Posted on Leave a comment

Do we recommend a VPS/Server control panel?

Another common enquiry question is – if we provide VPS’s and if so what which server control panels would we recommend. We have previously provided dedicated servers and latterly –  virtual private servers (VPS’s) and we may indeed go back to providing this product once the market settles. However, our existing managed server revenue stream is adequately subscribed shall we say, so provision of fresh dedicated servers and VPS’s for new customers have been withdrawn from the service list, for the time being.

However, we have installed and supported all of the Linux based server management control systems through evolving technological periods of dedicated hardware and virtualisation at some point and the only one we would recommend is the control panel we currently use to manage our servers/VPS’s which is Control Web Panel (CWP), formerly Centos Web Panel.

Having been with this control panel for many years – we believe that its point in the software development-cycle, means it is secure, robust and feature rich. The free version of the panel will cater for users who do not need multiple PHP versions, PHP-FPM or greater than 10 users. The coolest feature is actually the pro license price, at just north or a tenner per year. Its rival product is CPanel who’s licensing cost is greater than that for a month. Should you choose to buy a license – you can click here to check it out.

Also keep an eye on Fossbilling – as it is open source (free) and in active development, but not production ready yet. Although it already has  a module for CWP integration.

Posted on Leave a comment

Will DNSSEC detect and stop a DDOS attack?

A very common cyber-security question asks – if  DNSSEC will stop a distributed denial of service (DDOS) attack. The signing of domain DNS data sources – will not stop a DDOS attack! There are however providers, who will provide intrusion detection services and the facilities to mitigate the risks associated with a distributed denial of service attack. These are of course premium priced but represent good value for some.

However, for the many –  the key to managing the risks is detecting the DDOS attack as early as possible and triggering packet filters to drop the data packets. We did this with a piece of open source software named – Snort configured to work with our Pfsense firewall – effectively detecting the bad data packets and dynamically reconfiguring the firewall, to drop the packets.

Snort is open source software and the PFsense community firewall installed on a virtual machine worked for us. PFsense+ on a netgate appliance should be equally as effective. The research we used is at the project link below:

Project – Managing a DDOS attack using Snort and PFSense

This is not a commercial offering – or a recommendation. This is simply the sharing of a solution which we believe mitigated a number of DDOS attacks in the context of our system configuration at that time.

Posted on Leave a comment

What makes us different?

You can obviously get domain names and DNS hosting services from the big brands, so if you have not worked with us previously it is probably worth noting just what makes us that little bit different.

As a successful e-business services provider of several decades, we understand the benefits, issues and risks more than most. This experience gives us a good understanding of market needs, weakness and all things considered, the range of target services we should provide and how to provide them – to ensure we continually deliver outstanding value to our customers.

In an effort to share the strategic thinking behind today’s e-business service list, lets look at the evolution of some of today’s trending buzz words. We have artificial intelligence (AI), preceded by the cloud, before that there was virtualisation and the list goes on. We recognise that the web hosting infrastructure required, to deliver associated products and services – will likely develop as the whole industry moves forward to follow these trends. However, regardless of the platform requirements of these works of technical art – user friendly text based shortcuts, mapped to resolve server IP addresses ie. domain names and DNS will not be going out of fashion any time soon.

Cyber-security

We understand only too well that every web based system – immediately becomes a target for unscrupulous hackers in pursuit of personal and financial data. Cyber-security is not just about preventing access to internet infrastructure, it starts much higher up the food chain, including the DNS network used to look-up IP addresses from domain names. If the DNS lookup protocol becomes compromised, it is possible to redirect web traffic to an alternative resource. This is called a ‘man in the middle attack”.

History shows that there have been some significant man in the middle attacks – one of the most infamous, took the form of web traffic being redirected to a hackers website which looked just like a local bank. This resulted in many users giving away at least their username and password. A security protocol named DNSSEC was created to prevent this type of attack, by utilising public key cryptography to validate the DNS data source – by uploading a digital signing (DS) record at the registrar.

DNSSEC has actually been around for at least a decade, but the adoption rate is still very poor.  This is due to the average domain owner not understanding what it is, what it does, why it is needed or how to implement. Some of the big brands don’t even support it and those that do deploy it, do not make setup straight forward.  With Cyber-security as a key buzz word on our agenda, we ensure that every domain name we register for customers has DNSSEC enabled from the point of registration. We believe this approach is not only a unique selling point which represents priceless value and piece of mind for our customers, we also aim to be a key strategic contributor to development of a securer internet –  via increased DNSSEC adoption.

Green Values

Business and service continuity – have always been top of the strategic aims and objectives list and this feeds the evolving design of our system/service infrastructure.

We no longer have juice guzzling, load balanced arrays of dedicated servers and strategically hosted content delivery networks requiring placement of servers in little known parts of the world. We host our low power Apple hardware onsite and have 100% redundancy with real time data mirroring of everything. This means that in the event of hardware failure services are not disrupted.

