Benefits of dedicated IP vs. shared IP

/0 Comments/in /by

Large business and corporations don’t really have to decide if they should be obtaining a dedicated IP or shared IP. Most of the larger enterprises end up obtaining a dedicated server which of course comes with dedicated IP’s. However, start-ups, and small-businesses do have to make that choice sometime during their venture if they should remain shared or simply get a dedicated IP.

Advantages of a dedicated IP address:

  • You can access your server before pointing any domain to your server’s IP address in DNS
  • You can access your server in case of a DNS error or failure
  • You can point any and as many domains as you like to the IP address of your server, and unlimited subdomains of those domains as well. You will not have to “declare” these by using the “add-on domain” function of a control panel — everything can be done at the DNS level. The disposition of requests to those domains is entirely your choice as well; You can map them into the filespace of the server in any way you like (using mod_rewrite on Apache, for example).
  • It is beneficial for email sender’s reputation. Establish and be accountable for one’s own IP reputation. In simple sense, your emails won’t get grouped with other less diligent senders and therefore ensures better Inbox placement.
  • It is good for a business identity.
  • It is “sometimes” required for particular third-party applications/scripts.
  • Your site is high traffic and needs dedicated resources to maintain performance.

If any of the bullet points are important to you, then it is time to get your own dedicated IP.

WordPress Malware (PHP.Trojan.Uploader & Php.Trojan.StopPost)

/3 Comments/in , /by

WordPress as a platform is fantastic, and usually its a fairly secure. However, plugins that you use might be a different story. Some plugins are updated on weekly basis, and then there are those that are updated monthly, annually or sometimes are never updated again.

One of our clients runs a very active and informational website. The client had refused to do any updates because they were afraid that it might “break” something on their website. Which is totally understandable. For those of you who do updates on daily basis, sometimes its not a smooth progression and you spend more time troubleshooting the issue than anything else.

Client was hosted on a shared web server, and our firewall had alerted us that the website had been sending a large amount of SPAM. Approximately 200-300 emails per minute. We had immediately disabled the website and had ran a scan on the entire server.

As it turns out their website had been compromised via plugin and had injected itself authorizing use of the server’s mail resources. Upon further investigation the server had not been compromised just the clients website.

Here’s the complete log of what had been infected:

{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-includes/ID3/header.php.suspected
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-includes/images/smilies/options.php.suspected
{HEX}php.base64.v23au.184 : /home/user/web/website.com/public_htmlx/wp-includes/images/wlw/object.php
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/themes/twentyfourteen/inc/inc.php.suspected
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/uploads/2015/ajax.php.suspected
{HEX}php.cmdshell.unclassed.358 : /home/user/web/website.com/public_htmlx/wp-content/uploads/phpini.php
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/plugins/tinymce-advanced/css/test.php.suspected
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/plugins/eventON/assets/js/javascript.php.suspected
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/plugins/eventON/assets/css/test.php.suspected
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/plugins/display-widgets/session.php.suspected
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/plugins/shortcodes-ultimate/inc/core/general.php.suspected
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/plugins/shortcodes-ultimate/assets/images/player/view.php.suspected
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/plugins/business-directory-plugin/vendors/anet_php_sdk/lib/ssl/include.php
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/plugins/business-directory/business-directory-plugin/vendors/anet_php_sdk/tests/AuthorizeNetDPM_Test.php
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/plugins/wordpress-seo/model.php.suspected
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/plugins/wordpress-seo/vendor/yoast/api-libs/google/service/Google_BatchRequest.php
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/plugins/wordpress-seo/vendor/yoast/api-libs/class-api-libs.php
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/plugins/wordpress-seo/vendor/yoast/license-manager/samples/sample-theme-functions.php
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/plugins/stop-auto-update/dump.php.suspected
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/search.php.suspected
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/validation/object.php
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/css.php
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_basic_album/module.nextgen_basic_album.php
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_pagination/view.php
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/fs/package.module.fs.php
{CAV}PHP.Trojan.Uploader : /home/user/web/website.com/public_htmlx/wp-content/plugins/seo-image/javascripts/css.php.suspected
{CAV}Php.Trojan.StopPost : /home/user/web/website.com/public_htmlx/wp-content/gallery/gal1/thumbs/ajax.php.suspected

Unfortunately, the best we could do is restore from previous backup and perform a plugin update along with wordpress.

Moral of the story is, update your plugins people. And if the plugin is old, we wouldn’t recommend using it.

