March 16th, 2015 8 View(s)
Many customers have asked about how their credit card details are handled and stored, with all the recent exploits and security breaches in 2014 / 2015 we feel we should let our customers in on our operations and security.
When a customer makes a payment using their credit card, we do store the provided credit card details in our database systems. This information is stored to automate invoice payments, domain renewals and other billing related services to make it easier for our customers.
The following information is stored when a customer pays with their credit card…
- The full credit card number
- The last 4 numbers of the card
- The expiration date / issue date
The CVV or security code is never stored on our systems. All of the above information is stored in a 128-bit AES encrypted data blob and seeded with a passphrase that is 32-random-characters in length. The passphrase is only known / accessible by 2 employees within our company. Even if the encrypted data blob is retrieved, it cannot be decrypted without the passphrase.
The database systems that store all user information, services details, invoices etc. that our billing system operates out of are not publicly accessible, do not run locally alongside the web server and are secured with very strong randomly generated passwords. Access to the database systems is secured through VPN access only.
Our billing software is updated immediately when a new release is available to maintain high levels of security. We also have in-house developed scripts and software that monitor requests and traffic for intrusion attempts, SQL exploits / injections, fake / fraudulent signups and more. We also exceed PCI requirements which are designed to ensure that your credit card information is secure. You can view our PCI compliance here – https://email@example.com&k=61900d43ac5ac4fe3b38.
While no system is 100% secure, we do our best to make sure that our system is as secure as possible. We monitor for new threats, new exploits, and fraudulent activity to make sure we stay on top of our security.
If you have any questions, concerns or comments, please do not hesitate to contact us!
December 20th, 2014 35 View(s)
It is with great sadness that we start to say goodbye to a long time service and friend, Gene6 FTP Server. We’ve used Gene6 as our FTP server of choice for just over a decade and it has been a rock solid FTP server! It is one of the most stable products we’ve ever used since we entered into the hosting business nearly 12 years ago. While Gene6 remained a well maintained product with updates and great product support, it is sad to say that Gene6 is a dead product. We’ve contacted their support many times over the past few years just to see if anyone would respond, unfortunately, no luck. Forums are not maintained or monitored or answered by any Gene6 staff members.
It is time now to move forward and say goodbye to the trusty FTP server as we need to expand our service offerings! Everyone say hello to Cerberus FTP Server! Our brand new coming FTP solution will make managing your website and content even easier! So what does Cerberus offer that Gene6 did not?
- The most requested feature we’ve had running for many years – HTTP (web) based management, customers will be able to manage their content using a browser with no FTP client needed!
- Another highly requested feature – SFTP, customers will be able to using standard FTP alongside SFTP based file transfers
- New authentication methods, including standard password and SSH (public / private) keys as well as a combination of the two
- Advanced file sharing
- Improved transfer performance
- And more!
Unfortunately, there is no migration to Cerberus to Gene6 and this service will only be rolled as we start migrating web servers to our all new Cloud-based services which will be happening over the next few months. Existing FTP accounts in Gene6 will be removed and the users account will be upgraded to support Cerberus as we migrate customers. Customers will need to then recreate their FTP accounts.
WEB03-DE will be updated later this evening to support Cerberus, we are also prepping a new WEB02-DE, as clients are migrated to it and the older FTP accounts will be removed.
If you have any questions or comments or concerns, please let us know!
Thank you for choosing ASPnix as your Windows hosting provider!
November 19th, 2014 9 View(s)
Google has announced that they will be retiring the Google Wallet for Digital Goods API on March 2nd, 2015. Effective immediately we will no longer accept payments through the Google Wallet payment gateway. We understand for many users this comes as a surprise, it did for us too, however, we do offer additional payment methods. You may complete payments using a credit or debit card, bitcoins or your Coinbase account, Dwolla for US-based customers and PayPal as well as PayPal subscriptions.
If you have any questions or concerns, please let us know! As always, thank you for choosing ASPnix!
October 16th, 2014 160 View(s)
We’ve had many customers contact us and ask about the recent POODLE SSL exploit going around the Internet over the past day or so and we would like to comment publicly about our customer’s private data and its safety / security here with us. ASPnix’s corporate servers such as aspnix.com, billing.aspnix.com, panel.aspnix.com and tspanel.aspnix.com are not vulnerable to the POODLE SSL exploit.
All of our corporate servers have SSL 3.0 disabled and have had it disabled for some time now. Our servers also have the older RC4 ciphers disabled as well as older hashes such as MD5 disabled. All of our corporate systems also support Forward Secrecy and Strict Transport Security (HSTS). We take our customer’s private data seriously which is why we strive to disable older out-of-date technologies and protocols before they are opened to exploits such as SSL 3.0 and RC4.
You can view our billing system’s SSL report / rating https://www.ssllabs.com/ssltest/analyze.html?d=billing.aspnix.com here.
