Advertisement!…

Are you still looking for an affordable Cloud Web Hosting Service Provider with a particular emphasis on speed, scalability and security? Then EagleProHost.com may be for you!

Author Archive

Let’s Encrypt-based SSL certificates now free in the Control Panel

Introduced back in 2016, Let’s Encrypt represents a free open certificate authority (CA), which provides website owners with digital certificates for enabling HTTPS (SSL/TLS).

It was launched by the Internet Security Research Group (ISRG), a public-benefit organization sponsored by the Mozilla Foundation, the Electronic Frontier Foundation (EFF) and Cisco Systems, with the aim of making HTTPS encryption both affordable and user-friendly.

Their main goal is to create a more secure, privacy-driven web.

Let’s Encrypt certificates are:

  • free to use: each domain name owner can obtain a trusted certificate at absolutely no cost;
  • automatic: the certificate setup and renewal procedures are fully automated; no human intervention is needed;
  • simple to use: there are neither payments to make nor validation emails to respond to;
  • secure: Let’s Encrypt serves as a platform for implementing the latest security practices;
  • fully transparent: all issued certificates are publicly available for anyone to view;
  • open: the issuance and renewal protocol is published as an open standard that can be adopted;
  • ‘self-regulated’: Let’s Encrypt is a joint community effort, beyond the control of any organization;

What are the differences between regular and Let’s Encrypt SSLs?

Let’s Encrypt offers you a free and automated way of obtaining SSL certificates for your sites, so you may ask yourself: “Why would I ever go with a regular SSL certificate?”.

Just like regular SSL certificates, Let’s Encrypt certificates offer basic SSL encryption, i.e. they give site visitors assurance that they are exchanging information with the domain that is visible in the address bar and that their personal data (login details, credit card information, etc.) cannot be eavesdropped.

Also, Let’s Encrypt certificates are trusted by all major browsers.

If a site is using a Let’s Encrypt SSL, you will see “https://” at the beginning of the URL in your browser’s address bar, along with a green padlock.

So, what Let’s Encrypt certificates offer, is a secure communication most site visitors will feel comfortable with.

However, as a business entity, you may also need a certain security guarantee against online abuses and this is where commercial SSLs kick in.

Read further below to learn more about the differences between a Let’s Encrypt certificate and a regular SSL:

    • Warranty: Let’s Encrypt certificates do not include a warranty against misuse or mis-issuance, whereas regular SSLs do. While this may not be a problem for smaller websites, for larger organizations most probably will.
    • Wildcard Certificates: Let’s Encrypt does not offer wildcard or multi-domain certificates, whereas traditional CAs usually do.
    • Validity Period: Let’s Encrypt certificates are only valid for 90 days and must be renewed before they expire. Most regular SSL certificates are valid for at least one year. HTTPS site owners can also choose a longer validity period (3, 5, etc. years). On our platform, Let’s Encrypt certificates are renewed automatically, so you won’t have to worry about that.
    • Support: Let’s Encrypt does not offer assistance with creating or installing SSL certificates. Only community help is available.This can be an issue for organizations that need to quickly equip their business sites with an SSL. However, this could be easily curbed with a quick re-generation and re-installation of the problematic Let’s Encrypt SSL.

    A Let’s Encrypt certificate or a commercial SSL – the final verdict

    Both Let’s Encrypt and commercial SSLs will do the encryption job that is expected of them in order to protect your sites against interception and eavesdropping.

    So, your choice will solely be determined by the type of site you manage, which in fact defines your security requirements.

    If you own a non-commercial site, a blog or a photo gallery, or just need a quickly configurable, simple and free SSL certificate that you can obtain with minimum effort, then Let’s Encrypt is the way to go.

    If you run an e-store or an enterprise site, then you will need to invest in a paid, warranty-equipped SSL certificate issued by an established CA.

    Due to Google’s recently voiced intent to give HTTPS sites higher search rankings and the subsequent rise of authorized SSL resellers, the prices for commercial SSLs have been going down steadily.

    Today, every e-commerce website owner can obtain an affordable commercial SSL certificate from a reputable authority.

    We’ve already lowered the prices for both regular and wildcard certificates and are doing our best to make sure you get the best security insurance on the web.

    How do I enable a Let’s Encrypt SSL certificate for my site?

