My Favorites – Control Panel Update

By Jen Merry
May 15, 2013

The next time you log in to your control panel, you may notice a new section at the top -“My Favorites!” This is the latest and greatest update to the vDeck control panel, and is aimed at creating a better user experience for everyone. My Favorites helps you to easily showcase your most important (and most often used) programs in a convenient area of your control panel.

My Favorites

From now on, after you use an icon, it will automatically appear in the My Favorites section. If you would like to permanently keep any one of your recently used icons in the My Favorites section, you can “pin” it by clicking the pushpin icon that appears when you hover your cursor over it. Up to 6 icons can be displayed here at a time.

Icons

In this example, the FTP icon has been pinned as a favorite, and the FileManager is unpinned (but still shows up here since it was recently used). When the section reaches capacity of 6 icons, the FTP icon will stay pinned here, but the File Manager icon will get replaced with the next recently used icon since it’s not permanently pinned.

We hope this improvement will save you some time navigating through the many icons available for your routine updates. We’d love to hear your feedback on this update, as well as hear about any other ideas that you might have for future updates to our control panel. Leave us a comment!

Potential Google Map Update

By Jen Merry
May 8, 2013

According to an unofficial source for Google news and tips at Googlesystem.blogspot.com, Google Maps is planning a launch of a new interface for Google Maps. As seen below, the current interface shows the search results in the sidebar to the left of the map:

Google Map

The new update removes the sidebar to expand the map having the results display as an overlay within the map. An added feature will allow the viewer to restrict local search results to places recommended by top reviewers or from your Google+ circles.

new map2

 

The release date on the updated map and features are unknown at this time. If you haven’t set up a Google+ account for your business, there’s no time like the present. I’m noticing a trend here with Google integrating all of their products around their Google+ network. Get your business page set up and established so future changes from Google won’t negatively impact traffic from their channel!

Click To Tweet

By Jen Merry
May 6, 2013

Normally we feature some customer websites as our Featured Site, but today I can’t help but write about a new site I discovered recently that I think can benefit our customers as well.

The company is called ClickToTweet.com.
According to the ClickToTweet site, here’s how it works…
1. Write the message you want to share in the box.
2. Click the “Generate” button to create a custom link.
3. Share the link.

When a customer clicks on the generated link, a new window opens and the message automatically populates their Twitter status box, then they simply click to tweet! Example: Click to Tweet

Clicktotweet

Disclaimer: We are in no way affiliated with or endorsed by ClickToTweet.

3500 FREE Farm Fresh Icons

By Jen Merry
April 29, 2013

Free icons

 

FatCow loves to support the web design community, and we offer a professional collection of free web icons — perfect for both PC and Mac users — free to download with a simple click. Over the years, we’ve dedicated our efforts to keep this collection growing, and we just added 500 new icons! Like the original set, the new icons are a great mix of images perfect for use in applications, on your site, and all across the web.

Download the full 3500 icons in our extensive farm-fresh set, and you’ll get both 16- and 36-pixel versions in PNG format. [Tweet This!]  Use them across different parts of your site, ranging from adding functionality to your blog, to polishing your site’s design, to whatever creative ideas that you can imagine!

These icons are FatCow’s way of showing our appreciation for the web design community at large.  Plus, if you or anyone you know want to use these icons, you don’t have to even host with FatCow to use them! We just kindly ask that you provide a link back to us as the source for credit. You can also help us to promote these icons in the community by sharing this post over social media (such as Facebook, Twitter, Google+), letting friends and family know where they can find thousands of free web icons worthy of professional design. These icons are free for everyone and anyone, so help the Moo Crew to spread the word!

Incorporating Branding on your Google+ Page

By Jen Merry
April 26, 2013

Google+ is proving to be a great social media channel for small businesses looking to interact with the community and engage with their customers. Here are some tips on how make the Google+ page for your business get noticed.

First things first, you’ll need to get your Google+ page verified by Google. Once your page is verified as the official page for your brand, you’ll next need to make sure that your cover and profile images reflect your branding.

From a design perspective, Google recently increased the size allotted for the cover image, and it’s massive compared to the space available on other social media sites. The new specs for the cover image are 2120 x 1192 pixels. The great thing about the new cover dimensions is that any image used will now dynamically resize depending on the browser being used, so you don’t need to worry about how it’s displayed across different screen resolutions.

