How to use hosts file to preview your website on new server

For cPanel users the default preview URL tool can cause some issues for complex sites, images may not load which can make checking everything is fine difficult or impossible.

Thankfully there is another way you can check your site, although it does mean editing your hosts file.

Editing the hosts file on your PC to bypass the DNS lookup and access the site on your webhosts servers through your main domain rather than the preview URL.

This only affects your PC and visitors to your website will see the site as normal.

Windows:

You need to open it with Administrator permissions, to do this right-click on the NotePad icon, select “Run as Administrator”.

Now, in NotePad open the file:  c:\windows\system32\drivers\etc\hosts

On OSX and Linux you may need to use sudo to gain root privileges to edit the file.

Mac OSX /private/etc/hosts

Linux /etc/hosts.

Once your hosts file is open add the following line:

Code:
192.168.1.1 www.danrodgers.uk danrodgers.uk

Replace 192.168.1.1 with the IP address of your site, as displayed in your control panel and replace “danrodgers.uk” with your real domain name.

Once you have made the change, save the file.

Now when you browse to your website as normal. You will see it served from the new server and will be able to test the full functionality of your website before editing the DNS

To view the site on your existing host, just remove the line from your hosts file.

Note: If this doesn’t work you might need to reboot your PC for the change to take effect.

How to increase upload limit for PHPMyAdmin (PMA) on cPanel WHM

It’s been a while since I’ve setup cPanel, and I ended up scratching my head wondering why the PHPMyAdmin upload limit for the import tool wasn’t going up when I changed the main PHP.ini.

Eventually I remember cPanel plays by its own rules.

So, for future Dan, or anyone else who’s been stuck by this – here’s how to adjust cPanel’s max upload size!

In WHM navigate to Server Configuration > Tweak Settings and select the PHP tab – Here you can adjust the cPanel PHP max POST size and cPanel PHP max upload size to your desired max upload size.

 

How to bypass RAM check on cPanel DNSOnly Install

I recently re-purposed a small (10GB Disk, 512 MB RAM) VPS into a 2nd DNS server, using cPanel DNSOnly.

However, the cPanel DNSOnly installer does a RAM check and requires 768MB RAM to proceed.

Being as I only plan on running a few domains on this cluster 512MB will be more than enough under normal circumstances, thankfully there’s an easy way to bypass the check.

Firstly, if you haven’t done so already you’ll need to download the latest cPanel DNS Only.

# cd /home

# curl -o latest-dnsonly -L https://securedownloads.cpanel.net/latest-dnsonly

Secondly, you need to run the install with the “–keep” flag. This keeps the install files instead of cleaning up after itself.

# sh latest-dns-only –keep

Now, you need to edit the install file and reduce the $min_memory_rules array to 512.

# cd /home/installd

# vi install

Console Install File
We can still dream of that better world

If you’re running CentOS 7,  you’ll need to edit the 2nd element instead of the default.

How to pass the COZA (South African Registry) EPP OT&E in WHMCS

COZA EPP OT&E Test ResultsToday I’ve been working to pass the EPP OT&E Tests for the .ZA (South Africa) Registry and ran into some problems using the only EPP WHMCS Module I could find, while great it does miss a lot of the tests needed to pass OT&E – I fixed that 🙂

I’ll walk you through all the steps needed to pass all OT&E Tests for the COZA / Registry.net.za registry requirements using WHMCS.

Firstly, grab the original module here: https://www.whmcs.com/appstore/706/WHMCS-COZA-EPP.html

Once you have that installed you can grab my version of the “cozaepp.php” file which will add the additional functions you need to run all tests, you can download this here.

Now you should be set to start running through the tests.

You should now see a wide selection of buttons when you view a domain using the cozaepp module selected:WHMCS COZA Buttons

Many tests you can complete by simply clicking the buttons, it’s that simple.

Domain Create:

Enter a domain which ends in “.test.dnservices.co.za” e.g. example.test.dnservices.co.za

Save Changes

Click Register button

This will cover Domain Create, Contact Create

Contact Delete:

Click “Contact Delete” button

Domain Renew:

Click the “Renew” button.

Domain Update Add Status:

Click “Add ClientHold” button

Domain Update Remove Status:

Click “Remove ClientHold” button

Contact Update: Click “Modify Contact Details” -> Edit -> Save

Contact Info: When you’ve registered a domain, this gets called when you load the admin page for the domain

Domain Transfer: 

Domain Transfer is a little tricky due to the need to switch between your 2 test accounts.

After you’ve registered your test domain under the main account (the one without the -2 at the end) edit your settings so the user has the -2 on the end.

Now back on your test domain admin page click “EPP Logout” – This is because the EPP Session is kept alive and even when you make a new request, it’ll still use the other user.

Now that you’ve logged out of the EPP Session, when it’s re-established it should instead be using the -2 test account.

Now you can continue to “EPP Transfer Approve”

EPP Transfer Approve:

After you’ve done the steps above for Domain Transfer, you can click the “Approve Transfer”

Domain Update Registrant:

Click “Update Registrant” button

Domain Host:

To pass this you need to do a few things, you’ll need to Add a child nameserver (Glue Record), Modify it and then Remove it.

