utah webmaster Tag

It’s time to turn our eyes to 20 Web Design Trends 2014. The trends are dictated by the development of modern mobile technologies, communication channels and all kinds of software.

Company Font Bureau has developed a new font family Input for programming input, the most important of which for us is the font Input Mono.

When developing applications with a modular structure in JavaScript there are two problems which can be solved using the approach of AMD

Recently, I have had experience that a few of the clients reported that our company’s website had a virus or some kind of malware. I was not aware of it, until I started digging into it and found out that a few files have been injected with some kind of malicious code that would either redirect users to other websites or collect users information. I hurried and took care of this issue by removing the malicious software and establishing the security policy for our website. Results were positive and I continue until today to observe security policies and practices for each website that I am working on.

When we create a website most of the times from my personal experiences most of us don’t think of the most important thing, it is its security. Probably because we don’t have much experience working on creating new websites that’s why we do not think about it, but now it’s time to start thinking about it. The most important thing is always ask yourself the question: “What would happen if …?”. If you always ask this question, then your website will always be protected by almost 100%.

The site security is an urgent task for many website owners today. The emergence of a huge number of resources such as “Hacking for Dummies”, even those Internet users who previously had no business to your site or did not know much about Internet in the past, are eager to try their gained knowledge and brag about it by hacking your site.
What to do to protect your website from hacking? Where to start?

I will try to provide a few steps you need to start taking in order to secure your website from hacking. Security policy should start from the safe use of development tools to build your site. But I will not go into the details of programming, and present a number of actions of Safety when working on site that is built on content management system (CMS). I will continue to emphasize that the most secure sites are the ones that are written by yourself, as a programmer, from scratch.

For a start I will list non-programmatic methods that I use to protect the site from hacking. Surely, you have not even heard about them, but maybe you just did not pay attention.

Here is the Website Security List:

Please consider these main “anti-hacking” actions to secure your site:

• Do not use the services of programmers, amateurs, and use the scripts that are properly written. When testing your scripts on the local machine in debug mode, do not be lazy to fix any bugs in the code that you find.
• Do not offer free downloads or sell scripts written by you as the resource for others: having your source code before the eyes of others can help the hackers to calculate the principle of how you have written all the rest of your scripts.
• Make periodic partial or complete testing of the resource from different browsers (especially Internet Explorer, which has a number of bugs (errors), which is actually an “open door” for hackers). Put yourself in the place of a possible intruder and try to find vulnerabilities from all possible positions.
• Use .htaccess file for your root directory of the site and regularly browse logs. As an example of how your .htaccess file should look like to protect your site from hackers see my sample code below:

# Use PHP5.3 Single php.ini as default
AddHandler application/x-httpd-php53s .php
##### RewriteEngine enabled – BEGIN
RewriteEngine On
##### RewriteEngine enabled – END

##### RewriteBase set – BEGIN
RewriteBase /
##### RewriteBase set – END

##### File execution order — BEGIN
DirectoryIndex index.php index.html
##### File execution order — END

##### No directory listings — BEGIN
IndexIgnore *
# For security reasons, Option followsymlinks cannot be overridden.
#Options +FollowSymLinks All -Indexes
# For security reasons, Option all cannot be overridden.
#Options +SymLinksIfOwnerMatch All -Indexes
Options SymLinksIfOwnerMatch ExecCGI Includes IncludesNOEXEC -Indexes
##### No directory listings — END

##### Rewrite rules to block out some common exploits — BEGIN
RewriteCond %{QUERY_STRING} proc/self/environ [OR] RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] RewriteCond %{QUERY_STRING} base64_(en|de)code\(.*\) [OR] RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule .* index.php [F] ##### Rewrite rules to block out some common exploits — END

##### File injection protection — BEGIN
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC] RewriteRule .* – [F] ##### File injection protection — END