Rogers SureTap Wallet Review

/0 Comments/in , , /by

Paying by tapping your phone instead of your credit card seems like a great idea. The technology has been around ever since NFC came out, and there are a few banks that have applications that are capable with it. Now Rogers is getting into the banking game. Since they are a telecom the process should be easy? Right? What’s required:

1) NFC capable phone
2) NFC Sim card
3) Application that will tie all this together
4) A card that’s compatible with the application

Lots of requirements are required, not to mention there are some phones that are NFC capable however are not included with the application which automatically excludes the user. At the time of writing these are the handsets that are compatible with the Rogers SureTap Wallet App:

Samsung GALAXY Alpha™
Samsung GALAXY Note 4™
Samsung GALAXY Note 3™
Samsung GALAXY Note II™
Samsung GALAXY S4™
Samsung GALAXY S III™
Samsung GALAXY S5™
HTC One™
HTC One (M8)
LG G3
LG G Flex
LG G2
LG Optimus G
BlackBerry® Z10
Sony Xperia® Z3
BlackBerry® Z3
Samsung Core LTE
BlackBerry® Z30
BlackBerry® Q10

I went to the Rogers store and picked up a NFC sim card listed at $9.99+tax at the time of purchase. Rogers (over the phone) was offering free NFC sim cards, however I wanted a NANO sim card and I had a feeling because I was testing it with Z10 that Rogers would mail me Micro sim card instead.

Swapping current nano sim card to NFC nano card was fairly easy on Rogers.com My Account. The change was instant, took less than 2-3 minutes to do.

Next was to download the application. Since I was using a BlackBerry Z10 I went to the BlackBerry World app and download Rogers SureTap Wallet. I registered and apparently during the registration process there is additional information that is burned on the NFC sim card. The process was easy and I had my Rogers SureTap Wallet successfully installed. The security involved is a 4 pin password requirement along with two security questions.

Now to add a card, at the time of posting Rogers was offering their branded Rogers MasterCard with additional credit included. I added the card and this process did take a bit for the card to be downloaded (approximately 2 hours). Once that was done I was set. Time to test.

Here’s the list of merchants that is successfully worked:

  • Metro
  • McDondals
  • Tim Horton’s
  • Pizza Pizza
  • Harveys
  • LCBO

The list of merchants that did not accept suretap (seem to accept only swipe or chip insertion):

  • Target
  • Walmart
  • Wendy’s

How to get SureTap to work:

When the merchant tells you the total, and asks you how you are paying. Simply say Master Card. The merchant will usually tell you “go ahead when ready”. On your phone click on the SureTap Wallet app, type in your 4 digit password, click on your Rogers MasterCard and click on Pay Now. Place your handset over the terminal (rest it on top of it if you can). Wait for the “beep”, and leave it for additional 2-3 seconds. That is. The coin term “TAP”, does not work. I find it that the transaction would initiate, however time-out after the beep.

Please note that I had the application pre-loaded each time with my 4 digit code entered, the only step left was to click on Pay Now. I found that on Z10 it took a while to do it from scratch, and one of the merchants cash register actually timed out while I was trying to load the application. For full proof use, load it ahead of time while the merchant is scanning the merchandize.

Security:

The most common scenario is that people will end up switching phones, or wipe the phone clean (format it). What happens to the SureTap Wallet then? Also what if I wanted to run SureTap from a backup, was it possible? Here we go.

First test was, I backed up my Z10. I grabbed my BlackBerry Passport and tried to restore SureTap Wallet to it. Keep in mind that Passport is not on the accepted list of phones. The restore was successful, however the application would get stuck on the splash screen. SureTap wins this one.

Next, I wiped the Z10 clean and performed a restore of just the SureTap Wallet application. When I loaded the application I received strange errors, that the proper sim card wasn’t inserted, etc. SureTap wins this round as well.

Next, I wiped the Z10 one more time, and freshly installed SureTap Wallet application. It asked me for my 4 digit password. I entered it, and all of a sudden it presented me with the 1st security question (please note that you are only asked the 4 digit code when you setup) that I created a month ago. The odd part was that I actually forgot. Not to mention that the responses were case sensitive. I got my first response wrong, and then I was presented with a second security question. Needless to say, I typed that one wrong as well.  The application locked me out. SureTap wins. I was asked to call Rogers for them to unlock the application.

I phoned Rogers, and the rep unlocked it. A temporary 4 digit password was sent. However, here’s the kicker, when I entered the 4 digit temporary password, it said that the code was wrong. I typed in my own 4 digit and it accepted. Strange. First flaw in the SureTap system. What would happen if I forgot my 4 digit password?

