20 Mar

Important: Password Security Policies

The password is the single most common security measure for digital systems, both online and off-line. The problem is that it is becoming increasingly less secure as hackers gain more and more powerful tools to simply crack them. A great deal of attention has gone towards the creation of secure passwords, what constitutes them, and whether or not it is feasible to retain a bunch of random alphanumerical strings inside your head all the time.

How are passwords cracked?

Most accounts that have their passwords compromised are not done so by another human being directly. Instead a computer will be tasked with guessing your password, so planning should go in to understanding and then deterring a computer from cracking your password. A hacker has a variety of malicious tactics available to them when trying to crack your password. These would be the two most common attacks you see on the Internet today:

  • Brute Force Attack: The attacker runs a script that tries again and again to randomly crack your password by sheer brute force. A long password with multiple character sets is the best protection. The higher your password entropy the less likely your password will be compromised by a brute force attack.
  • Dictionary Attack: The attacker utilizes dictionaries of known words or passwords and a script to try them in thousands of combinations until one matches up with the correct password. Don’t use common words, or keystrokes such as anyone’s name or phone number. Use a combination of multiple character sets to reduce the likelyhood of multiple entries pulled for a dictionary matching up successfully.

In recent time, We have been working on having more security on our cPanel servers and have applied few new security policies.

Password Strength – An password of any kind must set to 80% strong at least. System will not accept your password until it matches the security policy. To setup an strong password, you can use Lowercase/Uppercase letter, signs/symbols and number.

Password Age – Passwords must be changed every 90 days. Our system will automatically ask user to change their password every 90 days.

These two measures should allow you to secure your cPanel and related services. In the meantime, if you have any questions about account security, please contact us at TetraHost Support.

07 Mar

Announcement: Free Let’s Encrypt SSL With Hosting

We’re delighted to announce that Let’s Encrypt certificates are now available at TetraHost.

Let’s Encrypt is a free, automated and open certificate authority (CA) that offers free SSL certificates for the public’s benefit. Just like a paid for SSL certificate, a Let’s Encrypt certificate provides HTTPS protection for your website. You can find it by login into your cPanel and navigating to the Security section or simply by typing Let’s Encrypt in the search field.

What is Let’s Encrypt?

Let’s Encrypt is a free, automated and open certificate authority which provides domain-validated security certificates. Run by Internet Security Research Group (ISRG) Let’s Encrypts primary goal is to create a more secure and privacy-respecting web by making https more accessible and user friendly.

Here’s how Let’s Encrypt Certificates work:

  • – It’s free(Absolutely)
  • – Easy installation(Very)
  • – Enables https
  • – Domain validated
  • – Trusted by major browsers
  • – Renews automatically every 90 days

What is https?

Hypertext Transfer Protocol Secure (HTTPS), unlike its http counterpart is a communications protocol which provides a secure connection between a site and a visitor’s web browser, meaning any data shared is encrypted and safe from prying eyes.

Why HTTPS is important?

For security and Google.

First and foremost, https makes your website secure for your users. If your website does not use https, data sent between it and your users can potentially be intercepted, monitored or even altered by a 3rd party as it traverses the internet.

Security is a top priority for Google and back in August 2016 they announced https would to be used as a ranking single to encourage webmaster to use encryption. Continuing their mission for a safer web, from this month Google will highlight all sites which collect passwords and credit card data without https encryption as ‘Non-secure’ to visitors. You can learn more about this update here.

How to install Let’s Encrypt SSL?

With Let’s Encrypt you will be able to receive a certificate for your website without filling out any information details and by clicking a single button. Just choose the domain/subdomain you wish to cover with a certificate to and click on the Issue button next to it.

For more information about the Let’s Encrypt project and how it works, visit their official website.

If you are having any issue with SSL install or want us to install the certificates for you, please submit a ticket at support [at] tetrahostbd.com

13 Aug

Latest cPanel v11.25

cPanel was already upgraded to 11.25 sometime ago. Today i will try to write an short summery of the new cPanel version.

New cPanel bring a whole range of new features including the ability to edit DNS zones right from cPanel, an enhanced AJAX interface and more.

Performance

cPanel/WHM 11.25 implements some major changes throughout our mailing system. We’ve adjusted the Exim configuration to allow a single process to listen on multiple ports, thereby reducing RAM and CPU usage. In addition to this, we’ve also improved quota lookup efficiency.

RoundCube webmail can now operate using the lightweight SQLite database engine. This gives each email account its own SQLite database, and assigns ownership of the RoundCube process to the cPanel account, for easier process accounting.

Version 11.25 also updates RoundCube, SquirrelMail, and Mailman to their most current versions.

Security

We know that security is important to you. That’s why we’ve added numerous security features to cPanel/WHM 11.25. Our new security token system attempts to prevent cross-site request forgery (XSRF) attacks by appending URLs with a session token in the form of cpsess. When this feature is enabled, absolute URLs are no longer allowed. This new feature helps to ensure a safe environment for you and your customers.

Refined User Interface

We’ve revamped the cPanel home page with even cleaner HTML, and reduced the number of HTTP requests the page sends, resulting in shorter load times. Plus, we optimized the CSS used by cPanel, to speed page loading throughout the entire cPanel interface.

We’ve also overhauled one of cPanel’s most frequently accessed areas: the Email Accounts page. It now combines all the major functionality involved with email accounts into a single page: you can add, search, sort, and delete accounts, as well as change passwords and quotas, all without leaving the page. With its clean new design, this page provides a faster, more intuitive way to manage your email.

cPanel/WHM 11.25 comes equipped with an improved editor for MX (mail exchanger) entries. This new editor allows you to configure multiple mail exchangers with the same priority, for balancing the load on your mail servers.