Friday, 12 December 2014

We’re pleased to announce that Public Folders will be available in Hosted Exchange 2013 on December 17, 2014.


Background:


In March 2014, Microsoft announced new limits on Exchange 2013 public folders. The limits were due to a new folder storage architecture in the 2013 release.  At that point Thexyz removed public folders from our Hosted Exchange 2013 product in order to maintain server stability until Microsoft could provide an update. In August 2014, Microsoft released the software update to improve public folder limits, and Thexyz began applying the new guidance to our Hosted Exchange 2013 product. Microsoft's update still has limits on public folders. In order for Thexyz to offer public folders without exceeding those numbers, we will apply folder usage limits to all customer accounts.


Public Folder in Exchange 2013


You will be able to add Public Folders to your Exchange 2013 domain. We are improving your Public Folder experience by moving the management tools into Control Panel; from here you can create, delete, and edit folders.

• Create up to 25 Public Folders total (including subfolders) per email domain.
• Store up to 250 MB of content in each folder.
• Create, rename, delete, and mail-enable folders directly in the Control Panel.
• See real-time provisioning status of your folders in Control Panel.
• Users who manage folders through Outlook will need a Limited Admin account in the Control Panel. Public Folder administration will no longer be available in Outlook.
• End-user permission management for changing read/edit/delete access rights is not available in the first release.
• For Exchange 2013 customers whose folders are above the new limits, Thexyz will NOT automatically decrease their number or storage size. For these users, an example folder structure may display “33 of 25 folders.”  Customers with more than 25 folders may not add new folders until they are below the limit. Folders that are over the 250MB storage quota will not accept new items until content is removed to get below the quota.

Why are there limits on Public Folders


The 25 folder and 250 MB per-folder limits ensure each Exchange environment does not exceed the inherent Public Folder limits that Microsoft placed on Exchange Server 2013. Without these limits, Thexyz would jeopardize the stability of our customer’s email and uptime.  We are not willing to compromise stability and reliability, which is likely one of the reasons you chose us to host your email. As Microsoft raises the limits (as they have stated they plan to do), we plan to raise ours as well.

The new Public Folder administration tools will be live in Control Panel on December 17, 2014.

Saturday, 6 December 2014

The name servers records turn a floating domain into a fully functional host by anchoring it to a certain server on the web.

 

Since the availability of a web server might at times be compromised, most domain names have two name servers – the main one (NS1) and a backup server (NS2), which takes over if the first one is experiencing problems.

 

To further secure your online presence, we’ve also added a second (NS3) and a third (NS4) backup name server to each host.

 

 Geographical location-based name server backup service

 

We’ve learned from experience that the use of different networks to handle name resolution within one and the same data center is not a solid guarantee for online availability. This is why we've implemented backup name servers in three different locations around the globe – NS2 in the Chicago data center (already existing), NS3 in the UK data center and NS4 in the Finnish data center. This way, in the event of a massive network disruption in the Chicago data center, each next-level backup server will be able to take over the job from the previous one in the chain.

A backup name server (NS3) in the UK data center

 

While implementing the location-based backup service, our admins first added a name server in the Pulsant data center in Maindenhead, UK. The UK facility has direct connections to international backbones and a very secure infrastructure. Also, the UK is a country with a lower risk of natural disasters like tsunamis and hurricanes, as compared to the USA.

 

 A backup name server (NS4) in the Finnish data center

 

We’ve selected the data center in Finland to house the fourth name server for a reason. Located in an underground compound, which used to accommodate the Finnish Defence Forces, the data center can withstand even an atomic bomb attack.


Apart from the natural protection against disasters of all sorts, the facility offers an iron-clad security system, which further guarantees the flawless performance of the sites hosted there.













Monday, 1 December 2014

Thexyz admins located a series of unauthorized attacks on CMS-based sites on our platform over the weekend, which appeared to be part of the CryptoPHP hacker ‘campaign’. CryptoPHP is a threat that uses a backdoor to access Joomla, WordPress and Drupal themes and plugins to compromise web servers.

This turns out to be a global phenomenon, which was discovered by experts in the Netherlands through a compromised Joomla plugin on a customer’s site.The plugin had been downloaded from a legitimate-looking site that offers a list of free, compromised themes and plugins.

What is the CryptoPHP malware all about?

By downloading and installing pirated CMS themes and plugins on their own sites, users also install the CryptoPHP backdoor, which empowers attackers to exercise remote control over their sites.

The CryptoPHP malware can inject infected content into the compromised sites and even update itself.

However, the main purpose of the malware is to conduct blackhat SEO operations. Experts have detected links and text injected into the compromised pages with the sole purpose of tricking crawlers into giving the hacker sites backlink credit and a pagerank.

Experts have identified thousands of plugins that have been backdoored using CryptoPHP, including both WordPress and Joomla plugins and themes and Drupal themes.

The exact number of websites affected by CryptoPHP has not been determined yet. However, specialists have reasons to believe that they are at least a few thousand.

How are sites on our platform affected by CryptoPHP?

Unfortunately, a few CMS sites on our platform became the target of CryptoPHP hackers as well. Upon locating the attack, our admins made a thorough investigation of the affected sites and found out that they all contain files like ‘social.png’, ‘social0.png’, or ‘social1.png’, etc. in their code, which are actually PHP scripts instead of PNG files.

They have managed to clean all infected sites of the malware. However, they cannot guarantee that CMS users will not be compromised again if downloading a pirated CMS theme or plugin from the web.

What should I do to make sure I am not affected?

If you have ever installed pirated or untrusted WordPress/Joomla/Drupal plugins/themes/templates, you are potentially susceptible to a CryptoPHP attack.

This is why, you need to take immediate measures and check your sites for files named ‘social.png’. If the file is a PHP script instead of a PNG file, you are probably vulnerable.

Also, if you realize that you are infected, you can resolve the problem temporarily by activating the Outgoing Connections Firewall from your Web Hosting Control Panel:

The attacked sites are trying to make outgoing connections to certain IP's, so this will help you pause the attack until you find a way to resolve the problem.

The best way to protect yourself from the CryptoPHP malware is by making sure you download CMS themes/plugins from from trusted developers’ sites and popular marketplaces.

Here you can find the whole report by the Dutch company, which diagnosed and publicized the CryptoPHP malware: https://foxitsecurity.files.wordpress.com/2014/11/cryptophp-whitepaper-foxsrt-v4.pdf


















Subscribe by email

Enter your email address:

Subscribe to more feeds

Trending Posts

Blog Archive

Tags

News (66) Web Hosting (48) security (26) Email (19) webmail (19) Advertising (15) Tutorials (15) Thexyz Cloud (14) Video (4) resellers (2)