.ORG Domain Sale – Just $6.99/yr!

Posted on November 3, 2011 by Rob

We’re delighted to announce that starting today, all .ORG domain registrations are on sale for only $6.99 per year. This pricing will continue until the end of the year.

Click Here to Register Your Domain!

.ORG domains are perfect for non-profit groups and organizations, churches, non-profit sites providing help and information, charities, and religious/spiritual sites.

OCS Solutions gives back to our community and those in need. We are happy to assist charities and non-profit organizations with their technical and Internet needs at discount, or in some cases, as time is available, for free. If you want more information, please contact us.

Free E-mails for Domains

Posted on October 13, 2011 by Rob

If you’re not taking advantage of the free e-mail account or e-mail forwarding that you receive as part of your domain registration, you’re missing out on a chance to personalize your e-mail with your domain name!

All domain names get a free POP3 e-mail account that can be accessed from e-mail programs like Microsoft Outlook® or Apple Mail®, from your iPhone®, Android®, or BlackBerry® phone, or from our advanced webmail system with a built in calendar, task list, and address book.

If you already have an e-mail address you like, you can take advantage of the free forwarding service we offer on every domain. You can forward you@yourdomain.com (for example) to any other e-mail address.

Learn more about and activate you free e-mail or forwarding service for your domain. If you don’t have a domain name through us, you can transfer your domain or register a domain for less than the competition and receive customer support second to none!

Virtual Dedicated Server Maintenance

Posted on October 4, 2011 by Rob

Most of our virtual dedicated server customers will be affected by a brief 30-minute or less maintenance on October 7th, 2011. An update to the host server software must be made that necessitates a reboot of all hosts. We will be performing the updates in a rolling fashion starting at 11 PM CDT.

Any outages you encounter should be brief and after the 11 PM mark, so please bear with us. We appreciate your understanding and patience and apologize for any inconvenience this may cause.

Preventing FTP Connection Issues

Posted on August 15, 2011 by Rob

A common issue we see in our web hosting support tickets and calls is clients accidentally triggering our anti-DoS attack prevention technology, triggering a 5 minute IP ban on their computer.

This technology helps prevent both small and large-scale attacks on our network by limiting the number of simultaneous connections from one IP address to a reasonable amount generally encountered during normal web, e-mail, and FTP traffic.

Unfortunately, the default settings on many FTP clients cause a large download or upload to make too many active connections, far more than is usually encountered in a regular FTP session, thus triggering the ban accidentally. This guide will show you how to configure your FTP client to avoid this. The examples below assume you’re using FileZilla, but the settings should be similar in other FTP clients.

In FileZilla, go to the Edit menu and click Settings, then click the Transfers section on the left hand side to bring up the following menu. In this, make sure that the maximum simultaneous transfers is set to no higher than 2, and concurrent uploads and downloads are set to 2 as well.

Filezilla Connection Settings

You’ll need to adjust one other setting in FileZilla. In the site profile you use to connect to your site, click on the Transfer Settings tab and adjust the number of simultaneous connections to no more than 2 and save the profile.

FileZilla Connection Settings

Using these settings you should not accidentally trigger our anti-DoS protection measures.

If you have any questions, please let us know.

Website Protection Scanner

Posted on July 11, 2011 by Rob

I’d like to take a moment to introduce a new service that we’re proud to roll out. Our new Website Protection Scanner service scans your website daily for security vulnerabilities and displays a secure seal that lets your visitors know that you take your website security very seriously.

The OCS Website Protection Scanner performs an initial scan on your site and checks for vulnerabilities and security issues. Once our scan is done (typically within 24 hours), we present you with a full report highlighting any issues that need attention with specific help on fixing them. If you need assistance with any particular issue, our security support team is available via phone or e-mail to give you the advice you need to fix it.

You might expect a service like this to be expensive, but the OCS Website Protection Scanner service is only $4.99 per month.

To learn more or to get started securing your site today, please contact us or visit our Website Protection Scanner page.

OCS Offices Up and Running After Tornado Event

Posted on April 28, 2011 by Rob

You may have heard about the devastation of yesterday’s tornado outbreak in Alabama. This event has killed over 200 people, injured thousands, left at least half of North Alabama without power, and destroyed and damaged countless homes.

The entire OCS staff was uninjured and we only sustained minor damage. Our thoughts go out to the families that weren’t so lucky.

Our offices were without power and Internet services for all of yesterday and most of today, but things are starting to come back up. Phone service is still very limited so the best way to reach us now is to open a ticket if you need assistance.

None of our datacenter locations were affected by the storms and continued with Internet connection and power without interruption.

Where Is Your Spell Checker, IE9?

Posted on February 13, 2011 by Rob

Microsoft didn’t invent spell checking, but it certainly made it famous. The infamous Clippy became synonymous with checking your spelling and grammar. It’s technology from the 90′s – so its definitely mature. It has been in every other major browser (Chrome, Firefox, Seamonkey, etc.) for many years. Which begs the question, where’s your spell checker, IE9?

IE9 is a leap forward for Microsoft, both in terms of user-oriented design and standards compliance. It’s not where it should be considering Microsoft has been at the browser and PC software business for longer than the other players, but its definitely getting there.

I enjoy using it on my Windows machines, but whenever I try to do any serious work with it, I find myself missing the spell checker that I take for granted in all other browsers. I know I’m not the only one to complain about this.

I know that you can get toolbars like Google’s that offer spell check, but its not seamless, and you shouldn’t have to do this to get functionality that should be in the core of the browser itself. Also, from what I remember about Google Toolbar for IE, it doesn’t automatically do a spell check – you must click the button to check the contents of forms before you submit. I would forget most of the time.