When it comes to designing the cover for your Google+ page, keep in mind who your audience is and what the purpose of your Google+ page will be. When visitors initially go to a Google+ page, only the bottom two-thirds of a cover image will be displayed. This means that you’ll need to make sure that the meat of your design is in that bottom section. A helpful hint to remember is that if you’re using people in your cover, make sure their heads aren’t chopped off with the two-thirds display!

As you can see in the FatCow cover image, we keep the majority of our text and images in the bottom portion, and if you scroll up to display full image, all that was hidden is mostly just a part of the sky background.

Initial bottom two-thirds displaying:

Initial GooglePlus Cover display

Full cover image after scrolling up:

GooglePlus Expanded Cover

Also important in this space is how the profile image is incorporated into the cover image. On your Google+ page, the profile image is displayed in a circle that overlays on the bottom left of the cover image next to your name and website URL. This upload should be a square image of at least 250×250 pixels, but make sure you have buffer space in the corners, since it gets cropped into a circle for the cover display.

A good thing to remember is that this is the same profile image that will be displayed as a square image next to your name for each post you make on your account. You should use a logo or icon that best represents your brand, since others might come across your posts in communities or on their newsfeed and won’t necessarily be looking at your cover image.

Be creative when designing your Google+ account, but remember, this isn’t a sales pitch. Choose an image that represents your brand and engages your customers. You want to be able to grab their attention long enough for them to want to read your posts. Have fun with it and keep it fresh!

Is a $100 Affiliate Commission too good to be true?

By Jen Merry
April 20, 2013

You may have asked yourself, “how can FatCow pay a $100 commission when they sometimes go on sale for less than half that?” No, it’s not a scam– we really do pay hundreds of affiliates $100 a piece each month for each new customer that they send to us. Furthermore, there’s no limit for how many customers that an affiliate can send to us, and there’s no minimum that you have to earn in order to be paid. This all sounds great, but you also might be thinking, “what’s the catch?” We swear on the Heifercratic Oath that there is none! If you bring us customers this month, you’ll get your payment by the end of next month. We even pay out quicker than most of our competitors!

FatCow Affiliates The reason why we can afford to pay such a high commission and still remain profitable is because of the fact that satisfied customers tend to purchase more than just hosting from us. We’ve found that many of our happiest customers often spend more than just the initial cost of hosting. Plus, once customers have the chance to experience the benefits of having a FatCow account, they’re more likely to stick around at renewal time. So even though you might be the one getting paid a commission when a customer makes their initial purchase, we’ll hopefully keep those customers with FatCow for several years, which makes this a win-win situation for the both of us!

Because of our generous commission rate, we do have a few procedures in place to reduce the potential of fraud. First and foremost, affiliates can’t get commissions on their own hosting accounts. Each referral MUST be from a new and unique customer (and not from a customer that’s already in our system). Additionally, each customer must purchase at least 1 year of hosting. And as a final precaution, if the customer cancels their account, we will withhold commission.

Occasionally, we will hold an affiliate’s commission for an extra month if we suspect some of the accounts that they referred to us may be fraudulent. This process may even involve us asking some questions to verify if the signups are legitimate customers. Please be patient with us if this does occur, as we need to make sure all affiliate activity is “on the level.”

On a final note, we strongly encourage our affiliates to promote FatCow on their websites, on social media, and within their opt-in customer newsletters. If you are endorsing FatCow in addition to having an affiliate banner or link, remember to disclose that you are receiving payment with your review. Read the policy on FTC disclosures here: http://www.fatcow.com/affiliate/ftc-disclosure.bml.

To join the FatCow affiliate program, just fill out our quick application. Please let us know if you have any questions about our affiliate program, as we’d be happy to work with you to get you started earning your commission today!

It’s a “cow-incidence” how much we love this customer’s site!

By moosnews
April 15, 2013

Introducing Kelly! Kelly’s a long time FatCow customer, and with an online shop named Cow & the Moon Paper Co., we think she’s a moooovelous addition to the herd!

Cow bells aside, Kelly uses her website to sell personality packed greeting cards to individuals and small business retailers. With the help of Facebook and Twitter, she’s built a loyal following who love her cheeky products.

