SiteGround Blog

SSL HeartBleed Vulnerability Patched

As some of you already know, a major vulnerability in some versions of the OpenSSL software libraries was announced two days ago. It got the fancy name “HeartBleed” and in short, allows anyone on the Internet to read the server memory protected by the vulnerable versions of the OpenSSL software and hijack your SSL’s private key. The interesting information is that not all old versions of the software are affected and there are some older and some newer ones that have it. As you should expect from SiteGround, we did not lose any time taking the proper actions under these circumstances and we immediately started patching the vulnerability. On the day the bug was announced, we reviewed how many and which of our servers were affected. Luckily, that weren’t so many servers. As of yesterday, the OpenSSL libraries on those servers are updated to the newest version, which was released with a patch for the HeartBleed vulnerability. However, as we like to be extra cautious, we decided to take some extra steps to guarantee your comfort and security. It turns out that the updated OpenSSL software will not protect you if, for example, your certificate’s private key was already stolen by hackers. We are NOT aware of any such cases on our servers, however, as we take security very seriously, we decided to re-issue with new private keys all certificates that were installed on the servers with previously vulnerable OpenSSL libraries versions. We waited for our SSL provider to confirm that they have also patched their software against the same vulnerability so we could begin the reissuance. That was confirmed today and we have now started reissuing the SSLs. No actions are expected from our customers as the reissuance will be done automatically on a server level and will not affect your website in any way. We will send an email to all customers whose certificates were reissued once we complete the process. Thank you for trusting us on this matter!

SiteGround Staging Tool Hangout – Full Record and Additional Q&A Session

Yesterday, we had an one-hour hangout about the new features we’ve added to the SiteGround Staging tool. As promised, here is a full recording of the event and answers to all the questions we couldn’t reply to live. Additional Questions and Answers Unfortunately, we couldn’t answer all the questions on the live event because we wanted to keep it within one hour. So here is a list of all the questions that remained unanswered until now Q: Paul Oaten: If I have a 1.5 or 2.5 existing Joomla! site, can I build a new 3.2 site in a staging environment and then after all content is updated in staging push it to live status? A: Yes, such migrations are quite time consuming and require a lot of testing. That’s why our staging tool is often used for Joomla migrations from one version to another. Make sure that the initial push you make is a simple one. Q: Dale Davies: How do I add this feature to my reseller accounts? A: Right now, this feature is available only on our GoGeek accounts. If any of your reseller accounts needs it, it must be upgraded to the GoGeek plan. Q: Roger Demary: Will i see the replicated files in FTP / cPanel so i can edit those? A: Yes, you can edit the replicated files (your staging copy) through FTP, the FileManager tool in your cPanel or even via SSH. Q: Paul Oaten: Do you create a new username and password or use the original one? A: Since the staging tool is replicating your live site completely, the login details for your Joomla/WordPress site are the same. Q: Russell Huntley: what about Magento ? Q: Right now the tool works only with Joomla and WordPress but we plan adding more supported apps. Magento is surely the first app on that list. Q: Enrico Giubertoni: My assumption is that the staging copy (or backup) is on a physically different web server from my site. A: No, your staging copy is generated on the same account your live site is hosted on so you can easily access and modify its files and database.

How to Bring Our Client Meetups to the Next Level?

After the success of our first Open Bar initiative in Orlando last year,  last week Tina, Daniel and I hosted the second SiteGround Open Bar in London. We were incredibly happy to see all the people that showed up to chat and have a drink with us. The fact that so many of you said that our support is second to none definitely made our evening and we got back home happy and more motivated to work even harder to keep that same level of highest quality of service. Besides the motivational boost, this event also made us think how to improve the client meetups. Not Just Hosting An interesting take from that evening for me was the conversations’ topics. The majority of the chats were related to building and growing a website. I am really glad that we were able to offer help in so many different areas that are not necessarily hosting related. We shared our knowledge on SEO, application optimizations, business development, and more. Keep it relaxed, or get more formal? At some point of the evening, one of our customers asked me if we’re going to make a presentation or some kind of a speech about our services. Although it seemed natural to do so, such a thought had never crossed my mind. Our meetups have been informal, friendly, and relaxed. Our aim has always been to hear what our customers had to say and what they cared about. It is not about making a sales pitch and buying your time with a free drink, it is about getting to know each other. However, because of this question it occurred to me that some people may need a more formal opening to start feeling comfortable. The Next Level – You Can Help So it is your say now! Is there something more we can do at these meetups, besides buying the beer and being available for a chat. It is only natural that I should ask our customers for input, as those meetups are for you. What should we do to make the SiteGround meetups more meaningful and convenient to you? Comment under this post to share your thoughts on the format and even the topics of the meetups, most convenient time to announce it, locations, and anything else that you find relevant. And just so you know, we are planning the next meetup for May in Miami so I’m looking forward to see some of you there. Stay tuned for updates on date and location!

sh404SEF Lite – free for our customers only!

