PHP 5.6.0 now available on all hosting servers
- Details
- Created on Monday, 04 August 2014 16:36 04 August 2014
Just a few days after it was officially announced by the PHP development team, the latest bugfix-only release of PHP 5.6.0 is now available on all servers within our web hosting network.
This is the third-in-a-row Release Candidate version of PHP 5.6.0, which accumulates all bug fixes that have been reported by the large PHP community worldwide.
The latest version boasts a wide range of improvements and brand new features that are aimed at making PHP much safer and easier to work with.
Here is a list of the key new features included in the new release:
- Added support for constant scalar expressions
- numeric and string literals and/or constants are now allowed in static-value contexts, such as constant and property declarations or default function arguments.
- Variadic functions via ‘…’
- the variadic functions can now be implemented through the
‘…’
operator, instead of thefunc_get_args()
function.
- Argument unpacking via ‘…’
- the аrrays and traversable objects can be unpacked into argument lists when calling functions through the
‘…’
operator.
- Exponentiation via ‘**’
- a right associative
**
operator and a**=
shorthand assignment operator have been added to support exponentiation.
- use function and use const
- the use operator now supports importing functions (via the
use function
construct) and constants (via theuse const
construct), apart from classes.
- phpdbg
- PHP now includes an interactive debugger called
phpdbg
, which is implemented as a SAPI module.
- Default character encoding
- the
default_charset
is now used as the default character set for functions that are encoding-specific, such ashtmlspecialchars()
. The default value for this setting is UTF-8.
- Large file uploads
- files larger than 2 gigabytes in size are now supported.
- SSL/TLS improvements
- peer verification is enabled by default, support for certificate fingerprint matching is now included, mitigation against TLS renegotiation attacks is activated; many new SSL context options, which allow better control over the protocol/verification settings when using encryption, are included too.
You can see a full list of the new features and functionalities of the new PHP 5.6.0 release here: http://php.net/manual/en/migration56.new-features.php.
All PHP users are encouraged to try out the new version carefully, and to report any bugs in the bug tracking system – https://bugs.php.net/.
The next Release Candidate version of PHP 5.6.0 is expected to be released in mid-August.
Kind Regards,
Support team
How to get the most of your .htaccess file
- Details
- Created on Friday, 01 August 2014 16:57 01 August 2014
With an .htaccess file, you can quickly restrict the use of images from your website on other sites, add a custom 404 page, block an IP address, redirect a web page to a different web page, etc.
The .htaccess file has been around since the early days of the Internet and is still in use on millions of web servers. While most users don’t use it, it’s a really powerful tool, which can help you a lot in many different situations.
It is vital for any webmaster to get to know what they can do with an .htaccess file.
Today, we will show you how to do all those things with the Web Hosting Control Panel.
Hotlink Protection
Go to Advanced -> Hotlink Protection. From there, simply select a website and the exact path, if you want to protect a specific folder only. Here is the code for doing it manually:
<Files "login.php">
Order deny,allow
Deny from all
AuthName "htaccess password prompt"
AuthType Basic
AuthUserFile /web/askapache.com/.htpasswd
Require valid-user
</Files>
Please note that this is just an example and the path displayed above may be different for your particular hosting account.
Keep in mind that you will also need to create an .htpasswd file with the password inside. It has to be stored in the same folder as the .htaccess file. Don’t enter the password in plain text – use MD5 encryption.
Here is an MD5 encryption tool you can use - http://www.md5online.org/md5-encrypt.html.
Custom Error Pages
Go to Hosted Domains and right-click on any of your hosts. Select Edit. Now you will see the most popular error pages. They are currently set to Default, but you can pick a custom page – simply select the Custom URL option and enter the URL of the 404 page that you want to use. To manually add an error page, use the following code:
ErrorDocument 404 /path/to/error/page.html
IP Blocking
In your Hepsia Control Panel, go to Advanced -> IP Blocking. From there you can quickly block a specific IP from accessing a given website. Additionally, you can use the following code in your .htaccess file:
ErrorDocument 403 http://www.my-website.com/
Order deny,allow
Deny from all
Allow from 107.45.18.3
This is just a small list of what can be done with an .htaccess file. The folks from AskApache have prepared a very detailed list of examples at http://www.askapache.com/htaccess/htaccess.html. Make sure to check the code snippets out – they are frequently updated.
