SiteGround Blog

Killing SSL SHA-1 Certificates And Making The Web A Safer Place

Recently PayPal has sent emails to many of its users informing them that SSL upgrades will be performed on their servers and SHA-1 certificates will be upgraded to SHA-256. Some people got confused what they should do when receiving these emails, as the mail that PayPal sent and the blog post they shared, giving more details to the users contain very technical information. Hence, we would like to explain to our customers how end users will be affected from the changes that PayPal makes and what they have to do.

DreamBuilding With Care

Our Customer Care department just had its biggest and longest team building event ever. We went to the sea side and spent 3 totally amazing days together. As always - we would like to share our experience with you.

Affiliate Success Tips Part #3: An interview with Zac Johnson

Our third interview from the Affiliate Interviews series features Zac Johnson - a veteran, highly experienced blogger and affiliate marketer. Zac runs a number of websites on blogging and making money online, as well as a podcast where he interviews some of the most successful entrepreneurs online. Zac’s success is mostly thanks to his great content strategy and persistent outreach and content promotion. Read his interview to learn more on how that helps him become such a successful affiliate.

Techies @work, techies @fun… Techies @SiteGround unite

When I joined SiteGround 7 years ago, we were about 50 people and I recall that in just two weeks I had met and talked to everyone in the company. Seven years later, we have 5 offices in 3 different cities in Bulgaria only, and more and more people are starting to work remotely for the company. Until last week, I had never seen some of my new colleagues from the technical support and system administration departments.

Case Study: It Pays off to Focus on Core Business and Entrust Customers’ Hosting to Professionals

A few months ago the website design and development company IvyCat approached us with a serious problem. Their business suffered, team morale was low and customer happiness was at risk. They couldn't handle their hosting business alone anymore and needed professional help. Today we are happy to share their success story and the path we walked together to reach it.

Affiliate Success Tips Part #2: An interview with Ryan Sullivan

We’ve received some fantastic feedback after our first affiliate success tips interview and today I’m pleased to share the second conversation from the series with Ryan Sullivan. Ryan is the founder and CEO of WP Site Care - a service company offering expert WordPress maintenance and hands-on support work. Web hosting is complimentary to their business and Ryan goes on to share why recommending reliable hosting providers is important for their client retention and how this helps their revenue growth. We hope that Ryan’s story will inspire more WordPress product and service companies to provide better value by making educated recommendations for their users, and ultimately increase their earnings. Now read on to discover how this model has worked out for WP Site Care.

The SuperCacher Plugin for WordPress (SG CachePress) Just Got an Update

Those of you who are using our caching system, the SuperCacher, to boost the speed of their WordPress sites have probably already noticed that we've released an update for the plugin. Although we regularly maintain the extension and keep it up-to-date, this update adds some features with new and useful functionality. They can help you manage better your site.

WordPress 4.2.3 Security Update Applied

The latest WordPress update is live since yesterday. For those of you who have opted in to our AutoUpdater or have enabled the WordPress internal system for automatic updates it should be now ready to use! Check out the official release notes for detailed information about the update and read on to see what we've done to further protect our customers.

Affiliate Success Tips Part #1: An interview with Jonathan Griffin

Last month we announced a new initiative with affiliate interviews to help our partners be even more successful, and today I’m pleased to share the first interview from our series. Jonathan Griffin is one of the most active content creators on our program. He has been blogging actively since 2011 and maintains the website His website is the authority source for hosting industry news, where he analyzes the hosting industry development, writes reviews, and provides supplementary content like tutorials and guides. As you’ll see from our conversation, he has some amazing insights into content marketing and why you should adopt it too.

SiteGround Launched A Free Drupal Demo

We're happy to announce that SiteGround is now one of the few companies selected by the Drupal Association to provide a hosted Drupal Demo! We've created a special free Drupal demo, that allows you to check out the great features in the application in a real hosting environment. Read more to find out what this demo has to offer and what we've done to make it work nice and smooth for you. Easy Start with Drupal The Drupal Demo gives you a fast and easy access to all the features of the Drupal CMS. Just fill in the short signup form, and you are ready to go. Once you press the big blue Start Demo button, you will get a fully-functional Drupal pre-installed on your account that you can modify, add your content, install modules and themes, and basically use the full power of the application. Responsive Drupal Theme The Drupal Demo installation comes with a fancy responsive theme, designed by SiteGround and free to use by all SiteGround clients, as well as a few modules on top of the default installation. The theme, created by our design team works great with the Panels module for Drupal. It allows you to easily create and modify your layouts and reorganize content simply using its drag-and-drop functionality. Simply login to your new Drupal demo, open the page you want to edit and click on the Customize this Page link that will appear at the bottom. Once you do that, you will be able to move the different elements of the page and show them in the best possible way for your needs! Powerful Drupal Management Tools You can easily manage your Drupal through its fully-featured admin panel, or use the hosting account extras such as FTP, SSH and Drush (the powerful and super useful command-line interface designed especially for Drupal and pre-installed on your SiteGround hosting account). With those tools in hand, you can easily add, remove and modify your content. It's Completely Free The great thing about this demo is that it's absolutely free for 7 days. No credit card is required for the sign-up process. If you want to keep your Drupal site after the demo period is over, you can easily keep all your work by renewing your hosting account from your User area. The post SiteGround Launched A Free Drupal Demo appeared first on The SiteGround Blog.

