Home Blog Page 4

Howto: Map network drives on Mac better than Windows using automount

0
[vc_tta_tabs active_section=”1″ pagination_style=”outline-square”][vc_tta_section title=”Summary” tab_id=”1483657727692-588765df-8139e50c-cffe9404-6790″][vc_custom_heading text=”Problem / Outcome Summary”]
  • This article will enable you to permanently ‘Map’ or ‘mount’ network drives on your Mac OS without having to connect to them in Finder each time.
  • Please see the ‘Summary Overview’ tab below for a high level view of the objectives this ‘howto’ will achieve.

Why might I want to do this?

  • If you have a lot of network drives it can be frustrating to do this every time your restart your computer.
  • If you are running a server on your Mac.
  • If you are hosting an application on your Mac that relies on remote storage
  • If you have a NAS
[/vc_tta_section][vc_tta_section title=”Foreword” tab_id=”1483656936153-fec58c10-e606e50c-cffe9404-6790″][vc_custom_heading text=”Foreword”]

To be clear, what is a network drive and what is mapping and mounting?

Simply put, a network drive is a folder or directory that does not reside on your computer, but on another device which you connect to via the network. Examples of devices that may have a network ‘share’ on them include, “A computer different to your own, Network Attached Storage (NAS), a Server such as Windows Server, Mac OS Server or a linux Server such as RedHat.

‘Mapping’ or ‘Mounting’ a drive refers to the process whereby your computer knows to reconnect to that drive so you don’t have to manually find it and connect to it each time you reboot or start up your computer. Common use cases for wanting a mapped drive include things such as running a Media Server on your computer, having a mapped ‘home’ drive separate from your computer for security or backup reasons or having someone in your family, or flat that has shared files your want to connect to.

This article does not go into how to create the share, only how to connect to an existing share.

A word about modifications

Being a Mac, it’s strong suit is unfortunately NOT networking.  It does have robust networking protocols and reliable methods of connecting to other systems and devices – and even an underlying system (kernel) that supports many traditional ways of connecting.  However Mac OS has never been designed to work well in a network connected office environment.  There have been great advances in this area, but the concept of mapping drives is still a concept which Apple refuse to embrace, which is very strange considering how much focus Apple put’s on useability.

Anyway,  it’s important to note that to work around these problems we need to make a very small (completely reversible) modification to the underlying system to make everything work properly.

To a Mac person who’s not used to having to do this kind of thing, this can be quite scary, however, I can say from first hand experience because Mac OS is the ONLY operating system which provides such a consistent, low issue user experience, if you had been on Windows (which DOES have a great mapped drive feature built within it), there would be many more things we would have had to do to get things running in Windows.  Windows is legendary for it’s inconsistencies and high support costs.

Please note: It isn’t mandatory, but it helps if you’re familiar with using a basic text editor such as Nano or Vi to complete this Howto.

[/vc_tta_section][vc_tta_section title=”Pre-Requisites” tab_id=”1483656936239-1facad3b-9216e50c-cffe9404-6790″][vc_custom_heading text=”Pre-Requisites”]

Software Dependencies

  • Mac OS
  • A shared network drive

Hardware Dependencies

  • None

Tools Required

  • Console administrator
  • A console text editor such as Nano or Vi

Other Dependencies

  • A working network – virtual, physical or otherwise
[/vc_tta_section][vc_tta_section title=”Summary Steps” tab_id=”1483657008528-9fc62da7-5742e50c-cffe9404-6790″][vc_custom_heading text=”High Level Summary Steps”]

The below lists the high level summary of steps we’re about to take during this howto.

  • Open the Mac OS Terminal
  • Create the mountpoints
  • Become SuperUser
  • Edit the fstab file
  • Save the file
  • Restart the computer
[/vc_tta_section][vc_tta_section title=”Implementation” tab_id=”1483657023013-0e8f9bfb-cd0fe50c-cffe9404-6790″][vc_custom_heading text=”Implementation”]

Open the Mac OS Terminal

  • Go into the Mac finder, click on the ‘Applications’ section in the left navigation pane and then find the ‘Utilities’ folder.
  • In the Utilities folder you will see the Terminal Application, Open this by double clicking on it.

Create the mountpoints

Mapping /mounting in *Nix environments (of which Mac OS is one) works slightly differently to Windows.  Automount essentially maps a network share to a previously created folder / directory on your local hard drive.  In this way, the network shares will actually appear to be any folder on your local hard drive you choose.  So let’s create the mountpoints (as your ordinary user).  Note:  These mountpoints will be using your ordinary users password, so it pays to put them somewhere where other users of your system won’t have access such as /Users/yourusername/Volumes/Mountpoint

  • In terminal type ‘ls’ (this will show you which folder you’re in, you should by default go to your home folder which is to say /Users/yourusername which is what we want.
  • Type ‘mkdir Volumes’ <ENTER> to create a folder / directory named Volumes
  • Type ‘cd Volumes’ <ENTER> to go into that folder.  If you type ‘ls’ now, you should see an empty folder.
  • Type ‘mkdir yourmountpointname’ for any and all mountpoints you want to create, which will end up being network drives.
  • Type ‘ls’ <ENTER> when finished to display the list of folders / directories you have just created.

Become SuperUser

  • Become superuser (or root as it’s sometimes called) by typing ‘su’ <ENTER> in the terminal.   (If you haven’t done this before, see our article on how to setup a root password on mac and become SuperUser here).

Edit the fstab file

  • Type, ‘Nano /etc/fstab’ (this file may not exist, if not go ahead and create a new one)
  • For each share you want to automatically connect to, have a line like below:
  • yourservername:/yourserversharename /Users/yourusername/Volumes/yourmountpointname url automounted,url==cifs://yournetworkusername:yournetworkpassword@yourservername/Video 0 0

Note: This article assumes your server has a Windows style (Samba or CIFS) type of share.  If you have a different type, you’ll know what that means and can replace the ‘cifs’ wording above with something more appropriate such as NFS.

An example of one of my fstab lines is as follows:

192.168.43.15:/home /Users/myusername/Volumes/Home url automounted,url==cifs://myusername:mypassword@192.168.43.15/home 0 0

  • Save your fstab file by pressing CTRL-X on your keyboard and pressing ‘Y’ to confirm the changes.

Restart your computer

The next step is to restart your computer to make the changes active.  It is possible to execute another command instead of rebooting, however I’ve had problems when doing that and found a reboot works better.

If it doesn’t work, check your share names, passwords and mount points are exactly as you created them as some of them are case sensitive (capital letters make a difference).

And that’s it!

[/vc_tta_section][vc_tta_section title=”Final Word” tab_id=”1483657035357-36e2d8d1-b325e50c-cffe9404-6790″][vc_custom_heading text=”Final Word”]

There are many way’s to connect to network drives in MacOS, but there are not many way’s to automatically do it.  This howto outlines how I do it on my machines and it works quite well.  If you have any other alternative methods (paid or otherwise) as always, I welcome your insights and opinions in the comments section below.

Marshalleq

[/vc_tta_section][/vc_tta_tabs]

Howto: Calibrate Monitor Colour

0
[vc_tta_tabs active_section=”1″ pagination_style=”outline-square”][vc_tta_section title=”Summary” tab_id=”1483657727692-588765df-8139e50c-cffe668d-da2c”][vc_custom_heading text=”Problem / Outcome Summary”]
  • This article will enable you to match and calibrate your monitor’s colour to other colour profiled devices such as printers and projectors.
  • Please see the ‘Summary Overview’ tab below for a high level view of the objectives this ‘howto’ will achieve.

Why might I want to do this?

  • To ensure consistent colour across multiple devices.
  • To ensure printed photo’s look the same as on screen
  • To prevent photo’s from being too dark or too bright
  • To create colour consistency when working with Video
  • To ensure colour is displayed as intended when watching movies on a projector or TV
[/vc_tta_section][vc_tta_section title=”Foreword” tab_id=”1483656936153-fec58c10-e606e50c-cffe668d-da2c”][vc_custom_heading text=”Foreword”]

To be clear, what does colour calibration do?

Simply put, colour calibration is a way of ensuring consistency of colour (and brightness to a certain extent) across multiple devices. This is absolutely mandatory if you’re working on photo’s professionally, but also is a very nice to have if you have a big projector or fancy TV and enjoy watching movies.

You want to automate this process if you have a public facing web site that you wish to utilise SSL, or if you have many users that will connect to the NAS from the internet. Do note however, that a certificate is not necessary to do the actual encryption of your traffic, however, without a paid certificate, each user will either have to accept a security warning prompt upon initial setup or upon visiting your web site, or alternatively manually add a certificate that you provide in the form of a file. For this reason, it is usually much easier to use a paid certificate authority.

