Reclaim’s D.O.A. in Canada

Reclaim Hosting is happy to announce a new shared hosting server in a Digital Ocean’s Toronto-based data center. And while the Toronto data center has been around since 2015, it just got block storage in September. We named this server the pioneer political Canadian hardcore punk band D.O.A. With their first two albums Something Better Change (1980) and Hardcore ’81 (1981) you have arguably the earliest examples of the new punk style that would dominate the 1980s. D.O.A. political anthems like “Smash the State:”

Or “F**cked Up Ronnie” as an early instance of 1980s punks sonic war on Reagan:

In fact, the song has been updated for the times:

It’s pretty telling to hear both Henry Rollins and Keith Morris talk about the impact D.O.A. had on the emerging hardcore scene. 

I love Morris’s description of seeing D.O.A. open up for X in LA. 

So, it seems only fitting to christen Canada’s first Reclaim Hosting server as D.O.A. If any one would like us to move their sites to this new server for whatever reason just submit a support request and we’ll be sure to make it so. 

SSL Everywhere (Again)

It’s almost hard to believe it’s only been 2 years since Let’s Encrypt came out of beta and began providing SSL Certificates to the general public. I wrote a post at the time calling it a turning point for the web, but cPanel support was pretty much non-existent. Since then much has changed. Just 2 months after that post was written we began using a plugin that offered Let’s Encrypt support directly in cPanel for all users on Reclaim Hosting and announced general support for free SSL certificates. In August of 2016 we began employing ways of scripting the ability for domains to get certificates automatically using the plugin and hooks from our billing system and I wrote a post aptly titled SSL Everywhere where I wrote:

After testing over the past 2 weeks I’m pleased to announce that going forward every domain hosted by Reclaim Hosting will automatically be provisioned with a free and renewable SSL certificate by default.

Around that same time cPanel had also made strides to offer their own support for automatic certificate provisioning with a feature announced called AutoSSL. Initially AutoSSL only supported cPanel’s own certificates issued through Comodo but later Let’s Encrypt support was added. Rate Limits employed by both certificate providers made it difficult to truly promise SSL everywhere and one issue we found was that notifications were a real problem.

Normally receiving a notification that your domain was secure would be a good thing, however often we have found this can confuse a customer that thinks they might have been charged for something, or possibly that the email is spam, especially if they didn’t specifically issue a certificate themselves (and remember we were attempting to issue certificates for all users so that would often be the case). Our ideal scenario is one in which all domains have certificates but no one gets needless emails regarding the provisioning of them (success or failure). Our plugin offered such granular notification settings and at the time AutoSSL did not so given the conflict we decided to double down on the Let’s Encrypt plugin and disable the AutoSSL feature across the board to streamline things.

We have more recently found out that there is a key difference between what the AutoSSL feature can accomplish and the plugin we use cannot. AutoSSL can (and has in many cases) replace and renew certificates for expired domains. That is a good thing in that even if you had a self-signed certificate or previously paid for one and it had expired you’d get a new free one. What we didn’t know was that our plugin was not able to do this, so when we disabled cPanel’s AutoSSL feature we suddenly had a large number of domains with cPanel-issued certificates that the Let’s Encrypt plugin could not renew or replace leading to confusion with folks waking up and finding their sites didn’t work over https.

In the past we have pointed folks to our documentation on installing a Let’s Encrypt certificate but remember our goal was that no one was supposed to have to do that. SSL Everywhere was and still is the goal. We needed to fix this. I’ve reached out to the plugin developers who are now aware of the issue and have committed to working on a fix that could be released along with wildcard support in the next 2-3 months. But that’s a long time to continue fielding issues of certificates not renewing which can render a site inaccessible.

We decided this week that a better short term solution was to turn the AutoSSL feature back on and have it issue certificates for any domains that did not have them or were expired. We would continue to have the Let’s Encrypt plugin exist but with the goal being that users would have a certificate from one or the other automatically and either way they would be renewed automatically. Unfortunately an attempt to ensure that users didn’t receive a bunch of notifications of this failed. cPanel provides an API call to change the setting and it returned the correct response so I didn’t think to check and make sure the setting was actually changed and it wasn’t. Long story short there, many users got emails for every certificate provisioned. But we’ve fixed that now so that the emails won’t be sent in the future and meanwhile the good news overall is that I think we’re much closer to the goal of SSL Everywhere, provisioned by default and renewed automatically with no work on the part of users.

