New Host Monitoring Tools

A new version of our host monitoring system is now available that offers two new features:

  1. An option to specify a URL to test when monitoring HTTP and HTTPS.
  2. An option to look for specific text in the HTTP response when monitoring HTTP and HTTPS.

screenshot_host_monitoring_http_url_and_text

Host monitoring and Failover DNS is available at the DNS Pro and Enterprise service levels. Read more »

4 Key Things To Know About Being Compliant With CASL (Canadian Anti-Spam Legislation)

CASL kicks in on July 1st, we first wrote about it here.

We are still of the opinion that for many internet based businesses who are already following standard best practices for running their email lists, this isn't that much of a big deal. (There are dissenting opinions on this, see this article)

When trying to decide if your organization is compliant, or requires to ask your mailing list for a fresh confirmation (opt-in) in order to keep emailing them, these are the key factors to weigh: Read more »

DNSResolvers.com Shutdown Imminent

As announced nearly a year ago, DNSResolvers.com will be shutdown, no later than July 1st. As outlined in our original announcement:

DNSResolvers was free, it was not our core business, and we now exist in online environment where nobody should be running open public resolvers unless they are  devoting ample resources toward making sure they aren't part of the DNS amplification problem.  The moment it interferes with our core business (like it just did) is the time to jettison it.

We let it run for awhile after that, but we are now migrating one of our core datacenters and this is the time to kill the last functioning node of DNSresolvers (truth be told, the other one imploded already and we never resurrected it).

The nameservers in question are:

205.210.42.205 – cache1.dnsresolvers.com

64.68.200.200 – cache2.dnsresolvers.com

Looking at the traffic, 99% of it seems to be zombies and low level DNS amplification attempts, but we do know that there are some live bodies actually using it – those people should stop now, sorry.

The public alternatives to consider are OpenDNS (who no longer monetizes the NXDOMAIN traffic) and Google's Public DNS (who doesn't trap the NXDOMAIN traffic at all).

We will probably bring back a DNS resolution service in the future. It will not be wide open, and most likely available for easyDNS members only. In other words, next time we'll get it right.

Thanks for your understanding.

Dear Industry Canada, Is Now A Good Time To Replace CIRA?

Today we have sent following to the Minister of Industry, James Moore, as well as the CIRA Board of Directors. This is in response to the revelation that CIRA is positioning to enter the managed DNS space. As we outline in the letter, we are fine with more competition (in fact Google just entered the domain and DNS space too! Now they can slurp up your DNS queries  and your email, cross reference it for marketing purposes and use it to target your search results. Isn't that exciting?).

No, competition is a fact of life, what we want is more of it, not less. Here's what we wrote to The Honourable James Moore: Read more »

Growth for Growth's Sake Leads to Nowhere

Growth_Versus_SustainabilityThe other day I had lunch with easyPress CEO Victor Granic and he brought up Matthew Woodward's epic rant against WPEngine  and he also mentioned Jason Cohen's rebuttal post "Growth is Hard"  and that set us off on a long discussion around today's tech biz climate (which is almost synonymous with the "start-up" culture, because these days everybody expects to sell their companies before they ever "grow up")

While this post isn't intended to single out WPengine as typical of what I'm talking about, Cohen's rebuttal, while earnest, did seem to me to miss a point.

That point is if your growth rate is a big factor impacting your customer experience, then possibly (strictly heretically speaking), you're growing too fast. (Jim Collins wrote a dynamite series of books, Built to Last, Good To Great, and How the Mighty Fall and Great By Choice in which he found an inverse correlation between overclocked growth-for-the-sake-of-growth rates and what he termed "10X companies" – companies that outperformed their industry index by 10X over a significant window of time).
Read more »

The Streamlined DNS Editor is here

The DNS Zone Overview has been updated a bit so now it's easier for you to edit multiple records and record types at the same time.

You access this new editor via the left-hand side menu option "DNS Settings" from your member control panel.

Here's a quick video to walk you through the key differences between the two editors.

Urgent security advisory: #Heartbleed – openSSL Vulnerability

This is an urgent security advisory regarding an openSSL security vulnerability CVE-2014-0160, which was revealed today to be a catastrophic, remotely exploitable security vulnerability affecting all applications utilizing openSSL.