Next, I had to guess if my 2 security words were case sensitive or not. I got the first security question wrong, the second one “I think” I got right, however I got stuck on verification for good 20 minutes. The verification eventually timed out and booted me back to my 4 digit password. After I typed in my 4 digit password, I managed to guess my first security word. The security verification passed and it went to this screen that I haven’t seen as of yet:

Updating Rogers Suretap Wallet

However, after about 5-10 seconds I receive the screen below(tested with LTE, 3G, EDGE and WIFI)

Rogers Suretap Wallet Try Again

After you click on “Try Again”, it takes you back to your 4 digit password. The process and the cycle are in the never ending loop. I tried reinstalled the application, reloading the operating system. Nothing worked.

I reached out on twitter to @RogersHelps (Really helpful staff at Rogers). The rep refreshed my account, and tried a few things out, however nothing really changed. The issue was escalated and it could take 10 days to fix.

Final Words (Review):

Rogers Suretap Wallet seems to work, I do find it slow on my Z10 (hence I had to have it pre-loaded while the cashier scans the product). I found it NOT to be a TAP solution, more like HOLD and WAIT to pay.

Word of warning, there doesn’t seem to be any contingency plan if you forget your 4 digit number. The temporary 4 digit number that was sent via text by Rogers never worked. And according to the SureTap Rogers rep the two security words if you forget them completely it is a pain to recover. I personally think that you are SOL if you forget the two security words. Kiss your wallet goodbye.

I’m curious how they will fix my problem, I have the 4 digit password and the security words. It seems to me that there might be a additional layer of security that has blacklisted my sim card or my IMEI. Unfortunately, I don’t have another approved device to try and test if the situation would change with a different IMEI.

I have to wait 10 days for them to fix the issue. When you think about it, 10 days is unacceptable, especially when money/paying is involved. I will keep you updated if my Wallet gets sorted.

UPDATE (January 14, 2015): Nothing from Rogers yet. However, I did mess around with the application a bit more. My intention was to lock myself out on purpose and give Rogers a call. I inputted wrong responses and got locked out. But I was able to get back into the application each time. Please note that the original lock-out, I was not able to get back into the application. This time around, I can get back into it each time. I didn’t want to mess with my 4 digit number though, that might be next if Rogers doesn’t solve this issue.

UPDATE (January 22, 2015): I called Rogers SureTap Wallet 1-855-640-7914 phone number. The rep I got told me that they no longer have access to accounts as of Monday. And that the back office team is working on the issues. My ticket has also not been viewed yet. Therefore, who knows how long until I see my SureTap Wallet again.

Please do note that I did try to access SureTap Wallet and the connection kept timing out. I got a new JAVA error which I’ll post later.

UPDATED (March 2, 2016): Rogers has officially decided to pull the plug with SureTap as of April 30, 2016. If you have funds, try to spend them or request a refund: https://suretap.com/refund/

It was a very promising project that failed at launch. Too many different handsets, and every handset had some sort of an “App” issue. Its a shame. RIP Rogers SureTap

4 Operating Systems in 1 year (Review)

/0 Comments/in /by

I took it upon myself to treat 2014 as a testing tool of trying out 4 different operating systems in 1 year. The idea was to try out each operating system for 3 months in everyday use without taking the SIM out and putting it back to my preferred phone (which was iPhone at the time). Therefore, do note that I “was” the biggest proponent of iOS. I was one of those users that jumped on iPhone early, having the 2G, 3G, 3GS, 4, 4S and last but not least 5. Therefore I was opposed to any other operating system.  My least favorite at the time was BlackBerry BB10 OS, I had hate for it without even trying the OS out.

Prior to testing my uneducated, unscientific tests, this is how I thought they would rank up:

1. iOS
2. Android
3. BlackBerry
4. Windows (I thought because it was new, it would have lots of flaws)

The handsets I picked up were as follows:

1. iPhone 5
2. Samsung Note 2
3. BlackBerry Z10
4. Nokia Lumia 1520

The applications that I used on everyday basis are: email, contacts, SMS, Calendar, taking photos, voice notes, notepad (small notes), minor editing and emailing of Excel and Word, and of course phone calls. The only entertainment I have used is audio streaming, some youtube watching, and that’s about it. Therefore, you can consider myself a business user. I’m by no means a gamer. Take that into consideration as you read my final results.

My final rankings with a brief explanation:

1. BlackBerry Z10 – BB10 as an operating system is by far the easiest, and fastest to get the job done if you are planning to do business only tools. I found the keyboard to be the best and easiest to use, and navigating between the tasks required no effort or waste of time. Yes I was a hater, absolutely didn’t want to open my eyes to see a BB. However BB10 operating system changed my way of thinking.