## Disallow access to rogue PHP files throughout the site, unless they are explicitly allowed
RewriteCond %{REQUEST_FILENAME} (\.php)$
RewriteCond %{REQUEST_FILENAME} !(/index[23]?\.php)$
RewriteCond %{REQUEST_FILENAME} -f
#RewriteRule (.*\.php)$ – [F] ## Disallow access to htaccess.txt, php.ini and configuration.php-dist
RewriteRule ^(htaccess\.txt|configuration\.php-dist|php\.ini)$ – [F] ##### Advanced server protection — END

• When the website engine is used such as CMS, watch for updates and install them in a timely manner. Do not use the demo version of the components, even if they have the appropriate functionality.
• Use a reliable software:
  • The use of licensed software will ensure that no other person introduced “extra features” that are not needed to your site. Download distributions of web applications and extensions / plugins for CMS, widgets and libraries only from official sites or from trusted sources. Of course, the temptation to use the free, fully functional version of the paid version of the CMS is very large. But you need to understand two things:
  • First, it is often distributed in a network “broken” the engine through the efforts of hackers already have a built-in scripts that simplify hacking.
  • And secondly, even if the download CMS «clean”, it will most often be an older version, which is much easier to break – all of the vulnerability has long been known to hackers. And, of course, the lack of support from unlicensed versions also complicates management.
  • If a distribution is necessary to download a dubious site, be sure to check if it contains malicious code.
  • Carefully study the code of any additional components you want to add to CMS.
  • Update your CMS and server software on regular basis and follow the news about the vulnerabilities used by CMS.
  • Perform regular security audits of servers.
  • After installation, remove the CMS installation and debugging scripts.
• The choice of hosting should be considered before launching your website. To believe that all hosting offers differ only in terms of disk space, supported languages and other general parameters is a big mistake for such an issue as security. And even though by law, the responsibility of the service provider does not include additional activities to ensure burglar measures, a minimum set of security tools from the host must be present and it is summarized as follows:
  • System directory (public_html, cgi, logs, etc.) should have limited access and is within the directory;
  • To make sure we do not put in the free review of restricted files not intended for outside world when adding files to the server any right to view them should automatically be limited;
  • The equipment must operate without host failures, outages and other factors that reduce the efficiency of the resource.
  • Consider using Linux-hosting, which in itself is incomparably more stable than Windows-based hosting.
• Use complex passwords for web server software (FTP, SSH, administrative panel of the hosting and CMS).
  • Choose complex passwords. A complex password contains at least 11 characters and includes mixed-case letters, numbers, and special characters. Experience shows that even the most nimble software for simple brute force password guessing copes with a password of eight characters a little less than a year. The fact is that there are 2?1012 combinations of the password with 8 characters, and there are even more combinations of the password with 8 unidentified attacker characters.
  • Do not use the same password to access different services.
  • Even the most secure passwords should be changed every three months to insure that it is not accidently released to anybody.
  • Do not store important passwords in a web browser, file manager such as FTP-, SSH- client, and on any other unproven resources and anywhere electronically. If you need to store passwords, use the special password managers, if not rely on your memory. Password Manager is a special program that allows you to store and organize your passwords in an encrypted file. To access the password manager, a separate password or also known as a key is used. By the way, to remember one password is much easier than the dozens of different passwords. So, if you need to store your passwords, use the Password Manager.
• Follow the security policies for your PCs used for business purposes. On all computers that are working with the server (the computers of the webmaster, administrator, content manager, sales manager, etc.) must be installed anti-virus software with support for regular updates. Also each computer use need to make time to update their operating system and software applications. There is special anti-virus software designed for installation on the hosting. These programs allow you to quickly identify the entry of unauthorized files on the site, to determine their harmfulness and be promptly removed.
• You must use a reliable antivirus on the office computer, and if you suspect a virus is then it is better not to go to the admin panel of the site and hosting features until you complete the “recovery” of the original files.
• Control data entered by users. Monitor user activity on the hosting or the admin panel. If you are the administrator of the resource, you must be aware of what other people or other moderators should have access to. Therefore, attempts to login to the admin panel and the more other management areas from unknown IP-addresses is often a signal the attempts to hijack the site. Most often, you can activate the monitoring of activity of the CMS by installing additional plug-ins or activating logging modules on your hosting.
  • Filter the HTML-code in user input fields, which can be built into the code pages.
  • When getting data from the user, check on the server, for example if their size, is transferred to a value in the list of permissible length.
  • Never insert from users of the data directly into calls to eval (), SQL-queries or conversion. Always check and clean the information received from the harmful elements before storing data.
  • Do not leave in the working version of the code parameters entered for debugging.
  • Use a WAF (Web Application Firewall).
• Keep a “white list” of the authorized IP addresses from which authorized users can login to use your website’s resources.
• Control user access rights, in particular, provide protection from cross-site request forgery (CSRF). Do not give permission to the admin panel of the site untested people. Otherwise, do not be surprised why the site has been hacked. Also, do not give the right to add HTML-code for everyone, because unscrupulous users can add to the site with malicious code. Restrict access to the administration panel and CMS database (eg, phpMyAdmin), as well as to the following resources:
  • to backup copies of the code;
  • write to a configuration file;
  • metadata version control systems (such as directories. Svn or. Git).
• Protect against bots. To protect against robot-hackers you can use special plugins for CMS or you can find IP-addresses of the users in the blacklist online.
• Here are a few things you can do to check the data that users can enter.
  • Do not give the possibility to insert JavaScript-code inside <script>, in tags or links.
  • Do not put directly on the pages of the site code in the tags <iframe>, <object>, <embed>, or file that is uploaded .jar, .swf and .pdf (with their help, the site can generate such tags automatically.)
  • Maintain a “white list” of allowed HTML-tags so you can without additional processing discard all the rest.
  • Check references or links inserted by users through the Safe Browsing API.
• Be careful with the ads and third-party code you insert into your site (i.e. affiliate programs).
  • Plug into your site only those commercials that have been provided by a proven advertising system or a program.
  • Before connecting the site to the new affiliate system, look for reviews about it and examples of distributed content.
  • Avoid “unique offerings” (suspiciously high fees for counters and blocks, the monetization of mobile data traffic).
  • If possible embed on your pages static content (such as links and images). Avoid loadable <script> and <iframe>. Flash, Java and ActiveX-components are only accepted in the form of source code, which you can check and compile yourself.
  • Do not use affiliate programs with hidden elements.
  • If your site is static, some affiliate systems can request access to FTP, to independently change the banners. Providing such access is dangerous: if the database of an affiliate system is compromised, the attacker will have direct access to the files on your site.
• Closely monitor the access to the service interface. Access to the site should have only those to whom access is necessary and as long as it is needed.
• Revoke access to specialists, performing short-term jobs on your site, previous owners, people who are not responsible for the operation of the site (for example, marketing professionals or managers).
• If you need to some strangers to work on your site, try to get some recommendations about them. After finishing necessary work disconnect their accounts or change passwords.
• Change folder permissions (CHMOD) usually to no more 755 and for files to 644. This prevents unsafe scripts to be injected in your hosting.
• Try to make a backup of your database and the content of your site folders at least 1 time per week.
• Make sure that the site is free of bugs and errors. If any found, remove them as soon as possible so you dont allow hackers with an opportunity to find vulnerabilities on your site.
• To ensure that your domain is not flooded add CAPTCHA on all forms, including the registration, comments, feedback, etc.
• Make sure you find possible modules and components for your site after its creation to ensure the safety of your site and its data.
• Before adding the file to the site materials, check with the Antivirus on your computer.
• Make sure to check the server for the last modification date of folders or files. Typically this can be accomplished by checking files and folders creation date in the Control Panel with the file manager.
• Unfortunately, when it comes to DDoS-attacks, the invulnerable sites do not exist. DDoS-attack is an attack that is produced with a large number of computers trying to connect to your website and the site begins to receive a lot of requests. The Server cannot process a large number of requests and the site can stop working. In addition, if the script is very complex, then to “freeze” the site can be done with a small number of requests.
• If you don’t know or don’t understand the steps you need to take to secure the site then you need to seek the advice and help of an experienced administrator who will advise, install and set up properly secure operating system (eg, Linux or Mac), which is difficult to infect with viruses. Even on Linux or Mac machines I would suggest using licensed antivirus software.
• Mask addresses access to the admin panel of the site. Most of the standard CMS addresses have require user login and password to manage the content. For example, to enter the admin area of WordPress it is almost always done by typing in the browser www.yourdomain.com/wp-admin.php. However, in any CMS almost always you are able to change the default login form access to the site, replacing it with a less obvious URL address.
• Encrypt data on the site. This method is required if the resource contains data that should not be accessible to a wide audience. Hacking threat is always there, and for sites with sensitive information, it is even higher. Encryption complicate the extraction of valuable information from hackers stolen information, and give you time to take the necessary measures to eliminate the consequences of breaking.
• Always check that the user entered into the form. To do this, use regular expressions.
• Always pass incoming data through htmlspecialchars (), which replaces the dangerous characters to entities, except in cases where it is necessary to leave the HTML-tags.
• Check all incoming data for accuracy, using string functions and / or regular expressions.
• If the user entered a database query, this input should always be escaped using addslashes (). This function should be used only if the directive is disabled magic_quotes_gpc. If it is enabled, all incoming data is escaped automatically.
• Ignore incoming data through functions such as stripslashes (), if used in a query to the database. Do not worry, that will fall to the base escapes. No, the data in the database will be the same as when they were sent in the form. Simply request itself will be safe.
• Always check the scripts work on a variety of input data. Do not forget that if a user needs to enter their name, you will not want to enable them to enter any JS-code.
• Always turn off the directive register_globals in your php.ini file (php_flag register_globals off). As practice shows, the vast majority of programmers do not initialize variables. I will write more about the importance of register_globals in the future. As for now, here is a simple example of the usage of register_globals:

<?php
$mysqli =new mysqli(“localhost”,“root”,“”,“mydb”);
$array[“first”]=“1”;
$array[“second”]=“2”;
foreach($array as $key => $value){
$mysqli->query(“DELETE FROM `my_table` WHERE `field`=’$value'”);
}
?>
If you initialized the array so: $ array = array ();, then everything would be in order. However, I am sure that not all of you are doing it. As a result, the attacker goes to the following address: http://www.yourdomain.com/your_script_name.php?array [zero] = 0, and your script safely removes that record, which should not have been removed. And nothing would have happened if it had been that the directive register_globals was disabled.

• Make sure your web host runs suphp. Under normal PHP, scripts run as “nobody,” your script has open access. With suPHP, access is limited to the user or to those explicitly granted permission. Not all hosts use suPHP, so make sure your host does and set up another potential roadblock for hackers.
• Use SSL to send emails especially if, somewhere in any of your millions of untrashed emails, you’ve ever sent sensitive info via email.
• Use SSL to access your control panel or any other site resources (i.e. FTPS for FTP file transfers).
• Here is what you need to do if the site has been hacked:
• identify and remove malicious code. If infected many files then restore the site from backup.
• change passwords and access to super admin FTP.
• If Google or any other provider had marked your website to be malicious, then write a letter to Google webmaster with a message that the site is safe for visitors, after you made sure that it is.
• Enable cloud hosting if possible. With cloud hosting, your files are backed up off site in a safe place. In the event of failure of the equipment, you can simply insert a new hard drive to your server and start downloading your backup files to the new hardware.

Conclusion:
Perhaps you will find safety a troublesome occupation, but do not forget that you and only you are responsible for keeping the passwords to access the site safe. Also, you must understand that even the use of all these tools do not give 100% guarantee of protection against hacking. Also remember that the probability of a hacker attack is directly proportional to the value of the information stored on the server. If you own a personal blog, these steps if followed help to forget about the Internet intruders. And, finally, you don’t have to be the one doing all the work. Hire someone who has experience and knows how to do it.

As a Webmaster I have been asked “What information do you need to design a good website”. I follow a few steps as outlined in “Website Design” article.

All sometimes I want to purchase a product without leaving my home. Purchase of foreign products is also quite popular today. Intermediaries between buyers and sellers in this case are the online stores. There are too many on the web today. This is the most competitive niche online. Therefore, promoting your online store could be very difficult and not cost effective.

