Menu

BlogMHS Blog Articles

WordPress - cPanel - SEO - Security

Category: Web Security

Why do I need SSL?

Why do I need SSL?
12 Unique Votes

ssl certificateDoes the idea of improving your search engine rankings and offering your visitors better security sound like something you’re interested in?

  • What if we upped the ante and told you we now offer an SSL Cert for just $5.95/mo?

  • SSL certificates secure your website’s connection and boost its rankings in Google.

  • Yup, all of the benefits of SSL for just $5.95/mo!

Why should I get SSL on my website?

  1. As Dec 2016 73% of internet users use Chrome
  2. Since 2014 Google has given ranking preference to website using SSL
  3. Look at the information bellow on how the latest release of the Google Chrome Browser now shows if your website is secure or NOT.

What is a SSL Certificate?

Have you ever noticed how sometimes websites start with “http://” and then sometimes they start with https:// and have a green padlock nearby? If you have, you’ve seen the end result of an SSL certificate. But what you haven’t seen is what goes on behind the scenes.

SSL Certificate

  • SSL stands for Secure Sockets Layer. Essentially, SSL establishes an encrypted link between your web server and your visitor’s web browser. This ensures that all data passed between the two remains private and secure.
  • With an unsecured HTTP connection, third-parties can snoop on any traffic passing between your reader’s browser and your web server. Obviously, this is a huge issue if you’re passing sensitive information like credit card numbers.
  • But nowadays, many entities, including Google, are pushing to use secure HTTPS connections for all traffic, even things you might think are mundane.

Why Do You Need an SSL Certificate?

In general the internet is not a very secure place. Google has made the ultimate decision to help force all of us to get more secure with our websites. Starting on January 7th, 2017 Google rolled out an update to their Chrome Web Browser that drastically changes the way your URL shows up in the browser. An added benefit is that Google gives a search engine ranking boost to sites that use SLL. This added benefit alone is good reason to get your site secure.

If your website is not secure, and does NOT have an SSL Certificate this is what it looks like now:

Non secure icon
Notice the Circle with the i. This was where your company logo, or Favicon use to show up.

If you click on the i you now get this warning:
Non secure icon info

Google Non SSL Warning

You definitely do not want all of your users seeing that in their URL bar…

So, in addition to offering a benefit to your readers by securing their connection, you also have both a Google-provided carrot and stick to motivate you to use an SSL certificate for your site.


Are SSL Certificates Expensive?
What Are the Different Kinds?

There are a number of different SSL certificates you can choose from. Each offering various levels of trust.

GlobalSign Extended Validation SSL Certificate ($595/yr)

For example, Maine Hosting Solutions uses GlobalSign Extended Validation SSL Certificate, that’s how we get our company name next to the green padlock. EV SSL Certs are ($595/yr), but come with a $1.25 Million GlobalSign Underwritten Warranty. EV Certs are geared to organizations hat handle a high volume of user input data, user logins, credit card data etc…

EV SSL Certificate

GlobalSign DomainSSL Certificate ($175/yr or $14.95.mo)

Anti-Spam Engine uses a GlobalSign DomainSSL to get the green padlock, the level of certificate costs only $175/yr and comes with a $10,000 GlobalSign Underwritten Warranty. DomainSSL certs are geared toward eCommerce websites producing less than $100,000 in online annual sales.

GlobalSign DomainSSL Certificate

Standard SSL Certificate ($59.95/yr or $5.95/mo)

Standard SSL Certificate

Notice that Atlantic Limousine uses a Standard SSL Cert, but it looks identical to the more expensive GlobalSign DomainSSL Cert. The difference is that Standard SSL Certs do not have an underwritten warranty. Why? These certs are not for eCommerce sites, or sites that handle sensitive user data. Standard SSL Certs are for sites that need SSL to comply with Google SSL requirements and to aid in SEO Rankings. You an get Standard SSL Certs for just $5.95/mo on any MHS Hosting Plan.


How to Get a SSL Certificate from Maine Hosting Solutions?