We are happy to inform you that Joomla users will be able to use a lite version of one of  the most popular SEO Joomla extension sh404SEF for free as part of the Joomla installation at SiteGround. In partnership with Anything Digital we have created a custom Joomla installation that includes a preinstalled version of the extension that will make your Joomla easily generate good-looking URLs, with no numeric ids, based on your article titles. You will also be able to further customize the URLs through the sh404SEF interface. Most importantly, it will kill all duplicate content and let you conveniently set page title and meta description on per URL basis. Another option of the plugin is to optimize the URLs for some of the most popular Joomla extensions like VirtueMart, CommunityBuilder, JomSocial etc. SEF URLs option is also available in the standard Joomla installation. (To learn how to use it see this video tutorial by Brian Teeman). However, if you are one of the sh404SEF fans, you will have the opportunity to use this extension for free too. How to use sh404SEF Lite? You will be able to install it with Joomla and activate it with a click. To see more information about its configuration and usage please refer to our detailed tutorial about sh404SEF Lite.

Introducing Staging Version 2.0

Last year we launched our Staging service to make it easier for our users to follow the best site development practices. The tool was received very well by our users and we have gathered some invaluable feedback. Based on the way people were using the tool, we now add few more great new features to it. The new SiteGround Staging version currently released will provide our advanced users with more flexibility and control over the staging copies, while keeping the current basic and easy-to-use functionality intact. Read on to find out more about the new features you have at your disposal! UPDATE:If you add media to your staging copy via the WordPress admin area, some full URLs may remain like this: thus failing to render on your live site. We’re aware of that bug and it will be fixed in the next tool update. If you experience such problems, you can either fix the URLs yourself or contact our support team to fix that for you. More Control What Goes In We’ve made some awesome changes under the hood of the staging tool that cannot be noticed at first glance but are very useful for the actual development process. One of them is that we’re now checking for files outside the default application file structure and allow you to choose whether such files and folders to be added to the staging copies you create. Until now, all folders outside the application file structure weren’t included in the staging copy. It turned out, however, that many people add more folders and use them for their designs. On the other hand, people tend to store data, irrelevant to their sites in directories under their site root folder. That’s why we’re asking you whether you want to add or not such content to your staging copy. Easier Git Repository Creation The first thing you will notice in the Staging tool is that it has a new, cleaner interface with a new page for all staging copies you’ve made for each one of your sites. Here, you will find the shiny new Create a Git Repo button.  It allows you to create a new Git repository for the staging copy you have selected with a single click. You can find detailed instructions on how to use Git with your SiteGround account in our SG-Git Tutorial. Advanced Push To Live When you’re done with the changes you’ve made to your staging copy, eventually you will press the green button called Push to live. In the new version of our tool, when you do this, you will see a pop-up asking you whether you want to make an Easy Push or Advanced Push. You’re already familiar with the Easy Push – it will simply clone all the changes you’ve made to your staging copy over to your live site including both files and database changes. The Advanced Push is a completely new option available for you! When you select it, our Staging tool will compare all the files, folders and database modifications you’ve made and provide you with a list of those changes so you can choose which modifications to be pushed live. This is extremely useful, because in cases when your live site is getting a lot of visitors, comments, orders, subscriptions, you wouldn’t want to change it’s database, because you will use all the new data since the staging copy was created. And this is just one case that the Advanced Push is really useful for. Need More Information About The SiteGround Staging Tool? For detailed information on how to use the tool, check out the Staging tutorial we’ve prepared for you. In addition to that, we’re organizing a live hangout on April 1st 2014 (no joke ) that you can join here. If you have questions about the tool and the new features we’ve added to it, that’s a great place to ask them!