We also have one of Mr. Branson’s finest fibre offerings which yield more than reasonable ping times, even from servers in those little known parts of the world. This is backed up by BT should  anything go awry.

The decision to move servers onsite was driven by increasing energy costs and we are now completely off the grid, powered by solar panels batteries and inverters. The UPS system is setup to switch back to the power grid in the event of … well … the sun falling out of the sky or a total solar eclipse of several weeks duration and we still have a generator from years gone by – otherwise set to gather dust if needed.

The cost of power to us is negligible, hence we do not need premium profits and do not charge premium prices. A win for earth and a win for our customers.

Price Transparency and Marketing Value

Our business strategy enables us to create value in such a way – that our prices across the board, reflect us selling products for 10% more than the cost to us. It gets a little more involved when trying to amortise the cost of a DNS network on a per customer basis, but we make what we believe to be sensible assumptions on hardware life-time, which today is longer than ever before.

Another unique selling point is that we will only market value. You will have noticed that most of our domain registration prices are for a single year duration and we do not advertise a cheaper registration price and a more expensive renewal cost for subsequent years. That is because at the time of price publication registering for multiple years does not provide a cost benefit. From multi-year registration we take the profit from year 1 and defer the profit for subsequent years until we get there. However, from time to time the registrar will offer domain names at a reduced price and this is the time we will add multi-year registration options to enable the customer to lock in savings for every year of the domain registration duration. We will email our customers with details of these deals.

Free Domain Names

There is no such thing as free lunch and when free domain names are on offer, always read the small print. Free year 1 and premium ongoing renewals are often the case or really free of charge for the duration of a chunky web hosting package are common ways of receiving free domain names. Very occasionally domain resellers will come up with prices which are designed to undercut and effectively buy the revenue from competitors, but domain names are long term investments and in our view, need to be provided by a company who will be around to provide support for the long term.

Not withstanding the above – we believe that everyone should be able to have a personal web presence absolutely free of charge. So for customers who register domain names at this site, we will register a domain name with the .uk.eu.org extension free of charge for personal, non-commercial use and provide a DNS zone to manage it also free of charge.

Customer Engagement

We have a support ticket system and for routine enquiries and service process requests this will satisfy customers needs in the majority of cases. However, we may give you a call to see how things are going and are happy to receive calls from customers who would like a chit chat. You may be able to do this with the big brands, but apologies in advance for rambling on as the absence of customer service prompts enables the world to be put to rights whilst touching only briefly the intended conversational topic.

Posted on Leave a comment

Why is domain name age so important?

Sticking with the big brands is often a very effective way of establishing instant trust. How many times have you paid a bit more for something just for the secure feeling that big brand provides. However, the big brands will invariably design their product/service range around their ability to provide in a way which fits their business model and this can often restrict the options for the customer. In fact – in the domain registration and web hosting business, some of the really big brands don’t even do it that well.

The biggest challenge with using less known brands is establishing trust – there are a number of checks which can be done to mitigate the risk of paying for a product or service which does not materialise, but the first simple check is to read the company information on the website and get on a whois site or app and check when the website domain name was registered.

If the website is representing the company as having been in business for a number of years and the domain was registered a few months ago – alarm bells should start ringing.

Scammers will generally not utilise domain names for which the purchase information leads back to them. Once a scam is exposed the police will contact the registrar and obtain registrant details. Once the registrar is contacted – the domain name will likely be removed from service, as illegal activity is in breech of any acceptable use policy. Hence, domain names used for scamming rarely reach a significant age. Of course the business could be legitimate and may have rebranded – however, in todays modern world that approach is risky.

However, if an organisation claims to have been in business for decades and the domain was first registered decades ago – then the story becomes more credible.

To check the age of a domain name – enter it below and click check. Then click whois. You will not only be able to see the created date, depending on the whois server functionality – you may be able to see nameserver details, registrant contact details and DNSSEC delegation/status:

Posted on Leave a comment

What is a domain hyper-market?

The zone-reg.co.uk – domain hyper-market site is primarily designed for customers who want to find a set of domain names which UK individuals and organisations generally look for in addition to a few interesting generics, all in one place and quickly.

Like most web services businesses – over the years we have utilised the traditional approach to domain registration and provisioning systems. However, with the advent of highly secure, feature rich content management systems and e-shops round every corner, we have been waiting for someone to design a WooCommerce style front end enabling available domain names to be identified and registered swiftly. We waited and waited and waited and in the end we did it ourselves.

Links to the domain registrars and pricing feeds are still handled in the more traditional style, but the zone-reg sites are all WordPress based WooCommerce sites leveraging the simplest, most secure and efficient means of searching for available domain names, selecting them and getting them to the shopping cart where you can choose from your favourite payment engine such including Apple Pay and Amazon Pay to make the purchase.

The customer can then get on with their lives and leave the rest to us!