2. Nokia Lumia 1520 – Windows Phone 8.1 is superb. It actually surpassed all of my expectations. It might have scored high because of Excel and Word editing (on a 6″ screen). However, I was able to do all of my tasks without a worry.  The OS is missing a few minor things, but overall it did the job.

3. iPhone 5 – When I was testing the phone I was transitioning from iOS 6 to iOS7. iOS6 was solid operating system, with the addition of iOS7 and since I used it mostly on iOS7 it scored low on my personal chart. For some reason it took significant amount of time to do things versus the top 2. I’ve become a lover of the iOS to a hater by trying out other operating systems. How the heck did that happen? In all seriousness, iOS is a great choice if you are planning to do business and entertainment. It would score #1 on my list if that was the case. But as I mentioned, I don’t do any entertainment/gaming. As a business device, it just doesn’t do the job as BB10 and WP8.1 did. At least for me.

4. Samsung Note 2 – Please take note that I’m not bashing the actual hardware. Samsung Note 2 is a beautiful handset, with amazing piece of hardware. The operating system is the worst piece of you know what. Wow! I think I found myself fixing things on it then getting the job done. If you are a business person, stay away from Android. If you want to play games and waste time, Android is the OS for you. If you are looking for just entertainment, I would say Android would score #1 on my list. Other then that, stay away.

Of course the rating above is a personal preference. However, I think people need to try other operating systems and not be committed to one. It might open up your eyes, like they have been opened up for me.

Spam Links showing up in WordPress

/0 Comments/in , , /by

I was contacted by a client who had experienced odd links / advertisements showing up in his WordPress setup. Furthermore, he had experienced emails bouncing back from his Contact Us form. The client has a dedicated servers with 5 ip addresses. Other websites are not experiencing any issues nor are the other 4 ip addresses. The odds are his entire server was not compromised.

Upon examining his infected website it appeared that majority of the links traced back to: http://www.genericstts.com. Some of the keywords that were used in linkage were: Play Craps Online, Play Bingo Online, and Meilleurs Casino en ligne.

This was a multiple task, first we needed to find out why his dedicated server was blacklisted and second, we needed to find out what was causing these links / advertisements.

There was absolutely no point in trying to un-blacklist his ip address because we needed to solve his website spam problem.

The obvious solution was to find if its a plugin or theme causing this or the actual WordPress that was compromised. After narrowing it down, it appeared that a plugin was compromised.

This is where you need to make a decision. Do you just wipe the entire system or delete just the plugin or trace the issue and try to eliminate the malware manually and keep the plugin and the website in tact. It all depends how much information you have stored in your wordpress setup, how much time you want to spend, or how much money you want to spend for someone to spend the time to narrow down the problem. The client wanted to trace the issue down. According to Fox IT, the proper solution should be to eliminate the user and to wipe the system down.

Now you can try and install clamav or maldet to see if it will find the malware and remove it for you, or you can try to find the issue manually.

I did it manually, since I knew which plugin was infected I took a look at each file manually. As it turns out it was a .PNG file that was infected. It did drop itself in two different spots. After getting rid of the two .PNG files, I also made sure you couldn’t write into those two directories.

After getting rid of the malware, I went to de-list the blacklisted IP.

All was back to normal.

If you require any sort of malware removal on your dedicated server (or shared) CONTACT US

 

Nokia Lumia 920 Update to 8.1 Cyan (scrolling fix)

/0 Comments/in /by

If you had updated from Black version to Cyan (8.1), you might notice a scrolling issue especially in the middle of the screen. You may observe a line across the screen (as if the pixels are getting stuck). I haven’t dug deeper into the issue, however there is an easy fix to this problem. If you do a phone reset from your “about” menu. Keep in mind that you will loose all information on your phone. BACKUP prior processing the phone reset.  When the reset is complete, download and restore all your applications, photos, etc. You will notice that the problem is gone. I’m curious what causes it though, I wish I looked into it deeper.

Deregister – Unregister – Turn Off iMessage

/0 Comments/in /by

You must have seen different tips and tricks on how to turn-off iMessage. Believe me I have tried them all and none seem to work. Those who still had iPhones/iDevices who tried to contact me via iMessage had their messages either go through or bounce back. The system rarely diverted them to me via SMS. Therefore, I lost a lot of incoming and probably some friends along the way:)

Needless to say after many complaints Apple actually released a tool that works.