Colour Calibration Products

There are many colour calibration methods and products out there.  Without a doubt the two main brands are X-Rite and Datacolor.  You’ll note from their product pages that there are many things that need to be calibrated if you want total control over consistent colour.  For this article though, we’re focusing entirely on calibration of the screen.  If you’d like a quick and dirty recommendation for which product to buy, I’d buy either the X-Rite i1 Display Pro or the Spyder 5 Elite.  My preference, is for the X-Rite brand as they seem to do their updates more on the software side (meaning your hardware investment lasts longer) whereas Spyder seem to keep upgrading their hardware meaning your product is outdated quicker.  I actually Own the X-Rite ColorMunki Photo, which is now a very very old unit (over 6 years old), but as a testament to X-Rite and to my amazement, X-Rite continue to update the drivers for each new version of Mac-OS that comes out.

Please note: The above products come with their own software for Windows and Mac OS.  If you’re using Linux (or an unsupported version of Windows or Mac OS), please take a look at DisplayCAL and also check the hardware compatibility list for this software before buying here.

[/vc_tta_section][vc_tta_section title=”Pre-Requisites” tab_id=”1483656936239-1facad3b-9216e50c-cffe668d-da2c”][vc_custom_heading text=”Pre-Requisites”]

Software Dependencies

  • ColorMunki, Spyder or DisplaycalGUI
  • Windows, Mac OS or Linux

Hardware Dependencies

  • Compatible Colour Calibration Unit
  • Computer display or equivalent

Tools Required

  • None

Other Dependencies

  • Supported Operating System
[/vc_tta_section][vc_tta_section title=”Summary Steps” tab_id=”1483657008528-9fc62da7-5742e50c-cffe668d-da2c”][vc_custom_heading text=”High Level Summary Steps”]

The below lists the high level summary of steps we’re about to take during this howto.

  • Run the calibration application
  • Calibrate your hardware (X-Rite method)
  • Calibrate the colour of your screen)
  • Check the result
  • Save the Colour Profile
[/vc_tta_section][vc_tta_section title=”Implementation” tab_id=”1483657023013-0e8f9bfb-cd0fe50c-cffe668d-da2c”][vc_custom_heading text=”Implementation”]

Start the calibration Application

In this case, I’m using X-Rite software as I have a ColorMunki Photo.

Application to calibrate ColorMunki Photo
ColorMunki Photo Calibration Application

On your Mac, go to, Applications in the finder, Open the ColorMunki Photo folder, then open the ColorMunki Photo app.  You  will be presented with a screen similar to the image on the right.

  • Click on the ‘Profile My Display’ Button
  • Click the LCD option on the next screen (assuming that’s what you have)
  • Most people will want to click the ‘Easy’ option, however I normally click the ‘advanced’ option so I can get more control.
  • Leave the White Point at D65 for almost every scenario
  • I normally set the ‘White Luminance’ value to 140 cd/m2 however you CAN let the colormunki set this for you by choosing the option to let ColorMunki automatically set your luminance level.  The reason I set this manually as it never seems to quite work as I expect, but go right ahead and choose it if you like as you CAN create multiple display profiles for your computer and jump around between them as you see fit.

It is actually recommended to create a seperate profile for seperate scenarios – in particular a daytime / bright light profile and a night time profile due to the difference in surrounding light colours and brightness.

  • Click next
  • On the Colormunki, turn the dial to the calibration position as per the on screen instructions and press the calibrate button either on the screen or on the actual ColorMunki itself
  • If you chose the ambient light option, you will be prompted to turn the dial to the ambient light measurement position as per on screen instructions.  Note you will need to place the ColorMunki in front of your monitor and outside of it’s case to get an accurate reading.
  • Click the Measure button, you will be advised your rooms current ‘lux’ level and the luminance colormunki will set your monitor to
  • Click Next
  • If you didn’t choose to measure ambient light, your next step starts here
  • Move the ColorMunki Dial to the measurement position as per on screen instructions and put it back in the colormunki case if you have removed it and click next
  • You will be prompted with a window explaining where to place the ColorMunki.  You will need to now hang your ColorMunki over the monitor and ensure the slider door underneath the ColorMunki is opened.  Also please ensure there is no gap between the colormunki and the screen.  If you there is a gap, your result may be tainted by other colours in the room.
  • Once positioned, click Next.
  • The colormunki will now profile your display starting first with brightness calibration.  You screen will first flash a number of grey’s and then a number of basic colours in order to ascertain it’s brightness.  You will then be prompted to adjust your display’s brightness as close as possible with the screens brightness control.  Click Next, when the onscreen instructions say that you’ve chosen the correct brightness.  If you can’t get your display bright or dark enough, the colormunki will adjust that in software later on.  Click Next.
  • Now your display will calibrate it’s colour.  It’ll take about 5 minutes, after which you’ll be presented with a default Profile name to save as.  My recommendation is you name this as something that is relevant to your profiling conditions, e.g. Dell Monitor Profile Daytime-Bright.  Click Save
  • You’ll see as soon as it’s saved the colour changes.  You might think that it looks horrible at first, but wait until one of the next screens before making that decision.
  • It’s a good idea to reprofile the screen every few weeks, if you like you can tick on the option for ColorMunki to remind you.  Click Next.
  • On the next screen you’ll see a before and After comparison.  This is where you can choose if you like the changes or not.  Look at the skin tones and ask yourself which looks the most natural.  If neither one looks good, repeat the process, (it’s possible something went wrong) and often a second attempt will resolve it.  Click Next and you’re done!
[/vc_tta_section][vc_tta_section title=”Final Word” tab_id=”1483657035357-36e2d8d1-b325e50c-cffe668d-da2c”][vc_custom_heading text=”Final Word”]

I’ve been profiling my display for a few years now and one thing I can say is that whenever I think I don’t need to do it, I discover I actually do.  I ran through a profile during writing this article and realised I hadn’t done it since I moved my office into a new room.  Since the room is very bright I turned on the automatic ambience setting and profiled that way.  The result was that I needed to turn my monitor on about double the brightness.  I also noted at the end, my previous profile (which was a calibrated one) was very pink.  Ironically I didn’t think there would be too much difference in the colour quality since I’d profiled it ‘not that long’ ago.  But I was very clearly wrong.  This shows there is a lot of value in doing this regularly.

As always, I welcome your insights and opinions in the comments section below.

Marshalleq

[/vc_tta_section][/vc_tta_tabs]

Real WordPress hosting prices, a comparison and their misleading pricing

0

Real WordPress hosting prices, a comparison and their misleading pricing

Overview

In this article, we take our first look at hosting companies. If you’ve ever tried to find a good WordPress hosting company, you’ll know that it can be very confusing.   Not only do you have the quality of brand to consider, you also have a lot of technical jargon, the pricing varies from company to company, and you often find the cost comes out much more than advertised.  This makes comparing hosting companies very difficult.

In part one in the series we’ve gone to every shared hosting company we could find and signed up for a shared WordPress hosting plan to see what we got, compared to what was advertised. You’ll see that in some cases this can be extremely different, especially when it comes to actual price vs advertised price.

False / Misleading Advertising

One of the worst attributes of many of these hosting companies is false advertising.  The claim that you can have something for a price, which you find does not exist.  The most common offense here, is claiming a low monthly price which can only be paid for annually, bi-annually, or tri-annually in some cases (that is to say, to get the ‘monthly’ pricing advertised you may find you need to sign up for three years and pay the whole three years in a single payment up front.  So if it was $3.99 per month you may have to pay $3.99×36=$143.64 up front.

Apples with Apples

Another problem is that the plans do not always match.  Of course, it would be normal to expect some variation, however when things like backups and malware protection on varied, (included in some and an extra cost in others) we feel this is not acceptable.  As such all pricing within the below table has been adjusted to include as close to an apple with apples comparison as we can.

How we normalised the pricing and plans

In this comparison, automated backups, online security, anti-hacking and standard WordPress optimised features are considered mandatory, if these are optional extras on the plan, they have been added and the cost accounted for.  If they come with the plan, then the price will reflect this as it will be lower. If the option was not available at all, the hosting company was removed from the comparison altogether.

With regard to some companies requiring a 36month sign up to get cheaper pricing, all plans are normalised to 12 months and in US dollars.  So if it is more expensive to sign up for 12 months, this will again be reflected in the 12 month price.  We believe signing up for more than 12 months in the technology industry is a mistake anyway.

How to read the comparison table

There are a number of sites that are using a template or franchise style of setup.  You can see this when you go to the signup page and see that the site is identical to another in it’s layout, right down to the pictures of the people on the servicedesk.  We’ve noted this in the notes column by the ‘Franchise’ label.

  • Advertised monthly price – The price advertised by the hosting company
  • Actual monthly price – The actual normalised price per month if you took a monthly payment option.  (Where NA is given, no monthly option is available)
  • Actual Monthly Price (Second Month+) – The actual monthly price you pay after the first month.  (The first month often applies extra discounts and sometimes extra setup fees).
  • Actual Annual Price (First year) – Same idea as ‘Actual monthly price’
  • Actual Annual Price (Second year+) – Sasme idea as Actual monthly price (Second Month+)
  • SSL – Some of this information was not available, we will update it as it comes to hand.
  • Notes – Any information that didn’t warrant an entire column for it.