One of the main difficulties of working with an online stores is that due to the presence of various products and their models on the site there is a huge amount of low-frequency queries. However, sales are basically exactly with these requests, and they need to make a special emphasis.

It is believed that each page can be promoted only by one request. This is true when it comes to high-demand request. But if you use low demand, then there can be used multiple queries for one page.

In order to create a semantic core for an online store, you need to use special programs, for example, Key Collector or services such as Rookee or Seopult. Do not forget that all the key questions to be analyzed according to their geolocation (specific region).

Try to use only unique description for each item store. Even if you are dealing with a large number of nearly identical models of the same product, you still need to come up with the unique way of representing those models. Keeping a lot of the same pages is dangerous, as the search engines can find them as duplicates and apply filters on the site.

One of the main rules of the promotion of the online store is that when you click on a link from the search results, the user must immediately get on the right page. If a user searches Apple monitors, then he should get to a page with Apple monitors.

Photos for the site must also be unique. Good photos will give a lot of traffic from the search images.

Behavioral factors also play a big role. For their exact tracking you can use Google Analytics or any other third party tracking services.

It is important that online reviews have been written right.

If possible, place videos on products. They are loved by both users and search engines.

Be sure to get promotion in social networks. Do not forget about Twitter and Instagram.

You can find more information on the promotion in the  “Promotion & Marketing” section.

There are many directories to which you can submit your website for free. Besides famous Yahoo and DMOZ directories, you can submit your website to other directories that could help you with your SEO ranking. There are a few tools you can use to automate your submission. Not all directories accept automated submissions. So, be careful on where you submit your website, to avoid any potential spamming b.y different useless websites.

Below is presented a small free directory submission list to which you can submit your website:

http://www.01webdirectory.com
http://www.192directory.co.uk/
http://www.1americamall.com
http://www.360webdirectory.com
http://www.4-every-1.ws
http://www.4ppl.com
http://www.707directory.com
http://www.71k.net/
http://www.777media.com/submit.php
http://www.abcsubmission.com/
http://www.abifind.com
http://www.abilogic.com/dir/
http://www.absolutedirectory.com
http://www.ad2go.com
http://www.addsite-submitfree.com
http://www.addurl-free.com
http://www.addyourlinkfree.com
http://www.addyourlinkweb.com
http://www.addyoursitefreesubmit.com/
http://www.advertisespace.com/freedirectory/
http://www.afghana.com/
http://www.afreedirectory.com/add_url.php?c=1
http://www.a-free-directory.info/
http://www.agada.info/web-directory/
http://www.allbusinessdirectory.biz/
http://www.allfreethings.com
http://www.allofmaine.com/
http://www.allthewebsites.com
http://www.alphadir.com/
http://www.amfibi.com
http://www.amray.com
http://www.anotherwebdirectory.com
http://www.anthonyparsons.com
http://www.anywhere.ca
http://www.apexoo.com/directory
http://www.arakne-links.com
http://www.articlecodex.com/Links/
http://www.askfrank.info
http://www.atopqualitysite.com
http://www.autostop4u.com
http://www.autumntree.info/
http://www.axelis.com
http://www.bahiacar.com/
http://www.beaconflash.com
http://www.beedirectory.com
http://www.beginnersworld.com/
http://www.bestbusinessdirectory.com
http://www.besthorse.net
http://www.best-websites.net
http://www.bestyellow.com
http://www.bizoola.com
http://www.blackdhalia.com/submit.php
http://www.blisswolff.com/directory/
http://www.bluemushrooms.com/directory/directory/
http://www.bluenoserlinks.com
http://www.boardreader.com
http://www.bocat.com
http://www.boxxi.de
http://www.bramptonlistings.info
http://www.buenoamigo.com
http://www.bugsdirectory.com/
http://www.bulgarianrealestate.biz/
http://www.businessdirectoryofusa.com
http://www.business-listing.com
http://www.businessplexus.com
http://www.businessseek.biz/link_submit.php
http://www.busybits.com
http://www.buycanuck.com
http://www.buy-modern-art.co.uk
http://www.buzzle.com
http://www.bzzu.com/
http://www.cachedirectory.com
http://www.canadawebdirectory.com
http://www.canlinks.net
http://www.cantufind.com/add_url.php
http://www.carromshop.com/resources/
http://www.cash-for-surveys.com/dir/
http://www.catcha.com.sg/directory/
http://www.catt.com
http://www.cell-search.com
http://www.centralseek.com
http://www.cherrydir.com
http://www.chiefshuddle.com/mtree/
http://www.chillycool.com/dig
http://www.cipinet.com/addurl.html
http://www.clasione.com/
http://www.cliky.com
http://www.clothingwebdirectory.com
http://www.cluboo.com
http://www.cometweb.co.za/
http://www.commercedir.com
http://www.commerce-directory.co.uk
http://www.comoestamos.com/directory
http://www.completeonlinedirectory.com
http://www.cooldir.net/en/
http://www.cyberwebsearch.com
http://www.cyborginfo.com
http://www.cyngoseek.com
http://www.decant.com
http://www.deep-directory.com
http://www.depodirectory.com
http://www.dhanish.com/directory/XcDirectory.asp
http://www.dhundo.com
http://www.digitalseo.info/dir
http://www.dir.ajnin.com
http://www.dir.holidaysoup.com
http://www.dir.seo7.net/add.php
http://www.directhoo.com
http://www.directory.bloggersunited.com/
http://www.directory.iserv.com.au
http://www.directory.ldmstudio.com/
http://www.directory.portalit.net
http://www.directory.zappster.com/
http://www.directory4free.com
http://www.directoryarchives.com
http://www.directorycafe.com
http://www.directorydelta.com/submit.php
http://www.directorydelux.com/
http://www.directoryforce.com
http://www.directorygeneral.com
http://www.directory-global.com
http://www.directoryhi.com
http://www.directory-link.info
http://www.directoryon.info
http://www.directoryone.info
http://www.directory-online.net
http://www.directorystorm.com
http://www.directoryvault.com/
http://www.directswift.com
http://www.dirone.com/
http://www.dirspace.com
http://www.dir-submission.com
http://www.discoverdirectory.com
http://www.dmoz.org
http://www.dollarfriend.com/directory
http://www.dwff.com
http://www.earth-directory.info
http://www.edirectorypages.com
http://www.elegantdirectory.com
http://www.elib.org
http://www.epanorama.net
http://www.exactseek.com
http://www.ezdrivingdirections.com/directory/
http://www.ezilon.com
http://www.fabaroo.com
http://www.fabarooni.com
http://www.fastfindinternet.com
http://www.fastpaths.com
http://www.findgoodsites.com/
http://www.finditfred.com
http://www.findlink.gr
http://www.findrex.com
http://www.findwhatwhere.info
http://www.FlameRate.com (only one url can be submited for one email address)
http://www.flexengine.com
http://www.folip.com/
http://www.foundya.co.uk
http://www.fourfind.com
http://www.free.catalog.nasze.net
http://www.freeinclusion.com/
http://www.freeinfodirectory.com
http://www.freelinksdirectory.net

http://www.free-website-directory.com
http://www.freewebsubmission.com
http://www.friendly-directory.co.uk
http://www.funender.com/free_link_directory/
http://www.fxdir.com

Often, when transferring your old website to a new hosting provider, many of us find it a highly complex process. When the website is finally moved to a new hosting provider, we find ourselves dealing with error issues due to improper configuration or file upload. So that the transfer process goes smoothly and without incidents, it is necessary to evaluate and discuss many options. With the supervision of the Tech Support of the old hosting server, the Website Admin is responsible for a successful website transfer.