Improved and More Detailed Account Statistics

Having access to detailed statistics about your account usage makes it way easier to troubleshoot any issues you may have, pinpoint parts of your website that slow it down, or check whether your site is getting popular instead of getting spammed. Until now, our clients could have obtained this information from a few different places, but never on one page organized in a convenient way. We now have deployed a new and more detailed version of our account statistics system for your convenience. Where to access the new stats? The detailed account statistics are located in your cPanel – look for the Detailed Stats button in the left column of your cPanel. It will take you to a brand new page that's separated into two tabs. Each one of them provides different type of information about your account and the domain names you have in it. Account Executions and Scripts Stats In this tab, you will find information for your entire account no matter how many parked or addon domains you have associated with it. There are two things you can see on this page - a graph that shows your CPU usage and account executions, and the top ten most executed scripts for your account. This tab shows you at a glance which scripts are hit most often for your entire account. For example, if you're reaching the number of hits limitation for that account, it's really easy to see which particular script is causing this - it can be a malfunctioning plugin, theme or something like the WordPress heartbeat issue. Whatever it is - you will be able to troubleshoot it way faster and easier. Domain Hit Stats In this tab, the information you receive is grouped by the domain names you have associated with your account. Since especially the higher plans give a lot of resources, and many people are using them to host more than one website, it's very useful to see how each domain is performing. Once you select the domain from the drop-down list (they are sorted by the number of hits they get per month) you will get the following information: Page URL - a list of the ten most-visited pages on that domain name. This data is a great way to check which parts of your site take most resources. IP Addresses - a list of the IP addresses that have visited your site most often. Useful to see if someone is trying to brute-force your site or spam it. User Agent - what are the most popular user agents that visit your site. Especially convenient to detect and block spam bots. Enjoy! The post Improved and More Detailed Account Statistics appeared first on The SiteGround Blog.

SiteGround SuperCacher Now Running on NGINX with SSL Support!

Since we launched our SuperCacher system back in 2012 it has undergone many changes, but never as big as this one! Although the interface in your cPanel and WordPress/Joomla/Drupal extension looks and feels the same, under the hood we've practically replaced the engine of the service switching from Varnish to NGINX. Why replace Varnish with NGINX? We built our SuperCacher on top of Varnish because at the time that was the most flexible and robust solution that could accommodate the diverse needs of the websites we host. It allowed us to provide caching for various different apps and website configurations. Also, since we use Apache as a web server, that was the most clean and stable implementation possible. At that time, we were among the first companies to have a reverse proxy service for our customers with an easy to use interface, and the option to exclude URLs from the cache without having to contact the hosting company. However, few years later, we've started experiencing some limitations to the configurability of this system. One of the major downsides of Varnish is the inability to cache https requests. Furthermore, the project leaders stated officially there are no plans to add this functionality. Needless to say, with Google announcing that they will rank sites with SSL certificates better and the great growth in E-commerce sites we host, the inability to cache pages over https became an issue. On the other hand, the NGINX technology has great SSL support and offers numerous speed and stability improvements which naturally led us to its adoption. What’s in there for you? The switch from Varnish to NGINX brings to you two main benefits: SSL Support Until now, our SuperCacher wasn't serving cached content to any https requests. This means that all encrypted pages on your site were 100% dynamic. For example, if you force your SSL certificate to be used on every page of your site, this means that you've practically disabled the SuperCacher. Now, with NGINX we can and do cache those pages (if you have the SuperCacher enabled). However, there are pages that should not be cached at all - checkout, shopping cart, profile pages, etc. Shopping carts are most vulnerable to such issues because they store a lot more sensible information than a regular news or blog website. That's why we've added rules to our configuration that exclude those pages from the cache. Although we've covered all the popular extensions for online stores, we recommend that you exclude those pages manually from the SuperCacher plugin configuration just as an extra precaution. To sum up, you can now force your entire site through SSL even if it's not an online store and rest assured that it will be super fast and stable without having to do any reconfiguration to the SuperCacher. Improved Performance and Stability To begin with, it's much easier on our end to manage, update and secure an NGINX reverse proxy. The service is even more stable than Varnish and needs less custom coding in order to work great for SiteGround customers. This allows our administrators to easily update and keep the service as secure as possible. In addition to that, with NGINX we've enabled SPDY for the SuperCacher users. This and the difference in the service architecture itself results in even better performance than the one we've been getting out of Varnish. Practically, this means that some of your sites (it really depends on the particular page) can load even faster. How did we migrate from Varnish to NGINX? As usual, we didn't want to interrupt our customers' workflow or cause any downtime whatsoever with the changes we're doing. That is why we've done the switch in a few steps. First, we launched a new version of the SuperCacher plugin for the supported applications. We gave our customers enough time to update to the new plugin version. Meanwhile, our technical departments were doing final tests of the service. Once we detected that almost all our customers use the latest SuperCacher application extension, we started switching Varnish with NGINX on our servers. At this point the SSL cache was not enabled yet. We wanted to be 100% sure that everything is working fine before introducing this change. As usual, we didn't push it on all our servers at the same time but gradually increased the number of servers with the new configuration. I am happy to say that we didn't have any major issues during that process and it went as smooth as possible! Finally, we enabled the caching for SSL pages. Again, no plugin update or any configuration was needed for this - it just works out of the box. So if you have an SSL certificate on your website and the SuperCacher enabled - just sit back and enjoy the improved performance of your website! The post SiteGround SuperCacher Now Running on NGINX with SSL Support! appeared first on The SiteGround Blog.