[alert color=”EBA132″ icon=”fa-align-right” title=”Please note:”]To scroll the table to the right, click on the table and use the right arrow key on your keyboard. Alternatively, you may be able to achieve this by right scrolling with your mouse if it supports it.[/alert]

 

ProviderWeb Site AddressProductPlanHosting TypeAdvertised Monthly PriceActual Monthly Price (First Month)Actual Monthly Price (Second Month+)Setup Fee for monthly planActual Annual Price (First Year)Actual Annual Price (Second Year+)Free DomainFree EmailSSDCDNStatic IPWebsites AllowedSSL First YearSSL Second YearSSL Pricing PageFeatures PageDisk SpaceBandwidthNotes
Bluehostwww.bluehost.comShared HostingStarterShared3.95N/AN/AN/A119.16137.64YesNoNo5N/AN/AN/Ahttps://www.bluehost.com/hosting-features100GBUnlimited
Bluehostwww.bluehost.comShared HostingPlusShared6.95N/AN/AN/A155.16191.64YesIncludedNoUnlimitedN/AN/AN/Ahttps://www.bluehost.com/hosting-featuresUnlimitedUnlimitedExtras $180
Bluehostwww.bluehost.comShared HostingBusiness ProShared14.95N/AN/AN/A$263.28$323.76YesIncludedYesUnlimitedIncludedhttps://my.bluehost.com/cgi/help/pricehttps://www.bluehost.com/hosting-featuresUnlimitedUnlimited
dot5hostingwww.dot5hosting.comHostingIntro OfferShared5.95N/AN/A$0.00$152.30$200.78YesYesUnknownNoNoUnlimitedTBAUnknownhttps://www.dot5hosting.com/dot5/hosting.bmlUnknownUnknownFranchise
dotsterwww.dotster.comLinux HostingBasicShared3.75N/AN/AN/A$100.95$100.95YesYesNoNoNo1N/AN/AN/Ahttps://www.dotster.com/dotster/hosting/UnlimitedUnlimitedNo Support Included
dotsterwww.dotster.comLinux HostingDeluxeShared6.75N/AN/AN/A$136.95$136.95YesYesNoNoNoUnlimitedN/AN/AN/Ahttps://www.dotster.com/dotster/hosting/UnlimitedUnlimitedNo Support Included
dotsterwww.dotster.comLinux HostingUltraShared13.75N/AN/AN/A$220.95$220.95YesYesNoNoNoUnlimitedN/AN/AN/Ahttps://www.dotster.com/dotster/hosting/UnlimitedUnlimitedPremium Support Included
Dreamhostwww.dreamhost.comShared HostingWeb HostingShared3.95$10.95$119.40YesYesYesNo5.95 per monthUnlimited$15.00Unknownhttps://www.dreamhost.com/hosting/shared/UnlimitedUnlimited9.95 for premium support
ehostwww.ehost.comUnix PlatformThe One PlanShared5.959.959.9519.95174.29210YesYesNoNoNo1N/AN/Ahttps://www.ehost.com/product/ssl_certificate.bmlhttp://www.ehost.com/product/onePlan.bmlUnlimitedUnlimitedFranchise
entryhostwww.entryhost.comSame as ehostSame as ehostSame as ehost5.95Same as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostSame as ehostFranchise
Fastcometwww.fastcomet.comWeb HostingSingle WebsiteShared2.952.953.9519.9547.447.4YesYesYesYesNo1N/AN/AN/Ahttp://www.fastcomet.com/compare-shared-package35GB (SSD)UnlimitedOne of the few sites that doesn't require paying for extras to get basics like backups and protection which is reflected quite clearly in the price.
Fastcometwww.fastcomet.comWeb HostingMultiple WebsitesShared5.955.955.9519.9571.471.4YesYesYesYesNoUnlimitedN/AN/AN/Ahttp://www.fastcomet.com/compare-shared-package55GB (SSD)UnlimitedOne of the few sites that doesn't require paying for extras to get basics like backups and protection which is reflected quite clearly in the price.
Fastcometwww.fastcomet.comWeb HostingE-CommerceShared6.956.956.9519.9583.483.4YesYesYesYesYesUnlimitedIncludedUnknownhttp://www.fastcomet.com/compare-ssl-certificateshttp://www.fastcomet.com/compare-shared-packageUnlimited (SSD)UnlimitedOne of the few sites that doesn't require paying for extras to get basics like backups and protection which is reflected quite clearly in the price.
fatcowwww.fatcow.comWordpress BlogWP StarterShared3.75$9.49$15.23$113.90$182.78YesYesNoNoNo1UnknownUnknownhttp://www.fatcow.com/product/ssl_certificate.bmlhttp://www.fatcow.com/wordpress-hosting/UnlimitedUnlimitedFranchise
fatcowwww.fatcow.comWordpress BlogWP EssentialShared6.95$12.69$18.23$152.30$218.78YesYesYesNoNo1UnknownUnknownhttp://www.fatcow.com/product/ssl_certificate.bmlhttp://www.fatcow.com/wordpress-hosting/Unlimited (SSD)UnlimitedFranchise
godaddywww.godaddy.comWordpress Site/BlogBasicShared3.993.99$6.99$0.00$47.88$83.88Yes1 Year Office 365YesNoNo1N/AN/AN/Ahttps://www.godaddy.com/hosting/wordpress-hosting.aspx10GB (SSD)UnlimitedAdvertises honestly – upfront with pricing, ironically the pricing was appeared more expensive and I did not choose this based on that, yet they're the most honest, Managed Solution
godaddywww.godaddy.comWordpress Site/BlogDeluxeShared5.995.99$8.99$0.00$71.88$107.88Yes1 Year Office 365YesNoNo1N/AN/AN/Ahttps://www.godaddy.com/hosting/wordpress-hosting.aspx15GB (SSD)UnlimitedAdvertises honestly – upfront with pricing, ironically the pricing was appeared more expensive and I did not choose this based on that, yet they're the most honest, Managed Solution, One Click Staging
godaddywww.godaddy.comWordpress Site/BlogUltimateShared8.99$8.99$14.99$0.00$107.88$179.88Yes1 Year Office 365YesNoYes2Included$69.99https://www.godaddy.com/ssl/ssl-certificates.aspx?countryview=1https://www.godaddy.com/hosting/wordpress-hosting.aspx30GB (SSD)UnlimitedAdvertises honestly – upfront with pricing, ironically the pricing was appeared more expensive and I did not choose this based on that, yet they're the most honest, Managed Solution, One Click Staging
godaddywww.godaddy.comWordpress Site/BlogDeveloperShared14.99$14.99$24.99$0.00$179.88$299.88Yes1 Year Office 365YesNoYes5Included$69.99https://www.godaddy.com/ssl/ssl-certificates.aspx?countryview=1https://www.godaddy.com/hosting/wordpress-hosting.aspx50GB (SSD)UnlimitedAdvertises honestly – upfront with pricing, ironically the pricing was appeared more expensive and I did not choose this based on that, yet they're the most honest, Managed Solution, One Click Staging
Host Gatorwww.hostgator.comUnlimited Web HostingHatchling PlanShared5.56$7.16$8.9566.7283.4NoYesUnknownNot Free1$20.04UnknownOnly available at signuphttps://www.godaddy.com/hosting/wordpress-hosting.aspxUnlimitedUnlimited
Host Gatorwww.hostgator.comUnlimited Web HostingBaby PlanShared7.96$7.96$9.95$95.52$119.40NoYesUnknown$2 Per MonthUnlimited$20.04UnknownOnly available at signuphttps://www.hostgator.com/sharedUnlimitedUnlimited
Host Gatorwww.hostgator.comUnlimited Web HostingBusiness PlanShared11.96$11.96$14.95$143.52$179.40NoYesUnknownFreeUnlimitedIncludedUnknownOnly available at signuphttps://www.hostgator.com/sharedUnlimitedUnlimited
hostmonsterwww.hostmonster.comHostingStarterShared3.95N/AN/AN/A$119.16$143.64YesYesNoNoNo1N/AN/AUnknownhttps://www.hostmonster.com/hosting-featuresUnlimitedUnlimited
hostmonsterwww.hostmonster.comHostingPlusShared6.49N/AN/AN/A$155.16$197.16YesYesNoYesNoUnlimitedN/AN/AUnknownhttps://www.hostmonster.com/hosting-featuresUnlimitedUnlimited
hostmonsterwww.hostmonster.comHostingBusiness ProShared14.49N/AN/AN/A$173.88$239.40YesYesNoNoYesUnlimitedIncludedUnknownN/Ahttps://www.hostmonster.com/hosting-featuresUnlimitedUnlimited
hubwww.webhostinghub.comN/ASparkShared1.95N/AN/AN/A$71.88UnknownNoYesNoNoNo2N/AN/AN/Ahttp://www.webhostinghub.com/web-hosting-featuresUnlimitedUnlimitedDoesn't have option for site protection, Domain Registration wasn't free – need to check this for all sites.
hubwww.webhostinghub.comN/ANitroShared6.99N/AN/AN/A$119.88UnknownNoYesNoNoNoUnlimitedN/AN/AN/Ahttp://www.webhostinghub.com/web-hosting-featuresUnlimitedUnlimitedDoesn't have option for site protection, Domain Registration wasn't free – need to check this for all sites.
hubwww.webhostinghub.comN/ADynamoShared10.99N/AN/AN/A$167.88UnknownNoYesNoNoYesUnlimitedIncludedUnknownN/Ahttp://www.webhostinghub.com/web-hosting-featuresUnlimitedUnlimitedDoesn't have option for site protection, Domain Registration wasn't free – need to check this for all sites.
inmotionwww.inmotionhosting.comBusiness HostingLaunchShared5.99N/AN/AN/A$83.88$107.88YesYesYesNoNo2N/AN/AN/Ahttp://www.inmotionhosting.com/business-hostingUnlimitedUnlimited
inmotionwww.inmotionhosting.comBusiness HostingPowerShared7.99N/AN/AN/A$107.88$131.88YesYesYesNoNo6N/AN/AN/Ahttp://www.inmotionhosting.com/business-hostingUnlimitedUnlimited
inmotionwww.inmotionhosting.comBusiness HostingProShared13.99$17.99$19.99$40.00$177.87$201.87YesYesYesNoNoUnlimitedN/AN/AN/Ahttp://www.inmotionhosting.com/business-hostingUnlimitedUnlimitedNo Free domain on monthly plan
iPagewww.ipage.comWordpress HostingWP StarterShared3.75$72.65$3.75$0.00$113.90$182.78YesYesYesNoNoUnlimitedN/AN/AN/Ahttps://www.ipage.com/hosting-featuresUnlimitedUnlimitedFranchise
iPagewww.ipage.comWordPress HostingWP EssentialShared6.95$6.95$12.49$0.00$83.40$149.88YesYesYesNoNoUnlimitedN/AN/AN/Ahttps://www.ipage.com/hosting-featuresUnlimitedUnlimitedFranchise
ipowerwww.ipower.comDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageDuplicate of iPageFranchise
justhost.comwww.justhost.comWeb HostingStarterShared2.95$48.45$5.99$0.00$107.16$119.64YesYesNoNoNo1N/AN/Ahttps://my.justhost.com/hosting/help/pricehttp://www.justhost.com/hosting-features100GBUnlimitedThree different prices exist for the same product in the same instance, pricing highly likely to be incorrect
justhost.comwww.justhost.comWeb HostingPlusShared4.95$49.85$14.99$0.00$83.40$119.88YesYesNoYesNoUnlimitedN/AN/Ahttps://my.justhost.com/hosting/help/pricehttp://www.justhost.com/hosting-featuresUnlimitedUnlimitedThree different prices exist for the same product in the same instance, pricing highly likely to be incorrect
justhost.comwww.justhost.comWeb HostingBusiness ProShared9.95$53.87$31.98$0.00$203.28$383.76YesYesNoYesYesUnlimitedIncludedUnknownhttps://my.justhost.com/hosting/help/pricehttp://www.justhost.com/hosting-featuresUnlimitedUnlimitedThree different prices exist for the same product in the same instance, pricing highly likely to be incorrect
netfirmswww.netfirms.comWeb HostingAdvantageShared8.99N/AN/AN/A$188.30Unknown2YesNoNoNoUnlimitedN/AN/AN/Ahttps://www.netfirms.com/netfirms/web-hosting/Renewal pricing inconsistent so left out
netfirmswww.netfirms.comWeb HostingPlusShared4.45N/AN/AN/A$128.30Unknown1YesNoNoNoUnlimitedUnknownN/AN/Ahttps://www.netfirms.com/netfirms/web-hosting/Renewal pricing inconsistent so left out
netfirmswww.netfirms.comWeb HostingBusinessShared12.99N/AN/AN/A$248.30Unknown5YesNoNoYesUnlimitedIncludedUnknownUnknownhttps://www.netfirms.com/netfirms/web-hosting/Renewal pricing inconsistent so left out
Network Solutionswww.networksolutions.comWordpress Blog Hosting1 YearShared3.85N/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/Ahttp://www.networksolutions.com/web-hosting/wordpress/index.jsp50GB500GBDoesn't meet minimum requirements
purehostwww.purehost.comWeb HostingPureBusiness HostingSharedN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/Ahttp://www.purehost.com/purehost/hosting.bmlDoesn' meet minimum requirements
Sitegroundwww.siteground.comWeb HostingStartupShared3.95$54.90Unknown$14.95$83.40UnknownYesYesNoIncluded (Non SSL Only)No1N/AN/AN/Ahttps://www.siteground.com/web-hosting.htm10GBUnlimitedSupercacher
Sitegroundwww.siteground.comWeb HostingGrowBigShared7.95$44.90Unknown$24.95$107.40UnknownYesNoNoIncluded (Non SSL Only)YesUnlimitedIncludedUnknownhttps://www.siteground.com/ssl_certificates.htmhttps://www.siteground.com/web-hosting.htm20GBUnlimitedSupercacher
Sitegroundwww.siteground.comWeb HostingGoGeekShared14.95$51.90Unknown$24.95$191.40UnknownYesNoYesIncluded (Non SSL Only)YesUnlimitedIncludedUnknownhttps://www.siteground.com/ssl_certificates.htmhttps://www.siteground.com/web-hosting.htm30GBUnlimitedSupercacher, One Click Staging

