Outlook error 0x800CCC13 and Windows 10

We’ve had reports of an error message like this in Outlook when using Windows 10:

error (0x800CCC13): Cannot connect to the network. Verify your network connection or modem.

If this happens to you, it’s because of a problem with Windows 10, not with Outlook or our servers. According to the Microsoft page about it, updating Windows 10 should fix it. If it doesn’t, they suggest using a “workaround” to repair corrupted files on your computer.

PHP 7.0.0 and 5.6.16

The PHP developers recently released PHP version 7.0.0, as well as an update to the 5.6 series, version 5.6.16. We’ve upgraded PHP on our servers as a result.

The official release of PHP 7 means we’ll start encouraging customers to use it (as long as they use modern scripts like current versions of WordPress). It’s almost twice as fast as old versions of PHP. Yes, really: Twice as fast. We’re using it ourselves on this blog.

If you’d like your WordPress or other PHP-based site to seem snappier, or be able to handle twice as many visitors per second, you can easily do so:

  1. Login to our My Account control panel
  2. Click PHP Settings
  3. Click PHP 7.0 series
  4. Click Save Settings

Then test your site to make sure it works properly. If it does: Great, you’ve just made your site much faster! If it doesn’t, it’s probably because you’re using older scripts that haven’t yet been updated, and you can simply set PHP back to an earlier version for now. We recommend that you always use the latest version that works properly with your scripts.

As always, if you have any trouble, don’t hesitate to contact us.

Disabling SSLv3 and TLS 1.0

If you use an SSL certificate on a site you host with us, we now offer more control over the SSL/TLS protocol versions your site uses.

Old protocol versions, including SSL version 3 (“SSLv3”) and TLS version 1.0, are no longer considered secure. You can now disable these to improve security, at the expense of preventing some older, less-secure browsers from making SSL or TLS connections. Some credit card companies are starting to require that SSLv3 and TLS 1.0 both be disabled.

Read the rest of this entry »

WordPress 3.0.2 update (and mod_security rule)

If you use WordPress blog software on your site, be sure to upgrade to WordPress 3.0.2 as soon as possible. The upgrade contains an important security fix for a vulnerability that allows any WordPress “author” to become an “administrator”.

Although all WordPress users should upgrade right away, we’ve added security rules to our servers to protect our Web hosting customers who haven’t yet upgraded. Other people may find the rules useful if they use mod_security on Apache Web servers. The rest of this post contains more technical details.

Read the rest of this entry »

Avoiding problems with missing images in WordPress

WordPress installations handle missing image files very inefficiently by default, running the entire WordPress script to build a custom “404 Page Not Found” page rather than simply letting Apache return an immediate default “404” response. Running the WordPress script when not necessary is a huge waste of processor time. For example, WordPress might be able to only process 8 requests per second for a missing image when WordPress generates a custom “404” page, but Apache can return process over 1,000 raw “404” responses per second. If your Web site contains references to missing files, this default WordPress behavior can be driving up your CPU usage unnecessarily. We’ve seen poorly-configured Web sites spend a significant portion of their CPU time processing missing images.

Read the rest of this entry »

Even better performance from WP Super Cache

In a previous post, we talked about how increasing the WP Super Cache “Expire time” from 1 hour to 48 hours can help the performance of WordPress blogs.

Here’s another tip that can help dramatically: Remove “bot”, “ia_archive”, “slurp”, “crawl”, “spider” and “Yandex” from the Rejected User Agents box in the WP Super Cache plugin settings. (In most cases, this will leave the box completely empty.)

Read the rest of this entry »

Protect your WordPress login

Do you login to your WordPress blog securely? Are your username and password encrypted so that “hackers” can’t steal them and then break into your blog? (Probably not!)

By default, each WordPress blog is configured to send the login username and password as plain (unencrypted) text. If a hacker can see what you are sending during your login, they can easily steal your username and password. This can happen if you have a virus installed on your computer. It can also happen if your computer is virus-free but connects via WiFi. If your main computer uses a wireless connection, or if you or other users of your blog ever login with their laptops — blogging from a coffee shop, anyone? — remember that these connections can be insecure, and could be susceptible to revealing your password.

You can protect your blog by installing an “SSL certificate” and configuring WordPress to require secure logins. Your browser will then encrypt your username and password so that no one can intercept them.

Read the rest of this entry »

WordPress security thoughts

In the last few days, there’s been a lot of talk on the Internet about the security of WordPress blog software.

Several shared hosting companies apparently allow customers to view the text of other customer’s files by default, and that allows malicious customers to discover the database password of another site (from the “wp-config.php” file) and alter the site.

Read the rest of this entry »

WP Super Cache and FeedBurner

We’ve got a lot of customers running WordPress, and we definitely recommend running WP Super Cache to improve performance. It can help dramatically!

But recently we’ve seen a number of our customers getting hammered by a ton of requests from FeedBurner. Usually the request is of this form:

/somepost?utm_source=feedburner&utm_medium=feed&utm_campaign=SomeCampaignString

We’ve also seen FeedBurner going crazy and making thousands of duplicate requests. One of the sites we host has gotten 45,000 simple status requests (HTTP “HEAD” requests) from FeedBurner today, for no good reason that we can see.

Read the rest of this entry »

Super-fast database writes with INSERT DELAYED

Many Web sites write data to a database. Usually, the data absolutely must be properly saved, so the default way of adding records (using an SQL “INSERT” statement) ensures that the data is permanently stored on the server’s disks. Doing that takes a relatively long time in computer terms — it’s much slower than most things computers do.

In some cases, you might be storing data that’s not quite so important. And if it means your application can run much faster, you might be willing to risk a very small chance of data loss. That’s where MySQL’s “INSERT DELAYED” statement, which works with MyISAM table types (but not InnoDB tables), can be useful. (Tables are created as type MyISAM by default, so most tables are eligible to benefit from this tip.)

Read the rest of this entry »