My SiteGround, by Kristina

Kristina, or simply Krisi as most of us call her, is one of the most experienced members of the SiteGround sales team. In 2007 she was among the first employees in our just-established second office. Right from the start, her great dedication to her work and her outstanding talent to communicate efficiently, even with the most demanding customers, stood out. Now she is the inspiring team leader of the people, who take care of all pre-sale enquiries on our live chat. First Steps in SiteGround I joined the team 7 years ago, so I guess that makes me a veteran. As a fresh graduate in Psychology, I didn’t think that I would fit in here – I thought web-hosting was all about computers, servers and programs. Well, it turned out that being a part of the Sales team means not only to have knowledge of the service, but also the ability to actually communicate with the customers and know their needs. That’s the point when I truly appreciated my diploma – being able to understand the question behind the question is an art. The Team What makes the big difference, are the people. Everyone I’ve worked with so far, starting from the senior management to our newest recruits and trainees, is nothing short of unique and their willingness for both improvement and fun is second to none. I would like to thank them all for being so supportive and understanding- thank you guys, not for being just colleagues, but friends Conferences and Events One thing I’m always looking with enthusiasm to – all those events that we participate and/or sponsor. It is great to actually see the people, with whom you are working on their projects. Not only this, but you also a get chance to share experience and more importantly – to have a bit of fun while off-duty Charities You probably do not know, but all our teams, including the top-level managers, participate in various charities every year. Recently, we took part in the “Spare Change” campaign – everyone got rid of their nickels and dimes and all the money went to underprivilleged children. Last year our CEO offered scholarships to several children of enterprise from a local orphanage. Every single member of our staff participated in this program, so one could only be beaming with pride at the opportunity to work with people showing both such compassion and professionalism.

My SiteGround, by Valentin

At SiteGround Valentin is the man who follows all possible security bulletins on the net. He is involved in almost any of the server level fixes we apply when a vulnerability in an application like Joomla, WordPress, or any of the hundreds others used on our servers appear. And if you expect a man like that to have a heart of steel and care only about technology, you would be surprised. Do not miss the very personal and touching story about Valentin’s SiteGround! Love makes the world go round! I started working @ SiteGround in 2006 in the newly opened customer care office. After a year and a half working in the technical support department I… well, fell in love with an undisclosed colleague of mine. The problem was that she worked in the headquarters, 100 miles away. I asked to be moved to the SiteGround main office and work from there. Well, you know, love made people do crazy things! The initial answer was: “This is not possible”. Giving Tenko the exact reason why I needed to move, he started stuttering on the phone saying: “Well that changes things entirely. Will call you back.” And in less than a month after that I moved to the SiteGround head office. People at SiteGround really do understand people. Always dig deeper! After working as a technical support for 2 years, solving good amount of issues I learned how the system works. In depth. Then I moved to the Sysadmin team and dug even deeper. One year later I was transferred to the SiteGround operations team, where I still am in charge of security and of many other things. I am glad to have worked with all the people along the way and am sorry for all issues we caused during the years And I have an important security hint for all SiteGround customers: Do not ever disable mod_security protection for your web site entirely. If a rule is not compatible with your web site, disable that and that rule only. Customer care – defined! During the years at SiteGround I learned what real customer service is. The quality of the support has been a central value for SiteGround since its foundation, it has been developed during the years and enforced on a daily basis by handling each client’s issue the “SiteGround way”. My personal problem with being accustomed to such a high standard is that I have started to expect the same level of service everywhere… and as you can imagine I seldom find that elsewhere It is all about the people! SiteGround is a great place to work at and I really love my job there (except being called at 3AM for emergencies; but disasters happen and this is part of the job). I can learn and share, I can invent and develop, I can argue and fight if needed. There is a specific spirit and a mind-set around, because people do care. My SiteGround… well it is all about the people: the ones that trust us with their websites, the ones that work side by side with me, the ones that I learn from and the ones I love. Thank you all for being around! And another very important thing: besides being extremely dedicated and professional, SiteGround people are true party “animals/monsters” as well. I still can’t believe how much fun it is to be around the people working here. Don’t believe me? Well, catch them at a conference around the globe and test them yourself!

My SiteGround, by Valeri

Val is one of the most experienced people in our support team. Currently, you will seldom see him closing a ticket, as most of his time is dedicated to the training of our ever growing support team! Learning and Sharing The reason I love my work! Each day I’m learning something new, improving myself and getting better and better at what I do. This would not have been possible without the team, and I would like to thank them all for being so patient with me. And on top of that at SiteGround we have a great organizational culture of sharing the knowledge inside and outside the company. Various trainings and webinars are organized both for colleagues and customers. Resources like tutorials, knowledge base and plugins, which are based on our years of experience are realeased for free general public usage. The opening of 2nd SiteGround office in my hometown! At the beginning of my work career I needed to relocate and this was a tough decision, as I truly loved my hometown. Few years later I started working for SiteGround and it was a great place to be. But what made it really special was the fact that in 2006, the company decided to open a new office location. And guess where it was? – my own hometown!  Needless to say, I was among the first ‘settlers’  there The company sponsored vacations Each year we organize summer and winter company sponsored vacations for the staff and their families. I will just say that I’m writing this sitting in a cozy hotel room, some 100m away from the ski slopes. Aside from the parties and the team building my colleagues have mentioned in the previous posts of the series, these vacations are another great opportunity to have fun with your colleagues and get to know them better outside the work environment. The ever growing team And again, as the other SiteGrounders have said, when it comes to doing real work it is the team that is most important. Back in time, when I started working at SiteGround we were just a few people. We are more than 100 now and I’m grateful that I have the opportunity to work with each one of them.

