Recent Posts

Browse by category

How to Use YouSendIt To Send Large Files

December 4th, 2012
yousendit-screenshot

The YouSendIt form

From time to time you may need to send a file to xmanonline customer support. Sending large files (over 10 MB in size) by email can be problematic. Sometimes email providers will not send or receive emails with large attachments. In these situations, it’s best to use a service like YouSendIt to send your file. The basic service is free and just requires a quick registration.

  1. Go to YouSendIt.com.
  2. Sign up for an account. Their “Lite” account is free.
  3. Go to your email and look for a validation email from them. Open the email and click the link. Your signup process is complete.
  4. When you go back to their website, you might be asked if you want to download their free app. You can skip that if you’d like — you don’t need the app to send a file.
  5. On the YouSendIt website, click Send on the top navigation menu.
  6. Fill out the form with the email address (such as [email protected]) of the person you wish to send the file to, along with a subject line and message.
  7. Click the Upload from Desktop button, select the file on your computer, and click Open. The file name should appear below the button on the form.
  8. Set an expiration date. This is the date that the link to your file will no longer work. The default is one week.
  9. Select any additional options you would like. Make sure  ”Verify Recipient Identity” box is unselected.
  10. Click “Send It.” An email will be sent to the recipient and they will be able to click a link in the email and download the file.

Tags: ,
Posted in General | No Comments »

How to Create or Modify a Subdomain

December 4th, 2012

A subdomain is a website that is part of a larger website. A subdomain has its own homepage and navigation menu and can even have a completely different design than the parent domain. It is helpful to use a subdomain if you have content that you wish to present as its own separate entity, but still make it clear that it is related to the parent website. Common uses for subdomains include online stores, blogs and support forums.

The subdomain name comes before the main domain name in the website URL. For instance, if your website domain is companyxyz.com.au, and you wanted to add a subdomain for your blog, it would be: blog.companyxyz.com.au.

How to Set Up a Subdomain

  1. Log into your Control Panel. (Not sure how? Click here.)
  2. Scroll down to the Domains section and click on Subdomains.

    cPanel subdomain

    Click Subdomains

  3. Type your subdomain name in the blank where it says Subdomain. (Your Document Root folder will automatically be filled in — leave this alone unless you are an advanced user.) Click Create. You should get a message that the subdomain has been successfully created.

    create subdomain

    Type in the subdomain name.

How to Modify a Subdomain

Once you have created a subdomain, there are a few things you can change, if needed, in the Modify section of the Subdomain control panel.

  • To change the Root folder, click the pencil icon next to the Document Root. A dialogue box will appear where you can type in the new root folder path.
  • If you need to redirect the subdomain to another website, click Manage Redirection and type in the website address. To cancel the redirect, click Manage Redirection and then Disable Redirection.
  • To delete a subdomain, click Remove and then when it asks if you are sure, click Delete Subdomain.

    modify subdomain

    Options for modifying the subdomain

Tags:
Posted in Control Panel | No Comments »

How to Check Your Bandwidth Usage

December 4th, 2012

It’s important to keep tabs on your bandwidth usage. Bandwidth is the data transferred each time someone views a page of your website — the files for that particular page (text, photos, ads, programming scripts, etc.) are all downloaded to the visitor’s computer or mobile device. The downside of having a successful and popular website is that more traffic equals more bandwidth usage.

Each xmanonline hosting plan comes with a monthly bandwidth (transfer) limit and if you reach your limit, your website and email will stop functioning until the 1st of the next month.  You will then either need to figure out what is causing so much bandwidth usage and correct it, or you will need to upgrade your account. To keep track of your usage, take the following steps:

  1. Log in to your Control Panel. (Not sure how? Click here.)
  2. Scroll down and click on the Bandwidth icon in the “Logs” section.
  3. On this page you can see how much bandwidth you are using. Your Monthly Bandwidth Transfer is the percentage of your monthly transfer allowance that has been used. As you scroll down the page, you can view your bandwidth usage by day, week and month. The usage is divided up into HTTP (your website files), IMAP and POP (incoming email), SMTP (outgoing email) and FTP (used to upload and download files to the website).
  4. Analyze the data to see if you can pinpoint any particular source of high bandwidth usage. If you wish to reduce your usage, check out this article: Reducing Your Website’s Bandwidth Usage.
  5. If you need more bandwidth, you can always contact xmanonline to discuss upgrading your account.