    You can request a Let’s Encrypt certificate for your sites with a click from the Hosted Domains section of the Control Panel.

Advantage of the Data Backup Options

Image source: Online

Data security is and should be a top priority for any web hosting provider. When it comes to managing your site, the risks of something going wrong with your content must not be ignored.

There are different ways in which a site can go by the board. For instance, it could get hacked due to a poorly configured script, or it could break down after an update, or you could delete your files by mistake, to name just a few.

Just like with your PC, having a backup of your site on hand could save yourself lots of downtime and the inevitable nervous breakdown that may be associated with it.

Why are data backups so important? Basic backup methods

Keeping a regular backup of their files is a responsibility that each website owner should take to heart. No excuses whatsoever!

This can save you tons of trouble in the long run and will guarantee the intactness of your projects should a force majeure event occur.

When making a backup, you should make sure your content is stored in more than one location (your PC, an external storage device, your Google Drive account, etc.).

Alternatively, if you use a CMS system like WordPress or Joomla, you can resort to one of their backup plugins.

Also, make sure your site is being backed up on a regular basis.

For instance, if you make consistent updates to your site, you should make either monthly, biweekly, weekly or, best of all, daily backups of your content.

What if the backup job is not your “cup of tea”? No worries!

As a web hosting provider, we take full responsibility for the content stored on our servers.

We’ve developed a high-end backup system, which runs backups several times a day to ‘catch’ any possible updates you may have made to your sites on time.

The daily backup options supported on our hosting platform

We make multiple daily backups of your sites and applications to make sure all your updates are ‘covered’.

Usually, running daily backups is perceived as an administrative job that is done somewhere in the background and that is ‘delivered’ to us only per request.

Since it is our priority to keep you in control, we’ve made daily backups readily available to you at any time.

Inside the Web Hosting Control Panel, you can browse through the archives of your sites and applications and restore any content with a click of the mouse.

Here’s how you can restore a file or a folder from backup:

1. From the Hosted Domains section:

1.1. In the Actions column, search for the Restore from backup icon corresponding to the given domain/subdomain as shown below:

or

1.2. Right-click on a file/folder and select Restore from the drop-down menu:

2. From the File Manager section:

2.1. Right-click on the desired folder/file and select Restore from the drop-down menu:

2.2. Select a file/folder and click on the Restore button in the Actions toolbar above the table:

A popup window will appear asking you which date and time you would like the given file/folder to be restored from:

You will see a list of all your backups ordered by date:

You can restore files/folders from a backup from here as well. Just select a file/folder and download it to your computer.

Here is a list of the most noteworthy advantages of the backups available in our Web Hosting Control Panel:

  1. Easily accessible – just click on the Restore Backup icon and get the backup you want;
  2. Made several times a day – we make sure your sites are backed up at least 3 times a day to minimize the chances of content updates getting lost along the way;
  3. Save time – unlike with many other hosting providers, there is no need to wait for an administrator to retrieve your files – you can restore a backup at any moment with just a click;
  4. Easily browsable – you can browse through the archived files and folders just like you browse through the files and the folders in your File Manager;
  5. Use independent backup storage space – we store backups on separate servers, so the archives that you browse in your account won’t use up your disk space;
  6. No risk of overwriting your current content – you can save a copy of your current content prior to restoring a backup and thus preserve all the changes that have been published after the backup in question was made;
  7. A unique feature on the market – the restore-from-backup option is not available with mainstream solutions like cPanel and DirectAdmin;

Remote Dropbox and Google Drive backup options

Apart from the Control Panel-integrated daily backup feature, you can also make use of a remote backup option. You can sync your website content to your Dropbox or Google account and keep all your important data in one place.

The backed-up content may include files (text files, images, videos, etc.) and MySQL & PostgreSQL databases.

NOTE: The Google Drive and the Dropbox backup options are available on an either-or basis, i.e. you can select to back up the data pertaining to a certain host using either Dropbox or Google Drive.

Making use of the Dropbox/Google Drive backup feature is easy.

Log in to the Control Panel, go to Files and then click on the Remote Backups option:

Then click on the Add Dropbox Account or Add Google Drive Account button in the top right corner:

Our Hepsia Backup Application will ask you for permission. Click on the Accept button to go ahead:

You can now select the host that you want to make a backup for and the period that the backup in question will encompass.