The catch is that it doesn’t let you use any old IP for the nameserver it seems it’s put to the same checks as the live system so for it to succeed you need to have your test domain setup on the Domain Name Servers you use, and you’ll need at least 2 nameserver IPs so that you can add, then change the IP.

Once you’ve added your test domain to the DNS servers and it’ll pass the validation checks you’re good to go.

Login as the client account which owns the test domain in WHMCS, go to the manage page for the test domain, click “Register Nameservers”.

Here you can add a child nameserver e.g. ns1.example.test.dnservices.co.za with one of the IPs of your working configured namneserver and click Save Changes.

Allow a few minutes for the change to take effect with the registry.

Then, edit the nameserver and change the IP to the 2nd working, configured nameserver.

Now you can delete the nameserver.

This should pass the Domain Host test for you.

Domain Delete:

Click “Request Delete”

EPP Poll Request / EPP Poll Ack:

Run the COZAEPP Poll script by going to yourdomain.com/modules/registrars/cozaepp/cozaepppoll.php

This will run the POLL and you’ll see messages which are retrieved, displayed and then ACK’d.

 

And that should be all you need, any questions feel free to get in touch.

 

Direct .UK Launches 10th June

Nominet (the .UK Registry) officially announced on Twitter, and shortly after on their site & via their mailing list that on 30th January that direct .UK registrations like danrodgers.uk will be made available on 10th June 2014.

They also announced the new Registrar Agreement at the same time which I’ll go into details on another time.

With the announcement comes the much-anticipated website with more information for consumers on what the change means and how it will affect them – dotuklaunch.co.uk

The new website also highlights a new feature of their WHOIS database, it now returns results for .UK domains clearly showing who will get first right of refusal on the new 2nd Level .UK domains.

For example, if you take a look for “DanRodgers.uk” you’ll see that I’ll be able to get the first rights (which I will happily take up of course) to secure DanRodgers.UK thanks to my existing DanRodgers.co.uk registration – http://dotuklaunch.co.uk/whois/lookup?query=danrodgers

If you’re interested in getting your own .UK domain and you already own the .CO.UK version and in some cases the .ORG.UK you can check if you’re in line using the tool, if you own the domain which is listed as “Right of registration” then you’re in.

Can I get my desired .UK?

If you registered your domain before 23:59 on 28th October 2013 and there are no other registrations under .co.uk, .org.uk, .me.uk, .ltd.uk, .plc.uk or .net.uk  for the same name, you should be able to get it.

If there are 2 or more registrations with the same name then the .CO.UK owner will be offered the .UK version. If the .CO.UK version wasn’t registered by the 28/10/13 then it will be offered to the .ORG.UK owner, then .ME.UK and so on.

.CO.UK domains registered between now and .UK launch will also be entitled to the .UK version so long as there aren’t any other matching .UK domains already.

If you’re entitled to the .UK when it launches, and want to make sure you stay up to date with the latest developments and secure your domain as soon as they hit the market you can register your interest on Tsohost (where I work as Domains Manager) here: https://www.tsohost.com/campaign/dotuk

I’m always happy to answer any questions, do feel free to drop me a message via the Contact page.

First gTLDs are live…

A few days ago internet history was made when the first of the new gTLDs were officially delegated and went live in the Root Nameservers.

This signals the start of the largest expansion of top-level domains in the DNS root in internet history, growing from 22 gTLDs to what will eventually be more than 1400 new possibilities.
ICANN1 promises the vast selection of new options will open up more competition and more choice for consumers when choosing the right domain to represent their needs on the internet.

The first 4 new gTLDs which have been delegated by ICANN are all internationalized domain names or “IDNs”, this is no coincidence as ICANN specifically gives priority to IDNs to help create an inclusive global internet, broadening the growing non-latin speaking internet community engagement with the increasingly global and multi-lingual internet.

The 4 IDN TLDs which are now in the root zone:

.xn--ngbc5azd (شبكة.) — means “.web” in Arabic. Operated by dotShabaka Registry.
.xn--unup4y (.游戏) — means “.games” in Chinese. Operated by Donuts.
.xn--80aswg (.сайт) — means “.site” in various Cyrillic languages. Operated by CORE Association.
.xn--80asehdb (.онлайн) — means “.online” in various Cyrillic languages. Operated by CORE Association.

What does this mean for the registries?

Now that the first TLDs have finally been delegated the registries can get to work on launching their Sunrise periods. During sunrise trademark holders are able to apply for their marks as domain names. Registries are required to offer a sunrise period of no less than 30 days, after this they can go into General availability where anyone can register them.

First live domains?

Due to a clause in the Registry Agreement (RA) (3.1 of specification 5)2 only nic.TLD can be activated – in fact it MUST be active in the DNS.

Registries need to wait 120 days after signing their contracts before they can put other domains live due to collision concerns, although this is extremely unlikely with IDN gTLDs.

The first registry with a live site was : http://www.nic.游戏/

The CORE association and others in the IDN community are somewhat frustrated by this clause as they are unable to launch with a native language domain, and instead required to use nic.TLD3

What about the others nTLDs?