Final Word

So there you have it, a lot of work went into this and there are likely to be errors, if you find one, or have a correction to make, please include your insights and opinions in the comments below.

Marshalleq

Howto: Setup VMWare-tools on Sabayon Linux Guest

0
[vc_tta_tabs active_section=”1″ pagination_style=”outline-square”][vc_tta_section title=”Summary” tab_id=”1483657727692-588765df-8139e50c-cffe60ab-0c6f”][vc_custom_heading text=”Problem / Outcome Summary”]
  • VMWare-tools won’t install properly (or at all) on Sabayon Linux by default
  • VMWare says ‘VMWare Tools is not available for this guest’
  • This article will show you how to get around this problem and have a fully functioning set of VMWare-Tools including copy / paste, screen resizing and other sharing functionality.

Why might I want to do this?

  • To enable copy / paste between the guest and host within VMWare
  • To enable automatic screen sizing and resolution adjustments within the VMWare client
  • Improve movement of the mouse in the guest
  • Make the sound work properly in the guest
  • Improve the colour depth of the guest
  • Synchronise the time between the guest and the host
[/vc_tta_section][vc_tta_section title=”Foreword” tab_id=”1483656936153-fec58c10-e606e50c-cffe60ab-0c6f”][vc_custom_heading text=”Foreword”]

VMWare tools are a small set of drivers and enhancements that are installed in the ‘guest’ OS.  This then enables the guest to communicate more efficiently with the host OS and it’s hardware.

Additional resources

The official VMWare tools information can be found here.

[/vc_tta_section][vc_tta_section title=”Pre-Requisites” tab_id=”1483656936239-1facad3b-9216e50c-cffe60ab-0c6f”][vc_custom_heading text=”Pre-Requisites”]

Software Dependencies

  • A running VMWare host
  • An active VMWare guest with Sabayon Linux
  • A copy of VMWare tools for linux guests

Hardware Dependencies

  • None

Tools Required

  • None

Other Dependencies

  • A working internet connection
[/vc_tta_section][vc_tta_section title=”Summary Steps” tab_id=”1483657008528-9fc62da7-5742e50c-cffe60ab-0c6f”][vc_custom_heading text=”High Level Summary Steps”]

The below lists the high level summary of steps we’re about to take during this howto.

  • Get a copy of the VMWare tools linux drivers from your host
  • Install the pre-requisites for installation
  • Install and configure the VMWare tools script
  • Reboot Sabayon Linux
[/vc_tta_section][vc_tta_section title=”Implementation” tab_id=”1483657023013-0e8f9bfb-cd0fe50c-cffe60ab-0c6f”][vc_custom_heading text=”Implementation”]

Get a copy of the VMWare tools linux drivers from your host

  1. Get this

Install the pre-requisites for installation

  1. Ensure your Sabayon linux is up-to-date
  2. Open a console
  3. Become root (su / password)
  4. Enter the following commands
    1. equo install sabayon-sources gcc  binutils (Installs kernel headers, gcc and binutils)
  5. Create the missing rc directories (enter each command as one whole line)
    1. cd /etc/
    2. mkdir rc0.d rc1.d rc2.d rc3.d rc4.d rc5.d rc6.d

Install and configure the VMWare-Tools script

  1. Copy the VMWare-Tools file you obtained earlier to a directory of your choice
  2. Open a Console
  3. Extract and run the VMWare-Tools file
    1. tar -xvf <vmwaretoolsfile>
    2. cd vmware-tools-distrib
    3. ./vmware-install.pl
    4. Accept all defaults and click yes to create directories as requested
    5. If you get errors regarding vmhgfs modules you can ignore them.