1. Go here: https://selfsolve.apple.com/deregister-imessage

2. Type in your phone number

3. Receive a 6 digit text message and type that into the browser

DONE!

Enjoy cutting the final strings from Apple 😉

PRO TIP: The link only works via browser. If you try with your handheld, it will load, but it will not send you a text message after you type in your phone number. Go figure. Use a fully functional laptop.

MacBook Pro: Bootcamp Windows 7 Ultimate – Mouse – Keyboard lock-up

/0 Comments/in /by

I’ve been running Microsoft Windows 7 Ultimate on my MacBook Pro Late 2013 for at least 4 months. I’ve installed many applications on it, and had absolutely no issues. One day I went to boot it up and my mouse/keyboard would not function. I was stuck on the login/password (Windows 7 screen). I thought it was a fluke, I rebooted and same exact issue. I tried safe mode, and encountered same problem. I then attached a usb keyboard and mouse….still nothing. I was baffled. Nothing worked. I tried booting with PE, custom O/S’s that I have compiled, and still same issue. It didn’t make sense.

After messing around with it (on and off) for a few hours. I found a temporary solution. When you are about to boot into Windows 7 click F8. This will give you an advance boot up menu. And select the very last option “Disable Driver Signature Enforcement”.

My mouse and keyboard functioned once again. Here’s the fun Windows part, I can’t permanently disable Driver Signature Enforcement. By default it will not let you override it (at least I haven’t figured out a way to do so). OK, whats next? Well sign the drivers that need signing. However, I’m unsure what drivers are causing this as I haven’t installed any new unassigned drivers. I installed the latest version of bootcamp to see if that would fix it, however I’m back to F8.

Who is to blame? Microsoft? Apple? Or both….I’m going with both this time around.

Hope this helps someone who is stuck on a frozen Windows 7 username/password screen.

Blackberry Passport Outright Pricing

/0 Comments/in /by

I buy all my devices outright. I try not to fall into the contract trap offered by local telecoms here in Canada. I was actually shocked at BlackBerry Passport outright pricing. In Canada on the ShopBlackberry.com website it was selling for $699. For some strange reason on the U.S. portion of the website it was discounted -$100.00, dropping it down to US$599.00. Still a bit steep.

Of course the US/Canada pricing difference didn’t make sense either, I do realize ShopBlackBerry.com is owned by a third party, although is considered the official store for BlackBerry. Regardless, who in their right mind would pay $699.00 for a device that hasn’t really proven itself? I’m a BlackBerry fan and do want them to succeed, but whoever is pricing their devices is out of their mind and should be fired. Due to the pricing scheme this device will simply fail.

I don’t own any Google devices, but to me Google has the best pricing scheme next to Amazon. For example their Nexus 5 outright price is CA$349.00. That’s competitive, and if I was in a need of a phone, and if my current phone died, I’d more then likely purchase a Nexus 5. Amazon is in the same boat, their tablet pricing is superb.

With more and more people wanting to be “off-contract” with their carriers in Canada, BlackBerry simply missed the boat. I would have been all over this device if it was listed for $399.00 or heck even $499.00. However, anything above $500.00 is just asking for catastrophic fail.

Even if I was insane enough to go on a 2 year contract the asking price was $249.00. You mean, I have to get into a contract and I still end up paying $249.00? I’m better of getting an iPhone 6 on a two year contract and possibly profiting in the end. Very disappointing BlackBerry.

I’ll end up checking BlackBerry Passport when the hype is over and the device ends up in the $300 outright range. Until then…..

UPDATE: BestBuy (U.S.) has already dropped the 2 year contract price to $199. I expect the Passport to be $0 on two year contract by Christmas.

BlackBerry Z10 Band Switching LTE to 4G to EDGE

/0 Comments/in /by

I have been testing band switching (network mode)  on the BlackBerry Z10. As many of you are aware Z10 battery life is the one feature that is a nuisance.

To circumvent that issue, I thought if I switched from LTE  to 4G that it would somewhat improve battery life. Well it got even worse. Battery life lasted only about 6 hours. Whats up with that?

My next test involved switching network mode from 4G to EDGE. Traditionally BlackBerry phones that ran on EDGE could last for days with heavy usage. Unfortunately, that was not the case with the Z10. It average about the same battery life on EDGE as it did on 4G (moderate use).

Surprisingly LTE averaged the highest battery life on moderate usage at around 9 hours.

In conclusion, hopefully I have LTE coverage wherever I go, or I’ll need a secondary battery in my pocket.