Blog

We are thrilled to announce subdomain functionality in the customer panel!!
Call us crazy to be thrilled about it, but hey, we’re geeks!

A subdomain is for example “blog” in the URL blog.example.org

I personally use subdomains mainly to do the webdevelopment for a new website, for example I would develop the new website on www2.example.org (note the “2″) – It would allow development on the same server as where I will deploy the new website and allows other people to check on the progress. Consider adding a .htaccess that restricts access to it, so it’s not available to search engines and other people that don’t have the password.

Other use would be for example be a blog, that you did not want to host on the same domain because you already have a website on it. I would consider running it on the regular www or in a subdirectory if possible, since it would add (search engine) “value/rank” to the domain. In essence a subdomain is a separate entity.

To add a subdomain:

1. Login to the customer panel.

2. Select a domain from your list

3. Select subdomains from the main menu:

4. Enter the name of the subdomain in the textbox and click “Install”

5. Please allow a minute or less for the installation to finish… And then you’ll see it in the list at the bottom with status “Finished”

6. You are done!

If you want, you can go to the WordPress One-Click-Installer in the main menu to install a WordPress blog on the subdomain you have just created, simply select the subdomain from the dropdown list (as seen below).

As many of you know, you could always ask our support to create a subdomain for you, but now you can do it within a minute. It was the most requested feature, so we hope you like it!

If you want to request another feature, please log in to the customer panel and click the red feedback tab on the side. As always, we highly appreciate your feedback!!

Customer Care Center password
If you lost the password for the Customer Care Center you can get a new one via the link at the bottom of the login page at http://www.managedomain.nl/

FTP password
You can reset your FTP password via the Customer Care Center. Login, then click on the domain, then choose FTP in the main menu.

MySQL password
We will reset the MySQL wachtwoord on request (send us an e-mail on support@hensel.nl). Please be aware that after changing a database password, all sites using that login, will not work anymore! If you know that it is in use, it’s better to check any config files via FTP. Common names for it are config.php or /config/config.php , settings.php etc. For WordPress wp_config.php is in use.

Username lost
If you lost the username for your Customer Care Center you can request it via the link at the bottom of the login page on http://www.managedomain.nl/

Hensel Hosting is introducing FTP (FTPES/Explicit TLS) for all webhosting customers. This will allow a secure encrypted connection to upload and download files to and from your website. This will make it virtually impossible for third parties to intercept passwords or sensitive data files. This is especially important in public area’s (eg. WiFi hotspots). The standard FTP is not protected against eavesdropping.

We will still support the standard unsecure FTP connections. To use FTPES/Explicit TLS you will probably have to make some changes to the profile settings of your website in your FTP client. Please look below for a video manual on how to do this in a popular FTP client “FileZilla”:

and another popular FTP client “Transmit” (Mac OS X):

Any feedback is welcome!

We added a new option, that allows you to install a WordPress weblog/website with the click of a button.

You can simply click the Install button to install it on the domain (eg. www.example.com) or enter a subfolder to install it the subfolder (eg. www.example.com/blog).

Currently we install the plain vanilla version of WordPress, but we may add some of the best plugins available by default.

We look forward to your feedback!

Video manual One Click Installer

PS: all the clients that are subscribed to the WordPress update service have been upgraded to WP 3.0 recently. If you are not using our service, please upgrade your WordPress installation now, to make sure your version is secure from vulnerabilities and get the new features. If you don’t have time to upgrade, subscribe to our service and we’ll do it for you.

I am excited to announce that next week – Thursday September 24th at 7pm – we will have a great event with great speakers (some of the top developers in the PHP community). Since the CodeWorks tour is nearby in Los Angeles, this is a great opportunity to get great speakers to come to Fullerton.

Ben Ramsey, Cal Evans and Jason Mauer will each be doing a short presentation.

We are proud to sponsor the pizza and beer. And Coworking Fullerton will be hosting the event.

