Frequently Asked Questions

General

Web hosting is a service that allows the uploading and storing of data, documents & files on to our web servers. That information can then become accessible to visitors via the internet.

Most websites use an application or 'framework' to assist with managing, displaying & protecting that information.

  • Popular web applications include WordPress, Drupal, Joomla, SilverStripe, Magento and Craft CMS.
  • Popular frameworks include Laravel, CodeIgniter, Symfony, CakePHP, Yii, Zend and Angular. Some web applications will themselves use frameworks.

Web hosting services provide the resources for these applications and frameworks to operate.

Arrow Technology web hosting services also include an email service. You do not need to use our email services and many organisations choose to have a more complete email service such as with Google or Microsoft.

You need to consider the purpose of your website. For example, if you plan to publish many images and videos, you will need more disk space. If you expect a lot of traffic to your site, then you might need a higher request limit. A busy online store might require extra web hosting resources so the store framework can work more efficiently, or to allow longer running background tasks extra time to complete.

There are a variety of hosting plans with corresponding prices. You will probably want to compare plans from various web hosting companies. Bear in mind that these various services might provide different features and reliability.

Arrow Technology web hosting services offer some unusual features:

  • Daily website backups of both files and database, with a long recovery history.
  • Website replication to another web server for quick failover in the event of a web server fault.
  • SiteSentinel automated monitoring and website protection.
  • Monitoring of various performance, error & attack metrics; reviewed by real humans.

Arrow Technology hosting plans have various advance payment options, where you can either pay monthly, quarterly or yearly in advance.

The more you pay in advance, the lower your monthly rate will be.

For most hosting subscriptions you will need to automatically pay using credit card. We do not store your credit details but used a secure tokenised payment system using the New Zealand based Flo2Cash credit card processing service. You can amend or remove your credit card details at any time.

By arrangement we can also accept automatic payments by direct bank transfer. To ensure your subscription does not get suspended due to non-payment, this must be an automatic payment.

When selecting web hosting services, pricing is not always what it seems. Make sure you investigate the true cost of prospective hosting plans before making any commitments.

Unexpected or hidden fees is something to consider when selecting a hosting plan. The first fee to look for is the setup fee. Many hosting plans charge a setup fee when you first purchase the plan. With most hosting companies, a setup fee is for the provisioning of the hosting service and does not cover website installation or configuration.

Arrow Technology does not charge setup fees and can provide an website installation/configuration/migration services by quotation. Some websites may eligible for free migration; please contact us to find out more.

Another fee to look for is for excessive and over usage. Some web hosting services offer plans that claim to offer unlimited features, but in reality there will always be limitations due to physical constraints and fair uage policies. It is important to know what costs there might be for exceeding limits. Some hosting plans will charge you for the amount of server resources you used over the limit, others may automatically upgrade you to a higher plan that allows your exceeded limitations.

Arrow Technology does not charge for over usage because we continually monitor for these sorts of issues and will see earlier signs of possible over usage. Depending on the specific resource that was over used and your hosting plan, you may find you will either be restricted, or allowed to over use and notified. We will assist you with choosing an upgraded your plan if that is necessary.

Additional fees for domain name transfers are often overlooked. If you already have websites that you will be transferring to your new web hosting account, make sure you don't have to pay any fees to do so.

If your domain is registered with a full domain name registrar, it is unlikely your domain name will need to be transferred and it will probably only need an adjustment.

If your domain name is registered through your current web hosting company then it may need to be transferred to a full domain name registrar. Please contact us with your domain name details if you would like Arrow Technology to check for you.

You can optionally choose to transfer your domain name to the Arrow Technology managed domain name service. We do not charge transfer fees and you will only have the normal yearly domain name registration renewal fee when it next becomes due.

The following are included:

  • Support for any aspects of you managing the web hosting service.
  • Website errors caused by an interaction with the web hosting service. This might include selecting suitable settings from the control panel.
  • Notifying of website errors that are detectable and have an affect on site/server security or performance. Does not necessarily include mitigation or rectification of such errors.
  • Support for email issues that are using Arrow Technology hosting services.

The following are not included, but may in some instances be provided free of charge when it is quick to do. More involved or ongoing tasks can be provided as a charged service:

  • Full management of your hosting service.
  • Full domain name services management. If you use the Arrow Technology managed domain name service then that does include some basic management.
  • Website installation/configuration/migration.
  • Website application/framework support.
  • Website error analysis, except when those errors are caused by an interaction with the web hosting service.
  • Support for an email service that is not using Arrow Technology hosting services.

