General
Domains and DNS
Encryption and Security
NodeHost Panel
Behind the Scenes
Coding
Attacks and Spam
Security

Send to new page

Read More

Why you should never host sub domain sites in sub folders (multi-site, aliases)

When talking about web security, most don't think about the basics. Some users on NodeHost (and we don't block this as some just need to) and on other hosts will host more then one separate site (codebase/content) in the same web folder. This is called multi-site. This is where more then one site, usually sub domain aliases are hosted on one hosting plan in one http folder separated into separate sub folders. Although you can do this and it works, it brings a security risk.

Read More

Setting up multi site on a single site instance using sub domains

Although this is not recommended ("Why you should never host sub domain sites in sub folders") you can setup different sub sites under one site instance on NodeHost. To do so you will need to visit the domain section of the panel and add the sub domain as aliases (sub name and full domain blog.example.com). The alias will act as a funnel sending all traffic to the /web/example.com/public_html folder same as your main domain will.

Read More

NGINX and rate Limits, and why we don't have them

Most if not ALL hosting providers have rate limits on file access or disk IO usage, and most have NGINX or Apache rate limits in place. This rate limit makes connections drop if the set limit is exceeded per minute or second. Usually this is around 20 requests per second for most providers. Rate limits are amazing at preventing abuse of resources, but it also makes real traffic drop.

Read More

Securing your site with Let's Encrypt

In the modern web security is important, and HTTPS is the best way to help secure your website and keep visitors safe. HTTPS is a secure web connection from the user to the server using SSL. This makes it so nobody can spy on network data between the users browser and the web server. Enabling this is FREE thanks to Let's Encrypt, or even CloudFlare.

Read More

Log PHP errors without showing data to visitors

So if you want to see custom errors, but don't want to let your visitors see it, you have a great option called error_log();. With Error log you can write to the default server error logs and see the errors on the NodeHost dashboard at any time. This works on all php versions since PHP 4 and on any server host.

Read More

Why do we still use Apache?

So our nodes still run on Apache, or they kinda do. See our hosting uses NGINX as a proxy, handling all static files like images, videos, scripts, style sheets, and html files. So all files that don't need PHP, so how is Apache running?

Read More