My SiteGround, by Milena

Here goes Milena: the person, who takes care of the SiteGround billing, finance, office administration and generally of all of us since the company exists! Milena’s disclaimer: it’s never fair to have anyone talk/write after Lili and Mihail. I always enjoy listening to what they have to say, but then everyone expects the next person to be even funnier, which considering Lili’s insights and the dev fun is quite impossible. My First Billing Task My first significant memory of SiteGround dates back to its first anniversary. I had just graduated from college and even though I’d been with the team for more than a year, I was working on some side projects. At that point it was decided that we needed a dedicated person to take care of all things billing. Guess who? And my first task was to take over and optimize the sending of the renewal reminder, which Lily had been manually mailing for the previous few weeks. The New Office I was not really supposed to be greatly involved with the setup of our new office. Well, I did suggest the location, and most of the team were not so happy about that, but apart from approving the space for my department and giving the “I like” on design, I thought I would be spared the trouble. As it turned out I had to be more involved, but it was actually fun. Especially enjoyable was when the carpeting got fixed and I could walk barefooted around the empty office. The 3pm Sugar Frenzy At the office we have this tradition of celebrating important (or not) personal events with some treats for the whole team at 3pm. I really enjoy it when I get an email with the familiar subject “Cake!!! Kitchen 3pm“, birthdays, name days, new cars purchased, new apartments, babies born, or for simply no specific reason – you name it. It’s really fun sometimes, when several occasions overlap and we end up with enough cake in the fridge to last for a week. We constantly joke how we should stop the sugar frenzy and start on something healthier, but the next day someone asks – isn’t there any cake left. The Cartoons The cartoons were some of the best office Christmas gifts ever! I actually knew we were going to get cartoons and was even asked to think about something specific for the other managers that would suit a cartoon. Yet, I had no idea how gorgeous they would turn out to be. The guys really nailed mine, as I often feel like a multi-armed alien trying to juggle things around. The SiteGround Parties We often boast how we like to party. But no one is better at that than our Sales and Customer Service Team (sorry guys from other teams – while you are also great fun, they excel). Nowadays I rarely get the chance to party with “the Sales” (as we call them for short), but then, there are so many of them now, that simply matching names and faces is an achievement. Yet, those guys and girls surely know how it’s done. Waiting for the Birthday party guys! The Do-it-yourself Approach That’s another SiteGround special trait that we really take at heart. If it can be done in-house, and done well, we do it. Office life makes no difference to the rule. Back at the old office we used to change rooms at least once per year and I had real fun taking my desk apart and then assembling it once again. THE Team I left that as a last, but it really sums up what makes the SG experience for me. My SiteGround favorite is the SiteGround team – all those people who make up the incredible experience of working at SiteGround and helping me get rid of the case of Mondays as soon as I get ready to head to the office for the start of the week. Thank you, SiteGround!

We now have a Responsible Disclosure Policy!

Ever since I started working for SiteGround I have been really impressed with the effort that goes into protecting the data security of the company and (ultimately) the user. There’s virtually no action taken and no line of code written that are not thought through from the security perspective first. With this level of commitment vulnerabilities in our systems are rare. However, when they appear there is no way to guarantee we’d be the first to spot them. It is a blessing that we have a community of thousands of happy customers, including some computer security researchers among them. During the years we had several vulnerability cases reported by customers. However, so far there was no structured way to report a security issue to us. To make up for this we are now setting up a formal Responsible Disclosure Policy. What is a responsible disclosure policy? Typically, a responsible disclosure policy lays out the rights and responsibilities of both providers and users, regarding the reporting of bugs and vulnerabilities. The service provider agrees to acknowledge the vulnerability, fix it, and refrain from legal action against a party disclosing it responsibly, while the entity that discovered the issue agrees to keep it private until the provider has fixed the problem. Why we need it? Have you ever heard of another shared hosting provider that has a responsible disclosure policy? I bet you have not. Usually, shared hosts do not produce a lot of custom software. They use ready-made solutions and they rely heavily on the vendors, providing these solutions, to fix any security issues that appear. Well, the case with SiteGround is completely different. Guided by our handmade philosophy we have heavily modified most of the software we use and we have created multiple custom software solutions. This gives us greater freedom, but also brings greater responsibility. We have always welcomed people that are willing to share any issue they have found in our systems. Launching our official responsible disclosure policy now is a way to announce publicly this approach and provide people with a clear structure. What to do if you find a vulnerability? If you suspect you might have discovered a vulnerability in our services, or the third-party software we use, our Responsible Disclosure Policy is your go-to place. The policy lays out the basics of how to test responsibly; what to do if you think you have discovered a bug; and how to report it. It also outlines our commitment to responding responsibly to your report – by acknowledging and fixing the vulnerability as quickly as possible. Our promise is that if you report a legitimate vulnerability and do not wish to remain anonymous, we will mention you in the “Honor roll” and put a link to your social media profile/company website/personal blog. We are always on the lookout to improve our services even further and we hope this step allows us to make them even more secure for our customers. As always, we would be happy to hear your comments and suggestions, regarding the Responsible Disclosure Policy or improving the security of our services in general. Please post them in the comments.