There are many more new gTLDs which are set to launch and which are at various stages still, we will likely see many more gTLDs making their way into the root zone in the coming months and years.

You can track the status of applications here: https://gtldresult.icann.org/application-result/applicationstatus

Domino’s Pizza Chooser

This is a small script which was created about a year ago after a trip to Dominos where a few of my friends (Maths Degree Students) and I noticed Dominos claim on the number of combinations possible with their pizza toppings, naturally we all wanted to prove/disprove the figure… and along the way the Domino’s Pizza Chooser was born. Put simply it generates a random pizza combination using both Size, Base, Sauce and Toppings. Give it a whirl!

Top 5 Tips for making your site faster!

Speed is vital for modern websites, particularly those which deals with e-commerce, every ms (millisecond) counts, and it all adds up and is a big turn off for prospective customers.

Recently I optimised the site of my UK Web Hosting business XDnet.co.uk before I started work the site was, well abysmal when it comes to speed. The Pingdom  putting it at 14-16 seconds, slower than 90%+ of sites according to Pingdom, before the page fully loaded with some basic optimisation techniques and a little bit of work I’ve gotten this down to 1.67 seconds.

1. Minify it!

Compressing your code down is one of the simplest ways to gain a few precious milliseconds and it’s dead easy as there are plenty of tools you can use to compress your CSS and Javscript files.

Javascript: 

www.minifyjavascript.com is a nice simple tool to use, simply copy and paste your JS file into the box and hit compress and it will squeeze it down to as small as possible.

CSS: 

www.minifycss.com/css-compressor/ is a fantastic tool with loads of useful settings to help manage the way it compresses the CSS to ensure efficiency and even improves your CSS code!

 

Note: With both JS and CSS compression you should ALWAYS ensure you keep a uncompressed copy for future changes. It’s a good idea to simply save the compressed versions as <filename>.min.css as this will help you easily identify the versions in future.

2. Combine, Merge, Reduce!

Combining your CSS and Javascript files into as few files as possible can have a big impact on speed as it can massively reduce the number of requests you need to make and cuts out all of the DNS lookup, connect & wait time involved in making requests.

In most cases combining CSS & Javascript is fairly simple, but you do need to be careful that it doesn’t cause any oddities in the way your site renders, as you may find that placing a block of CSS before another causes a different output than expected because 1 overrides the other – Just give things a good check over and test it out just incase!

3. Content Delivery Network (CDN) static content

CDNs can be useful, but should be used with care, they aren’t a magic solution and can in-fact slow down your site if you don’t use a good CDN service.

Personally I snapped up a free TB of data with MaxCDN during their speedawareness month and have been testing that out, the results in speed improvements do vary depending on your location as in some cases it is a few ms faster when delivered directly from the server, but overall on a global scale it does improve the average speed.

Ideally you want to be serving all static CSS, JS and Images over CDN for the best results. This can also help with other slow-down factors such as paralleled downloads across hostnames.

4. Parallelize Downloads across hostnames/domains

As specified in HTTP 1.1 browsers have a limit on the number of concurrent connections they make to hostnames, this generally seems to vary between 2 and 20.

This often means if you have a lot of files on the same hostname/domain e.g. mysite.com/images/ then the browser will connect to the first X items to download, and the rest have to wait for the first batch to finish before they can start. By spreading the files across multiple hostnames, such as cdn.mysite.com/images/file.png and cdn2.mysite.com/images/otherfile.png – this can help speed things up by allowing for more objects to download in parallel. This method does have limitations, and should be tested as the DNS lookup time can counteract the benefits so it’s worth checking.

Learn more from the Google Speed docs.

5. Your code sucks. Fix it.

A big time suck for my site was a few poor coding choices which caused unnecessary wait time while PHP did it’s thing to generate the page. The killer was lookup requests grabbing the latest tweet & blog posts to display.

These were adding 5 seconds+ for most page loads – very simply moved these to the client side using some nifty Javascript so that they are loaded after the page has begun rendering.

There are also numerous other ways to optimise your code but it’s important to give everything an eye over it’s often surprising just how much basic code improvements can improve your site speed.

 

Hope these tips have helped, if they have or if you have any more tips please leave a comment below, or tweet me @dansgalaxy

 

How to secure a cPanel server against BEAST attacks

Last year a previously theoretical attack surfaced which can allow TLS security to be manipulated and weakened, it’s a simple attack and one which a simple configuration change can patch. Learn more about the BEAST attack on TLS here.

To patch Apache in cPanel is a simple 2 step process.

Step 1:

Login to WHM and navigate to: Service Configuration -> Apache Configuration -> Global Configuration

Here select the custom option for “SSL Cipher Suite” and enter the following:

ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH

Click Save, then click, Rebuild Configuration and Restart Apache to compile the config change.

Step 2:

In WHM navigate to: Service Configuration -> Apache Configuration -> Include Editor

Select “All Versions” under the “Pre VirtualHost Include” section.

In the text box enter the following:

SSLHonorCipherOrder On

Click Update, then Restart Apache.

Your cPanel server should now be patched against the BEAST TLS attack, you can verify this using a security checking tool such as SSLLabs.