If you’re just running a regular WordPress site and aren’t handling any super sensitive information (like credit cards), you can get a Standard DomainSSL Certificate from us for just $5.95/mo.

Order StandardSSL Cert Order DomainSSL Cert Order EV SSL Cert

Wrapping Things Up

Because of how Google is pushing SSL, it’s not something you can ignore. Right now, you’ve got the carrot of improved search rankings. But Google is showing they’re not afraid to use Google Chrome to “punish” sites who don’t move to SSL.

Given that you can now get an inexpensive SSL certificate from Maine Hosting, there’s no reason not to protect your visitors’ connections and boost your search engine rankings in the process.

What is PCI Compliant Web Hosting?

What is PCI Compliant Web Hosting?
Rate This Post

What is PCI Compliant Web Hosting?Who?

  • Who has to be PCI Compliant?
  • Everyone who has any contact with credit card information, including websites which automatically transmit credit card data to an authorized gateway must be audited on a yearly basis and must submit PCI compliant quarterly reports.

What?

  • What is PCI compliance?
  • It the adherence to the set of rules set forth by Visa, Master Card, American Express and others in the credit card industry.
  • Their basic goal is for everyone who is accepting credit cards to follow the same set of standards to be sure that credit card information submitted by your client cannot get compromised in the process of handling their transaction with you.

When?

  • When do I need to be PCI Compliant?
  • Different merchant providers are implementing PCI Compliance at different times. However, there is no better time to achieve this status, for your OWN Protection. Stolen credit card data can result in the lose of your merchant services, as well as impact your ability to apply for merchant services in the future.

Where?

  • Where can I find a PCI Compliant web host?
  • Right here! Our unique all-in-one approach addresses all aspects of eCommerce including PCI Compliance.

How?

  • E-commerce Software: Shopp or WooCommerce
  • Security Certificate: 2048 Bit GlobalTurst SSL
  • Server Environment: Full Intrusion Hardened
  • PCI Compliance: ControlScan Verified
  • Merchant Services: Cayan
  • Payment Gateway: Authorize.net
  • Antivirus Software: ClamAV, CSX, Sucuri
  • Anti-spam software: Our Exclusive Anti-Spam Engine
  • Web Application Firewall: Applicure
  • Plus:
    • Redundant Backups – R1Soft
    • Secure FTP – sFTP
    • Feature Packed Web Hosting 

Call for a complete PCI Compliant Web Hosting Quote.
Call toll free 1-888-200-8008

Great Tips on PASSWORD DO’S AND DON’TS

Great Tips on PASSWORD DO’S AND DON’TS
Rate This Post

Should you change your password?

PASSWORD DO'S AND DON'TSIf you have a poor password your website is at risk! Spammers and Phishers constantly try to break into websites that have poor passwords, once in they use your website to host fake websites intended to deceive people into proving private information, or they use your website’s sendmail service to send spam from YOUR email address. The #1 way to protect yourself is YOUR PASSWORD. We encourage all users to choose a difficult password using the following tips listed below.

Passwords aren’t suppose to be easy, they are intended to protect you, so don’t make it easy!

 NOW and change your password to something hard!

Some PASSWORD DO’S AND DON’TS Examples:

  • Bad Password: charlie
  • Better Password: charl!e
  • Bad Password: password
  • Better Password: PaSsW0Rd!2

Password Do’s

  • At least eight characters long – 16432794
  • A combination of upper and lower case letters- IE: PaSwoRDexAmPLE
  • Use interspersed numbers – IE: use 0 instead of o (zero instead of the letter o)
  • Use characters such as !@#$%& – IE: use ! instead of i etc…
  • Passwords aren’t suppose to be easy, they are intended to protect you, so don’t make it easy.