In the root folder of your Google Drive account, you can see the HepsiaBackups folder that has just been created under the Apps folder:

When the backup process starts, you’ll see the backups organized in folders.

The daily backup and remote backup options are available with all Hepsia Control Panel-managed web hosting packages and semi-dedicated servers.

Data backups are a website security service no hosting provider can afford to do without.

NOTE: We will make automatic backups of your sites and databases on our servers, regardless of whether you use the Google Drive/Dropbox backup option or not. However, if you as a website owner can participate in doing so, it is always a plus.

Drag and Drop Control Panel

While some Hosting Companies are just coming up with Drag-and-Drop Object Storage for their customers, at Eagleprohost.com, clients have already been using a more sophisticated Control Panel called Hepsia for a long while now.

But what is Hepsia CPanel all about?

The Hepsia Control Panel is an intuitive crafted user-friendly CPanel where website owners are able to manage their sites, domain names and billing transactions with ease from a single location.

It comes included with all our shared hosting plans, an easy to use interface, offering free of charge tools and extras, with the possibility to host multiple domain names at the same time.

It also offers a drag-and-drop file upload functionality and the avant-garde Email Manager tool, making it one of the finest Control Panels on the market today.

Hepsia Domain Manager

Hepsia’s Domain Manager will grant you full control over your domain names. You can register and transfer a domain name from one single location, update its nameservers, upload files, create email and FTP accounts, set up sub-domains, explore traffic statistics, etc. Also, you can register, renew and administer multiple domains simultaneously.

Hepsia File Manager

Hepsia’s File Manager permits you to administer the content of your website using simple point-and-click actions. With its drag ‘n’ drop file uploads capability – you no longer need an FTP client to upload your files to your server. Just select all the files you would like to upload from your PC and drag them over to your browser window. The upload procedure will begin instantaneously. You will also be able to move files around the File Manager making use of the built-in drag-and-drop functionality.

Hepsia Email Manager

Hepsia’s Email Manager is an all-inclusive e-mail management tool, which will give you complete authority over your email mailboxes and e-mail campaigns. With this easy-to-work-with interface, you can set up a brand new e-mail box in no time and administer its settings effortlessly.

Besides, you can redirect electronic mail messages from one email account to another, set up e-mail filters, create autoresponders and protect your email accounts against junk electronic mails.

With Hepsia’s Email Manager, you can also configure the desktop electronic mail client of your liking to access your email mailbox accounts or administer them via a webmail client.

More than Five Hundred Unique Features

The Domain Manager, the File Manager, and the Email Manager are just some of the tools included in the Hepsia web hosting CP. We also give you a quick way to manage MySQL and PgSQL databases with our Database Manager. Our Stats Manager provides you with a full overview over all the vital stats for your website.

There is also a vast range of free extras coming with the Hepsia Control Panel – a website installer, a web applications installer, a PHP frameworks installation tool, charge-free website themes, a free-of-charge sitemap generator, etc.

With Hepsia CPanel, you will have at your disposal, a range of marketing and administrative tools, among them an .htaccess Generator tool, a PHP Configuration tool, a URL Redirection tool, a Password Protection tool, a Domain Parking & Redirection tool; a collection of web accelerators and many more. What’s more, the Hepsia web hosting CP includes an SSL Certificates section, from where you can purchase SSLs for your sites.

If you are interested to learn more, you can take a look at our Hepsia vs. cPanel head-to-head comparison and learn how these webhosting control panels manage with day-to-day website hosting tasks.

DNSSEC enabled for domain names on our platform

By translating domain names into IP addresses, the Domain Name System (DNS) makes client-server communication possible and is crucial for the operability of the Internet.

Over time, the DNS has yielded vulnerabilities that allow hijackers to sneak into sessions and deceive users into giving their secure details to fake websites, for example.

This has called for the introduction of the DNSSEC technology so that this part of the Internet’s infrastructure can be made secure. In line with the global end-to-end deployment trend, we’re welcoming DNSSEC on our platform as well.

How do DNS lookups work?

DNSSEC, short for Domain Name System Security Extensions, is designed to address the security glitches in the DNS lookup process.

