More space and increased price for web hosting
Written by: Jon Eivind Malde

cPanel shocked the entire web hosting business 27th June when they overnight drastically increased their prices without any kind of warning to their partners. cPanel is the control panel we use for our web hosting service and is the foundation for the service we deliver to you.

Increased pricing for cPanel

We have calculated that our prices are 7 times higher now than before the change. The hosting business in general have been in turmoil since the change and cPanel has received a lot of complaints from upset partners in all channels. A quick search online will get you a lot of “colorful” feedback about the change.

cPanel price increase

We have ourselves notified cPanel about what we consider to be unacceptable business practice. cPanel does not listen to their partners unfortunately and we are forced to either accept the change or find alternative solutions to be able to continue to deliver stable and good services to our customers.

Our thoughts

cPanel is promising that the price increase will result in a better product for you, but such a radical increase is hard to digest when the price was far from low initially. We have considered other solutions, but unfortunately there are no other solutions that are good or stable enough compared to cPanel. We could develop our own solution, but that requires a lot of time, time we do not have as the change is already upon us.

We believe that what is most important to you as our customer is that we keep delivering a secure and stable service. With that in mind we do not have any other choice than to keep offering web hosting with cPanel. Our goal is however to deliver what is best for our customers at any given time at as competitive prices as possible. You can, in other words, rest assured that we will not stop considering other alternatives. Our loyalty to cPanel is nonexistent and cPanel will have to deliver on their promises to avoid changes.

Increased pricing and space

We have to increase the prices for the following web hosting plans due to the change:

PlanOld priceNew price
Pro Medium5.50€6.50€
Pro Premium12.00€14.00€

The prices will be effective from 15th September for all customers. This gives you the chance to order new or upgrade with the old pricing until that date.

As we increase the prices we also want to add more value to the services. Due to this we also increase the included disk space:

PlanBeforeAfter
Pro Medium15GB30GB
Pro Premium30GB100GB

All customers with those web hosting plans have already been upgraded to the new limits.

Happy Tom with thumbs up

Summary

This change was not planned so we hope for your understanding for why we reached this decision. We also hope that the increased disk space can make up for some of the increase in price.

Malicious code on your web hosting account?
Written by: Jon Eivind Malde

We have started handling any malicious code found on your web hosting account faster and better while also warning you by email. The system is gradually being used on more and more servers and will soon cover all web hosting servers. When the system is in use on all servers you will get a warning within minutes if something is found on any of your accounts.

Why are we doing this?

Malicious code represent a risk to all clients on a server as well as other users online. Hackers can do any of the following with malicious code:

  • Extract all data you have stored in the account/website or insert code to continually have access to your data without you or your clients knowing about it.
  • Send spam or phising emails (which will blacklist the IP addresses of the server and result in email delivery problems for all users on the server).
  • Attack other servers online/your visitors to spread virus/malware or participate in DDoS attacks.
  • Run code to overload the server to impact yours and other websites on the server.

When we find mailcious files we will follow these steps (where next step is only performed of the previous failed):

  1. Check backup for clean file and automatically restore.
  2. Clean file for mailcious code.
  3. Put file in quarantine.
  4. Delete file.

Put in other words; We try to do the least invasive to your website first and use the more drastic actions only when needed. Due to the risk malicious code represents we have to go to these lengths to keep you, your visitors and the Internet as a whole safe.

What system are you using?

The system we use is called Imunify360 and is provided by CloudLinux (who also provide us with the OS we use on all our web hosting servers). We have been using Imunify360 since CloudLinux launched the system in the beginning of 2017 and have been working together on how it should work since. We finally feel the system is mature enough to use more actively and integrated with our own systems. That is why we start handling these files now.

Imunify360 logo

Imunify360 does a lot more than just finding malicious code in files. Among other it:

  • Stops attacks on your website with a web application firewall (WAF).
  • Stops brute force attacks (attempts to find out your password) on services such as SSH, IMAP and more.
  • Patches software on the server which has known vulnerabilities such as the kernel (without having to reboot the server).
  • Stops processes running malicious code while also tracking down the orgin of the attack in the logs.
  • Finds blacklisted domain names.

Imunify360 is in other words an important part of the security of our web hosting servers, and will gradually become more important as the software evolves.

Where can I see the files that have been found?