Password Don’ts

  • Your first name, last name, or login name, in any form
  • Consecutive or repetitive numbers or letters
  • Adjacent keyboard letters such as qwerty or asdfghjk
  • Common and obvious letter-number replacements (e.g. replace the letter O with number 0)
  • Easily guessed personal information such as names and dates of yourself, family members, pets and close acquaintances
  • Easily obtained information, such as:
    • address
    • license plate numbers
    • telephone numbers
    • credit card or ATM numbers
    • Social Security or Social Insurance numbers
    • email addresses
  • Dictionary words, in any language, forward and backward
  • Popular book titles, movie titles, or phrases
  • Short passwords

Additional Tips

  • Never share your password with anyone. Protect all passwords as you would protect your bank PIN.
  • Never store passwords unencrypted on your computer. Password management software is great for managing many passwords, but take great care to protect access to your password database with a strong password, access card or USB key! (Or better, a combination of these).
  • Never type your password when anyone is standing nearby.
  • Beware of phishing scams.
  • Change your password frequently.
  • Never use the same password in many places, especially online!

Also see: 

Reverse DNS Protection for your email

Reverse DNS Protection for your email
Rate This Post

Reverse DNSWhat is Reverse DNS?

Internet Service Providers use the Domain Name System to determine the IP address associated with a domain name; also called Forward DNS. Reverse DNS lookup is the inverse process, the resolution of an IP address to its designated domain name. In a shared IP environment like most hosting accounts, that IP address resolves to sometimes several hundred domains. We make sure it only resolves to one, yours.

How this affects you

If someone sharing your IP address gets blacklisted for sending out unsolicited emails your domain will be among the many on that IP. address that also get blacklisted. Your email will bounce back from people who you regularly email because of it. The process for un-listing an IP address can take days.

Dedicated I.P. Address

Assigned automatically for our Standard and above hosting accounts can be programmed to use reverse dns so that email sent from your domain is seperated from other email being sent from that server.

Benefits of Reverse DNS

You will not be blacklisted unless it is your domain that is sending the unsolicited emails.

Reverse DNS is available on all Standard Hosting Plans and above.

Password Security Tips

Password Security Tips
1 Unique Vote

website-security-backgroundWith more and more of our personal data being stored on our computers, giving thoughtful consideration to a password strategy can go a long way in preventing data from being compromised. The following tips are presented as a guide to assist you in password selection.

Password Do’s

  • At least eight characters long
  • A combination of upper and lower case letters, numbers, punctuation and other symbols
  • Quick to type, in case anyone is peering over your shoulder

Password Dont’s

  • Your first name, last name, or login name, in any form
  • Consecutive or repetitive numbers or letters
  • Adjacent keyboard letters such as qwerty or asdfghjk
  • Common and obvious letter-number replacements (e.g. replace the letter O with number 0)
  • Easily guessed personal information such as names and dates of yourself, family members, pets and close acquaintances
  • Easily obtained information, such as:
    • address
    • license plate numbers
    • telephone numbers
    • credit card or ATM numbers
    • Social Security or Social Insurance numbers
    • email addresses
  • Dictionary words, in any language, forward and backward
  • Popular book titles, movie titles, or phrases
  • Short passwords

Additional Tips

  • Never share your password with anyone. Protect all passwords as you would protect your bank PIN.
  • Never store passwords unencrypted on your computer. Password management software is great for managing many passwords, but take great care to protect access to your password database with a strong password, access card or USB key! (Or better, a combination of these).
  • Never type your password when anyone is standing nearby.
  • Beware of phishing scams.
  • Change your password frequently.
  • Never use the same password in many places, especially online!

Why You Really Need to Stop Using Public Wi-Fi

Why You Really Need to Stop Using Public Wi-Fi
7 Unique Votes
free-wifi-not-secure2

In today’s busy world, convenience seems to outweigh consequence, especially with how people use their mobile devices.

Using free public Wi-Fi networks, for example, comes with any number of serious security risks, yet surveys show that the overwhelming majority of Americans do it anyway. In a study by privatewifi.com, a whopping three-quarters of people admitted to connecting to their personal email while on public Wi-Fi.