To get a better idea of DNSSEC, let’s see how the DNS lookup process works first:

  • When a user types the address of a site (for example, WWW.DOM.COM) in their browser, a request for more details on .COM is being sent to the root zone.
  • With that information at hand, a new request is sent to the .COM zone, this time for details on DOM.COM.
  • Finally, the DOM.COM zone is queried for WWW.DOM.COM’s IP address. Your browser will then receive a response, which will contain that address.

The scheme below offers a visual overview of the DNS lookup steps described above:

Each of these zones is managed by different entities: the root zone is managed by ICANN, .COM (or any other TLD) is administered by a domain registry (in our case this is VeriSign) and DOM.COM is managed by a domain registrar like LiquidNet, for example.

Why is DNSSEC necessary?

A few years ago, a decades-old vulnerability in the DNS lookup process re-surfaced.

Experts in cyber security found out that the Domain Name System cannot fully guarantee the validity and integrity of the data sent in response to a DNS query, because it doesn’t actually check for credentials when a DNS lookup is being performed.

Hijackers can use this vulnerability to sneak through the DNS lookup process and take control of a session in order to exploit it for their own phishing purposes.

So this is where the DNSSEC security protocol comes into play.

How does DNSSEC curb the DNS vulnerability?

DNSSEC adds a layer of security by making sure that the end user is connecting to the real, legitimate website or some other service associated with the given web address.

This is done by validating DNS responses through the use of digital signatures during each stage of the query process:

By protecting the lookup process, DNSSEC complements another security protocol – HTTPS, which encrypts the data submitted during a browser-server ‘dialogue’.

Unlike HTTPS, however, it does not encrypt data but instead integrates a series of digital signatures into each step of the above-described DNS lookup process.

Those signatures are generated by special keys, which must be validated by a higher-level entity, i.e. .COM must sign DOM.COM’s key, the root must sign .COM’s key, etc.

During validation, each parent zone signs the key of the child zone below it, establishing a ‘chain of trust’ between them in the process.

The digital signatures and their corresponding keys are stored in name servers alongside common record types like A, AAAA, MX, CNAME, etc.

By checking the requested DNS record’s associated signature, it can be verified whether it comes from its authoritative name server or whether it has been altered en route and used in a man-in-the-middle attack.

How does DNSSEC validation actually work?

DNSSEC adds a few new DNS record types, which store the required signatures and their verification keys:

  • RRSIG – contains the digital cryptographic signature;
  • DNSKEY – contains the keys, which verify the digital signature;
  • DS – the Delegation Signer records enable the transfer of the authentication responses between the separate zones in the DNS lookup chain;
    Namely, the communication between these records is what enables the validation of DNS records.
  • First, let’s see how RRSIG and DNSKEY interact to secure a given DNS zone:
  • DNS Records of the same type (A, AAAA, MX, CNAME, etc.) are grouped into an RRset (a resource record set) for an all-at-once validation;
  • A pair of zone-signing keys (ZSKs) – private and public, is generated;
  • The private ZSK creates a digital signature for the RRset, which is stored as an RRSIG record in the name server;
  • The signature in the RRSIG record is verified by the public ZSK, which is stored in a DNSKEY record;
  • A pair of key-signing keys (KSKs) – private and public, is generated to validate the DNSKEY for the ZSK;
  • The private KSK creates a digital signature and
  • an RRSIG for the public ZSK;
  • The signature in the RRSIG record is verified by the public KSK, which is stored in another DNSKEY record;
  • Now let’s see what happens when a DNS query is sent to the zone:
  • The client sends a request to a given set of DNS records, the corresponding RRset is queried and it returns its RRSIG record, which stores the signature;
  • The DNSKEY records (with the public ZSK and KSK keys) are called upon to return the other RRSIG record from the name server;
  • The RRSIG of the RRset is validated with the public ZSK;
  • The RRSIG of the DNSKEY is validated with the public KSK;
  • This is how a DNS query is validated within a given zone.
  • However, as we’ve seen above, the lookups traverse the entire DNS hierarchy – from the root zone all the way to the specific web address.
  • To transfer the validation results from one zone to the zone beneath, the aforementioned DS records have been introduced.
  • DS records are published by the parent zone and contain a hash of the DNSKEY record, which holds the public KSK key (the final validation marker within a zone).
  • This way, when a query is sent to a given child zone, its parent zone will provide a DS record to confirm that the child zone is DNSSEC-protected.
  • Naturally, no parent DS record can be generated for the root DNS zone itself. For this reason, a special, ICANN-coordinated root zone-signing key generation ceremony is being held four times a year.
  • By making the connection between the separate DNSSEC-validated zones, DS records help establish trust throughout the DNS lookup chain.
  • The scheme below gives you an overview of a DNSSEC-protected DNS lookup chain:
    • In the DNS lookup example specified above, when DNSSEC is enabled, the DNS lookup process will proceed like this:
    • – a DNS query is sent for WWW.DOM.COM, whereupon;
    • – the pre-validated root zone (managed by ICANN) will help verify the .COM zone;
    • – the .COM zone (managed by VeriSign) will help verify the records returned for the DOM zone;
    • – the DOM zone will help verify the records returned for WWW.DOM.COM.
    • If we query the A record for the DNSSEC-enabled DOM.COM, for example, the returned response will feature a raised “DO” (DNSSEC OK) flag, along with the corresponding RRSIG record.