My SiteGround, by Mihail

Here go the personal top 6 of Mihail, the head of SiteGround Development department, who has started working at SiteGround 10 years ago. Back then, he not only developed the first version of our CRM and all the backend systems of the website but was also providing technical support to the first customers! Get ready for some real fun… The Killer Code movie I should say that the software development team of SiteGround consists of rather unique personalities. Along with guitar and electric base players, we’ve got a classic music composer and pianist, and a person with inclination to video, 3D and photography. So one December morning we decided to make a little surprise for our colleagues and our visual-arts-talented guy put up a nice photo-collage with music and some 3D rendered images to present the department’s work for the year. The next year this idea evolved to a short 10-min video with special effects and 3D animation.  Last year we went ‘professional’, armed with much better equipment, did a casting for actors among the company staff, and shot a 20-min thriller/comedy flick called ‘Killer Code’. It was awesome fun! The beer server Few years back I had a wager with one of the owners and the prize was getting a draft beer installation. He kind of forgot about it but I kept reminding him persistently in an interesting way: Each time he would ask why some software feature, which we had not implemented yet, does not work I would say ‘Because the beer server was not functional’. He finally got tired of it and got us our beer server. It’s really one of the greatest social benefits for me, since we get to drink fresh German or Czech beer on tap every day! The ‘SiteGround got talent’ casting I mentioned the musical-inclined hobbies of my co-workers from the development squad before, so the story was that three of us decided to form a band: we had a base player, an electric guitar enthusiast, and a keyboard master, but none of us possessed a slight singing ability. So we decided to perform a casting for a singer as part of one of our team-building events. We hadn’t had so much fun in ages: we laughed till we cried at most of the performances. The anti-tank gun I am personally interested in military history with a focus on military vehicles and equipment. One day the marketing department had all these huge carton boxes and cylinders from ad materials all over the hall in the office, and we recalled our childhood making knight’s armour from boxes. Then we decided to scale this up to modern times and put up something like a full-scale model of a German WW2 anti-tank gun (more or less like the Pak 38). I got a pair of tires and a rod to put them on, as well as a base made out of a floor board, then we put up everything else together. We even got it a camouflage cloth cover and sprayed the whole thing in army green, brown and black to make it look cool. The barrel was mounted so that it can move back and forth to fake a recoil upon firing. It even had a closing chamber and could fire with compressed-air confetti canisters. We got to fire it on one of the Christmas parties: it was a blast – we damaged some of the ceiling tiles and had confetti all over the hall. The PHP conferences and our PHP User Group Thanks to SiteGround my colleagues and I get sent to conferences all over the world pretty often. I really enjoy meeting with fellow developers, learning cool new stuff and having fun while doing it. At one of the ZendCon meetings we were chatting with Michelangelo van Dam – a prominent figure in the PHP community, organizing a lot of events (like the very cool PHP Benelux conference) – and came up with the idea to organize a PHP user group in Bulgaria. We started it last fall and have had two conference-like meetings so far. The group is picking up speed and has around 240 members so far. We prepare presentations and tutorials in which we share interesting new tools and techniques with the community. I really enjoy these meetings. … and, most of all, THE DEV TEAM: I love the people I work with – my team: Lubo Anev, Georgi Penkov, Georgi Velev, Bisser Todorov, and last, but not least, our software quality officer: Lubo Todorov. They are the coolest bunch of idiots (in the most positive meaning of the word possible) I’ve ever met! I have the pleasure and honor of working and having fun with them every day. I enjoy this wise saying (by Confucius) that if you choose a job you love, you will never have to work a day in your life. My addition to it would be that this only holds true if the people you work with, especially those you rely on to get the job done, are just as good. If you love your team you can hardly go wrong.