Microsoft is a great company that makes a lot of good products. The “I hate Microsoft” crowd generally isn’t well informed about all the company does and isn’t keeping an open mind in today’s fast-paced IT world. Of course, we’re a Linux-oriented company, but we do offer Windows hosting and appreciate Microsoft’s contribution to the web.

I’d appreciate them even more, and consider using IE again on my PC’s if they would implement a spell checker for IE9.

Your Domain Name Should Be Your Own

Posted on February 11, 2011 by Rob

Every month or two I help a client out with reclaiming their domain name from a previous hosting company, a disgruntled employee, or an uncooperative previous webmaster. It’s an uphill challenge that isn’t necessary to go through, and rarely has a happy ending.

I am blogging about domain registration today because I helped a client today try to get their domain transfered from their previous hosting company, but was ultimately unsuccessful. They went through months of trying to get an approval on the transfer from the previous host. They ended up registering another domain name to avoid the problem. It is a very unfortunate situation, but is completely preventable.

You can protect yourself from this hassle quite easily. Simply have your domain registered in your name, under your control. All OCS Solutions hosting customers enjoy this, and if you order your domain name from OCS Domains, you can fully control your domain – including changing your registration information (WHOIS), nameservers, DNS, and other vital data concerning your domain name anytime you wish. It’s under your complete control.

If you are an OCS hosting customer and had us register your domain for you, we’ll be glad to make changes for you at any time – just contact us. However, we can also put your domain in your own domain registration account that allows you to fully control nameservers, DNS, WHOIS info, and even transfer the domain to another registrar. If you’d like us to enable this domain registration control center for your domain(s), just let us know. We’ll be glad to do it at no charge!

If you don’t host with us, please make sure you’re in full control of your domain. If you can’t change your own nameservers or WHOIS information, contact your hosting company to see how you can do that if you wanted to. It’s an important piece of information you need to know to manage your internet property address.

Rails Vulnerability Tuesday

Posted on February 8, 2011 by Rob

Today there were four Ruby on Rails security vulnerabilities announced. In this post we’ll give you the basics on each and help you determine if you need to take action on your Ruby on Rails site to address these vulnerabilities.

If you have any questions about these vulnerabilities please contact us.

CVE-2011-0446 – Potential XSS Problem with mail_to :encode => :javascript

This vulnerably can allow an attacker to circumvent the Cross-Site Request Forgery mechanism inside Ruby on Rails.

This issue is likely to affect many 2.3.x and 3.x users, and thus we recommend applying the patch found at the above link. There are no workarounds known at this time.

CVE-2011-0449 - Filter Problems on Case-Insensitive Filesystems

This vulnerability can allow attackers to circumvent filters in your application. This can be a potentially devastating impact, but it only applies to Rails applications using Ruby on Rails 3.x (2.x or 1.x series aren’t affected) on file systems that are case-insensitive.

This means that all Rails applications hosted by OCS Solutions are presumed safe from this issue, because we use Linux and ext3/ext4 based filesystems which are case sensitive.

If you run your Rails application in production on a Windows server (thought I wouldn’t advise that anyway), you are advised to click the link above and apply the patch.

CVE-2011-0448 - Potential SQL Injection in Rails 3.0.x

This vulnerability allows an attacker to potentially perform an SQL injection on a Rails 3 application. This can be serious, and users of Rails 3.x are advised to upgrade to Rails 3.0.4 immediately. We’ll be installing Rails 3.0.4 on all of our servers over the next 2-3 days but you may use 3.0.4 immediately by freezing Rails 3.0.4 to your application and redeploying.

Note that Rails 1.x and 2.x users are unaffected by this issue.

A workaround is available as well at the above link, but given the ease of upgrade from 3.x to 3.0.4 an upgrade to 3.0.4 is recommended.

CVE-2011-0447 – CSRF Protection Bypass in Ruby on Rails

This issue allows the Cross-Site Request Forgery protection included in Ruby on Rails 2.1.x and above (including the 3.x series) to be circumvented in certain cases.

A patch has been included in the above link and all users with Rails applications using versions 2.1.x and above are encouraged to either use it or upgrade to 2.3.11 (if you’re using the 2.x series) or 3.0.4 (if you’re using the 3.x series). We’ll be installing these versions on our servers over the next 2-3 days but you may use these new versions immediately by freezing 2.3.11 or 3.0.4 to your application and redeploying.

Replying on Top in Mozilla Thunderbird

Posted on February 7, 2011 by Rob

We have many clients that use Mozilla Thunderbird for their e-mail, and one of the most frequent questions we receive on using it is how to always make your reply start on the top of your quoted message instead of the bottom.

This used to be a lot more complicated to set up, but in Thunderbird 3.1 it’s quite easy. If you’re using an older version, we recommend you upgrade first. By having the most up to date version of Thunderbird you’ll be running the most stable, secure copy, and enjoy some new features as well, including tabbed e-mail viewing. The instructions below are for the latest version as of this writing, version 3.1.

To begin, start Thunderbird and go to the Tools menu and choose Account Settings. Click on Composition & Addressing under the account that corresponds to your e-mail address. On this tab, you’ll want to set the options as described below:

Make sure Automatically quote the original message when replying is checked and pick start my reply above the quote in the next selection box. It is recommended to put your signature at the bottom of the quote for readability. Click OK when done.

You’ll have to repeat this step for other e-mail accounts if you have more than one added to Thunderbird.

Under the Digital Cloud

Perspectives from the staff at OCS Solutions