That cheekiness is the core of her brand, so Kelly recently re-launched her website to reflect her products’ unique personality. Using WordPress, she’s created a dynamic website that features multiple pages, social media buttons, a blog, and of course, an ecommerce shopping cart!

When asked about her hosting experience, Kelly says, “I absolutely love the level of service and support I get from FatCow and recommend them to anyone who will listen.”

Here’s a peek at the Cow & the Moon Paper Co. homepage…

Hosted with FatCow: Screenshot of Cow & the Moon Paper Co. (www.cowandthemoon.ca)

Make sure to check out Kelly’s utterly adorable greeting cards at Cow & the Moon Paper Co.!

Website: http://www.cowandthemoon.ca
Facebook: https://www.facebook.com/cowandthemoon
Twitter: https://twitter.com/cowandthemoonco

WordPress “Brute Force” Attack and FatCow’s Response

By moosnews
April 12, 2013

wordpress password As you may know, Tuesday, a widespread “brute force” attack against WordPress sites started impacting sites across the internet. This attack is leveraging a botnet which looks to have more than one hundred thousand different computers at its disposal. Its intent is very simple: to find and compromise WordPress sites with simple passwords, to likely later use them to distribute malware (and further increase the size of the botnet).

On Tuesday, our admins discovered this attack as we investigated increased load and decreased performance on our hosting servers. We quickly identified this as a widespread attack on the WordPress login page. The attack was a large one (hundreds of hits a second to many WordPress sites spread across our infrastructure). It became quickly obvious we needed to act fast. At this point, the fastest solution was to drop all traffic to the WordPress login page (wp-login.php) while we worked on a better plan.

The downside to this, of course, is that we blocked legitimate access for customers who wanted to login to WordPress. We knew that was not an acceptable solution for very long, so we immediately went to work on a better solution. We truly apologize if we kept you from logging into your WordPress, but we felt that keeping your site up (but not allowing you to login), was the better option.

With the infrastructure stabilized, we dug in and started investigating better solutions. We reached out to some partners and other groups on the web, and collaborated on some security rules that would help mitigate the attack. These security rules are, in a sense, rules based on behavior: if a single IP address or browser used the wrong password on a WordPress site more than a handful of times in a few minutes, we would ban that IP address for a period of time. This rule would help us allow legitimate customers to login to WordPress, but would stop the attacker after a number of bad attempts.

We rolled these changes out Tuesday afternoon. It took a few tries to find the right balance to block the bad guy but not keep a legitimate user from logging into their WordPress site. The attack subsided overnight.

The attack returned in force on Wednesday as we reached peak business hours. This made it obvious that the attack was based off a botnet—likely using the computers of unsuspecting office workers coming in for a normal day of work! We spent Wednesday tweaking rules and working with other folks in the industry to share tips, tricks, and findings.

By this point, between ourselves and our partners, we were approaching having flagged nearly that hundred thousand IP addresses, and more new IP addresses were showing up every second. Even though we were stopping much of the attack, it was so large that simply handling the traffic was starting to impact our servers.

The team was able to keep things stable for most of Wednesday, working hard to tweak rules as we or our colleagues identified new trends.

By Thursday, it was clear that the attack was not subsiding. The first thing we did was to roll out a new heuristic-based set of rules, that would look historically at our growing set of log data, identify patterns, and block the attack based on that data, not just on current bad behavior, but combinations of bad behavior.

That put a big dent into the attack. But the attack was still big enough to be causing our servers to run at a higher than normal load.

Our breakthrough happened on Thursday, as our team looked through data on the web and data in our logs. We found a difference between the way the attack accesses WordPress and legitimate customers access WordPress. Thursday afternoon, we rolled that change out to our edge servers (before the traffic even reaches the web server that might be hosting your site) to drop any traffic that didn’t look legitimate.

Hundreds of hits a second dropped to nearly none.

We’ve been rolling this change out across our data centers and seeing much of the attack mitigated. This is allowing us to focus less on just keeping things running and more on the proactive work of heading off the next variant of this attack. The attack, as it usually does, has started to pick up again today during peak business hours, but thus far, we’re not feeling the effects.