Some cool books will be raffled: Essential PHP Security (O’Reilly) – Securing PHP Web Applications (Addison Wesley) – Professional PHP 5 (Wrox) – Dojo (Addison Wesley)

I have personally met Cal Evans 2 years ago at a PHP conference in Amsterdam (RAI) where he was one of the speakers. He’ll probably not remember me but he’s an awesome speaker. I haven’t seen the others speak, but from what I heard and read, they’re good! This will be one awesome night of PHP, just one week from now!

The Speakers

BEN RAMSEY

Ben Ramsey is a Software Architect at Schematic, where he is a leader in the Open Source Platforms Group, designing and developing software and setting and enforcing best practices. Ben is a leader in the PHP community–the founder of the Atlanta PHP user group, the founder of the PHP Groups user group network, a founding member of PHPCommunity.org, and a speaker at industry conferences worldwide. He has written forphp|architect, International PHP Magazine, and Zend Developer Zone and has contributed to several books, including php|architect’s Zend PHP 5 Certification Study Guide (php|architect) and PHP 5 Unleashed (Sams).

Blog: http://benramsey.com/

CAL EVANS

For the past 8 years Cal has worked with PHP and MySQL on Linux OSX, and when necessary, Windows. He has built a variety of projects ranging in size from simple web pages to multi-million dollar web applications. When not banging his head on his monitor, attempting a blood sacrifice to get a particular piece of code working, he enjoys building and managing development teams using his widely imitated but never patented management style of “management by wandering around.”

Cal is currently based in Utrecht, Netherlands. He is a professional member of the PHP community and attends more conferences in a year than most people get to go to in a lifetime. He fills his spare time as the Director of the PCE for Ibuildings. Cal is responsible for coordinating the awesome Dutch PHP Conference in Amsterdam. In Cal’s past life, he was the Editor in Chief of Zend’s DevZone, host of the podcast PHP Abstract and responsible for coordinating ZendCon. Cal is the author of php|architect’s Guide to Programming with Zend Framework.

Blog: http://blog.calevans.com/

JASON MAUER

Jason Mauer is a Senior Developer Evangelist with Microsoft based in Portland, Oregon. He has over fifteen years of application development experience on a variety of platforms. His job is to make developers happy, which he strives to accomplish by providing training, participating in community events, and talking with customers about emerging technologies. Jason can be found online at jasonmauer.com and as @jasonmauer on Twitter.

Blog: http://jasonmauer.com/

A BIG THANKS, to William Estrada, for organising the speakers and the OC-PHP meetup in general.

RSVP for this awesome PHP event

Will it happen this year? See the following email from SIDN (the .nl-registry). A EPP interface means we do not need a form for every .nl-transfer anymore (from one provider to another). EPP is in use for years with the large registries.

For SIDN, 2009 will be dominated by the development of an EPP interface for the DRS. With this major project now in full swing, we want to keep you updated on its progress. We will be making use of various channels to do so, including this ‘DRS-EPP Weblog’.

The weblog is a public resource. You can access it via http://weblog-en.sidn.nl/.

The weblog features:

1 EPP-related decisions and choices made by SIDN
2 Reports on Taskforce meetings and decisions
3 News about the progress of the DRS-EPP project
4 Links to relevant documentation and tools to help you make a smooth migration to EPP

Naturally, you can respond to the information we publish if you wish.

This week, we shall start publishing details of the discussions held at the first meeting of the EPP Taskforce. Earlier decisions on the relevant issues are also being made available and we will be providing more detail regarding the processes within the DRS-EPP.

To make sure you don’t miss any news, you can subscribe to the RSS feed or to the e-mail newsletter. You will then be informed automatically whenever there is an update.

There has recently been a rise of malicious software (malware) that not only damages your own PC but is also looking to steal the passwords you use to maintain your website, in an attempt to infect it.

How does it work?
Gumblar is an example of this malware. You get this malware by visiting a website that is already infected. This website will use a leak in Adobe Reader or Adobe Flash to infect your PC.

After your pc is infected, this software looks (among other things) for passwords that you stored in FTP programs.