My SiteGround

SiteGround is turning 10 in March. That is why I will ask some of the people that have been working for most of these years at the company to share their personal top SiteGround achievements/ events/ experiences/ initiatives/ projects/ etc. They will be posted here in the blog in the following weeks. To pave the way I share below my own personal SiteGround top 7: The SiteGround name Choosing the name was great fun. We made an internal game. Each of us wrote down his/her suggestions and then each person voted for the one s/he liked best. SiteGround, which was one of my suggestions, won the vote over a fierce competition including suggestions like and The first team building This was the time, when the company was no longer just few close friends from college. We had grown, and it was great to see other people getting inspired by the same idea, sharing the same values and having great fun together. The learning Each day I learn something new from the people I work with. I also hope that each day another SiteGrounder learns something new from me. Coming back from the maternity leave How could you not love a company, that lets you dedicate fully a year and a half to your child and then come back as if you have left yesterday! The 1H project was the big project I was involved with right after my maternity leave. It made me realize how much SiteGround’s approach to web hosting technology had evolved, and how much better it actually was than what other companies were doing at the time. JoomlaDays and WordCamps I guess this was one of the best things we have started in the last 3 years. Sponsoring and visiting JoomlaDays and WordCamps is inspiring, enriching, exciting, rewarding and the right thing to do from any perspective. The rebranding last year It was not about having a new site and logo. It was about telling the SiteGround story right. And I think we made a great job with that.

SiteGround Cloud Service Getting Better

From the moment SiteGround started to offer virtual private servers in 2005, which later evolved in our current cloud hosting service, we have always been using virtualization platforms created by third party providers. This has sometimes led to issues that were beyond our control and we have been on the track of taking over everything for quite some time now. For the past 6 months we have been actively working on our own cloud platform and we are happy to announce the first stage of its official launch today! Why building it ourselves? The main reason to start working on our own virtualization platform is that with all third party solutions we have used, there have been reoccurring issues we were not able to resolve. Some examples are: delays in problems resolution due to the fact that other people are in charge of the software; prolonged provisioning time issues causing new cloud users to wait for hours to get their instance; and more. That is why we have decided that it was high time to extend our handmade philosophy to the cloud platform and gain full control over the software used for this service, as we already did for our shared and dedicated servers. Upcoming changes (for our US and EU data centers) New platform First, all new cloud instances will be provisioned from now on a new platform with the following characteristics: KVM virtualization technique, latest Kernel and OS versions and entirely new API system, which will allow us to troubleshoot problems faster. Existing cloud accounts in our US and European data centers will also be moved to the new platform over the next few weeks. We will preserve all current IP addresses, so no change of DNS would be needed. Up to 100% RAM increase Each of our existing cloud instances in USA and Europe would also get its RAM Doubled!!! Except for our most expensive cloud offering, all the rest would get their RAM doubled free of charge. Our cloud 4 (4096 MB RAM) now gets its RAM boosted to 6144MB for free too. If you are a new client signing up for a cloud instance you automatically get the higher RAM at the current price at no additional cost. The upgrades we are implementing are significant and costly, but their effect will be felt immediately by our cloud customers in terms of improved performance of their clouds. Our calculations show that our cloud 1 (boosted from 1GB to 2GB of RAM) would perform 3.5x faster than before, just because of that upgrade. Faster upgrade and provisioning The new setup will allow us to upgrade our cloud users and power up new instances in just under a minute. Vision for the future The changes going live today are just the beginning. We have envisioned some of the craziest things we’ve ever done to come towards our cloud Users way in the near future too. I will not go into too much detail on that to avoid spoiling all the surprises for you, but here are some of the perks: Highly resilient, ultra high performing distributed block storage build with the help of the innovative software by StorPool. We’re already in advance testing phase of this storage solution and we’re amazed by its potential. New, developed by SiteGround virtual environment, far more efficient than anything else to date 2 seconds provisioning time Instant rebootless scalability Stay tuned for more updates