Reboot your system

Now restart your system and VMWare-Tools is now installed and working.

  1. Shutdown -r now

That’s it, all done!

[/vc_tta_section][vc_tta_section title=”Final Word” tab_id=”1483657035357-36e2d8d1-b325e50c-cffe60ab-0c6f”][vc_custom_heading text=”Final Word”]

At time of writing the Sabayon version used was 15.05, this would likely apply to future and previous versions though.

As always, I welcome your insights and opinions in the comments section below.

Marshalleq

[/vc_tta_section][/vc_tta_tabs]

Howto: Amazon CloudFront CDN with SSL

[vc_tta_tabs active_section=”1″ pagination_style=”outline-square”][vc_tta_section title=”Summary” tab_id=”1483657727692-588765df-8139e50c-cffe1903-e853″][vc_custom_heading text=”Problem / Outcome Summary”]
  • This article will enable you to speed up your website / blog by offloading the loading of images to a dedicated content delivery network (Amazon CloudFront CDN) with SSL, (SSL is optional).
  • Please see the summary overview tab below for a high level view of the objectives this ‘howto’ will achieve.

Why might I want to do this?

  • To reduce the amount of traffic being sent to / from your web site, blog site, web host, or web server.
  • To help increase your search ranking in Google.
  • To speed up the performance of your site when someone views it.
  • To help mitigate against server failure or performance issues should your site or server be hit with an unexpected amount of traffic e.g. an article goes ‘viral’.
  • To help reduce the load on a ‘shared hosting’ site
[/vc_tta_section][vc_tta_section title=”Foreword” tab_id=”1483656936153-fec58c10-e606e50c-cffe1903-e853″][vc_custom_heading text=”Foreword”]

To be clear, how does a CDN work?

Simply put, a CDN network hosts the static files such as images on the CDN systems instead of on your hosts systems so that your host has more capacity to focus on other things. This is especially useful for cheaper hosting plans.

How does this work technically?

A CDN consists of multiple web servers strategically placed around the world, which can then be ‘closer’ to the person viewing your site. When the person viewing your site goes to a page which has CDN hosted content, the CDN knows where the closest (and therefore fastest) server is compared to that person and delivers your static content from that CDN location instead of your host or site.

How does the CDN get the content from my server?

There are a number of ways to do this depending on what kind of software you’re running and what you’re trying to achieve. But in essence, the links on your blog need to have the URL’s updated to reflect the hostname of the CDN. If you’re using a content management system such as WordPress, this can be done automatically using a plugin such as W3 total cache. It simply re-writes the image locations to point to the CDN instead of your server. In the wordpress case, the process is reversable by simply uninstalling the plugin or rewriting the links to point back to the original location again, but really you’re unlikely to want to do this.

Why did you choose to write this article about Amazon Cloudfront instead of another hosting provider?

Amazon has grown a reputation as being extremely reliable, I’m not talking about reliable for small businesses, I’m talking enterprise grade reliability that Amazon have actually built from the ground up using specialised hardware and software designed and written by Amazon and key partners specifically for the purpose of serving reliable cost effective hosting.  This makes Amazon the fastest, most reliable service available with more points of presence, more redundancy not to mention an incredible pricing structure You don’t have to sign up to $200 or even $50 dollars a month and in fact provided you use less than 50GB of traffic or 2 million requests per month, you’re not likely to pay a cent for the first year. I believe this makes it the most compelling CDN on the market today and it’s why people like Netflix, Airbnb and many others serious about performance and reliability are using Amazon.

What isn’t a CDN?

    • It is not a proxy or reverse proxy
    • It does not host your entire site, only the static bits
    • It will not keep your site up if your server goes down (for that you can look at CloudFlare along with CloudFront).

Additional resources

A really nice touch is you can download the manual for CloudFront directly to your kindle if you have one by going to the page here. You’ll note there’s also a PDF and an online version.

[/vc_tta_section][vc_tta_section title=”Pre-Requisites” tab_id=”1483656936239-1facad3b-9216e50c-cffe1903-e853″][vc_custom_heading text=”Pre-Requisites”]

Software Dependencies

  • An Amazon account (free)
  • A web site that hosts content
  • WordPress (can be adapted)

Hardware Dependencies

  • None

Tools Required

  • A recent web browser such as Firefox, Safari or Chrome

Other Dependencies

  • A working internet connection
  • An active Amazon account
[/vc_tta_section][vc_tta_section title=”Summary Steps” tab_id=”1483657008528-9fc62da7-5742e50c-cffe1903-e853″][vc_custom_heading text=”High Level Summary Steps”]

The below lists the high level summary of steps we’re about to take during this howto.

  • Install the W3 Total Cache Plugin
  • Create a new account for Amazon CloudFront (you don’t want to use your root account for this)
  • Set up CloudFront (via W3 Total Cache)
  • Configure AWS for SSL
  • Refresh Hosting System
[/vc_tta_section][vc_tta_section title=”Implementation” tab_id=”1483657023013-0e8f9bfb-cd0fe50c-cffe1903-e853″][vc_custom_heading text=”Implementation”]

Install the W3 Total Cache Plugin

  1. Log in to the wordpress admin by navigating to your wordpress site and appending /wp-admin to the URL.
  2. Click the Plugins menu on the left side of the wordpress admin panel
  3. Click the Add New button at the top left of the plugins screen
  4. In the ‘Search Plugins’ dialog box, enter ‘W3’ and press enter
  5. Click on the ‘Install Now’ button under the W3 Total Cache plugin that comes up
  6. Click the ‘Activate Plugin’ link on the following page that comes up.
    1. The plugin should now be installed and enabled (but not actually active – even though WordPress says it is active).
  7. Click on the General Settings Page and scroll down to CDN. Leave this disabled, but click on CDN Type of Amazon CloudFront and click Save all Settings

Create a new account for amazon cloudfront (you don’t want to use your root account for this)

  1.  Sign into your AWS account console (outside scope of this exercise, but you can create one at https://aws.amazon.com)
  2. Choose the Identity & Access Management Service under the Administration & Security Section
  3. Click ‘Users’ on the left
  4. Click ‘Create New Users’
  5. Enter the User name you would like to add for your new cloudfront only account
  6. Click Create at the bottom right of the screen
  7. Click Show User Security Credentials on the next screen that comes up
  8. Copy and paste the Access Key ID and the Secret Access Key ID into the same field names in W3 Total Cache in WordPress
  9. Click Close at the bottom of the Amazon page
  10. Click Policies on the left of the Amazon AWS screen
  11. In the search box at the top, start typing ‘cloudfront’ without the quotes
  12. Click the checkbox next to CloudFrontFullAccess
  13. Click the Policy Actions drop down box and choose attach
  14. Click the checkbox next to the name of the account you just created and click Attach Policy at the bottom of the screen.

Set Up Cloudfront (via W3 Total Cache)

  1. Click on the new WordPress admin menu on the left hand side entitled, ‘Performance’ (You will note that there are many other settings, this guide does not go over those only the CDN part).
  2. Click the CDN menu on the left hand side.
  3. Scroll down to the configuration section, under which the first line has a blue link entitled, ‘IAM’ – In the configuration section you should now have your previously entered Access key ID, your Secret key AND these would have come from an account you created with limited Amazon permissions.
  4. Click the ‘Create Distribution button’ – if you set up your Amazon account correctly you should now be met with a prompt saying ‘Distribution Created Successfully’

You’ll note there’s still an empty box in the ‘Replace site’s hostname with:’ section. To get the hostname for this do the following:

  1. Go back to Amazon Web Services and choose the CloudFront service under the storage and content delivery or alternatively try this link: # https://console.aws.amazon.com/cloudfront/home?region=eu-central-1
  2. On the page that comes up you will see the distribution you just created.
  3. Click the blue link in the ID column which will be represented by various numbers and letters
  4. Note the Domain Name on the General Page and copy this into the blank section on your WordPress W3 Total Cache plugin.
  5. You will also note in the Amazon Web Service page that the status column reads ‘In Progress’ This will change to ‘Deployed’ when complete. How long this takes depends on how many images and static content you have in your web site as essentially this is copying your content to CDN servers around the globe.
  6. Back in the W3 Total Cache plugin, on the CDN page, go ahead and ensure all the tick boxes are on that can be except for ‘Add cananonical header’ – you shouldn’t need that.
  7. Go back to the Performance / General Settings Page and click enable in the CDN section.

