Laws Hosting's Blog

Finding the best uk web hosting service for your website can be rather complicated to say the least. There are almost endless options all clamoring to be the top hosts or the least expensive service, this can make it almost impossible for webmasters to tell if their claims are fact or fiction.

The best way to select a hosting company is to take the selection process in each steps:

Your Needs for Web Hosting

The very first item to look at in finding and selecting the best hosting service for your needs is to actually identify what those needs are. What sort of website are looking to host? Personal homepages will have very different hosting requirements than from large company websites. To find the best uk web hosting service for you, it is important to determine exactly what you plan to host now, and take into consideration anything you are planning to host in the immediate future.

Rate

Different web hosting companies offer a large variety of prices. Competition from overseas is priced temptingly low for many, but there are many different factors to consider. Don’t stop at price alone, and if you plan on using your website within a professional capacity, it is important to move beyond free hosting. Free hosts are great for small and fun sites, but are not suited to the needs of internet marketers – even those who are just starting out. Rate should not be a top determining factor until you have narrowed a list based on other criteria such as:

Reliability and Speed

The best web hosting services will offer uptime above 99%. This should be a guarantee to motivate the company to keep all servers up all the time. Naturally, your visitors should also be able to access your site quickly.

Bandwidth Transfer and Disk Space

The bandwidth requirements grow with your site. Web hosting companies pay for bandwidth, so you, the one using that bandwidth will also be billed accordingly. It is better to pay for the required amount of data transfer upfront rather than get a surprise bill in your e-mail for having gone considerably over your allotted amount, therefore, disabling your account. Also, be sure you have the appropriate amount of disk space reserved. Most websites can operate with less than 500 megabytes.

Technical Support

It is highly important to be able to reach the hosting company if your website begins experiencing problems. The best web hosting support one can hope for is available 24 hours a day, and 7 days a week. Most know this, so take their stated hours with a grain of salt. Always check the companies with email at random times to see if they really have support available to help 24/7.

Scripts and Special Features

Websites have different needs, and the best web hosting service for you should accommodate those. Email addresses should be standard as well as the capacity for a variety of scripts. Be sure to see if other features like, for example, shopping carts and secure servers are available or standard.

Control Panel

How much control does the hosting company offer webmasters? It is very inconvenient to work through customer service every time to modify a password or change email addresses. Be sure the web hosting companies you choose offer some sort of control panel to manage your web hosting in a convenient way.

Laws Hosting provides the best uk web hosting environment and we will assist you with any questions or problems you may have regarding your hosting.

Apache, the most common used web server software, has become the talking point.

It appears that a tool to DoS Apache is floating about. Developers of the Apache open-source project warned users of the Web server software last Wednesday that a denial-of-service (DoS) tool is circulating that exploits a bug in the program.

The Apache project said it would release a fix for Apache 2.0 and 2.2 in the next 48 hours. All versions in the 1.3 and 2.0 lines are said to be vulnerable to attack. The group no longer supports the older Apache 1.3. ‘The attack can be done remotely and with a modest number of requests can cause very significant memory and CPU usage on the server,’ Apache said in an advisory. The bug is not new. Michal Zalewski, a security engineer who works for Google, pointed out that he had brought up the DoS exploitability of Apache more than four-and-a-half years ago. In lieu of a fix, Apache offered steps administrators can take to defend their Web servers until a patch is available.

In the mean time:

Mitigation:
============

However there are several immediate options to mitigate this issue until
a full fix is available:

1) Use SetEnvIf or mod_rewrite to detect a large number of ranges and then
either ignore the Range: header or reject the request.

Option 1: (Apache 2.0 and 2.2)

# Drop the Range header when more than 5 ranges.  CVE-2011-3192
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range

# optional logging.
CustomLog logs/range-CVE-2011-3192.log common env=bad-range
Option 2: (Also for Apache 1.3)

# Reject request when more than 5 ranges in the Range: header.
# CVE-2011-3192
#
RewriteEngine on
RewriteCond %{HTTP:range} !(^bytes=[^,]+(,[^,]+){0,4}$|^$)
RewriteRule .* – [F]

The number 5 is arbitrary. Several 10′s should not be an issue and may be
required for sites which for example serve PDFs to very high end eReaders
or use things such complex http based video streaming.

2) Limit the size of the request field to a few hundred bytes. Note that while
this keeps the offending Range header short – it may break other headers;
such as sizeable cookies or security fields.

LimitRequestFieldSize 200

Note that as the attack evolves in the field you are likely to have
to further limit this and/or impose other LimitRequestFields limits.

See: http://httpd.apache.org/docs/2.2/mod…questfieldsize

3) Use mod_headers to completely dis-allow the use of Range headers:

RequestHeader unset Range

Note that this may break certain clients – such as those used for
e-Readers and progressive/http-streaming video.

4) Deploy a Range header count module as a temporary stopgap measure:

http://people.apache.org/~dirkx/mod_rangecnt.c

Precompiled binaries for some platforms are available at:

http://people.apache.org/~dirkx/BINARIES.txt

5) Apply any of the current patches under discussion – such as:

http://mail-archives.apache.org/mod_…

We are pleased to announce that the .CA extension has been added to our list of growing TLDs. The price is initially £8.50 per year, and can be registered for up to ten years!

Spamhaus has uncovered a fake spam filter company which was pirating and selling DNSBL data stolen from major anti-spam systems including Spamhaus, CBL and SURBL, republishing the stolen data under the name “nszones.com”.

Read full article here