These stolen FTP passwords are then used to secretly alter files hosted on your website. For example, it will alter HTML or PHP files to add javascript code or a iframe that in turn infects your website’s visitors.

What can you do to prevent this?

1. Keep all your software up-to-date. This can be a daunting task, but a good (and free) tool is available to help you; Secunia Software Inspector. Be sure to at least download the most recent versions of Adobe Reader en Flash, and update your browser.
2. Browse safe; don’t just click on any link (especially from spam mail). If you really want to make an effort you should consider using Firefox together with the NoScript plugin.
3. Even if you already use a virusscanner (highly recommended), it’s wise to scan your PC frequently using different malware detection software such as Malwarebytes.
4. Don’t store your FTP password in your FTP program, and use a third-party application to keep your passwords safe.
5. Be careful with outsourcing or giving other people your website passwords. Even if you trust the person or company that you give them to, they can also be infected (and developing countries tend to have higher infection rates).

What to do when I’m infected
The first thing to do is to change all passwords you stored on your PC (do this from a clean PC of course). Next, determine what kind of virus you have. Use for example the Malwarebytes scanner we mentioned earlier, or install a recent anti-virus program and follow the directions given. Unfortunately, the only way to make really sure that you PC is secure again, is to reinstall it from scratch. Our best advice is to back up all your files, and reinstall or restore your installation. Yes; we realize this is a lot of work but you make sure that no backdoors or rootkits remain behind that could make your PC vulnerable to the same attack all over again, or worse!

What we do to protect you
We are now scanning all files uploaded via FTP for malware. In case we detect any suspicous files, these are cleaned or removed, your FTP password will be reset, and you will be notified. Although this doesn’t guarantee that your website is 100% safe, this will catch most of the common malware before it can do more harm.

As of today you can download recent back-ups of your database via FTP. Useful if you make a little mistake when editing your database, or if you want to use/test the database elsewhere.

The location of your database back-ups is not visible by default in most FTP programs, because they are located in a “hidden” folder. See this manual to access this folder via Filezilla.

All recent back-ups of your database(s) will be located in this folder as .tar.gz (archive) files that you can extract on your own pc, or import via our Customer Care Center. The prefix of each database shows the date the backup was created.

If you need a back-up from more than a couple of days ago, or want us to restore your backup you can contact support.

Guides
How do I download a database backup?
How do I import a database backup?

WordPress 2.8 “Baker” was released this week. As always, we recommend you upgrade your installation in the near future if you haven’t already done so. Not only to benefit from the new functionality (see below), but also to make sure your website is not vulnerable to attacks (leading to website defacement, or worse).

If you are using our WordPress update service, we already sent you a message and upgraded your weblog yesterday after testing that the application is fully compatible with our web hosting platform.

Highlights:

* New drag-and-drop widgets admin interface and new widgets API
* Syntax highlighting and function lookup built into plugin and theme editors
* Browse the theme directory and install themes from the admin
* Allow the dashboard widgets to be arranged in up to four columns
* Allow configuring the number of items to show on management pages with an option in Screen Options
* Support timezones and automatic daylight savings time adjustment
* Support IIS 7.0 URL Rewrite Module
* Faster loading of admin pages via script compression and concatenation

If you want to know more, visit http://wordpress.org/development/2009/06/wordpress-28/.

[update: Check http://wordpress.org/development/ regularly as quite soon a new 2.8.1 beta 1 was released.]

NOFRAMES text
Previously we had a number of adjustments made for forwarding plans, which redirects to status codes (eg 301 permanent redirect), and additional fields for search engines. Since this weekend we again added functionality for forwarding plans, to optimize them for search engine ranking. Each forwarding plan has a NOFRAMES text (if you use frame forwarding) which means that search engines can index the page.

Document Root
Also you can now choose to change the Document Root in stead of forwarding it, so that the domain refers to one of your other websites. This is useful if you want your visitors to see different content on your web page based on the domain extension (for example: change the language of the content based on the extension). But be careful not to use it to display exactly the same content on multiple domains, because search engines don’t like that.