Internet

December 2, 2024 – Today, we noticed a number of email accounts which had been compromised and accessed from a residential Spectrum account in Pennsylvania.   This was very concerning because these accounts seemed unrelated and so we were worried that attackers had somehow been able to access the password database on our email system.    However, after further investigation, we do not believe this to be the case.   All of the affected accounts were using plain text username and passwords rather than logging in over secure channels (TLS/SSL).   With plain text, the data can be “snooped” over the network and we believe these users had/have compromised routers which are gathering this data.

We have already blocked the IP address which was accessing the compromised accounts.  We are currently in the process of reaching out to customers with these accounts to advise them to update their passwords and change any accounts which may have used the same password.   We are also investigating customer’s networks to see if they may have a compromised router.

Important Settings Change Coming – For years, we have offered authentication over secure channels (TLS/SSL).  This type of connection is very much like the HTTPS connection you use on a website which takes credit cards.  The connection encrypts the data so that it cannot be read by a third-party.   In the past, this has been optional but recommended.    Because of this incident, we are going to enforce the use of SSL/TLS on ALL client devices on January 14, 2024.  If you are currently connecting with a device that is not using SSL/TLS, it will ask for a password and even if you enter the correct password, it will not authenticate successfully.    Our settings can be found here:  https://netsolinc.com/email-settings     It is important to update those settings before January 14, 2025 to make sure your email client does not get interrupted.   Note: this will NOT affect emails being delivered to our servers.

If you need assistance with updating your settings, please contact us at 256-547-6817 or via the chat box in the lower right of this page.

This post is to announce upcoming work which will have to be performed on several of our web servers.  Servers run software in the same way that your home or work computer does, and periodically that software has to be upgraded as it reaches its end-of-life.  Remember how Windows XP went away because it no longer received updates?  That was because it reached its end-of-life.   Here at Network Solutions, Inc. we run our web servers on what is called LTS (Long Term Support) releases, but even those have to be upgraded every 5 years.

Normally, the process of upgrading would be fairly seamless and we just do it “behind the scenes”.  However, this time PHP (the scripting language powering most websites) is going to be getting a major release upgrade.  The current PHP 5 version running on some of our web servers is also reaching end-of-life in December, so we are having to move to the newer PHP 7.x branch.  This is significant because PHP 7.x has broken a lot of backward-compatibility in the interest of increased security.

What this means to you:   If you have an older, unmaintained site (meaning that your web designer is not actively keeping your software up-to-date), your site may break or lose some functionality when these upgrades occur.  If you are using WordPress, the core product is fine, but your theme or plugins may have trouble if they have not been updated.   As part of your hosting, we automatically upgrade your WordPress core, plugins, and themes, but this only happens if updates are available.  Plugins and themes are sometimes abandoned and no longer receive updates.  This may result in problems on your site if those are incompatible with PHP 7.x.

If your site breaks completely, we will do our best to move you to a legacy server which will not receive security updates.  It is imperative that you make arrangements to have the site updated/fixed before April when we will retire the legacy server completely.  We will be glad to work with you on this process.  If your site requires a small update/fix, we may be able to handle it for you with little to no cost.  However, some sites may take a total redesign to become functional again.   If you find that your site has lost functionality, please contact us at 256-547-6817 or email support@internetpro.net.  Unfortunately, it is not possible for us to test every aspect of every page of every site we host, so we do rely on reports from the site owners to know if there is a problem with their site.

We will be contacting customers whose sites “live” on the servers moving from PHP 5.x to 7.x via postal mail as well.  If you receive one of these letters, please do your best to check through your site thoroughly and let us know if there are any issues.

Update 11/20 – Some work will be commencing tonight through an extended maintenance windows starting after normal business hours.   Some sites will be unavailable for a time as servers upgrade/reboot.   We will do our best to minimize this downtime and will be posting updates here.

Update 6:45pm – The updates have started in earnest.

Update 8:35pm – We’ve had a setback on some of the updates. Some services are experiencing longer downtimes than expected.

Update 9:25pm – We’ve repaired the major issue and almost all issues are resolved.  We will be working on an individual basis beyond this point until the next large update.

October 2, 2018 – We’re going to be performing some scheduled maintenance from 12:00am to 3:00am on Thursday, October 4.   During this time, there will be some email interruption as we upgrade our services and perform some filesystem maintenance.  We expect the actual service interruption to be less than 30 minutes.  The upgrades include updates to the Country Authentication Restriction, webmail and portal interfaces, unified spam list and uncaught spam reporting.

• Block people from other countries from accessing your email – even if they have the correct username/password.
•  You can now force your connection to our mail server to be encrypted (TLS) – just like the pages where you enter credit cards for buying merchandise.  This protects your passwords and your data.
•  Filters are now available in all web interfaces.  If you aren’t using these, you should look at them because it allows you to automagically sort or delete incoming email.
• If you think you get too much spam, you can sign up to be a “Spam Feedback Volunteer” where you will put all of your uncaught spam into a special folder so that it can be analyzed.  Rules for blocking that type of spam will then be created for future emails — not just for your benefit, but for others as well!
• Webmail interface improvements
• Updated calendar in Tuxedo to support invitations, notifications, etc!
• Better foreign character support and better attachment management

If you have any questions about how to utilize these features, please contact us at 256-547-6817 or email support@internetpro.net.

Update October 4, 2018 12:22am  – The maintenance has been completed and all services seem to be running normally.  Please let us know if you have any issues.