We’ll continue to keep an eye on this in case the landscape changes (with technology it always does) and as always reach out if you have any questions or concerns!

Patching Meltdown and Spectre

Patching Meltdown and Spectre

Seems like every 1-2 years we get a major security scare in the form of a global exploit that effects server infrastructure in some fashion and requires a response. We’ve had Heartbleed, Poodle, Shellshock (who comes up with these names anyway?). 2018 didn’t wait long to bring us that gift in the form of Meltdown and Spectre. https://meltdownattack.com/ has a lot of great information about these two exploits but the short story is that rather than taking advantage of any particular software configuration, these exploits expose vulnerabilities in pretty much all modern CPUs. That means not only does this require patching for server admins like me at Reclaim Hosting and across the web, but every operating system from all computers including mobile devices and personal computers are vulnerable. The vulnerability takes advantage of exploits at the hardware as well as software layer to leak data into memory that can then be read by the attacker. It’s not a question of whether or not you are affected, you are affected.

Antivirus can’t block it either, only patching the underlying systems will resolve it and thankfully companies have been hard at work at getting these patches developed since long before the news became public. Intel became aware of the exploit last fall and many major companies have been under an NDA as they developed patches to secure their systems. Due to the complexity of this exploit however, we are still awaiting patches for some systems and now it is public (which will hopefully light a fire under certain groups to get these patches out).

Thankfully when we at Reclaim became aware of the issue last week CentOS, the distribution of Linux that powers over 90% of our server infrastructure and the only supported distribution for cPanel, was already releasing patches. We had to do some testing as well as await patches by Cloudlinux which is a third party that we use for our kernel software, but by Monday we felt confident the patches were safe and we set to work to patch our entire fleet. Normally with maintenance that involves downtime we like to give customers a heads up and with this kernel update requiring a reboot sites would indeed be offline for a few minutes, however we made the judgement call to rip the bandaid off and favor getting these patches in place as soon as possible rather than risk data being exposed as a result of the vulnerability. By 6PM Monday our entire infrastructure that runs cPanel and all CentOS servers were patched for these exploits with minimal downtime across the majority of our servers.

We have a small number of Ubuntu servers that we are still awaiting a production patch on and hope to receive that sometime this week. If you want to make sure you are secure, the best thing you can do is run all updates for your operating system and browser to make sure you’re running the absolute latest version. Due to the nature of the exploit there is no way to trace whether the vulnerability has been taken advantage of (it does not log any of its actions) so it’s particular important to be proactive. I’m proud of the capacity of Reclaim Hosting as a small operation to remain aware of these events and to stay on top of them in a timely manner.

Now can we take a nice long vacation from these major exploits? My spidey sense tells me that’s likely not to be the case as we come to rely more and more on computers and specifically internet-connected devices in our lives. It’s the new normal and the best security we can hope to have is proactive patching and awareness.

Using the Import/Export Tools in WordPress

Lately, I’ve been working with clients to move their website from WordPress.com to WordPress.org. With this request, I use the Import/Export tools to move the content from one site to the other. This tool bundles the content on the site into a .zip file which you can then move to another location. Disclaimer: It isn’t perfect, you only get the content of the site, so things like posts, pages, and settings on the site. The plugins, themes, and media arent’ included, so, if your site has a lot of media, or has a ton of plugins, this tool might not work for you. (I’m writing another post about a plugin that will move everything on the site for you so stay tuned).

As I’m writing to the clients with instructions on how to set up their site using these tools, I started looking for a tutorial that would walk them through the process. And can you believe it, there are no tutorials that show the process from start to finish? So I wanted to take the time to write the process down. This article will showcase the import/export tools within WordPress (.com and .org) the process is essentially the same for both, they just look a little different.

But wait, there are two versions of WordPress? Yes, there are, but they are run in different ways.  WordPress, in a nutshell, is an open-source content management software (if you want to look at a more in-depth explanation you can read about it here).  Automattic Inc. helps develop and maintain this software. We offer this software at Reclaim and users can install an instance on their domain, in fact, you’re reading this post on a WordPress installation.

WordPress.com is Automattic Inc.’s hosting company that runs the WordPress software explicitly. They offer free accounts with subdomains like meredithfierro.wordpress.com for free or users can purchase a domain. Then users can opt-in to pay a monthly fee to get full use of the software, like you would if you installed WordPress on your domain through your hosting company.


WordPress.com

Export:

The first thing you’ll want to do is export all of the content. Also, take note of the plugins and theme the site is using (this will save time on the other side).