If you’re unsure of what your bandwidth limit is, you can check the xmanonline hosting package page.

Tags:
Posted in Control Panel, Website | No Comments »

How to Protect Your Website Images from Hotlinking

December 4th, 2012

A practice called “hotlinking” involves people stealing bandwidth by linking to images on your website. The normal procedure for adding images to a website is to upload the images directly to the server hosting the website, or to pay for image hosting and link to the hosted images. However, by linking to your website images (hosted on your server), another website owner can display those images without incurring bandwidth or image hosting charges — they use your bandwidth instead.

You might not mind people occasionally linking to your images. For many website owners, this is not an issue. But if you have an image-heavy site and there is a lot of hotlinking going on, you can end up exceeding your monthly bandwidth limit and be charged additional fees.

Xmanonline website hosting plans have a way to prevent this, called Hotlink Protection. To enable Hotlink Protection:

cPanel hotlink protection

Hotlink Protection – click to enlarge

  1. Log in to your Control Panel. (Not sure how? Click here.)
  2. Scroll down to the Security section and click on Hotlink Protection.
  3. Click Enable to activate hotlink protection.
  4. In the box under URLs to Allow Access, make sure that all websites you want to grant permission to display your images are listed. This should include all subdomains and include versions of your domain with and without the “www” before it.
  5. Under Block Direct Access for These Extensions, add the types of files you wish to protect. Usually these are image file extensions, but you could add extensions like .doc, .pdf, if needed. Don’t add your website page extensions (.html, .php, .asp, etc.) or no one will be able to link to your pages!
  6. We recommend checking the Allow Direct Requests box. It allows certain direct links, such as those to view Quicktime files on Mac computers.
  7. You can redirect requests for content to a specific page by entering a URL in the box under Redirect request to this URL.
  8. Click Submit to save your changes.

Note that there are some drawbacks to Hotlink Protection. It may block images for certain legitimate users. For instance, there are some Internet security programs that will block images on websites that use Hotlink Protection, so visitors that use these programs will not see any images with they visit your website. You may also have trouble displaying your images in your RSS feeds or email newsletters (adding the domain of your RSS or newsletter provider to your list of allowed URLs may help). Be sure to weigh the pros and cons of this feature before enabling it.

Tags:
Posted in Control Panel, Website | No Comments »

How to Use FTP Session Control

December 4th, 2012

The FTP Session Control feature allows you to view and control who is connected to your website via FTP. This can be a useful way to monitor FTP access to your site and quickly shut down any unauthorized users. To use FTP Session Control, do the following:

  1. Log in to your Control Panel. (Not sure how? Click here.)
  2. Scroll down to the Files section and click on the FTP Session Control icon.
  3. The next screen will show you all users currently connected to your site by FTP. The table is divided into six sections:
  • User – The login username for the associated FTP account.
  • Logged In From – The location and IP address of the user.
  • Login Time – The time that the user logged in.
  • Status – The current mode of the FTP user. If the user is not uploading or downloading files, the status is “IDLE.”
  • Disconnect – If you wish to disconnect the FTP user, click on the x in a circle icon. The next screen will state “Are you sure you want to disconnect [FTP Username]?” Click Yes to disconnect the user from the system.
  • Process ID – The ID the system is using to identify the user.
Note that if you wish to prevent that user from abusing the system in the future, you will need to go into your FTP Accounts manager and either delete that FTP user account, change the password, or set a quota for that particular user.

 

Tags:
Posted in Control Panel, Website | No Comments »

WordPress Security Steps to Prevent Hacking

December 4th, 2012

If your website or blog uses WordPress to manage its content, then it is important you take steps to protect it from unauthorized access. WordPress hacking has become more and more common due to its popularity. Here are answers to some common questions about hacking:

1. What is hacking?

Hacking is when someone gains unauthorized access to your website. They gain access by using programs that can exploit known security vulnerabilities in your website code. Once they gain access to your site, they can add links to your webpages that link to shady websites (drugs, gambling, porn, etc.), or use your mail server to send spam, or collect personal information stored in your database. This can result in your site being banned from Google, your website incurring bandwidth or mail server charges, or even lawsuits if your website visitors’ personal information or credit card data is stolen.

