Contact
Site: US UK AU |
Nexcess Blog

Posts by: admin

Making the Most of Your Holiday Social Media Strategy

November 9, 2017 0 Comments RSS Feed

Making the Most of Your Holiday Social Media Strategy Early forecasts for 2017 holiday sales look merry and bright for retailers. According to Deloitte, overall holiday sales are expected to grow up to 4.5 percent this year, topping $1 trillion between November and January. Researchers expect eCommerce sales alone to increase 18 to 21 percent. For B2C companies, having a presence on social media is no longer optional during the holiday season.

Customers expect to visit your Facebook, Twitter, and Instagram pages to research your products, connect with other customers, and find exclusive promotions. For store owners, it’s the best opportunity of the year to grow your audience and increase your engagement with customers on social media. Here are a few ideas to make the most of your social media for the holiday season.

Read more

Posted in: eCommerce

Magento Security Advisory: Patch Bundle SUPEE-6788 Includes Fixes For Multiple Vulnerabilities

October 29, 2015 0 Comments RSS Feed

The SUPEE-6788 patch for Magento Community Edition and Magento Enterprise Edition includes fixes for potential SQL injection, remote code execution, and cross site scripting vulnerabilities.

On 27th October, Magento released the SUPEE-6788 bundle of patches, which can be downloaded here. The bundle includes patches for a number of critical vulnerabilities. Magento users running versions of Magento Community Edition older than 1.9.2.2, and versions of Magento Enterprise Edition older than 1.14.2.2 should apply the patches immediately.

It should be noted that one or more of the patches in the bundle may break compatibility with some Magento plugins. Some security features added by this patch are disabled by default and must be manually enabled. To enable these security features, Magento users must disable the Admin Routing Compatibility Mode For Extensions option, which is enabled by default, and which can be found in a new setting in the Magento Admin interface under “Admin > Security”.

Failure to disable this setting may leave your Magento store vulnerable to an Admin Disclosure Vulnerability, in which an attacker can force the showing of the admin panel login page by calling the module directly.

Read more

Posted in: Magento, Nexcess, Security

Addressing the Shellshock bug at Nexcess

September 26, 2014 0 Comments RSS Feed

All of our managed servers were patched for CVE-2014-6271 (the “shellshock” bug affecting the Bash shell used on most Linux- and Unix-based systems) on the September 24, 2014. As that was later found to be incomplete (resulting in bug CVE-2014-7169, or “Aftershock”), a second patch was applied today (September 26, 2014). If you’d like to read more about the bug, please see the Wikpedia entry at http://en.wikipedia.org/wiki/Shellshock_(software_bug).

As always, if you have any questions or concerns, feel free to contact us at support@nexcess.net.

Posted in: Nexcess

Zen and the Art of IT Support, Part III: Knowledge Management

July 24, 2013 0 Comments RSS Feed

Zen and the Art of IT Support, Part III: Knowledge Management

Zen and the Art of IT Support, Part III: Knowledge Management

This is a continuation of a larger discussion of ITIL within IT support I started a few months ago. The first part is an overview (and explains how the Metaphysics of Quality could affect topics within IT support) and the second part focuses on incident management. They aren’t required reading, but I may refer to portions of those posts in here (just think about what you would deal with if you tried to watch Return of the Jedi without watching The Empire Strikes Back first).

I will put this bluntly: Knowledge management within most IT organizations is woefully handled and treated as not only an afterthought but a non-thought. That is one of the most tragic things any IT organization can do to itself. Google cannot be the external memory device for your organization’s users and support staff… and many organizations do not realize the proactive value in having properly created and maintained documentation.
Read more

Posted in: Nexcess

More Tips To Keep Your WordPress Site Secure

June 5, 2013 0 Comments RSS Feed

More Tips To Keep Your WordPress Site Secure

Update, Update, Update!

Everybody has seen this over and over again, and with good reason. WordPress is one of the most widely used Content Management Systems (CMS) for blogging and the security patches provided in their updates can help keep your site secure. The older your WordPress version is the more time there has been for hackers to try and find a way in. Remember to keep your themes and plugins as well.

Remove unused plugins and themes

Even if you keep everything updated, you will want to make sure that every old plugin or theme you do not use is removed. A common, unused theme could still serve as an entry point to your site. As long as the theme/plugin is installed the files are on your site they are potential risks, so cutting back the amount of entry points is key to keeping your site secure.

Hide your wp-config.php file

Your wp-config.php file contains extremely sensitive information (such as your database connection). Because of this, WordPress added the ability to move your wp-config.php file one directory above your webroot so it is no longer visible to the public.

So, instead of

/domain.com/public_html/wp-config.php

, you would have

/domain.com/wp-config.php

.

Now, even if permissions aren’t set correctly, or there is an exploit within your version of WordPress, your wp-config.php is not accessible in a browser and your database information is safe.