Configure AWS for SSL

  1. If you’re wondering how this all works with SSL, there’s one radio button that you need to change to work with your SSL site.
  2. In the AWS Cloudfront Distributions page, click the blue link in the ID column and then on the Origins Tab.
  3. Under the origins tab click the tick box next to your domain name, then click edit.
  4. Change the Origin Protocol Policy to ‘Match Viewer’.
  5. Then click the ‘Yes, Edit’ button

Refresh Hosting System

One last step is to purge your caches. You would need to purge any caches from any performance tools that your hosting provider has first, then after that purge the cache from the CDN section or at the top of the W3 Total Cache plugin page.

That’s it, all done!

[/vc_tta_section][vc_tta_section title=”Final Word” tab_id=”1483657035357-36e2d8d1-b325e50c-cffe1903-e853″][vc_custom_heading text=”Final Word”]

As at time of writing, this blog is hosted using this method. If you click on an image and copy it’s locationyou should see it’s hosted at cloudfront.net. In this way, this site can currently use a much cheaper hosting plan than it otherwise could.

As always, I welcome your insights and opinions in the comments section below.

Marshalleq

[/vc_tta_section][/vc_tta_tabs]

Howto: Apply SSL Certificate to QNAP NAS Server

0
[vc_tta_tabs active_section=”1″ pagination_style=”outline-square”][vc_tta_section title=”Summary” tab_id=”1483657727692-588765df-8139e50c-cffe9e81-43b1″][vc_custom_heading text=”Problem / Outcome Summary”]
  • This article will enable you to communicate securely with your QNAP NAS server over the secure sockets layer protocol by utilising a purchased SSL Certificate.
  • Please see the ‘Summary Overview’ tab below for a high level view of the objectives this ‘howto’ will achieve.

Why might I want to do this?

  • To stop traffic from being read or copied by unknown parties on the internet.
  • To help increase your search engine ranking with google.
  • Because you don’t want to see the message SSL Certificate Not Trusted
  • Because you don’t want to see the message SSL Certificate Error
[/vc_tta_section][vc_tta_section title=”Foreword” tab_id=”1483656936153-fec58c10-e606e50c-cffe9e81-43b1″][vc_custom_heading text=”Foreword”]

To be clear, what does an SSL certificate do?

Simply put, an SSL (Secure Sockets Layer) certificate automates the process of verifying the encrypted information traveling between your web site and the web browser / application of the person viewing or using it.  In the QNAP example, this could be a web site hosted on the NAS or between the QNAP NAS applications – (both apply in this howto).

You want to automate this process if you have a public facing web site that you wish to utilise SSL, or if you have many users that will connect to the NAS from the internet.  Do note however, that a certificate is not necessary to do the actual encryption of your traffic, however, without a paid certificate, each user will either have to accept a security warning prompt upon initial setup or upon visiting your web site, or alternatively manually add a certificate that you provide in the form of a file.  For this reason, it is usually much easier to use a paid certificate authority.

A word about security

Without a doubt, SSL is a very secure protocol employing 2048 bit encryption (optional 4096 bit) which is the only real security solution for web sites existing today. Until very recently, SSL had not been compromised. Through recent events brought to light from the Edward Snowden leaks, it turned out that the NSA had indeed compromised SSL. It is not yet known how this happened, except that it was very suspicious that a National Security Agency employee was co-chairing the very influential cryptography panel that creates these standards for the internet engineering task force (IETF). Keeping to topic, no encryption standard (be it DVD, Blu Ray, Sky TV, the Enigma code or SSL) has remained unbreakable forever and this is a natural part of the encryption lifecycle.  SSL was developed in 1993 with the first publicly secure protocol available in 1996, so it’s a testament to the protocol to still be in use today.

Please note: If you’re using the web site for your own private uses, it is obvious that it can actually be more secure using the above mentioned, self signed certificate since there is no certificate authority knowing part of your SSL key. This was finally acknowledged during the Edward Snowden leaks and is known to be part of the way the NSA were able to break SSL. Obviously, this would be no good for an ecommerce site as your customers would be presented with a warning that you’re an untrusted web site and are unlikely to hand over their money.

Do you REALLY want to self host your own web site?

Ultimately, this web site and other things I’m working on have now been moved away from the QNAP NAS server for various reasons, including that the development team at QNAP simply don’t update their code enough for me to consider it really safe and secure. Other challenges with a self hosted site you might like to consider include: automating your own backup plan, redundancy of hardware in a failure, redundancy of internet connection, fail over during failure (DR), how much effort you put into your rebuild procedures (known as as-builts) and what that might mean for down time to your customers.

There isn’t much capability for BCP (Business Continuity Plan) with a public facing web site other than the above precautions, so before you go rushing off thinking a locally hosted web site is for you, consider how hard it may be to get things up and running again and how much down time for your customers that may end up resulting in, if you can’t bring your site up quickly. In my case with a fairly decent knowledge of IT, I could still find an outage causes days of downtime.  For example: if an outage happens while I’m at my day job, it could be 8 hours before I could even start resolution steps and could require a very long night to complete.  If it were failed hardware, it may even be unavailable for weeks while replacement parts arrive from overseas agents.  And these cases are if you’re good at what you do, or lucky.  In reality, things may take much longer and cost you much more money than a good hosting plan.

A word about hosting

These days you can get some pretty sweet deals on web site hosting that take much of the pain away for you.  One I’ve recently discovered is Site5. US$4.95 per month get’s you Apache, mysql, unlimited disk space and unlimited traffic. I doubt that will be easy to beat.  That said, there seem to be dozens of these shared infrastructure sites now available if you’re prepared to search.   Have a look around and consider your options carefully.  See our review of the ‘real’ price these hosting companies charge here.

SSL Certificate types

Something else to know about before you start is there are most definitely a number of different grades of SSL certificates available. On top of that there are differing brands of SSL certificates that each have their own types and certain brands may be trusted more than others.  I won’t go into brands here, but when you sign up at a certificate authority, they should explain all this to you, so choose carefully for your use type.

The two things you need to know when choosing a certificate type are:

  1. What host or hosts (signified by domain names) will I need to protect?
  2. What kind of validation will I require?

So for point 1, will you be securing www.yourdomain.com, host1.yourdomain.com, mail.yourdomain.com etc, or just one of those?

For point 2, you can choose a higher grade of validation where the certificate authority will phone around and confirm that you are legitimate. It takes up to several weeks in some cases but apart from being the most expensive, this type will present a ‘green seal’ of approval in your customers browser which stands out like a sore thumb (in a positive way).  It has quickly become the golden standard associated with secure browsing.

You can see at the below link, a list of different SSL types from Ssl’s.com which turns out to offer some of the most value in terms of SSL certs on the web. For a single host as low as $4.99 per year. Yes you read that right.

https://www.ssls.com/compare-types.html

[/vc_tta_section][vc_tta_section title=”Pre-Requisites” tab_id=”1483656936239-1facad3b-9216e50c-cffe9e81-43b1″][vc_custom_heading text=”Pre-Requisites”]

Software Dependencies

  • SSL Certificate
  • A fixed IP address or Dynamic DNS

Hardware Dependencies

  • QNAP NAS Server
  • An internet Modem / Router capable of performing

Tools Required

  • SSH access
  • A recent web browser

Other Dependencies

  • A working internet connection
[/vc_tta_section][vc_tta_section title=”Summary Steps” tab_id=”1483657008528-9fc62da7-5742e50c-cffe9e81-43b1″][vc_custom_heading text=”High Level Summary Steps”]

The below lists the high level summary of steps we’re about to take during this howto.

  • Create a CSR (Certificate Signing Request)
  • Upload the certificate code to SSL provider
  • Apply the certificate to the QNAP NAS Server
  • Configure the QNAP ports so the the certificate and system admin work together
  • Configure the QNAP virtual hosts section
[/vc_tta_section][vc_tta_section title=”Implementation” tab_id=”1483657023013-0e8f9bfb-cd0fe50c-cffe9e81-43b1″][vc_custom_heading text=”Implementation”]

Purchase your certificate

Step 1a – Create your CSR (Certificate Signing Request)

This will generate a code from your NAS server that can be used to ‘unlock’ the partner code from the certificate authority.

Essentially what this does, is create a private key (private as in only your web site knows about it) and a matching CSR that you upload to your SSL provider, which in turn then allocates you a public key and an intermediate key. We’ll be doing this via SSLs.com, but this should map to any chosen provider.https://support.comodo.com/index.php?/Knowledgebase/Article/View/1/19/csr-generation-using-openssl-apache-wmod_ssl-nginx-os-x

  1. Log in to an ssh terminal on your QNAP nas as admin.
  2. Create a new easily accessible directory somewhere on your NAS and call is SSL if you like.
  3. While in that directory, enter the following command: openssl req -nodes -newkey rsa:2048 -keyout your_domain_com.key -out your_domain_com.csr

You will be presented with a bunch of questions which can be a little tricky to understand at first, so we’ll summarise them here.