August 18, 2017 – There is currently a worldwide push to move the web to encrypted traffic (HTTPS) instead of unencrypted traffic (HTTP).  Encrypted communications cannot be “snooped” by third parties and are therefore much more secure than unencrypted communications.  Most of your really large sites, such as Google, Facebook, and Yahoo! are already forcing SSL (encrypted) traffic.  Even this site has used encryption for years.  Google and other search engines are “rewarding” sites who use encryption with higher search results compared to their non-secure counterparts.  Modern browsers are now also warning users when a form on a site does not have a secure certificate associated with it.  Firefox already does this and Google Chrome will start in October of 2017.

Encrypted communications are created using certificates which are typically purchased from third-party certificate authorities.  These certificates are typically valid for one to three years and cost varying amounts of money depending on the amount of verification done regarding the identity of the certificate requester.  Relatively recently, however, a new certificate authority called Let’s Encrypt was created with the goal to help move the worldwide web to 100% encrypted communications.   They are issuing free certificates which are valid for 90 days at a time.

Here at Network Solutions, Inc., we are helping our customers move toward HTTPS traffic by adding Let’s Encrypt certificates to our customer websites.  For existing sites, we are making the use of encrypted traffic optional so you can go to either the http:// version or the https:// version of the site.  We are doing this to insure that the addition of the certificate does not break anything on the current site.   New sites coming online as of today will be setup so that they automatically always redirect to the https:// version of the site.  Customers can request that their site be changed to “always redirect” to  https:// at any time and we will be glad to do this.  Over the next few weeks, we will be rolling this feature out to our customers and will automatically renew these certificates at least every 90 days.  Of course, customers can also “opt out” of this initiative by just letting us know they don’t wish to utilize a secure certificate.

If you have any questions about this upgrade to your service, please email us at support@internetpro.net or call 256-547-6817.

We have added real-time malware monitoring and removal to our web hosting services.  One of the biggest issues facing web hosts these days is the fact that the host (in this case Network Solutions, Inc.) has no control over the code placed on the web servers.   Sometimes, bad programming or just code that has not been maintained allows attackers to apply malware on websites.   This malware can cause users visiting the site to be redirected to another site, download a virus, or other malicious activity.

Usually, when something like this occurs, Google and the other search engines and browsers will block the website because of the malicious activity.  This effectively causes the compromised site to be down, and the ISP and owners of the site have to go through a lot to get the site back up and running.

Because of this, we have introduced our Real-time Malware Monitoring which checks files as they are modified for malware such as that mentioned above.  When detected, the system will automatically clean and quarantine the affected files (much like a virus scanner on your home computer) and will notify our technicians of the activity.

This is just another way that we are working to improve the web presence of our customers and protect users from being affected by malicious software.

Our email system now features “autoconfigure”.  Your email account can set itself up on Mozilla Thunderbird (our recommended email client), Microsoft Outlook 2007, and Microsoft Outlook 2010.  All you have to know is your name, email address and password, and the program will do the rest.

For this to work, some adjustments need to be made to the DNS entries of your domain.  If autoconfigure does not work for you, just let us know and we’ll make sure the proper DNS entries are configured.  We will be adding the entries proactively to all our domains in the coming weeks.

Of course, if you are using an email client that does not support autoconfigure, you can find the settings on our Email Settings page.

If you have any questions, please contact us at support@internetpro.net or 256-547-6817.

Monday December 17, 2012 – As part of our full service hosting, we will be upgrading WordPress-based sites on our servers to the new 3.5 version which was released a few days ago.  We wanted to wait a few days to make sure there were no critical bugs.   During the upgrade process, the sites will go into “maintenance mode” and the site will be unavailable.  The maintenance mode usually lasts less than 30 seconds as the upgrade is applied.   We will check to make sure the site seems to be working once the upgrade is complete, but we do recommend that users thoroughly check over their sites to make sure the upgrade did not cause any issues.  We will post an update here when we have completed the upgrade on all sites.

Update: Wednesday December, 19, 2012 – All updates to WordPress sites have been completed.  Again, please check your site functionality – especially plugins.  If there is a problem, please let us know by calling 256-547-6817 or emailing support@internetpro.net.

We are happy to announce the release of a new, more modern webmail interface.  The old interface is still available at the same address (https://mail.internetpro.net/webmail) and there will be a link to it below the “Online Email Center” on the right side of our home page.  The old “alternate web interface” has been updated, moved to a new, faster server, and we have changed it to our primary interface.  In the coming days, if you fill in the form on the “Online Email Center” on our home page, you will be taken to the new interface.  If you would like to go directly to the new interface, the address is https://webmail.internetpro.net.

The new interface has MANY new features including:

• Drag-&-drop message management
• Find-as-you-type address book
• Searching messages and contacts
• Threaded message listing
• Full featured address book

The new address book is VERY full featured.  However, it will not automatically be moved from the old web interface.  If you have lots of contacts and would like us to move them over for you so you can take advantage of the new interface, just contact us at support@internetpro.net or call 256-547-6817 and we’ll be happy to assist you.

We’ve been getting a lot of inquiries from customers asking about their computers losing internet access today.  This has been in the news and is a result of malware that has infected some computers, causing them to use the wrong DNS servers.  These server originally were used by the malware writers to direct infected computers to sites where the authors could get information from your computer.  The FBI took the servers over and have been running them for about a year, but made them work like normal DNS servers.   They are shutting down the servers which will cause the computers that are using them to lose internet access.

That’s the background on the situation, but the media is really blowing it out of proportion. There are only about 65,000 computers in the entire United States which are still infected.  That is a very small number considering how many computers are out there.  However, if you are still worried, you can go to http://dcwg.org/ and test to see if you are infected.  That site will also help you remove the infection.  If you need further information, please call us at 256-547-6817 or email support@internetpro.net.