Read more

Posted in: Security, WordPress

Zen and the Art of IT Support, Part II: Beginning with Incident Management

May 15, 2013 0 Comments RSS Feed

Zen and the Art of IT Support, Part II: Beginning with Incident Management

When tackling a topic as large as IT support, the discussion (much too often) stalls at the point of deciding where to begin. After all, as I mentioned in the first part of this series, we debate the question, “How do we better support our users?” to the point where we would all like to (figuratively) beat ourselves over the heads using a wooden board with nails sticking out of it. For many in the industry, self-mutilation is almost preferable to discussing the topic yet again.

There is, however, a way out (without bloodying yourself or that lovely wooden board with the nails sticking out of it).

Using the IT Infrastructure Library (ITIL), an organization can identify its support needs and those of its users. However, as the framework can be daunting to anyone when first approached, my suggestion is to attack it in chunks. As the King of Hearts says in Lewis Carroll’s Alice in Wonderland, “Begin at the beginning… and go on till you come to the end…”

Thus, let’s begin at the beginning.

The most easily implemented (and the one that can stand alone most easily) is incident management. As defined on Wikipedia:

Incident management aims to restore normal service operation as quickly as possible and minimise the adverse effect on business operations, thus ensuring that the best possible levels of service quality and availability are maintained. ‘Normal service operation’ is defined here as service operation within service-level agreement (SLA) limits.

Read more

Posted in: Nexcess

Understanding Performance: The IOPS Fairy

March 27, 2013 1 Comment RSS Feed

Understanding Performance: The IOPS Fairy

Hello! I’m Jamie Alquiza, systems administrator at Nexcess. Performance is something our team discusses quite a bit. Today, I’ve got terrible news: IOPS are a myth. Well, almost.

You may or may not be familiar with IOPS. It’s a storage performance metric that describes how many operations per second can be delivered from your storage system. As an everyday website owner, this could suggest how quickly your website files can be accessed; how fast can this server find, open or update files? If you’re a member of the technical arm operating a website, IOPS may dictate your database performance expectations.

In the world of online sales, performance is everything. We understand the interest in these metrics because better numbers should yield better performance and ultimately a better user experience. A small delay in loading a page on a blog site may not deter the audience. This becomes increasingly true the more unique the information (personal movie review, an epic secret sauce recipe or maybe some thoughts on measuring performance). Read more

Posted in: Nexcess

Nexcess Announces New Features for Magento Turpentine Extension

March 19, 2013 4 Comments RSS Feed

Nexcess Announces New Features and Enhancements to Turpentine Magento Extension

Nexcess, a leading provider of Magento hosting and Magento Platinum Hosting Partner, has added several new features and enhancements to its popular open source Turpentine extension for Magento. Turpentine provides improved Magento compatibility with Varnish, a very fast caching reverse proxy that can significantly increase response times and reduce latency for eCommerce stores built on the Magento platform.

Maximizing site responsiveness is a crucial part of eCommerce conversion rate optimization. Studies show that latencies measured in milliseconds can have a significant impact on conversions, reducing both sales and general customer satisfaction.

New features that improve Magento’s integration with Varnish include hole-punching via Varnish ESI and AJAX, Magento compiler compatibility, multi-site and multi-store support, and support for Magento’s built-in advanced session validation, which helps prevent session hijacking. The new features in Turpentine make using Varnish easier than ever before for a Magento webmaster; providing security, speed, and versatility. Read more

Posted in: News Releases

Zen and the Art of IT Support, Part I

March 13, 2013 1 Comment RSS Feed

Zen and the Art of IT Support, Part I

When we think of “Zen and the art of [insert punny or topical subject here],” it’s usually a (knowing or unknowing) reference to Robert M. Pirsig’s 1974 novel, Zen and the Art of Motorcycle Maintenance, or ZAMM (which, in turn, is a reference to Eugen Herrigel’s Zen in the Art of Archery). It’s a long slog of a book and (at its heart) is a discussion of the Metaphysics of Quality. I’ve read the book and enjoyed it immensely, but ponder how it became a bestselling book (more than five million copies sold worldwide). It might be an interesting study at some point (I question how many of those five million were read cover-to-cover), but… it’s not the reason for this blog post.

This blog post is serving as an introduction to (what I see as) an eventual series of posts discussing a form of Zen in IT support.

When he was writing the novel, Pirsig’s day job was as a technical writer of computer manuals. The inherent style of a technical writer is infused throughout the novel, making it immensely approachable for those of us who read or write technical documentation. It’s likely that’s why, as I was toying with ways to approach the true subject of this post, I found myself drawn to ZAMM to help me explain the art of IT support.

Like reading ZAMM, working in IT support can be a slog. This is true not only for the user, but also for the support staff.

Read more

Posted in: General

Turpentine Update

December 14, 2012 0 Comments RSS Feed

Turpentine Update

It’s been a couple of months since we initially released the Turpentine extension for Magento. It has come quite a ways in that time, with these new features added:

  • Hole-punch support via ESI (and optionally AJAX)
  • Initial cookie bypass support for cache-warming and performance testing
  • More integration into the Magento admin UI
  • SSL (HTTPS) support via Pound
  • Several usability and performance improvements
  • Magento Enterprise Edition support on Magento Connect

Read more

Posted in: Magento