Created on Monday, 04 August 2014 16:3604 August 2014
Just a few days after it was officially announced by the PHP development team, the latest bugfix-only release of PHP 5.6.0 is now available on all servers within our web hosting network.
This is the third-in-a-row Release Candidate version of PHP 5.6.0, which accumulates all bug fixes that have been reported by the large PHP community worldwide.
The latest version boasts a wide range of improvements and brand new features that are aimed at making PHP much safer and easier to work with.
Here is a list of the key new features included in the new release:
Added support for constant scalar expressions
numeric and string literals and/or constants are now allowed in static-value contexts, such as constant and property declarations or default function arguments.
Variadic functions via ‘…’
the variadic functions can now be implemented through the ‘…’ operator, instead of the func_get_args() function.
Argument unpacking via ‘…’
the аrrays and traversable objects can be unpacked into argument lists when calling functions through the ‘…’ operator.
Exponentiation via ‘**’
a right associative ** operator and a **= shorthand assignment operator have been added to support exponentiation.
use function and use const
the use operator now supports importing functions (via the use function construct) and constants (via the use const construct), apart from classes.
PHP now includes an interactive debugger called phpdbg, which is implemented as a SAPI module.
Default character encoding
the default_charset is now used as the default character set for functions that are encoding-specific, such as htmlspecialchars(). The default value for this setting is UTF-8.
Large file uploads
files larger than 2 gigabytes in size are now supported.
peer verification is enabled by default, support for certificate fingerprint matching is now included, mitigation against TLS renegotiation attacks is activated; many new SSL context options, which allow better control over the protocol/verification settings when using encryption, are included too.
Created on Friday, 01 August 2014 16:5701 August 2014
With an .htaccess file, you can quickly restrict the use of images from your website on other sites, add a custom 404 page, block an IP address, redirect a web page to a different web page, etc.
The .htaccess file has been around since the early days of the Internet and is still in use on millions of web servers. While most users don’t use it, it’s a really powerful tool, which can help you a lot in many different situations.
It is vital for any webmaster to get to know what they can do with an .htaccess file.
Go to Advanced -> Hotlink Protection. From there, simply select a website and the exact path, if you want to protect a specific folder only. Here is the code for doing it manually:
<Files "login.php"> Order deny,allow Deny from all AuthName "htaccess password prompt" AuthType Basic AuthUserFile /web/askapache.com/.htpasswd Require valid-user </Files>
Please note that this is just an example and the path displayed above may be different for your particular hosting account.
Keep in mind that you will also need to create an .htpasswd file with the password inside. It has to be stored in the same folder as the .htaccess file. Don’t enter the password in plain text – use MD5 encryption.
Go to Hosted Domains and right-click on any of your hosts. Select Edit. Now you will see the most popular error pages. They are currently set to Default, but you can pick a custom page – simply select the Custom URL option and enter the URL of the 404 page that you want to use. To manually add an error page, use the following code:
ErrorDocument 404 /path/to/error/page.html
In your Hepsia Control Panel, go to Advanced -> IP Blocking. From there you can quickly block a specific IP from accessing a given website. Additionally, you can use the following code in your .htaccess file:
ErrorDocument 403 http://www.my-website.com/ Order deny,allow Deny from all Allow from 188.8.131.52
Don’t forget to also have a look at our .htaccess generator, which is located in the Advanced section of the Hepsia Control Panel. It will generate a custom .htaccess file with all the options that you want to use.
Keep in mind that if you are using a script-based website (a WordPress-based website, a Joomla-based website, etc), you already have an .htaccess file, which has been generated automatically by the application. Instead of generating a new one, you are better off editing your existing .htaccess file.
As with shared hosting accounts, the ModSecurity firewall is enabled by default on your VPS, so you don’t have to configure anything in order to have your websites protected.
ModSecurity is running in a blocking mode, so it will automatically block all incoming requests that are flagged as insecure according to the commercial rules at http://www.atomicorp.com.
You can access the ModSecurity section in the Hepsia Control Panel from the newly added shortcut on the Control Panel’s home page or from the Advanced drop-down menu:
How does ModSecurity exactly work?
Over 70% of all the attacks are now carried out at the web application level and being a web application firewall (WAF) itself, ModSecurity effectively addresses this problem.
Its purpose is to establish an external security layer, which allows for HTTP traffic monitoring and real-time analysis, and it offers a powerful API for implementing the advanced protection needed.
This way, the firewall ensures an enhanced level of security, where the malicious attacks are detected and prevented before they reach the web applications.
ModSecurity against brute force attacks
ModSecurity has proven to be very efficient in preventing “brute force” attacks, i.e. the attempts to guess the username and the password of a web application, using a predefined set of usernames and passwords and combining them randomly.
Thanks to the ModSecurity firewall, if there are more than 15 failed login attempts from an IP address within 3 minutes, the IP address will be blocked from accessing the website for the next 30 minutes.
So far, the ModSecurity plugin has reduced the number of hacked websites on our servers dramatically.
If you have any questions about ModSecurity and about how it will work on your Virtual Private Server, don’t hesitate to contact our support team by opening a ticket from the Web Hosting Control Panel.
Keeping you up to date with the latest updates and introductions to our web hosting platform has always been a priority in our schedule.
To make the presentation of news and updates simpler and more attractive, we have made some significant tweaks to the News section of the Web Hosting Control Panel.
From today, you will be able to read the news about us like reading your favourite blog, because we have added visuals and content segmentation.
We hope this new and agile format will improve your access to timely and relevant information regarding our services.
Update to the Inbox tab – a new boxy style and news excerpts
The first important update is a visual re-styling of the Inbox tab, which alerts you about unread news.
Besides from a new and cleaner appearance, there’s a better differentiation between this service updates and your regular service notifications and alerts. This way you can easily prioritise which content you want to read firstly.
Update to the News listing
Now all news articles are listed in with a 16:9 thumbnail and a brief introductory headline, as well as a concise summary of the main points discussed in the update. It also includes a thumbnail picture to help convey the main message of each update.
Here's a screenshot of how they are arranged:
A complete redesign of the news content pages
The news content pages have been revamped to offer a blog-like look and feel. They now feature a segmented layout and plenty of images and video embeds for better illustrating the content.