Cloudflare datacenter opened in Milano, Italy

Cloudflare opened after Madrid, Spain a new location in Milano, Italy

This is great news for our South European and especially our customers hosting in Italy,  their Cloudflare websites will even load faster as ever before !

The complete article on the launch can be found at the Cloudflare blog here: http://blog.cloudflare.com/buongiorno-milano-cloudflares-26th-data-center-now-live

CloudFlare’s 25th data center turns up in Spain, Europe

With Madrid (Spain)  now live on Cloudflare, internet traffic previously routed through Paris and London will stay much closer to Plaza Mayor. For those counting, Madrid brings us to 9 data centers in Europe including (in order of launch) AmsterdamParisFrankfurtLondonViennaPrague,Stockholm and Warsaw.

Read the full article at the Cloudflare Blog here: http://blog.cloudflare.com/madrid-spain-cloudflares-25th-data

040Hosting Insider Newsletter

Want to keep up to date with the latest information from 040Hosting or get the newest deals first ? Then sign up for you monthly news letter, that is right only once a month and only if we have news to share, we may occasionally send out an additional bulletin in case of a major event (i.e. when something like the heartbleed issue occurs) but we promise not to spam you with mails, also all your data is kept confidential and only used internally, an easy unsubscribe link is found at the bottom of the email and our support is always available to help you with your subscription if needed.

Please note that clients will NOT be automatically added to our mailing list; we keep the option available for everyone but you have to opt-in to receive the 040Hosting Insider newsletter.

Interested ? Great ! Sign up below:

Subscribe to our newsletter and get the latest news and premium discounts first.

Non-Impacting Public Network Maintenance in Amsterdam

This is an advisory to inform you of an upcoming scheduled maintenance being performed on our public network core in Amsterdam.

Event Date(s): Wednesday, June 11th, 2014 from 00:00AM until 04:00AM CET
Event Location: AMS-1
Impact: No customer impact is expected for this maintenance.

Event: We will be performing hardware upgrades on our network core. The window will last 4 hours, but there is no expected impact to network connectivity in any way. However, if an outage should occur, the outage will last no longer than 20 minutes and will not expand past one event.

With any network change there is a possibility of an unforeseen situation to arise, though every effort is being made to ensure this will be a non impacting maintenance.

payment s
Watch out for paid review sites

Searching for reliable hosting can be a hard task, because how can you trust a web hosting company you want to do business with, while there are tons of ways to give a hint on the operations of a hosting company there is really no way to be certain, especially since most review sites these days seem to be paid ones.

As a hosting company we are offered more as once to pay for a listing at one of those review sites and we keep turning those companies down because we do believe quality comes from it self not from paying to be higher ranked, if that makes us less reliable for some customers so be it our existing clients know this is not the case and those are the best referrals we have !

This is why 040Hosting started years back ; to provide quality but still affordable webhosting for clients all over the world; we grew from 1 server in the US to server farms around the world, currently we provide hosting in The Netherlands (2 locations), United Kingdom, France, United States (2 locations) and in Singapore. We can provide our clients around the globe our quality hosting without paying for review sites. We believe we are not just being a supplier to our clients but a Partner in their hosting needs. Want to see some real reviews our clients gave us (we promise we did not pay them for it!) check out our review page here.

Another problem surfacing in the hosting world is the payed reviews from clients, some companies have started to pay clients to write a review for them to boost their reviews. Also this tactic is something we stay away from as far as possible. We value our clients reviews when they give them, the good and if there are the bad just as much, because reviews are a great way of seeing what we are doing great, but also teaches us about things we could do better.

In other words, when searching for a quality and reputable webhost try to look a bit further; try sites as www.webhostingtalk.com to see how a host is doing compared to others  and we are sure you will find the hosting company suiting your needs and budget.

Like to learn more about our values and how we keep our clients happy ?

Rio Festival Time is here

In a few weeks the Soccer World Cup is going to start and as every time we will have some great promotions during this time.

We created a special page with coupons during the games, the coupons are only available for a limited time; i.e. on the day of a game or sometimes for a longer period of time. Also some very special promotions will only be available if a certain team wins.  Curious to which offer might be for you ? head to the RiO Festival page and see which promotions are upcoming as many more will be introduced during the games itself.

Curious? take a look at our Rio Festival coupon page

 

SSL/TLS MITM vulnerability (CVE-2014-0224)

SSL/TLS MITM vulnerability (CVE-2014-0224)
===========================================

An attacker using a carefully crafted handshake can force the use of weak
keying material in OpenSSL SSL/TLS clients and servers. This can be exploited
by a Man-in-the-middle (MITM) attack where the attacker can decrypt and
modify traffic from the attacked client and server.

The attack can only be performed between a vulnerable client *and*
server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers
are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users
of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.

OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za.
OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m.
OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.

Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
researching this issue. This issue was reported to OpenSSL on 1st May
2014 via JPCERT/CC.

The fix was developed by Stephen Henson of the OpenSSL core team partly based
on an original patch from KIKUCHI Masashi.

Source: http://www.openssl.org/news/secadv_20140605.txt

Joomla and WordPress Brute Force attacks

If you are using Joomla or WordPress  there is a high chance your site will be under attack now or in the near feature by a so called Brute Force Attacks.
The attacker tries to gain access to your application by guessing the password; often because users have the default username or simple passwords.

But such an attack has also an impact on the system resources, when an attack comes from an other infected server and multiple of these infectes sites are going to target your site together it actually works a bit like a ddos ; because all resources of your account get used and your account will be slowed down, with very large attacks it might even affect server performance in general.

While we take many precautions against such an attack the best way to counter such an attack is to install a script which stops IP after (some) failed login.
As well for WordPress and Joomla there are such a scripts. If you do not use WordPress or Joomla please check with your software developer if a login limit exists or can be implemented.

WordPress – We have seen good results with the following plugins:

Bruteprotect: https://wordpress.org/plugins/bruteprotect/
Wordfence: https://wordpress.org/plugins/wordfence/

Joomla – While no direct experience the following plugin should help:

Brute Force Stop: http://extensions.joomla.org/extensions/access-a-security/site-security/login-protection/22982
an other plugin one of our customers recommend is: https://www.akeebabackup.com/products/admin-tools.html

It is possible in some cases to protect the /wp-admin/ (wordpress) or /administrator/ (joomla) directory with a .htaccess authentication script; as .htaccess functions on a server level our WAF (Web Application Firewall) will work as a login limitter as block IPs which fail.