Things to consider before the transfer:

• You will not be able to carry out the website transfer plan without access to the admin panel, FTP, hosting panels, databases, and domain control panel. Of course, you can get all of these data (except for the domain control panel) with the only access-control panel as described in the “Access” section of this document.
• Site information important point is the information about what kind of CMS is used on the old website. It is also essential to know the attendance, the trend of traffic growth, and the parameters of the current host (server).
• Information on the causes of migration of the website you need to find out what exactly is a good reason for transfer to a new server, whether it is that you as a customer are not satisfied with the current hosting provider. Some of the good reasons could be: there were problems with the accessibility of the site, the site’s loading speed, and the current hosting provider is too expensive/cheap.
• Information about the old/new hosting To select the hosting service, you will need at least to know what parameters are in a given host. Hosting types should be considered: Unix-hosting, windows-hosting, VDS / VPS, dedicated server, and the server’s settings. Technical data: how many domains and websites, disk space, and more. Follow instructions in the “Hosting” section of the document when selecting a hosting provider.
• Mail client, It is necessary to ask what kind of e-mail boxes are used beforehand. During the move, you can accomplish migration in several ways:
  • Do not use the mail domain, as some messages may be lost during the change of DNS (including MX records).
  • Go to an alternate e-mail (private boxes).
  • Move corporate e-mail to Yahoo or Google (and the box’s appearance will not change, change the settings). This is the most time-costly solution.
• Agree with everyone on the transfer time to avoid unpleasant incidents and ambiguities during and after the transfer; please check with appropriate people within your organization and plan the date of the transfer.

The transfer procedure:

• Merge files Site To merge files can take some time estimated in advance by going to the File Manager and looking at the usage space. Usually, it takes between half an hour to overnight. It is much better and time effective to move an archive, which can be generated using backup tools in the hosting panel.
• Order Now while merging files, you can purchase hosting. It is assumed that we have chosen a hosting provider and discussed the adequacy of resources and package options with tech support hosting price for the selected rate we have agreed. Maybe you would prefer to use hosting for a particular test period to see its functionality and if it meets your needs. If this is the case, you may consider paying for hosting only for a few months. If you are definite about a hosting provider, hosting can be prepaid for a couple of years.
• Move the site files to new hosting and create FTP access to your hosting. Using FTP client upload archived file (or files) to the hosting.
• Connect hosting domain panel To change DNS records on the new hosting, DNS has to point to that hosting. To access the DNS manager, follow instructions in the “Access” section of this document.
• Export / Import Database Usually, hosting providers provide a convenient interface to import / export / backup databases. If importing a database fails because of an unsupported format dump (typically it is .sql or .gzip or .zip file) on the new host, you can try backup your database on the old host in a supported format. But, if import/export cannot be performed via Control Panel, then PMA (PHPMyAdmin) tool can be used to perform this task.
• Setting the config site after all the files have been downloaded, and the database has been imported successfully, you can make changes in the config site on a new server. It may require unique configuration options, such as specifying a custom host to connect to the database server or a custom pathway to store temp files and cache. This information can be found in the panel itself or sent a request directly to the Website Admin.
• Checking the site’s operation before changing DNS records We have a chance to see how the site works on the new hosting without changing the DNS (and the A-record) domain. You can use the so-called test (service) link generated at the time of ordering hosting. If that is not the case, you can request technical support an IP address of the server that hosts the site and locally customizes it to display the transferred site on your computer. You will need to open the windows/system32/drivers/etc/hosts file with the notepad, and we type in a string «ip_server_address newdomain.com,” eg, 195.12.54.10 www.vitalyonline.com. When entering www.vitalyonline.com in your browser, we will see the website stored under the new server’s IP, such as 195.12.54.10. It would be impossible to test all the site’s functionality correctly. Still, it would be possible to check the styles and how the website is rendered in the browser to ensure that everything is configured correctly.
• Update the DNS records After the basic functionality of a new website on the new server has been verified, DNS A-records should be updated at this time. While DNS records are propagated, users could be notified that the website is down for maintenance. It takes up to 24 hours for DNS records to propagate through the Internet properly.
• Setting and adjustment of the new hosting site At this point, we do finishing work on the website by inspecting its full functionality. Order form, send requests, work for admin panel, add images and new sections, and editing content should be tested. In general, we test everything to ensure that our transfer has been successful. It should be noted that at each step, one can inquire about some problems, which takes time (sometimes significantly a lot of time) to find solutions. Therefore, the whole process should be accompanied by communication with tech support and Website Admin.