New Initiative: Exclusive Interviews with Successful Affiliates

We are firm believers in empowering our affiliates and are committed to provide you with the tools and knowledge to be a successful SiteGround ambassador. We know that affiliate marketing has its own secrets and requires a lot of effort, time and dedication for you to be good at it. This is why we have decided to start yet another campaign, save you some of that learning effort and help you become a better affiliate. Over the course of four consecutive months, we will interview four inspiring SiteGround affiliates with very different profiles and approaches to affiliate marketing, and ask them what makes them successful. We’ll share their stories in our blog so that all of you can enjoy, get inspired and learn from them. The Interviewees Ryan Sullivan Ryan runs - a paid WordPress support service. He has created a comparison between hosting providers focused on speed performance. Ryan also provides personal recommendation of a host depending on client’s individual needs. Jonathan Griffin Jonathan’s blog - features news about different hosting providers and a lot of SEO articles. He writes a lot about SiteGround and has featured us as his most recommended provider. Malte Helmhold Malte is a developer who rocks WordPress but has an even greater affection for Drupal. He works as a freelancer and has created a lot of YouTube videos where he promotes and recommends SiteGround: Zac Johnson Zac is an affiliate marketing veteran and is currently focused on teaching bloggers, affiliates, and entrepreneurs how to make money online through He features SiteGround in his how to start a blog website and on his podcast. Ask Your Most Pressing Questions Besides the chance to learn from them, you will also get the chance to ask our inspiring affiliates a question yourself! Some of the best questions that you send us will be asked and answered in the interviews and ….could win you $100 affiliate bonus! Please send your questions to affiliates at siteground dot com not later than June 23, 2015 and let’s make the most of the know-how and enthusiasm of our interviewees. The post New Initiative: Exclusive Interviews with Successful Affiliates appeared first on The SiteGround Blog.