  1.  Click ‘Settings’ under ‘Configure’ 
  2. Click ‘Export,’ under the ‘Site Tools’ section:
  3. From here you can choose the amount of content you’d like to export, or you can export the entire content on the website. When you’ve decided what to export, click ‘Export’: 
  4. WordPress begins to package the content together. When it finishes, a banner should appear at the top of the screen. Click ‘Download’: 

Read more

Look a(nother) Ghost

Since May of 2014 I have been playing on and off with the blogging platform Ghost. It has been an on again off again affair, and I have never left WordPress for it, but rather use it as a test bed for exploring how Reclaim might host applications outside the LAMP stack—an ongoing theme for us over the last 3 or 4 years. So, I have been marking my progress with running Ghost both here on the bava as well as on my Ghost blog. I talked about the idea of this as the Next Generation Sandbox, experimented with getting Ghost running on AWS using Bitnami, feeble terminal work, setting up key pairs in AWS, moving to Reclaim’s container-based setup for a kind of multi-site Ghost, setting up mail for Ghost, and most recently using Cloudron to setup Ghost.

Seven posts over three years about (and on) Ghost is not that much in the end (running out of punny titles), but reading over them whiling writing this I realized there’s a lot of learning wrapped up in trying to figure out AWS, Bitnami images, command line, Docker containers, and Cloudron. All stuff I have been trying to focus on more an more, so this side site in many ways lives up to its subtitle: “Letters from the Cloud.” And I came back to it recently because while I blogged about setting up Ghost through Cloudron back in September, my Ghost instance on Reclaim had been terminated when we decided to no longer offer it through Reclaim Hosting. Given my Ghost blogging had been dormant for a while, I totally forgot I was hosting it through Reclaim and it vanished. Luckily I blogged everything on Ghost through the bava, so nothing was lost, and I had backups of all images, etc. So, I used the occasion of things finally slowing down at Reclaim Hosting and my being under the weather to finally get BavaGhost back online, and now it is!

Read more

Directories for Domains: a Community Approach

Many of us in a certain subgenre of edtech have been working for a long time to try and use RSS to syndicate and aggregate posts from individual blogs into community sites. These sites are sometimes referred to as planet sites, mother blogs, aggregator sites, syndication hubs, etc. A good example of this is ds106, where posts are not only syndicated into the Blog Flow, but also the assignment bank—making for a richer, more targeted contextualization of student posts. Over the last seven years ds106 has syndicated more the 75,000 posts, providing a point of creative contact—if you will.

The syndication and aggregation for ds106 is all handled by FeedWordPress, which can grab the RSS feed of just about any publishing platform that exposes one. In order to simplify things, we’re using a Gravity Form to help automate the sign-up process. It’s far from a perfect setup, but it has been working fairly well for almost seven years now. In fact, it has been a template for other site aggregators, including the first Community directory site that Martha Burtis and Tim Owens built around UMW Domains in 2014 (which is no longer in use).   Read more

Fixing a Database Connection Error

When the site throws the error: Error establishing a database connection, this usually means there is miscommunication between the database and the files in the file manager. What I like to do from here is open up the Files and Tables section in Installatron.

You’re  going to compare the four sections in red to the database file in the File manager.  Read more

ReclaimVideo Nightmares

It took a bit of time, but ReclaimVideo has moved out of the possibility stage into the planning stage. We will be working on building out the storefront space from January through March, with hopes of a grand opening this Spring. Timelines are flexible, but there will be a brand new video rental store opening up in Fredericksburg in 2018. Expect nothing less than the trailing edge of innovation in all things Reclaim—the first name in retrograde technologies. More on that as the store progresses, but right now we are in the fun stage of purchasing movie titles and equipment on Ebay and beyond. Read more

Reclaiming SPLOTs

 

I already blogged this summer about my growing excitement about the possibilities for SPLOTs (which is an acronym for simple teaching tools) for Reclaim Hosting. But after a recent trip to Colgate University, I’m ever more bully on these tiny teaching tools. SPLOTs piqued a lot of interest during a workshop and presentation I gave at Deakins University and Charles Sturt University in July, so Lauren Brumfield and I decided to integrate them into the two-day workshop we were running at Colgate University around their Domain of One’s Own setup to see if we got a similar response. We did.