Don’t forget to also have a look at our .htaccess generator, which is located in the Advanced section of the Hepsia Control Panel. It will generate a custom .htaccess file with all the options that you want to use.
Keep in mind that if you are using a script-based website (a WordPress-based website, a Joomla-based website, etc), you already have an .htaccess file, which has been generated automatically by the application. Instead of generating a new one, you are better off editing your existing .htaccess file.
Kind Regards,
Support team
ModSecurity now enabled with all VPSs
- Details
- Created on Wednesday, 23 July 2014 15:40 23 July 2014
The ModSecurity Apache module is a great solution for minimizing the number of hack attacks to websites and applications.
It acts as an application-layer firewall and is able to effectively prevent most brute force/ URL forgery attacks and forum spamming attempts targeted at sites.
Some time ago, we enabled the ModSecurity protection layer as a default feature with all shared hosting accounts. Now the highly effective anti-hack firewall is enabled with all VPSs as well.
ModSecurity enabled on all VPSs
As with shared hosting accounts, the ModSecurity firewall is enabled by default on your VPS, so you don’t have to configure anything in order to have your websites protected.
ModSecurity is running in a blocking mode, so it will automatically block all incoming requests that are flagged as insecure according to the commercial rules at http://www.atomicorp.com.
You can access the ModSecurity section in the Hepsia Control Panel from the newly added shortcut on the Control Panel’s home page or from the Advanced drop-down menu:
How does ModSecurity exactly work?
Over 70% of all the attacks are now carried out at the web application level and being a web application firewall (WAF) itself, ModSecurity effectively addresses this problem.
Its purpose is to establish an external security layer, which allows for HTTP traffic monitoring and real-time analysis, and it offers a powerful API for implementing the advanced protection needed.
This way, the firewall ensures an enhanced level of security, where the malicious attacks are detected and prevented before they reach the web applications.
ModSecurity against brute force attacks
ModSecurity has proven to be very efficient in preventing “brute force” attacks, i.e. the attempts to guess the username and the password of a web application, using a predefined set of usernames and passwords and combining them randomly.
Thanks to the ModSecurity firewall, if there are more than 15 failed login attempts from an IP address within 3 minutes, the IP address will be blocked from accessing the website for the next 30 minutes.
So far, the ModSecurity plugin has reduced the number of hacked websites on our servers dramatically.
If you have any questions about ModSecurity and about how it will work on your Virtual Private Server, don’t hesitate to contact our support team by opening a ticket from the Web Hosting Control Panel.
Kind Regards,
Support team
A new look for the News section of the Hepsia Control Panel
- Details
- Created on Monday, 21 July 2014 15:46 21 July 2014
Keeping you up to date with the latest updates and introductions to our web hosting platform has always been a priority in our schedule.
To make the presentation of news and updates simpler and more attractive, we have made some significant tweaks to the News section of the Web Hosting Control Panel.
From today, you will be able to read the news about us like reading your favourite blog, because we have added visuals and content segmentation.
We hope this new and agile format will improve your access to timely and relevant information regarding our services.
Update to the Inbox tab – a new boxy style and news excerpts
The first important update is a visual re-styling of the Inbox tab, which alerts you about unread news.
Besides from a new and cleaner appearance, there’s a better differentiation between this service updates and your regular service notifications and alerts. This way you can easily prioritise which content you want to read firstly.
Update to the News listing
Now all news articles are listed in with a 16:9 thumbnail and a brief introductory headline, as well as a concise summary of the main points discussed in the update. It also includes a thumbnail picture to help convey the main message of each update.
Here's a screenshot of how they are arranged:
A complete redesign of the news content pages
The news content pages have been revamped to offer a blog-like look and feel. They now feature a segmented layout and plenty of images and video embeds for better illustrating the content.
Here's a screenshot of one example:
Kind Regards,
Support team