It isn’t hard to see that a few moments of online convenience are far outweighed by your money or financial information being stolen, or by suffering the embarrassment of your personal information being publicly released. According to a recent opinion poll, more people are leery of public Wi-Fi networks than of public toilet seats (a promising sign). But an interesting experiment, conducted at the 2016 Republican and Democratic National Conventions, showed attendees’ true colors. At each convention, private entities provided visitors with free public Wi-Fi networks (for social science purposes). Around 70% of people connected to the nonsecure Wi-Fi networks at both conferences.

Security consultants often find that sex can be an attention-grabbing metaphor to get a client’s attention. When we lecture businesspeople about cybersecurity, we compare the dangers of using public Wi-Fi to the risks of having unprotected sex. In both cases, not taking the necessary precautions can lead to lasting harm. For mobile devices, the harm is digital: the theft of your personal data, such as passwords, financial information, or private pictures or videos. You’re rolling the dice every time you log on to a free network in a coffee shop, hotel lobby, or airport lounge.

Think the problem is being exaggerated, or that cyber theft only happens to large corporations? Consider that over half of the adults in the U.S. have their personal information exposed to hackers each year. Furthermore, Verizon’s annual Data Breach Investigation Report has found that 89% of all cyber attacks involve financial or espionage motives.

There are dozens of online tutorials showing hackers how to compromise public Wi-Fi, some of them with millions of views. The most common method of attack is known as “Man in the Middle.” In this simple technique, traffic is intercepted between a user’s device and the destination by making the victim’s device think the hacker’s machine is the access point to the internet. A similar, albeit more sinister, method is called the “Evil Twin.” Here’s how it works: You log on to the free Wi-Fi in your hotel room, thinking you’re joining the hotel’s network. But somewhere nearby, a hacker is boosting a stronger Wi-Fi signal off of their laptop, tricking you into using it by labeling it with the hotel’s name. Trying to save a few bucks, and recognizing the name of the hotel, you innocently connect to the hacker’s network. As you surf the web or do your online banking, all your activity is being monitored by this stranger.

Still not convinced of the risks?

Here’s a story that should worry business travelers in particular. In 2014 experts from Kaspersky Lab uncovered a very sophisticated hacking campaign called “Dark Hotel.” Operating for more than seven years and believed to be a sophisticated economic espionage campaign by an unknown country, Dark Hotel targeted CEOs, government agencies, U.S. executives, NGOs, and other high-value targets while they were in Asia. When executives connected to their luxury hotel’s Wi-Fi network and downloaded what they believed were regular software updates, their devices were infected with malware. This malware could sit inactive and undetected for several months before being remotely accessed to obtain sensitive information on the device.

What is the best way to protect yourself against these kinds of Wi-Fi threats?

Although antivirus protection and firewalls are essential methods of cyber defense, they are useless against hackers on unsecured Wi-Fi networks. Consider the following seven security tips to keep prying eyes out of your devices:

  • Don’t use public Wi-Fi to shop online, log in to your financial institution, or access other sensitive sites — ever
  • Use a Virtual Private Network, or VPN, to create a network-within-a-network, keeping everything you do encrypted
  • Implement two-factor authentication when logging into sensitive sites, so even if malicious individuals have the passwords to your bank, social media, or email, they won’t be able to log in
  • Only visit websites with HTTPS encryption when in public places, as opposed to lesser-protected HTTP addresses
  • Turn off the automatic Wi-Fi connectivity feature on your phone, so it won’t automatically seek out hotspots
  • Monitor your Bluetooth connection when in public places to ensure others are not intercepting your transfer of data
  • Buy an unlimited data plan for your device and stop using public Wi-Fi altogether

The more you take your chances with a free network connection, the greater the likelihood that you will suffer some type of security breach. There is a saying in the cybersecurity industry that there are three types of people in the world: those who have been hacked, those who will be hacked, and those who are being hacked right now and just don’t know it yet. The better you protect yourself, the greater your chances of minimizing the potential damage. Remember: Falling victim to public Wi-Fi’s dangers is a question of when, not if.

Article original posted on: https://hbr.org/2017/05/why-you-really-need-to-stop-using-public-wi-fi.

Page 1 of 212
Maine Hosting Solutions
CART DEALS LOGIN

PLEASE FOLLOW US ON