2. Why would they hack my site?

While hacking can be personal (by someone that knows you and means you harm), most often it is completely impersonal. The hacker writes a program that searches the web looking for websites that meet certain parameters (such as having a certain version of WordPress, or that use a particular WordPress plugin). They don’t know or care who you are or what your business is. Profit is generally the goal of the hack. They are paid to add links, send spam, collect personal information, etc.

3. What can I do to keep my WordPress site safe?

The two most important things you can do are:

  • Keep your WordPress installation updated. The folks at WordPress issue updates whenever security issues are identified and fixed. Whenever you get a notice in your admin area that a new version of WordPress is available, immediately click ‘update automatically.’
  • Keep your computers free from viruses and malware. Any computer that you access your WordPress site from may store usernames, passwords, FTP login information and other sensitive data that can be stolen and used to gain access to your site. We recommend using a program like Microsoft Security Essentials.

4. If I do those two things, is my site secure?

Not entirely. If a hacker is determined, they can still get in. There are basically two methods:

  • Brute Force Hacking – This means that they use a programming script to guess your password. The program guesses many passwords per second, until they get to yours. To see how this is done, check out this video on Brute Force Hacking.
  • SQL Code Injections – SQL is the standard database that contains the data for a WordPress website. There are certain vulnerabilities that a hacker can exploit in order to get into your site. This video on SQL Injection shows how easily it can be done.

5. Can anything be done to prevent the above hacking methods mentioned above?

Yes. If you plug all the security holes in your site, hackers will not be able to gain access. To check how vulnerable your site is, please take the following steps:

  1. Login to your WordPress admin area
  2. Go to Plugins > Add New
  3. In the search box, type “Ultimate Security Checker” and click ‘Search’
  4. The search will bring up the Ultimate Security Checker plugin. Click ‘Install Now’
  5. Once installed, click “Activate Plugin”
  6. After the plugin is activated, go to Tools > Ultimate Security Checker
  7. The plugin will check how secure your WordPress site is. Anything less than 114 / 114 provides security vulnerabilities for hackers.

6. It says my site isn’t secure. What can I do?

Xmanonline can secure your site for you (to bring it up to 115/115) through a range of code / permission / database changes. We will also install several additional security plugins, so that the security of your site can be monitored at all times and you can be quickly alerted to any future vulnerabilities. The procedure takes about three hours, therefore the cost is $300 +GST. Just contact xmanonline support if you would like to arrange this service.

7. But I backup my site regularly, isn’t that enough?

Probably not. We can re-install a WordPress backup for you, but you will lose all of the information collected and/or changes made to your site since the backup was taken. Not to mention the business that might be lost while your site is down while the backup restoration is in progress. If your site is banned from Google as a result of the hack, it will take even more time before you start showing up in the search engines again. And the point is, restoring from backup doesn’t fix the security holes, therefore you can be hacked again at any time.

Tags: , ,
Posted in Website | No Comments »

How to Use Index Manager to Block Directory Indexing

December 4th, 2012

By default, most folders within your website root folder will display an index of all files contained in the folder if you navigate to that folder in your browser. For instance if your website is companyxyz.com.au and you store the photos for your site in a folder called “images”, then anyone who goes to www.companyxyz.com.au/images will get a list that looks like this:

Directory index

Directory Index

 

 

 

 

 

 

 

 

 

 

 

 

If you wish to hide your directory so that people can’t see the list of files, take the following steps:

  1. Log in to your Control Panel. (Not sure how? Click here.)
  2. Scroll down to the Advanced section and click on Index Manager.
  3. Keep “Web Root” as the directory to open and click Go.
  4. Navigate to the folder you wish to protect. Click on the folder icons to navigate the directory and click on the folder name to select it.
  5. You will have four settings to choose from:
    • Standard Indexing: Contents appear as a list of filenames.
    • Fancy Indexing: Additional information about each file, such as the size and time last modified, are displayed.
    • Default System Setting: It will use the default setting defined by your web host.
    • No Indexing: No contents are listed and a message will state that the contents are “forbidden.”
  6. Choose “No Indexing” to prevent people from seeing the list of files in your directory. And then click Save. You should get a message telling you that the setting has been successfully changed.

Tags: , ,
Posted in Control Panel, Website | No Comments »

« Older Entries