The response to SPLOTs amongst the small group gathered to administer and introduce the campus community to Colgate Domains was quite enthusiastic. We spent day one providing a system overview of Domains, with a deep-dive into managing cPanel, WHMCS, etc. Day two was focused on using Domains for teaching and learning, and showcasing some of the possible applications both within and beyond WordPress. It was during that second day where we decided to dig into SPLOTs—although we did introduce them briefly the day before when talking about syndication sites. Rather than having a pre-defined script around SPLOTs, we decided to wing that part of the workshop and have everyone in the room try and build a portfolio using the SPLOTs Alan Levine designed on StateU. In fact, this month it has been Alan’s turn to play the SPLOT Warrior, and I have no doubt he’s already got the revolution Down Under in full effect.

Image credit: Alan Levine

Read more

Reclaiming NYC

The first team trip, for me, was one for the books! This was definitely a lot of fun and a great way for us to regroup before the end of the year, and the perfect time to reflect on Workshop of One’s Own.

WoOO is a two-day workshop that Reclaim hosts, to introduce and train Our Domain of One’s Own schools on the three parts that make up DoOO, WordPress, WHM, and WHMCS. This was our first time running a workshop in this capacity, but we want to continue to offer this to the schools we support through Domain of One’s Own. I thought this was successful. We spent the two days talking about each purpose of the trio that makes up Domain of One’s Own and how to support the program. We created a website that we hope becomes one of the go-to options for DoOO documentation. We reflected on what we could do to improve the workshop for the next go around in the car on the way to the airport just after finishing the final talks.

We decided that just talking to the participants wasn’t enough. That can get boring quickly. We ran an ‘escape room’ where we posed a series problems to fix a  troubled website. We gave the participants 2 lifelines to ‘support’ where they could ask us questions. The group was determined to not use the lifelines, and they successfully made it through the room without using them! This escape room quickly became one of the favorite activities.

Another thing that came up was the size of the group. We opened registration to include 10 people total. But as things moved along we ended up with 6 participants. This was honestly the perfect size. We wanted this to be a focused group of individuals where they could get all of their questions answered, and hopefully, they could learn all they could about supporting Domain of One’s Own. We decided as a group that a smaller group like this would be a better option.


Once we arrived in NYC, most of our conversations shifted towards how we felt as a group, and what the future holds for Reclaim. We even talked about where the company has expanded since the last team trip, to Portland, around this time last year.  Lauren and Jim both wrote about on their blogs, oddly enough both called Reclaiming Portland.

So what does the future hold for Reclaim? Cloudron is definitely a cool one, Tim wrote about this on his blog, but I’ll give a short description of what Cloudron is. From their website “Cloudron is a platform to host apps on your server and keep them up-to-date and secure.” And this is a super seamless way to install a single instance of WordPress and Ghost. This is so simple, There’s no need to worry about remembering passwords when installing the application, you can access this with the one password you set up when you log in.

Continuing on the future of Reclaim, we talked about a potential new marketing campaign… I think this will be an awesome addition to Reclaim and let us reach new schools. Be on the lookout for more on that!

This trip was also very inspiring. On Sunday morning, we found ourselves in SoHo and close to Chinatown for brunch. It dawned on me that one of my favorite Youtube Creators, Casey Neistat, has his office in this area. I only know this because it is literally a place on Google Maps. Casey is a filmmaker, entrepreneur, and content creator. He started a business called Beme, which is like Snapchat. Recently, this company was bought by CNN but the headquarters is still on Broadway in NYC. We decided to take an adventure to the office after brunch and it was honestly so surreal. I happened to look up just before we got to the office and there it was! I thought it was pretty cool see where someone works when I only see that in their videos. Taking away the screen as a barrier made this all so real.

The Beme Headquarters

 

We may have left Reclaim’s mark in NYC as well…

Spot the Reclaim sticker

One last thing we talked about during our time in NYC was how we felt as a company. And I think we’re all in agreement when we say that things are going well. I’ve been on the team fulltime for two months now and I have no complaints. Yes, we all have those super boring days where nothing happens and then there are days when we’re getting new tickets left and right. We also talked about where we’d like to see the company go in the next year, and for me, I’d like to take on documentation as a project. I’d like to use writing documentation as a way to have an understanding of how everything works. When writing an article about something, it kind of forces you to learn about that topic before you publish the article.

So that’s what Reclaim is looking towards in the future! We definitely are growing, and this weekend in New York was a great time for us to get to know each other a little more and a great chance to see where everyone is at this point in their Reclaim career. Here’s to the future!