We head into the weekend in good shape, but vigilant against a returning or altered attack. In the meantime, our support team is ready to help you if you are feeling any lingering effects (the most common one might be if your IP got marked as a possibly bad IP). If you’d like to help make your site stronger, we recommend changing your WordPress password to a secure one, if you haven’t already.

update on wordpress brute-force attack

By moosnews
April 10, 2013

Update 4/11/13 at 6:30pm EST:

At this time we are still working to fight against the brute-force attacks on WordPress sites. We want to clarify that this is not an issue exclusive to our hosting platform or even vDeck. The hackers have targeted WordPress sites hosted across a multitude of brands, and we are working alongside other partners in the industry to determine how we can resolve the issues we’re all facing. As we continue to focus all of our energy on the attack, we apologize for any additional delays with our support response-times. We can assure you that our staff is working overtime to eliminate the threat while keeping up with as many support tickets as possible. We take pride in delivering reliable and solid support, so again, we apologize to any and all of our customers who may be affected by this delay. We appreciate your patience and understanding.

______________________________________

 

What happened?

Our team became aware of a potential brute-force attack on the default WordPress admin login page. A brute-force attack occurs when a third party attempts to access a system by repeatedly trying multiple combinations of passwords across a variety of usernames. Typically, this occurs to gain access to account data and obtain personal information for potentially malicious purposes.

Upon first noticing this activity, our team (who monitors system status 24×7) quickly enabled various filters aimed at preventing any further malicious activity. The filters accomplish this goal by establishing a secure firewall surrounding the third party’s IP address. Our team has been working tirelessly around the clock since the initial impact of this attack to mitigate any repeat activity by putting additional preventative measures in place.

What can I do?

At the moment, you may be experiencing service interruptions when attempting to log in to your WordPress account. As mentioned previously, third parties use these brute-force attack attempts to obtain user data by taking advantage of weak passwords. In turn, the frequency of these repeated login attempts can cause server slowness, and possibly, an inaccessible admin panel. Your ongoing patience as our team finalizes the troubleshooting process is the best course of action, and is greatly appreciated.

At the moment, we have restored login functionality for a majority of our WordPress users. Since the brute-force attack attempt was made using WordPress login information, we strongly recommend that all WordPress users update their WordPress login password to something more secure. Per WordPress’ recommendation, suggestions for a strong password include:

  • Make passwords at least eight characters in length 
  • Use a mixture of upper and lower-case letters (since passwords are case-sensitive)
  • Include numbers and punctuation (such as $, &, !, etc.) added in between any letters being used

Having a strong password in place helps to protect against future brute-force attack attempts, and has the added benefit of significantly reducing the chances of malware being installed on your website or on our system.

If you are unable to access your WordPress admin panel at this time, please remain patient as our team continues to troubleshoot this issue. We will continue to keep you updated in a timely manner regarding the resolution of this issue. However, please feel free to contact support at any time with additional questions or concerns about this occurrence, about your account, or about your online presence in general. We are available 24 hours a day, 7 days a week, and are dedicated to keeping you online and your website safe.

Having a “blast” with FatCow!

By Jen Merry
April 8, 2013

Performing a “Hadoken” is the newest internet meme that has taken off around the world, claiming the virtual throne from last month’s Harlem Shake videos. This meme, originating in Japan, is based on a fighting move from the video game “Street Fighter.” To create a typical “Hadoken” style picture, take an “action shot” of one person throwing an invisible burst of energy with their hands, making it look like another person (or a group of people) is flying backwards up into the air (when they’re actually just jumping while you take the photo). Plus, if you’re feeling creative, you can add some visual effects afterwards to make it seem like some supernatural powers are truly at work!

You might be asking, “what does web hosting have to do with performing a Hadoken?” Well, nothing — aside from the fact that it’s fun, and that our team prides themselves with having a fun place to work!

Knowing how easy it is to make an entertaining version of the Hadoken, the Moo Crew recently held an office contest to see who could create the best Hadoken scene. The winners were Jeff and Joe, two of our Data Center Administrators. The picture was taken at our Boston Datacenter. Note that no servers were harmed in this production!

Hadoken-ing

Timing is everything when capturing the right moment for a perfect Hadoken blast. Want to give it a shot and create your own version? Follow the steps in this tutorial then post your picture on our facebook page or in the comments below. We’d love to see what you come up with!