The vulnerability was announced via the domain http://www.heartbleed.com

Which versions are affected is unclear:

  • The Heartbleed website says everything above 1.0.0+
  • We also read an unconfirmed report that it was 1.0.1 through 1.0.1f (inclusive)
  • The openSSL advisory dated today states "Only 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including
    1.0.1f and 1.0.2-beta1"

(To check the openSSL version from your unix shell type: $ openssl version)

The following analysis has been posted regarding the bug:

http://blog.existentialize.com/diagnosis-of-the-openssl-heartbleed-bug.html

An online tool that can diagnose if your web server is at risk is online here:

http://filippo.io/Heartbleed/

Recommendations:

If you are running a vulnerable version:

  • Upgrade your openSSL libs
  • restart any applications that use openSSL

But wait, there's still more…

You then have to make a decision on whether or not to treat your existing keys as already compromised (because if they were, there is no way you would know it) And if you feel the risk it too great: you must re-issue your SSL certs after generating new private keys and using them to generate new CSRs.

Unfortunately, this is the same thing as buying or renewing your SSL cert(s).

At this point we do not know if the certificate issuers will do something about this unprecedented situation, such as allow free re-issues or offer some kind of price break. But

If you are running an ecommerce website or the security of your customer data is paramount, you may want to do the same thing we did here at easyDNS tonight, which was to go ahead and purchase new SSL certs (after upgrading our openSSL libs and regenerating our keys & CSRs).

Update: Free Cert Re-Issues

It has been pointed out (immediately after emailing this alert to all our SSL customers) that our supplier, GeoTrust, allows free certificate re-issues as long as the info used to generate your CSR hasn't changed.

Go here: http://www.geotrust.com/support/ssl-certificate-reissuance/

In any case, check with your systems team, assess your vulnerability and keep your children indoors. This is pandemonium.

Bitcoin Payments Are Now Mandatory

Pay_with_bitcoin2

Effective immediately, Bitcoin will be the only payment method accepted for all easyDNS services.

 

Remember this date.

 

That is all.

The New TLDs are Here. Do You Really Need Yourname.BLARGH?

Picture-161It's been a long time coming, but as of a few months ago, the onslaught of the new Top Level Domains ("TLDs") has commenced. This is quite the game-changer because the sheer volume of new TLDs necessitates a different strategy for protecting one's interests than was the general convention of the past.

In the past, everybody (except maybe us), would try to whip all their customers into a frenzy around the concept "Get your name under [dot]whatever before somebody else does!" (We were usually a bit more stand-offish about it, being deeply skeptical of that entire model).

Not every new TLD should be "defended" in, with rare exceptions. .CO for example, was pretty much set up to capitalize on being one big typo-squat on .COM. (Of course they'll never admit that.)

For many others, we advised against it. .XXX was just plain extortion ("get your name.xxx before some pr0nstar puts up a beastiality site on it!"), .TEL is just so hopelessly flawed and broken that we unceremoniously dropped support for it and not a single customer noticed or cared. .PRO was just a case of horrible execution and nobody misses not having their name.pro (we do DNS for more domains from Antarctica, .AQ than we do for .PRO – no joke)

So now the new landscape is upon us: new TLDs are coming out so fast we can't even keep track of them ourselves. We've added support for a few of them and they are available now: Read more »

What the recent US Government announcement about transitioning the root really means.

nwo_agendaI was away when the big announcement came out. The news was, more or less,

"US GOVERNMENT RELINQUISHES CONTROL OF THE INTERNET!!!!!"

and I put it in all caps and underlined and with a lot of !!!! because the people who are busily talking about it in that context are typically newbie type half-wits, or journalists. The latter of which are barely distinguishable from the former, only because they aren't as intelligent and their knuckles tend to drag lower on the pavement when they walk.

Sorry if that sounds harsh, but this is the second time in less than a month I've seen just utterly bombastic and nonsensical reporting, conspiracy theory and just plain wrong information being promulgated over things that are actually non-issues. Read more »

Status Updates

Receive new posts via email

Loading...Loading...


Introducing:
easyPress.ca Managed WordPress Hosting
Fully Managed
WordPress Hosting, eh

Archives