed on most active web servers. JAP is free and open source software, released under the LGPL.

Source: webhostingtalk.com
Photo: Flickr

Continue reading: Gain access to cPanel from anywhere with JAP

When stepping into the world of web hosting, you will be inundated with abbreviations, acronyms, and recursive acronyms. Three that you should definitely know are: HTML, XHTML, and CSS. HTML is as old as the Web itself. It stands for Hyper Text Markup Language. It is the primary language of the Web. All websites use at least some of it, and a web browser’s primary function is to read it. Web servers, such as Apache HTTP Server, are designed to primarily to publish HTML-based websites.

XHTML is the extended form of HTML that was officially recommended in 2000 to clean up some of the issues with HTML 4, while also preparing for HTML 5. It has gradually become the standard for websites, and web purists insist on it. In XHTML, the structure of the site is handled in the markup, while the style is handled by CSS.

CSS stands for Cascading Style Sheets, and is a language in itself that handles all of the style (colors, sizes, text weight, borders) of the elements on a web page. All modern web browsers support CSS, and it is very useful for sites with multiple pages, as you can quickly and easily apply new styles to multiple pages without having to edit each page individually. All three languages have standards established and maintained by the World Wide Web Consortium (W3C).

Photo: Flickr

Continue reading: HTML, XHTML, and CSS

Question: I have a virtual private server (or dedicated server) with lots of files from numerous websites. How can I keep my files indexed and search for them whenever I need them?

Answer: There are two tools that make searching for files in Linux easy: locate and slocate. The only difference between the two is that slocate provides some extra security. This is useful if you have people on your server without full root permissions who will be performing the searches. Any files above their user level will be hidden.

If you try typing “locate filename” where “filename” is the name of an actual file, you should receive a list of all files with that name in it. If you do not, that means that your server is not setup to index the files. For that, you need another program called “updatedb”. This updates the index database with all of your files. Depending on the size of your drive, this can become an intense activity, so it is best to do it at a low usage time.

You can also schedule updatedb to run periodically using a cron job. Many Linux distributions have this enabled by default. If you need it, leave it on. If not, you might consider turning it off to save CPU and memory usage.

Photo Source: SXC

Continue reading: How to Index and Find Files in Linux

Question: I noticed other websites have flashy 404 Not Found pages instead of the standard boring Apache page. How do I create my own custom error documents?

Answer: Creating your own error documents is easier than you think. Just follow these simple steps.

1. Design your pages the way you normally would. Make one for each error you want to customize.

The most common are 404: File Not Found, 403: Forbidden, 500: Internal Server Error, 401: Authorization Requied, and 400: Bad Request. You can also take a look at a more extensive list of error codes.

2. Copy the error documents to a folder in a web accessible directory (i.e. public_html or something similar). For example, it could be /www/public_html/errordocs.

3. Create an .htaccess file in the main web accessible directory.

4. Enter your codes and their corresponding files in the .htaccess file:

ErrorDocument 400 /errordocs/400.htm
ErrorDocument 401 /errordocs/401.htm
ErrorDocument 403 /errordocs/403.htm
ErrorDocument 404 /errordocs/404.htm
ErrorDocument 500 /errordocs/500.htm

That is all it takes. Now any future errors will be redirected to your custom pages.

Photo: Flickr

Continue reading: Custom Error Documents With Apache

Mary Landesman, senior security researcher at ScanSafe believes that three major waves of SQL injection attacks may be linked, originating from the same attacker. Approximately 80,000 Chinese, 67,000 U.S., and 40,000 Indian websites are still infected by a botnet due to SQL injection attacks. At one point, millions of Chinese sites were compromised. Landesman says the attacks were the work of the same attacker because of similar domain name registration information and methods used.

“It’s the thread of the domain names being used,” Landesman says. Seven of these “mal-domains” — a term coined by Landesman to describe domain names used solely to build Internet infrastructure to spread malware or otherwise cause harm — were registered under the same name and address (which are clearly bogus, being not more than gibberish).

Most of the domains were registered to a major registrar, which is uncharacteristic of such attacks. Usually attackers choose lesser-known or less reputable registrars in order to slip through unnoticed. The problem is the system, Landesman says, which allows people to register domain names using completely false information with procedure for verifying identity.

Source: Network World
Photo: Flickr

Continue reading: Web Attacks May Be Linked

Microsoft, which has long offered proprietary alternatives to open source web platforms and scripting languages, is now offering a toolkit that will make it easier for PHP developers to utilize it’s .NET data services. PHP, which stands for PHP Hyptertext Processor and is sponsored by the commercial organization, Zend Technologies. It is licensed under a free software license.

PHP is used by hundreds of thousands of websites running various web applications and content management systems. Microsoft’s ASP scripting language has often been considered a direct competitor. For Microsoft to now be extending a hand to PHP shows that the software giant now realizes they cannot stamp out open source technology, which continues to spread in business, with many web servers and websites adopting it.

Zend Technologies and Microsoft have also formed agreement to ensure that PHP will run on Windows, a concession Microsoft is undoubtedly willing to make because most PHP application developers prefer to develop for a Linux environment. This move by Microsoft comes just weeks after it announced plans to submit GPL code to the Linux kernel, something Microsoft once described as “a cancer”.

Source: Microsoft
Photo: Flickr

Continue reading: Microsoft Working with PHP

In past years, if you made a mistake when registering a domain name, whether a spelling mistake or some other type of mishap, you had five days to return the domain and get a refund from your registrar. This is called the Add Grace Period. ICANN would refund the registrar the cost of the domain. Some professional domainers, however, abused the Add Grace Period.

The domainers would register a large chunk of domains, create ad websites, and then monitor them. The websites that generated more ad revenue than the cost of the domains were kept, and the ones that were not profitable were dropped, all within the 5-day period. The practice is called “domain tasting”. It is a nuisance to legitimate domain customers who want to register the domains because they are unavailable during the process.

In an effort to combat domain tasting, last year ICANN introduced new policies that included not refunding registrars the fee for registries and making it more expensive for registrars by charging them $6.75 or more. The new policies, they say, have virtually eliminated domain tasting. As for those who still make honest mistakes, ICANN makes exceptions.

Source: Computerworld

Continue reading: ICANN: New Policy Has Reduced Domain Tasting

According to new Internet data, there are now more websites than people in the world — over 1 trillion. With such large numbers, there are 150 domains per person, and it would take 31,000 to read all of them, even if you spent only one minute on each and never slept. Still, just 1.46 billion out of 6 billion people in the world use the Internet, meaning it would take a long time even for all of them combined to see all websites.

China leads the list with 338 million users, with the US trailing at 227 million. Japan, India, and Brazil round out the top five. The UK is a bit lower with 48 million users, reflective of its smaller population. The interestingly neglected part of this data and most raw data like it, is that there is no analysis of the website content.

Of the 1 trillion websites out there, how many are made up of malware, spam harvestors, phishing, fraud, schemes, ad portals, parked domains, and cybersquatting? Furthermore, of the sites that are none of the above mentioned, how many are actually useful and worth visiting? While it may be the job of Google and Bing to index legitimate sites, it will be up to someone else to catalog and evaluate them. As the Internet continues to grow, so does the need for some time of organization.

Source: News.com.au
Photo: Flickr

Continue reading: The Internet is big, really big