Country Name (2 letter code) [AU]: NZ
State or Province Name (full name) [Some-State]: NorthIsland
Locality Name (eg, city) []: Auckland
Organization Name (eg, company) [Internet Widgits Pty Ltd]: YourCompany or WebSite Name
Organizational Unit Name (eg, section) []: IT
Common Name (eg, YOUR name) []: mysubdomain.mydomain.com
Email Address []: hostmaster@yourdomain
Also a challenge password is normally chosen which you will need to write down somewhere.  I'm told this isn't actually needed for web sites, but I do it anyway.

**Remember the above command MUST be run in a session on the NAS, do not get confused if you have a Mac and run it locally on your Mac. It is OK to connect to the ssh terminal on your NAS via the mac though. So you’re going to need to do something like: ssh admin@yournasIP and then enter in your admin password first. If you have windows, you’ll need to download Putty and do it in there.

OK so at this point you have your generated csr and private key in your chosen directory, well done!

Step 1b – Upload to SSL’s.com

This uploads the codes you just generated to your SSL certificate provider

What I do here in Mac is type ‘cat mydomain.csr’ in windows you will need to use a text viewer or something. Copy and paste that with your mouse and upload it to your SSL page for the certificate you just purchased.

SSL’s will ask you for some additional information such as what email address you want it sent to and then you wait for it to arrive.

When the email arrives you will get similar to the following files in a zip file.

Attached to this email you should find a .zip file containing:

  • Root CA Certificate – AddTrustExternalCARoot.crt
  • Intermediate CA Certificate – COMODORSAAddTrustCA.crt
  • Intermediate CA Certificate – COMODORSADomainValidationSecureServerCA.crt
  • Your PositiveSSL Certificate – yourdomain_com.crt

Step 1c – Apply your certificate files to the QNAP

Using the same copy and paste method above (using cat or a similar text viewer) copy these to the NAS. You’ll want to paste them into the Security section, Certificate & Private Key tab as per the table below

COMODORSAAddTrustCA.crt goes into Intermediate Certificate Section

yourdomain_com.crt goes into Certificate Section

and the private key you generated earlier goes into the Private Key section.

That’s it! Well sort of – there are some other general items you need to be aware of before it will actually work.

Make it work with your system

Step 2a – Configure your NAS’s ports

There is actually likely to be a port conflict between your new web site and the admin page of the NAS. To get around this, you need to change the port your admin page uses.

Go to General Settings, System Administration

Change System port to 8080 and if you’re using SSL for the admin page, change that to 8081.

**Note, after this change you will need to do a few more things. Each time you access your admin page you will need to put :8080 or :8081 after your browser URL. So e.g. https://younasIPordomain:8081

In addition, if you use any of the QNAP phone apps, these will also have to have this port manually specified in the app.

If you use any of these apps over the internet, you will also now have to forward these ports in your router’s NAT to your NAS server or they won’t work.

OK, now that’s done, go to applications Web Server.

Ensure that your web server is set to use port 80 (even though you’ve done SSL, there are times when you need good old port 80 open. You don’t have to, it’s your choice.

Here, ensure the HTTPS port is set to 443. Obviously your router has to be set up to forward this too.

Step 2b – Configure your NAS’s Virtual Hosts

If you’re using virtual hosts, this is very simple, the format is:

Host Name: your domain name e.g. www.yourdomain.com

Folder Name: the folder where your entire web site is

Protocol: the HTTP or HTTPS protocol you’re setting up

Port: 80 if you chose HTTP above, or 443 if you chose HTTPS above.

[/vc_tta_section][vc_tta_section title=”Final Word” tab_id=”1483657035357-36e2d8d1-b325e50c-cffe9e81-43b1″][vc_custom_heading text=”Final Word”]

I successfully had all this working with SSL and a virtual host as a wordpress blog on my QNAP, it has now however been moved to a hosting company as I needed something better.

One thing I noticed was on my first attempt the QNAP had a glitch and for some reason broke access to all my hosted web sites. What I found was that the QNAP had simply disabled the virtual hosts and in addition reset the port changes described above back to their defaults. If this happens, you can go back through this guide and double check the steps from 2a. Once I put it all back again I was up and running as per normal.

As always, I welcome your insights and opinions in the comments section below.

**Hosting a web site?  Why not apply and follow our article on how to speed it up with a CDN here!

Marshalleq

[/vc_tta_section][/vc_tta_tabs]

Howto: Fortinet Port Forwarding

0

**This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.

There are different ways to set up Fortinet port forwarding, (using a DMZ for example), this article covers off the most basic example and can be applied to a DMZ setup later.

  1. Create a VIP first
  2. Go to firewall objects tab, virtual IP / Virtual IP
  3. Click create new
  4. Name: <Name of server you’re forwarding to>
  5. External Interface <Your external interface (in my case Chorus UFB)
  6. Type Static NAT
  7. External IP / Address Range: The IP address of your WAN supplied by your ISP (In both boxes if you only have one IP)
  8. Mapped IP / Address Range: The internal address of the server you’re forwarding to in the first box (the second box should auto populate).
  9. Port Forwarding: Leave unticked
  10. Second create a policy in your firewall
  11. On the policy tab, choose policy / policy
  12. Click Create New
  13. Source Interface / Zone (Your WAN connection) in my case Chorus UFB
  14. Source Address All
  15. Destination Address: <The Name you just gave your VIP connection>
  16. Schedule Always
  17. Service: Any single or multiple service that you wish to be forwarded to this IP address internally.
  18. You must enable NAT (although fortinet says you shouldn’t but I can’t get it to work otherwise).
  19. Do enable any logs, utm, shaping etc as you wish. (suggest a specific UTM profile for the specific ports that are opened in order to improve performance i.e. protect web, protect ssh etc.s

From the fortinet support page:

Test destination NAT by browsing to http://172.20.120.14 from the Internet. The session passes through the FortiGate unit to the web server which sends a response. Use the following packet sniffer command to see the results.

diagnose sniffer packet any ‘port 80’ 4 4

interfaces=[any]

filters=[port 80]

6.150356 wan1 in 172.20.120.12.51439 -> 172.20.120.14.80: syn 15893888

6.150637 internal out 172.20.120.12.51439 -> 192.168.1.110.80: syn 15893888

6.150803 internal in 192.168.1.110.80 -> 172.20.120.12.51439: syn 553485227 ack 15893889

6.150974 wan1 out 172.20.120.14.80 -> 172.20.120.12.51439: syn 553485227 ack 15893889

The first output line shows a packet from a client device with IP address 172.20.120.12 was received by the wan1 interface with destination address 172.20.120.14 and destination port 80.

The second output line shows that when the packet exits the internal interface the destination address is changed to 192.168.1.110 and the destination port is still 80.

The third output line shows the response from the web server.

The fourth output line shows the response from the web server being returned to the client device. The source address has been changed back to 172.20.120.14.

In this example, the source port is not changed.

Go to Policy > Policy > Policy and check the Count column for the security policy you added to verify that it is processing traffic.

Go to Policy > Monitor > Session Monitor to view the sessions being processed by the FortiGate unit. You can also see results by going to Policy > Monitor > Policy Monitor to view a graph of active sessions for each policy. Since there is only one policy, that graph contains only one entry. You can select the bar graph for the policy to view the top sessions by source address, destination address, or destination port/service.

The Top Sessions dashboard widget presents another view of sessions that you can also drill down into to get more info about current sessions. Other dashboard widgets display session history, traffic history, and per-IP bandwidth usage.

Howto: Fortinet NZ Fibre UFB

0

How to configure an NZ Fibre UFB Connection on a Fortinet Firewall Appliance

**This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.**

There has been quite a few misleading pieces of info floating around the various ISP’s in NZ about what you can or can’t do relating to connecting your own ‘modem’ to the New Zelaand Chorus Fibre Broadband network, sometimes referred to as UFB.

This article aims to clear some of these up by way of example, but there are a few basics to clear up first.

  1. Chorus install and provide the physical NZ fibre UFB (in 99% of cases this will be the only way you’ll get it) NOT your ISP.  Your ISP connects to the fibre via the internet, and can request the provisioning of that fibre (if you’re like most people and didn’t have it already).  That is why this article is about connecting to Chorus Fibre not to e.g. Slingshot, Xtra or some other ISP.
  2. Chorus provide the modem (called an ONT), your ISP provides a router.  You cannot change the ONT, but you CAN change the router.  Please don’t call the router a modem – this is why there has been so much confusion as you absolutely cannot change the modem, but you CAN change the router.
  3. ONT stands for ‘Optical Network Terminal’, I know that because it’s written on it, so don’t tell me it isn’t.  Basically it’s what’s known as a transceiver that translates optical data traffic to your typical copper data traffic with some added smarts in it, namely a PPPoE dialer, which is why it is a modem.
  4. Just because you’ve got e.g. a 30Mb down and 10Mb up fibre connection does not mean you would actually get these speeds, this just outlines the maximum performance capability of your particular NZ fibre UFB Plan, the rest is up to your ISP and what particular international and national speeds they have paid for.  You will need to raise performance issues with your ISP if your speeds are slow.
  5. You don’t have to use the in built telephone port in your supplied modem (Slingshot tried to tell me that I did, they also tried to tell me that I couldn’t put my own router on – both not true).  I’m using their already supplied Linksys ATA adapter for this connected to my Fortinet router – so yes it’s the same iTalk account with a couple of new settings – simply replace your old akl.italk.co.nz setting with 119.224.142.182 and you’re all done!

