 Sitebuilder Server Migration |
| Posted By: Tom N On: 11 Nov 2008 10:29 AM |
Dear customers.
Please be aware that our Sitebuilder / Sitebuilder Pro server is being migrated.
To ensure no data is lost, we will be taking down Sitebuilder functionality on Friday November 14th to sync the database.
We will then reinitialise the database on the new server.
This small disruption is necessary to improve our Sitebuilder service.
We hope to have Sitebuilder back up and running by close of business Friday.
Thankyou
MD Web Hosting Team |
 Read | Comments [0] |
 |
| gTLD Price Increase |
| Posted By: MD Support On: 27 Oct 2008 02:48 PM |
| Dear Clients, Due to the collapse of the Australian dollar domains registered by our ICANN registrar ENOM will have their price increased to absorb some of the higher costs to register/renew these domains that require US currency conversions. All .au domains will remain at the same price. |
| Read | Comments [0] |
|
| Domain Name Renewal Warning |
| Posted By: MD Support On: 01 May 2008 01:26 AM |
Dear Clients,
You may have recently received an automatically generated Domain Name Expiration Notice from Domain Registry of America.
This notice is not affiliated in anyway with MD Web Hosting therefore we asks clients not to mistake this notice as an invoice from MD Web Hosting.
All domains are renewable through their myaccount: https://www.mdwebhosting.com.au/myaccount/ once payment has been made for the invoice we will renew your domain.
Once you have made payment please verify that the domain has been renewed for the duration by performing a whois or entering the domain to see if it resolves to your hosting account.
Please do not hesitate to call the MD Customer Care Team on 1300 734 660 if you have any queries. |
| Read | Comments [0] |
|
| Server Updates: PHPSUEXEC |
| Posted By: MD Support On: 25 Apr 2008 03:06 PM |
Dear Customers,
We'd like to announce that we have installed PHPSUEXEC on a few of our existing servers.
A few changes might be needed on your website's configuration files (.htaccess) (do not panic ).
All the php_flags in your .htaccess will have to be moved to php.ini, which you will have to create in your public_html directory.
Example:
.htaccess » php_flag register_globals on
php.ini » register_globals=on
The file php.ini will handle all the extra settings you need to set in php.
So, basically you will have to move every command on .htaccess that starts with php_flag.
Differences between phpsuexec and "regular php":
When using the common PHP installation on a webserver, php runs as the user nobody and it doesn't require the execute flag to be enabled.
The problem on this is that if mod_openbasedir is not installed, every user will be able to read your php files because everyone is virtually sharing the same username (nobody).
As most of you already know, PHP Files are not meant to be read, but parsed, and that is where the problem resides. PHP Files have to be parsed, otherwise everyone who is able to read your php file will see settings that you would probably want to keep private, such as your MySQL username and password.
PHPSUEXEC fixes all this because it requires php to be run as the file owner's username. (for example: andre)
This is not everything it fixes though. PHPSUEXEC is also here to fix file ownership problems. This has been a common issue on a few Content Management Systems such as Joomla and also on the popular blog software: WordPress.
It also adds security to your files as you can use permissions such as 600 or 700 in your files and your visitors will still be able to view them (parsed) in their browsers.
PHPSUEXEC will also refuse to serve any pages that are at security risk, for example with 777 as permissions. (will generate an Internal Server Error)
Troubleshooting Internal Server Errors (Error 500):
Everytime an internal server error occurs, it will be added to your Error Log in cPanel. (cPanel »» Error Log). This will usually give you a clue on where the error resides. In most cases it will be either a permission error on a bad command in your .htaccess file (remember that all php values have to go to your php.ini file).
Directories that need to be written onto will no longer require 777 as permissions and phpsuexec will refuse to write or read on directories exposed with such permissions. You will have to chmod them to 755 always.
To simplify it, just remember that you should never have a file or folder with world-writeable permissions, because you no longer have to.
MIMETypes:
If you added a Mimetype to the system in order to run html files as php scripts (AddType as .htaccess command), you will have to remove it and add an ApacheHandler instead. This is easy to do though. Just log into your control panel, then click on Apache Handlers and add the following:
Extension: html (or htm)
Handler: application/x-httpd-php
QuickStart for impatient users :
Technically, PHPSUEXEC will make sure your scripts and directories abide by the following security rules:
* User executing the wrapper must be a valid user on the server.
* The command that the request wishes to execute must not contain a /.
* The command being executed must reside under the user's web document root (public_html).
* The current working directory must be a directory.
* The current working directory must not be writeable by group or other.
* The command being executed cannot be a symbolic link.
* The command being executed cannot be writeable by group or other.
* The command being executed cannot be a setuid or setgid program.
* The target UID and GID must be a valid user and group on the system.
* The target UID and GID to execute as, must match the UID and GID of the directory.
* The target execution UID and GID must not be the privileged ID 0.
* Group access list is set to NOGROUP and the command is executed.
Protecting your php.ini file:
To protect your php.ini you should set its permissions to 600. Additionally you can add the following line to your .htaccess file:
Code:
Order deny,allow
Deny from All
If you need assistance regarding this please email support@mdwebhosting.com.au
Thanks!
|
| Read | Comments [0] |
|
| Paypal Subscriptions |
| Posted By: MD Support On: 24 Apr 2008 01:00 AM |
Dear Clients,
If you have previously set up a Paypal subscription prior to 26/02/2008 please check your previous invoicing through your myaccount to ensure the payments have been applied.
We suggest you cancel your current paypal subscription by using the following steps;
1. Log in to your PayPal account.
2. Click the History subtab.
3. Choose the Subscriptions field from the Show dropdown menu.
4. Check the From box and change the date back 2 years.
5. Click Search.
6. To view the details of a specific Subscription Creation, click Details in the Details column.
7. At the bottom of this page, click Cancel Subscription.
8. On the confirmation page, click Cancel Subscription again.
Once this has been completed you can set up your new Paypal subscription through your myaccount when viewing your next issued invoice.
If you have any queries please contact billings@mdwebhosting.com.au
|
| Read | Comments [0] |
|