As for client shared-SSL and client web servers, we are working to secure them, we’ve not disabled SSL 3.0 on shared-SSL due to the issues of blocking out older browsers such as IE 6 on Windows XP, we felt it was not right at the time to disallow certain browsers from accessing a client’s website. However, in light of the recent heightened attacks against SSL we feel it is now time to disable SSL 3.0 and older ciphers globally on all of our systems. We will notify all clients before this change takes place so that you and your visitors are not caught off guard.
If you have any questions or concerns, please contact our support department and we will be happy to address them!
Thank you for choosing ASPnix as your web hosting provider!
August 29th, 2014 23 View(s)
We are very pleased to announce that we now accept a new payment option for clients who reside in the U.S. called Dwolla. Dwolla is a secure digital payment network that allows anyone to send, request and accept money and has many benefits! Dwolla is extremely safe and secure and when used with ASPnix, there is no transaction fee, so it is completely free to use!
To begin using Dwolla, simply select “Dwolla” from the payment options menu when viewing a due invoice. You can then select the “Pay with Dwolla” icon and pay using your Dwolla account. For more information about Dwolla and how it works with your bank account please review their website https://www.dwolla.com/about for more information. You can also review their help / support center http://help.dwolla.com/ if you have any further questions or concerns.
If you have any questions or concerns about using this payment system, please contact our sales team and we will be happy to help!
August 18th, 2014 13 View(s)
The PHP group has made one final release of the 5.3 series; this marks the final release for the 5.3 series and contains fixes backported from 5.4 and 5.5.
You may view the PHP announcement here – http://php.net/archive/2014.php#id2014-08-14-1
We recommend that customers upgrade to 5.4 or 5.5 where possible. Our upcoming new web hosting services under Server 2012 and IIS8 will not include support for PHP 5.2 or 5.3. However our current Server 2008 / IIS 7.5 offerings will continue to support both. We also have PHP 5.6 which has not released final yet, but is offered to give customers a chance to get their websites updated to support the very latest in PHP!
If your web application uses PHP 5.3 and you’d like to upgrade, we recommend contacting the application developer to make sure that your website will function properly under a new version of PHP. Please do not upgrade your website simply because there is a newer version, always check with the developer(s) before upgrading.
Thank you for choosing ASPnix as your web hosting provider!
May 7th, 2014 163 View(s)
Today is World Password Day, a public service announcement to remind the users on the Internet to change their passwords and to spread awareness of using strong, secure passwords. Remember to avoid using short simple to guess passwords or common words or phrases. We know that remembering obscure random passwords is hard, but the benefits outweigh the risks, plus there are several services and programs that can help store your passwords safely and securely. LastPass, KeePass, Mcafee LiveSafe, Password Vault Manager, DashLane and many others can store passwords, credit card numbers, website information and more!
Make sure to change your passwords for important services such as your billing account, control panel, FTP, email accounts, social media, banking and other services that may store sensitive information about you, your personal details, financial information etc.
If you’ve changed your passwords, make sure you also scan your computer for viruses, malware or spyware just to be safe!
Thank you for choosing ASPnix as your Hosting Provider!
April 23rd, 2014 216 View(s)
We are very pleased to announce that we’ve added Google Wallet to our list of supported payment methods! With a few clicks you can quickly, easily and securely make payments using Google Wallet!
There is a 5% gateway fee for Google Wallet transactions.
If you have any questions or concerns, please do not hesitate to contact us!
Thank you for choosing ASPnix!
February 10th, 2014 184 View(s)
We are very pleased to announce that SmarterMail v12 is right around the corner! Literally! SmarterTools has stated that they are planning for 2-13-2014 as the release date for SmarterMail v12. We of course will be upgrading our SmarterMail systems to this new version to take advantage of all the improvements and new features! Users can expect improved functionality, new features as well as higher efficiency with this major upgrade!
Our internal testing is looking very promising! SmarterMail feels snappier; mailboxes load faster, even those that have a large amount of email. The new HTML message editor has been completely redone; the new editor is much faster and has better reproduction and better rendering of HTML than the previous editor. Emails that contain a large amount of HTML, such as Newsletters render much faster. Tons of other system level improvements that we believe will help boost the overall experience that the user will have using SmarterMail!
We will be upgrading to this version once it is released, we feel it is perfectly safe to upgrade as we have been testing it internally since the beta period started. We see no reason to delay the upgrade. So expect to see an upcoming announcement for the upgrade soon!
Thank you again for choosing ASPnix!
February 8th, 2014 143 View(s)
We’d like to take a moment to let you know about all of our available social networks as well as our blog subscription options. We can be found on Facebook, Google+, LinkedIn, Reddit and Twitter. You can also subscribe to our blog for email notifications at https://aspnix.com/subscription. Our Community Forums are also available at https://community.aspnix.com/.
Did you know that we also support Push Notifications through the Pushover app available for iOS and Android! For more information you can view our article on this here https://aspnix.com/kb/enable-push-notifications-client-area/ and here as well https://aspnix.com/kb/requirements-receive-push-notifications/.
We hope that these help you stay more in-touch with us and be alerted to service notifications, outages, changes and other announcements more easily. We are making it a goal to be more interactive, more social and more open to our customers as well as maintain communication during unfortunate events such as outages.
As always, thank you for choosing ASPnix!