SiteGround SuperCacher for Drupal

Our SuperCacher has been around for several years now. It is an easy-to-use, yet powerful tool, which helps our customers improve the performance and loading speed of their websites. We are happy to announce that its most effective option – the dynamic cache, is now available for our Drupal users as well. How Does it Work? The dynamic cache option in our SuperCacher is based on a reverse proxy technology (currently NGINX). This means that once a page from your website is visited, it is stored in the RAM of your server. This way, when someone tries to visit the same page again, it will not be served by the much slower physical web server. Instead, it will be instantly displayed directly from the RAM. In addition to making your site loading time better, the reverse proxy also decreases the number of server requests that your website generates and this allows you to accommodate more traffic, while using more basic and affordable hosting plans. Sounds great, right? Faster sites that cost less to host! The tricky part in dynamic caching, however, is to purge the cache whenever there is a change in your website’s content. For example, you want all user comments to be displayed instantly and you want the change you just made to become visible to the world right away, without the need to purge the cache manually. To make sure the cache is cleared automatically each time there is a change in your Drupal site content we've developed our own Drupal module that will take care of that. How Fast is It? The SuperCacher will significantly improve the loading speed of your website especially if you have large, dynamic pages. It eliminates the time that the PHP service requires to compile your output, as well as the time necessary for all MySQL queries to take place. The speed improvement, however, will vary depending on the particular structure of your website. For instance, a sample article with only a few paragraphs and an image that would load for approximately 0.8 seconds without the dynamic caching, starts loading for 0.5s after the service is enabled. For bigger pages, the difference is even more noticeable. As someone, who spends a great deal of time optimizing websites for speed, my advice would be to benchmark your website, enable the dynamic SuperCacher for Drupal and then benchmark it again. You can do this with performance tools like GTMetrix and Pingdom. Should You Use It? Definitely! We've made the SuperCacher activation so easy and straightforward that it takes no more than a couple of minutes to enable it on your website. Check out our SuperCacher for Drupal Tutorial for more detailed information on how to install, enable and configure it. The post SiteGround SuperCacher for Drupal appeared first on The SiteGround Blog.

SiteGround at DrupalCon LA

SiteGround has been sponsoring and attending lots of community events over the last few years. However, it was more likely to meet us at a WordCamp or a JoomlaDay, than at a Drupal event. So it may have come as a surprise to some people to see us at DrupalCon LA but there was a good reason for us to be there – the growing number of Drupal users we have. Why did we visit a DrupalCon? As many of you know, SiteGround has been actively involved with various open source communities. Lately, the majority of our efforts were concentrated on Joomla and WordPress. This has come as a natural reaction to the growing number of clients using these projects on our platform. To respond to the needs of a wider range of users from these communities, including more advanced developers as well, we have added features like staging, GIT integration, command line interfaces, caching, CDN and more to our hosting offer. As an expected result we have seen a great adoption of our hosting services among Joomla and WordPress developers. However, we have also detected a more unexpected outcome – a steadily growing number of Drupal users. Many of them were also enjoying our more geeky features like the GIT integration and Drush. The recently added Drupal caching solution has also been accepted quite well. We realized that our efforts to make our product more appealing to the members of WordPress and Joomla communities has also made it more appealing to other communities, like Drupal. And again, it’s a circle - with the growing number of Drupal users, we inevitably need to keep our platform optimized for their needs too. To do this effectively, we need to keep a close track of the Drupal development, hence we need to be more involved with the community and find out what’s happening there from the source. Where better to do that than at DrupalCon LA, which attracts thousands of hard-core Drupal lovers! What did we do at DrupalCon LA? DrupalCon LA was a 5-day event so we had the time to do quite a lot. We had a booth and we sponsored one of the coffee breaks and one of the lunch breaks. That gave us the opportunity to meet and greet quite a significant number of Drupal users and to hear their stories and hosting needs. We would like to thank all who stopped by our booth and took time to chat with us. Chatting with you live helps shape the future of our product development. We also learned a lot about the project, the community, the key people behind Drupal throughout the years and their contributions, and the exciting new features that are now part of Drupal 8. Last but not least, we saw how we can be helpful to the development of the Drupal Project. If you know us, you are probably aware that we don’t like spending money without knowing exactly what kind of results we're gonna get. That is why I would like to highlight the Drupal 8 Accelerate Program and the amazing results it has already achieved in helping decrease the critical vulnerabilities in Drupal 8. The results looked so promising, that SiteGround made its contribution as well (we donated $5000 to the program), trusting it will make the Drupal 8 release a done deal in September. We urge you all to contribute as well and be part of that process. Special Acknowledgements to the Drupal Association One thing that really impressed me was how well the event was organized and how involved attendees were. Much to our amazement, 400 people joined the developers sprints on Friday, working hard on the project the full day! It seems that the Drupal Association should be given credit for all that. They are doing a great job energizing the community and keeping the spark by coming up with great (and funny) ideas like that: “Snow Beauty and the 101 Mermaids of Notre DOM - a musical Drupalventure”, credits to Jeffrey A. McGuire for the video. What’s next for SiteGround + Drupal? As stated above, we plan to cater the needs of the Drupal users who have already chosen our hosting and to develop our Drupal service even further. Thanks to your trust we are motivated to take a more active role in the Drupal ecosystem. So get ready to hear a lot more about SiteGround in the context of Drupal and to also see us at the next DrupalCon (Barcelona) in September. The post SiteGround at DrupalCon LA appeared first on The SiteGround Blog.