Right, now let’s get started.  I’m using this example on a fortinet, because it’s a relatively common ‘upper end’ device that is super awesome and I wanted to promote it ;).  In reality anyone that didn’t already know points 1-5 above probably wouldn’t want to be installing a fortinet, but I felt like it and somehow hope that it will help someone somewhere even if they don’t understand the next bit.

The below instructions are started from a freshly installed firmware and a completely out of the box default setup.

Log into fortinet admin / blank password

  • Go to network / interface
  • Choose create new / interface
  • Name: – Chorus UFB
  • Type: VLAN
  • Interface wan1
  • VLAN ID 10
  • Addressing mode PPPoE
  • username: your isp login
  • password: your isp password
  • Any other settings you require such as FMG-Access or HTTPS etc.
  • Apply / OK

You should now have a physically working login to your NZ Fibre UFB.

There are a few more steps though – they are:

  • Ensure your LAN IP address is in the correct range
  • Ensure your DHCP server is set up with the correct lan IP address
  • Ensure you have a new firewall rule added

How to change the LAN IP address

  • Go to Network / interface
  • Check internal then click edit
  • Under the addressing mode section, ensure manual is selected and replace with your desired IP address.
  • Note that if you’re changing the subnet range and using DHCP, this will not automatically change the DHCP scope, you will need to connect with a manual IP address and reconfigure the DHCP server seperately.
  • Click Apply / OK.

How to update the DHCP server scope

  • Click Network / DHCP Server
  • Check the internal network and choose edit
  • Under the IP section, update to your appropriate subnet / range.
  • Add any IP reservations you need by using the ‘Add from DHCP client list option or entering manually by choosing create new.

Create a matching firewall rule for NZ Fibre UFB

In it’s most basic form (I won’t go into the complex parts) you need an outgoing allow rule for the new NZ Fibre UFB interface

  • Go to the Policy tab, then choose policy / policy
  • Click Create New
  • Source Interface/Zone: NZ Fibre UFB (or whatever you named your Chorus UFB PPPoE connection)
  • Source Address: All
  • Destination Interface/Zone: Internal
  • Destination Address: All
  • Schedule: always
  • Service: ANY
  • Action: Accept
  • Ensure Enable Nat is ticked on and use destination interface address is selected.

There are other options in there that we won’t worry about at the moment. This will get your basic  NZ Fibre UFB up and running.

You will need to also create one for any other interfaces eg. Wireless – NZ Fibre UFB

Change your admin password

  • System tab, admin, administrators
  • check the tickbox next to admin
  • click edit
  • click change password, follow the onscreen prompts.

That’s it!

Howto: ColorMunki Photo – Yosemite Beta

3

Howto get X-Rite ColorMunki Photo working in Yosemite Beta

**This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.

***Update 16 November 2014***

Official Driver now released from X-Rite, it can be downloaded from their web site directly here.

Have installed and tested and can confirm it works.

**End up Update***

This isn’t full instruction but a bit of a hint…

I was frustrated that X-Rite didn’t work yet in Yosemite (although I have had a personal message from the developer saying an update will be available by the time of the Launch of Apple’s Yosemite for Mac.

I don’t actually understand why they don’t just release a beta quality driver – anyway how I got (most) of it going by doing the following.

I installed the x-rite device services (not the application) for mac – though to be fair I’m not convinced it was neccessary – it’s just what I did. (Available here).

Then I right clicked on the ColorMunkiPhoto.mpkg (clicked show package contents).

I then installed XRiteCore.plg, DefaultFiles.pkg.

After all that I was able to profile my display.  It doesn’t ‘quite’ work like it used to (it doesn’t prompt me for brightness etc, but I think that just times out in the background and then just works.
Note, it seemed to be stuck on a black and some grey screens to begin with, after (a longer than usual) timeframe it calibrated and I could see it was close to my other (already calibrated) monitor from before the upgrade.

You might be able to install some more packages in there to get the menu’s back – no idea and up to you!

Hope this helps someone!

Why you need RAID and NOT a backup

0

Foreword

**This is a legacy article which does not meet some of our quality standards. While it may contain useful information, is retained here for legacy reasons only.**

This one’s a real wind up – kinda like the politically correct people that say kids can’t play in trees cause’ they might fall out or the overboard PC personalities that say we should put up a shelf next to every door so that when they need to be worked on you don’t have to put your toolkit on the floor – which probably means you’d hit your head on the shelf.

The problem I’ve had with this kind of thinking is it’s very very small minded and they seem to see only one possible outcome for the future – death and injury.  The loudest people make the most noise and the ones that know better can’t be bothered arguing – stink for them as ultimately the loudest people find a way of making it law.  It’s a real shame these types of people are ruining our planet when we have real issues out there like starving children and disease.

Why is a backup not going to be ever done and why you need RAID instead

This article is written for those of you in forums still bleating on about backups being the solution (not RAID), as well as those looking for an answer to this painfully short sighted statement.  I have to laugh because you actually see guys with, “RAID is not a substitute for backup” written in their signatures.  I kind of think these guys got into some kind of low end IT job or something and lost the ability to think outside the square at some point.  However I do realise the reality is they probably get a barrage of people losing data and get asked to restore it and they’re forced to come up with something pretty obvious.

Anyway, nowadays there are plenty of us that have giant disk sets at home for various reasons (mine is photography and music creation), given the size of these usually span Terabytes – where exactly would you expect these backups to be stored? Hard disks? Tape? Optical? If you’re going to talk about backups, I’m going to talk about REAL backups. ie no backup is a backup unless you have multiple copies, usually a GFS (Grandfather, Father, Son) system or similar. Let me do some calculations here (based on 16TB since that’s likely the upper limit right now and note that I’m talking about the average joe here, not a giant corporate (yes average Joe’s do have 16TB these days).

Optical Backup

Probably biggest optical is Blu Ray which you can get in 50GB disk flavours relatively cheaply – That’s about 320 blu-ray discs for each backup on each day for a typical GFS solution. Given that the most basic ones of that need about 18 sets of media, we’re looking at 5760 separate blu-ray discs at about NZ$12 each = $69,000. This option would be slow, unreliable and expensive and you’d spend forever swapping discs! Debunked!!!

Tape Backup

Let’s pick on LTO5 (sorry can’t find a price on LTO6). So we can do up to 3TB Compressed with this puppy, now we’re talking. Let’s see a single drive unit without autoloader NZ$2901, tapes are $57 each x 6 tapes to get to 16tb x 18 sets for a basic GFS setup = $6156 + drive = total $9057.00 (if you can compress all your data to fit and I guarantee you won’t).  Too costly, complicated, large, needs a separate computer and some backup software to go with it! Debunked!!!

Hard Drive Backup

Let’s see, you could do this a few ways but we’re screwed anyway as we would need multiple hard drives to match a good GFS backup solution, which would be difficult to swap out in any form of RAID setup. Probably the best solution would be to buy another NAS with larger drives that can do hard disk GFS with something like rsnapshot. DLink have this built into their firmware, while qnap doesn’t yet. So we would need the biggest QNAP unit and load the biggest supported disks. That would be something like the 869 series (not sure if there’s a bigger than 8 disk unit, to be honest I haven’t looked). You would need 4tb disks, and while there are some cheap Seagate’s now on the compatibility list at 4tb, I’d recommend going for some enterprise drives here. TS 869 = $1800 8x 4tb disk, WD RAID edition $562×8 = $4469 = $6296. This is probably the best solution, rsnapshot will do delta’s to cut down on space etc, but I’d still say it’s debunked due to cost for average Joe!

No average Joe is going to spend this kind of money on backups. So please everyone, stop telling average Joe’s to do backups on storage when you know full well that it’s never going to happen.  I get the feeling the people saying this have no idea what backup is all about really.

So what you can do, is thank them for being bright enough to implement the only affordable option to reduce the likelihood of data loss and discuss sane options like targeting documents and pictures to an external disk and store it in another house or use a secure cloud service like Mega, Amazon etc – now that makes more sense doesn’t it?

To this end a message to the average Joe: Next time someone tells you to do backup, point them at this link and ask them to supply you with the money to implement one!