How to make the most of a WordCamp? Based on WC Phoenix 2014

Going to WordCamps is really great. Mainly because, no matter if you are just going to build your first personal blog, or you are part of a multinational business built around WordPress, you are sure to meet people that are up to the same challenges as you and are willing to share their experience. Visiting even a single session can be very beneficial, but if you go beyond just listening you will be amazed how much more you can learn. Looking over WordCamp Phoenix, we sponsored and visited last weekend, I can say it was a great example for the different ways you can benefit from such an event. Start easy: Visit Sessions! Listening to the sessions is obviously a no-brainer and all it requires from you is to attend the event. A great thing about WordCamps is that they usually have sessions for each proficiency level and interest. If you are just starting with WordPress, you can learn from great sessions like those hosted by Se Reed (a professional web consultant) and Zac Gordon (who teaches WordPress at Treehouse). They walk you through the basics of WordPress and design, and with their shared knowledge help you get a better understanding of what it takes to build websites with WordPress. If you have already set up your website and would like to turn your attention to start adding quality content to it, there are usually also great tips. In Phoenix some great ideas on optimizing your writing efforts and exploiting the power of content were given by Jennifer Bourn (who manages a design company). Another interesting topic in the WordPress community is the question how to charge for the product you have created. Patrick Rauland’s presentation on Freemium models turns out quite helpful in guiding you away from less successful pricing models such as relying on “donations” and “pay as much as you want”, and disclosing more prosperous methods like building a personal brand over a successful free plugin, or developing a big user base with a free version and charging for premium features the people who need them. And if your are a developer or designer, WordCamps give you the opportunity to learn from the top of the top WordPress developers. In Phoenix there were quite few of them too: Pippin Williamson ( and Easy Digital Download), Brad Williams (co-founder of WebDevStudios and the newly launched super-hot product AppPresser) and a lot more others, who present on …code stuff…obviously… Take the next step: Talk to the people! I personally enjoy WordCamps most of all because I feel I get to learn from anything and anyone, including our competitors, clients, people with totally unrelated business profile, and anyone else at any moment of the day and even of the night. Most of this happens outside the session rooms. However, I understand that talking to people can seem challenging at first. Many people are scared of that social contact with strangers. I remember well my own first event ever, more than 10 years ago, though it was not a WordCamp. Some of the questions that bothered me at that time were: How do I approach all those new people? Why would they want to talk to me? And most of all: Am I smart and interesting enough for them? Who am I anyway, I just started… So if you feel like this when you are reaching out, you have to check out Chris Lema’s speech from WordCAmp phoenix on “Escaping the Imposter Syndrome”. It helps you recognize a problem that many of us have faced at some point or another – the inability to internalize success and admit our own worth and achievements. I could not agree more with him that there is always someone smarter than us, but we shouldn’t forget there are at least a few less smart. You may not know that “new” stuff, but you know a lot more other stuff. Just be yourself and don’t try to pretend you know things that you don’t. People will forgive you that you don’t know and will be even willing to teach you, if you are genuine and want to learn. And another personal advice – do not forget to fave fun! At the end of the day, when you all get together in the nearby bar, you can actually relax and enjoy the less formal conversations and get to know the humans behind the “suits.” You still learn useful stuff like how to drink Fireballs for example, but most of all you get to seal your new bonds so firmly with liquor that you can count on them next time you are rolling on the learning speedtrack. Go beyond: Get involved Now if you want to keep that learning momentum you got on WordCamps and maybe even overcome the imposter syndrome faster, you may want to get involved more actively in the WordPress community. Andrea Middleton, the master WordCamp Coordinator talked about the ways you can do that. A great way to do it is write code…. Well, that’s not for everyone…. You may try organizing WordPress meetups in your own town or grow your meetups into WordCamps. You can also apply for a session or even sponsor an event. Imagine that! You can be in the middle of it all – a great excuse to talk to anyone about anything and LEARN!

Hosting Joomla 1.5?

Recently there has been a growing buzz on the web that there are hosts taking quite a solid stand against having Joomla 1.5 on their servers. So in the light of the event I would like to take a minute and explain the SiteGround view point: what are the challenges of hosting Joomla 1.5 and how do we face them. Is Joomla 1.5 really insecure? The answer to this question right now is:  NO. Currently there is no known vulnerability in this version that has not been addressed by the Joomla developers.  In August 2013, there has been a serious security issue that affected Joomla 1.5 after its official support was discontinued. Nonetheless the Joomla team released a patch, so that people still using this version can fix the issue. So why messages about Joomla 1.5 being intolerably insecure are in circulation? There are two reasons. First, it is true that Joomla 1.5 is no longer supported, so providing a patch for any future vulnerability is not guaranteed. Still there is a difference between current vulnerability and a possible future one. Second, the standard way to fix vulnerability by upgrading your software is no longer applicable for Joomla 1.5.  The best you can hope for in case of vulnerability is a patch, not a new updated 1.5 version. Well, applying a patch is not a rocket science, but it requires a little more effort than hitting an upgrade button and this decreases the number of users that do it. So how does SiteGround handle these Joomla 1.5 security challenges? In August, when the Joomla vulnerability affecting 1.5 versions was announced, we made two things: We researched the vulnerability and created a patch on a server level that will stop hackers from exploiting it on our servers, even if there are vulnerable 1.5 Joomlas. We have done this in multiple other cases affecting different applications and versions. We are quite experienced in reacting to such issues and feel comfortable that if another 1.5 vulnerability appears in the future, we will be able to protect our customers even if no patch is officially released. Besides our own server level fix we manually applied the official patch to all Joomla 1.5 hosted on our servers. It is true that it took some effort (on our part, not our customers’), but we strongly believed that it was the best course of action. Details about how we handled the case can be read in our Serious Joomla vulnerability Blog post. Should you upgrade to a more recent Joomla version? The answer to this question is: YES We do recommend that all people move to the supported versions of Joomla as soon as possible. However, we know that migrating from 1.5 to any of the other two currently supported versions (2.5 and 3) can be a challenging task. So how does SiteGround make the switch easier? In this case we do not believe in the negative motivation: we don´t intend to send our customers packing if they don´t upgrade or to exaggerate the danger of using 1.5. Instead we have worked with Brian Teeman, one of the Joomla founders. He has produced a full video course, sponsored by our company, which explains how the move from 1.5 to 3 can be made. The tutorial is freely available for anyone, but we also emailed all our Joomla 1.5 users announcing its existence and explaining in details why it is a good idea to make the move. I believe that people using Joomla 1.5 should move forward as soon as possible. However, I am aware why this is not such an easy step for most of them, and we, as a host, have decided to respect their choice.