HHVM Now Available on SiteGround Cloud Hosting Accounts

We're happy to announce that HHVM is now being added as an option to our Cloud hosting platform. HHVM is a great technology that uses a just-in-time compilation approach to achieve superior speed when handling PHP scripts and thus makes PHP-based websites faster. Why should you consider using HHVM? One word - speed. HHVM is considerably faster than every 5.x PHP currently available. There are a lot of in-depth performance tests of HHVM versus different PHP versions floating around showing this result. I really don't want to repeat any of those, but just to give you an idea about the performance boost you can get, I've done a simple and quick test. First, I measured the loading time for the dynamic part of a default WordPress installation with a lot of sample data and the twentyfifteen theme, and the result was approximately 400ms with PHP 5.6. Then, I switched the very same application to use HHVM and that time dropped down to about 200ms. This means that the dynamic part of the loading process was approximately twice faster with HHVM.  It should be also noted that this test was done when the dynamic cache was switched off. If you already use dynamic cache, enabling HHVM will probably not have a dramatic effect on the pages of your site that are cached, simply because their loading no longer relies on the speed of the PHP handling. However, HHVM will improve the speed for the parts of your site that are not suitable for dynamic caching, for example your WordPress administrative area, your shopping cart pages, etc.  So for best speed results we recommend using both technologies together. Using HHVM on SiteGround All new cloud accounts will be setup from now on to include HHVM as an option. We will soon add the technology to all existing Linux container based Cloud accounts too. The HHVM can be activated through a new tab in our SuperCacher tool in the cPanel as explained in our HHVM tutorial. The post HHVM Now Available on SiteGround Cloud Hosting Accounts appeared first on The SiteGround Blog.

Venom Vulnerability and SiteGround Cloud and VPS Accounts

A serious security issue in one of the world's most popular machine emulator and virtualizer QEMU, used by the most popular virtualization systems - KVM, Xen and others has been discovered. The so-called Venom attack allows an user with root access to his/her virtual machine to gain root access to the entire host node under special circumstances. An official patch of for qemu-kvm has already been released and it fixes the vulnerability. How This Affects SiteGround Customers? As we wrote in a blog post in January, we have switched our former VPS service to a new cloud hosting platform running on Linux containers. This platform does not use KVM or any other virtualization method, as it is based on Linux containers, which means that all SiteGround customers that launched their cloud plan after January 21st 2015, are not affected in any way by this vulnerability. However, our VPS and Cloud accounts ordered before the launch of our new container-based service are still using the KVM-based virtualization. The good news is that in order to gain root access to a VPS node, the attacker needs root access to at least one of the virtual machines on this node. For security reasons that now pay off, we do not provide such access to our VPS and cloud users. This means that even if you are on a SiteGround KVM-based machine, we've still got you covered. Nevertheless, the vulnerability exists and it has to be patched. This is why our security team have been working around the clock since the exploit has been announced. The official patch has been tested and we're currently deploying it on all KVM-based accounts that we have. The patch requires a reboot of the virtual machine in order to be applied, which will result in approximately 2 to 3 minutes downtime per account. If your account is affected by this security reboot, you will be notified in your User Area. The post Venom Vulnerability and SiteGround Cloud and VPS Accounts appeared first on The SiteGround Blog.

WordPress Core and Plugin Update Needed

Sucuri has recently announced the discovery of a XSS vulnerability that affects multiple plugins. At least 15 popular plugins are affected including Jetpack, WordPress SEO, Gravity Forms and more. At the time of the vulnerability disclosure the majority of the plugin authors have launched new versions of their plugins fixing the issues. The next day a security release of the WordPress core itself was released.  It is reported to fix several security issues too. Are SiteGround customers protected? Due to the nature of the reported vulnerabilities, we can't use our WAF (web application firewall) system to block potential exploit requests on server level. The problem resides within very commonly used functions of the app and such filter would interrupt greatly the normal functionality of your sites. That is why the solution in this case is a quick update of WordPress AND all its plugins. All SiteGround customers, who use the defaults setup of our autoupdater will have both their core and plugins automatically updated in the next few hours. If you have installed your WordPress via our 1-click installers and have not changed the autoupdate configuration you will have nothing to worry about. We will soon notify you via email and then update your WordPress core application alongside with all plugins that have new versions. All SiteGround customers, who do not use our auto-updater, but had a WordPress version higher than 3.7 should have already received a core WordPress update pushed by WordPress itself. However, this update has not changed the versions of your plugins, so it is highly recommended that you update all used plugins manually as soon as possible. Once our auto upgrade procedure is over, all WordPress accounts will be scanned and if we discover outdated and vulnerable plugins additional actions will be taken to secure them. The post WordPress Core and Plugin Update Needed appeared first on The SiteGround Blog.


Recommended Content