You have full access to the files and log in the control panel (cPanel) as shown in the guide Malware scanner in Imunify360. You will also be able to restore files from quarantine and white list files identified as malicious when they should not have been (false positive).

Some files mentioned in the emails we send might have been found a long time ago. We could have chosen not to report these, but we do in case they might be important for you. In such old incidents it might also be that the files mentioned are not in your log as Imunify360 did not log these in the same way as they do now.

What should I do if files are found on my web hosting account?

You should first check if your website is working as it should. If the files have been restored from backup or cleaned it should not be necessary to do anything. If they are put in quarantine or deleted you should check if the website solution you use have that file and if it contains malicious code. Ask the provider of the solution or us if you are in doubt.

You should follow the tips in the guide How to secure your website against hackers after checking the files.

Questions or comments? We would be happy to hear from you 🙂

Free SSL certificates with AutoSSL
Written by: Jon Eivind Malde

Back in 2016 we partnered with Symantec (now Digicert) to deliver free SSL certificates to our customers. AutoSSL, cPanel`s solution for free SSL certificates, was also recently launched at the time. However we chose to work with Symantec instead as we believed their solution would be best for our customers.

Tom showing free SSL certificate with AutoSSL.

Background

The two solutions differed in that Symantec`s solution envisioned that you start with a free SSL certificate and add extra functionality as you grow. In other words – the SSL certificate is tailored to your needs. The AutoSSL solution had a very different strategy where the goal was only to deliver free SSL certificates for domains hosted on cPanel. However, at that time AutoSSL was not very well integrated into cPanel and there were issues with the solution.

Why free SSL certificates with AutoSSL

Symantec did unfortunately never live up to what they envisioned and what we envisioned for our customers. There have barely been changes since we started working together. Meanwhile AutoSSL has continually improved in terms of usability and integration in cPanel. As a result of that – the sooner the better – we had to acknowledge that we chose wrong solution back in 2016. We have now discontinued working with Symantec to deliver free SSL certificates and we have already made AutoSSL available to all our customers on all web hosting packages. The last remains of free SSL from Symantec will be removed from our website in a matter of days.

Advantages with AutoSSL

The advantages for you with the new solution is that:

  • All (sub) domains on the web hosting account will be covered instead of just a single (sub) domain
  • The certificates are issued/renewed automatically instead of you having to manually issue/renew them on our website
  • Parked domains is also covered by free SSL certificates now. This is particulary handy for those using the 1-page website builder on their domain name.
  • The forwarding package is also covered by free SSL certificates now
  • If you forget to renew a SSL certificate it will be automatically replaced by a free SSL certificate (so that you avoid having an error on your website for all visitors)
  • You will get free SSL certificate also for mail.yourdomain.com (where yourdomain.com is your domain name) and will be able to setup your email client with SSL using the hostname mail.yourdomain.com instead of cpanelX.proisp.no (where X represents the server number)
  • Other useful addresses such as webmail.yourdomain.com and cpanel.yourdomain.com can be accessed with https without any warnings as they will also be covered.

Disadvantages?

You might ask yourself if there is any disadvantages with the new solution when you see the list of advantages. Yes, there is. We don’t get to show you the advantages paid SSL certificates can do for you beyond what the encryption only free SSL certificates delivers. You also don’t get to setup your own SSL certificate specifically tailored to you like Symantec envisioned. But, fear not 🙂 We will eventually add tips about paid SSL where suitable based on analysis of your needs. For example during diagnose of your web hosting – in time.

What about you who already have SSL from Symantec?

If you have:

  • Only free SSL certificate this will be automatically replaced when it expires.
  • Free SSL certificate with site seal we will replace this with a PositiveSSL certificate at the same price as your site seal. You will in other words get a paid certificate with 30% discount. The disadvantage is that you have to change site seal, but if you need help to do that we are more than happy to assist.
  • Free SSL certificate with wildcard (Basic SSL Plus) we will replace this with a PositiveSSL wildcard certificate at the same price. You will in other words get a paid certificate with discount.

How often are free SSL certificates issued?

The new solution issues/renews SSL certificates once per night for all (sub) domains on all web hosting packages that doesn’t already have SSL certificates or have certificates that are about to expire. You can follow the guide “Install free SSL certificate with AutoSSL” if you need to issue a free SSL certificate before it is issued automatically.

Feel free to contact us if you have any questions or comments regarding the change 🙂