Thank you for the “Boring” 2013!

The company conducting the SiteGround client satisfaction survey sent me the results yesterday. Their recap in the email was short: your data is plain boring! And yes, thank God, this was not “an interesting year” as far as it comes to business results and customer satisfaction! I would like to thank all the people, who participated in our 2013 customer survey and provided us with this great feedback. Keep reading for a summary of the most important results. Outstanding satisfaction levels. Again! When we did the survey last year, I thought it will be very hard to reach such satisfaction levels ever again. However, 2013 was just as good, if you compare the overall satisfaction levels, and even better in terms of number of people rating  all the different aspects of our service as outstanding. Better awareness of our geekyness The challenge revealed by the 2012 year survey was that nearly 30% of our customers were not able to evaluate SiteGround level of technological innovation and special application expertise. This fact triggered a vast change in our overall communication strategy, including the total company rebranding. The results we have achieved are really good: the percentage of the people that perceive us as a highly innovative hosting provider with special expertise in the application they use has increased significantly, especially in the two main user groups we targeted during the last year – WordPress and Joomla users. More new customers We have seen a steady growth in the new customer acquisition, especially in the second part of the year after the rebranding was launched. This was clearly seen in the rise of the percentage of people that took the survey and have signed in during the last 6 months, as compared to the last year. Next year challenges It seems that our biggest challenge for the next year is to continue to communicate successfully our strengths and to handle the growth in a way that will not decrease the customer satisfaction levels. We also had 2 separate sets of questions for our Reseller and Cloud service users and we believe they revealed interesting opportunities for development of these segments. And finally — the iPad winner! I would like to thank once again all the people that filled out the survey. The participation rate again was amazing! This year an iPad award was also drawn and it goes to Amy Archer from Sweden, who is one of the many new customers that joined in the last six month by signing up for a GoGeek account! Congratulations!

Joomla! eXtplorer vulnerability – fixed!

Yesterday, my day ended delivering a webinar on Joomla security, only to start today with a new critical vulnerability found in a popular Joomla! extension – eXtplorer File Manager. This vulnerability is a classic example of two of the most popular ways to exploit an application: vulnerable plugin and weak login details. Of course as soon as the issue got discovered we started working on protecting our Joomla customers on a server level. Below I will explain the vulnerability, what we did to fix it on our servers, and what you should do if you are not hosted by SiteGround. eXtplorer File Manager vulnerability explained eXtplorer File Manager is a full-fledges stand-alone file manager. It also has a Joomla extension that allows you to manage your files directly from the Joomla! administrative area. By installing eXtplorer extension for Joomla you also install a separate eXtplorer administrative interface, of which you may even not be aware. The problem with this stand-alone interface is that the login details for it are automatically created as admin/admin, and at the same time it is publicly accessible by default! Thus, anyone can easily login to the eXtplorer File Manager and then upload any files to your Joomla! Site. What we did to prevent hackers from accessing vulnerable sites? Our security team quickly created custom Apache mod_sec rules to filter the requests. This means that if someone tries to access the eXtplorer separate administrative interface the default login details will not work and the login page will be simply reloaded. If, by any chance, you were using this interface yourself with the admin/admin login details (which we highly doubt any of our customers, who have followed our security tips, would do), you can contact our support for a password reset. If you are using the eXtplorer plugin in the usual way – through your Joomla admin, you should not take any further action. What to do if you are not hosted by SiteGround? If you are not hosted on our servers you have two options: 1.     The first way to resolve the issue is to immediately change the default password for the eXtplorer separate administrative interface. To do this access the interface at: Then login and change the password for the default admin username. 2. The second way to resolve the issue is to create an .htaccess file in the com_extplorer folder and add the following line to it: deny from all This way the eXtplorer separate administrative interface will not be accessible at all and hackers will not see the login page. All in all, if your site is hosted on our server you can relax and enjoy the upcoming holidays. If not, you have to change your eXtplorer login details before hackers manage to edit your site and steal important information from your site. Of course, you can always transfer your site to our servers


Recommended Content