    Which gTLDs are DNSSEC-compatible on our platform?

    • As a domain registrar and a web hosting provider, we offer DNSSEC support for the DOM.COM and WWW.DOM.COM zones in the DNS lookup chain.
    • At the moment, DNSSEC support is available for the .COM, .NET and .BIZ gTLDs.
    • This means that we can publish the respective DS records for any domain registered under whichever of these generic extensions.
    • Registrants can enable DNSSEC for their domains with a click from the Web Hosting Control Panel.

The Domain Manager plan now with email service

The Domain Manager plan now includes the option to create and manage mailboxes and send/receive emails, just like a regular web hosting account does, thus taking the plan one step closer to the “real” hosting service.

What is the Domain Manager upgrade about?
The Domain Manager plan is the smallest of all the packages on our platform and it targets a specific niche – namely people who do not need or are not yet ready to commit to a fully fledged hosting account.

This change, will allow you as a customers, to order sole domain name registrations/transfers from our store and to manage all of them from one and the same place without the need to invest in a web hosting account to achieve it.

The Domain Manager plan is great for users who want to lay their hands on an attractive domain name for a given future project before anyone does.

So far, domain owners have only been able to register and transfer domain names and to edit some basic settings (Whois details, name servers, domain parking pages, etc.).

The integration of the emailing functionality takes the Domain Manager plan to a whole new usage level.

It allows domain owners to send and receive electronic messages, i.e. to make actual use of their domain names.

This way, you as a client, can have personalized email addresses for your individual or business needs right from the start.

Why is the email upgrade so valuable?
The addition of the emailing functionality to the Domain Manager plan represents a great selling point for your basic offering.

Here are its two key advantages:
1- added value for domain owners
The Domain Manager plan-included email service, gives domain owners the option to manage their emails from their accounts, which takes them one step closer to becoming full-fledged hosting clients.

Also, with this option included in our Control Panel, users wishing to avoid the hassle and the expense of building and managing a full-blown website just to have custom mailboxes for their business or personal use, is just unbeatable.

After all, it’s much more affordable with us than the competition and this is exactly what we are giving you. If, for example, you are a freelance translator and do not want to invest in a website for the time being, you can register a domain (e.g. ema-translations.com) via the Domain Manager and add a mailbox under it (e.g. info@ema-translations.com).

How to make use of the new email feature?
The new emailing functionality is available to all new and existing Domain Manager plan users.

You will recognize it by the Mail’s icon on the domain management dashboard’s index page:

Once you’ve clicked on it, you’ll be taken to the well-known Email Manager interface, which is accessible to all regular web hosting account owners who are using the Hepsia Control Panel:

From there, you will be able to create mailboxes, to set up email forwarding and autoresponder messages, to create mailbox spam filters, etc., i.e. they will be able to perform all important email management operations:

By taking into account the regular email usage on our platform, we’ve set specific quotas with respect to the maximum number of mailboxes and the total amount of email storage space.

This way, we’ll prevent the use of the emailing functionality for abusive purposes and will cater only to customers’ real email hosting needs.

Uses can find more details in the Account usage section of their Domain Manager accounts.

About Us

We are a small team of well-trained professionals, dedicating our time to web design & development, graphics & logo design, and online marketing services for all types of businesses.