For websites with special features, management or servicing requirements we can provide a customised hosting plan. This might be for a website where you want additional monitoring of non-security related aspects that relate to the website operation, or to cater for something that your existing hosting service does not provide.

Whilst we have a variety of automated monitoring services, they may not include specific aspects that you would like to monitor. We can develop customised automated monitoring complete with notifications.

Please contact us to discuss your requirements.

Server uptime indicates the amount of time that a web server is fully functional and online. If a server crashes or goes offline, all of the website and email services hosted on it will become non-functional until the problem is resolved. Server uptime is a direct indicator of the reliability and consistency of a web hosting provider.

Most web hosting providers will indicate they have more than 99 percent uptime. Typically a server uptime guarantee will exclude scheduled maintenance. There are always going to be some updates that will interrupt the hosting service. These interruptions are normally brief (just a few minutes), quite rare and take place during hours when websites are less busy (early morning NZ time).

If you have been experiencing frequent downtime then you may want to switch web hosting providers. Every time your website becomes unavailable you are potentially losing visitors and money. This is especially true if you are operating an eCommerce online store website.

Shared Hosting

Shared web hosting services are amongst the most popular types of web hosting, primarily because they are more affordable. Shared web hosting provides the plan holder with access to a small part of a web server that is also used by many other websites. These web servers are split into partitions that are allocated to the web hosting customers. As a shared web hosting plan holder you have access to a set amount of server resources.

With many shared hosting services there can be a sacrifice for performance and page loading times. Some web hosting companies will significantly overload their web servers and will not monitor/detect websites that are heavily loading the server and potentially slowing down other websites.

Traditionally, shared web hosting services are considered to have issues relating to performance, uptime and various aspects of website management/flexibility.

Arrow Technology operates a Boutique Shared Hosting Service where we have multiple servers which are not heavily loaded. This service offers a combination of the performance you might get from having your own server together, but without the costs associated with having all of the security, monitoring, backups, technical support and fail-over services that Arrow Technology provides.

Shared web servers are split up into partitions that are assigned to each hosting account. A partition is a section of a web server that is completely separate from the rest of the web server. Even though the partitions are completely separate, the server software configuration is the same across the entire web server.

If you are consistently overstepping the boundaries of your shared server partition then you will get a notification. Some web hosting services will automatically suspend websites that that excessively overuse resources, but Arrow Technology will not and will instead provide assistance with resolving the issue.

Many issues with sites causing excessive loading are due to uncontrolled brute-force attackers and aggressive search engine web crawlers. Our SiteSentinel web application firewall provides good protection from these.

Whilst many shared web hosting services claim to offer plans with unlimited features, they do still have very real limitations.

SiteSentinel

Arrow Technology SiteSentinel is our own proprietary Web Application Firewall (WAF) and Intrusion Prevention System (IPS). It is stateful detection system, which means it analyses the overall behaviour of visitors over multiple requests to determine if their activities appear legitimate, malicious or disrespectful/greedy. Then SiteSentinel can choose to:

  • Block individual specific 'bad' requests.
  • Totally block all of their requests, either permanently (full block) or for a short period (temporary block).
  • Slow down their requests if they are making them unusually quickly (rate limiter).
  • Completely block all of their access to the whole web server (firewall block).

SiteSentinel works over the whole web server and even between our different web servers, so a malicious visitor on one website can potentially be blocked even before they get to try their activities on other websites.

Even if a website is infiltrated, SiteSentinel cannot be evaded and will continue to offer other protections which may still subsequently block that attacker.

SiteSentinel does not provide guaranteed total protection. Unfortunately, no WAF or IPS can provide that level of protection. SiteSentinel does provide very good significant protection.

A big problem with websites is that possible vulnerabilities can vary significantly and can be difficult to identify. If for example your website has a poorly coded plugin, it is possible a very innocuous looking request from an attacker could still infiltrate your website. Indeed, SiteSentinel includes many rules that block innocuous looking requests that are known to be dangerous. It is also possible that someone inadvertently installed a malicious plugin that contains a vulnerability, such as plugins from untrusted sources.

SiteSentinel does have many generic protections that will potentially block new attacks that have not yet been seen.

As part of the SiteSentinel system, there is additional checking that we perform to detect unusual errors & changes within websites, which will often highlight where an attacker had some level of success.

SiteSentinel will very slightly slow down some requests, because it requires extra processing to check those requests. Whilst in theory this means your website could run very slightly slower (normally not enough to be noticeable) in reality most websites do run faster because attackers and bad web crawlers are being continually blocked from accessing your website. Overall, your website could have significantly lower loading. That also means other websites on the same web server are less likely to slow down your website.

Because individual websites have limits on the number of simultaneous requests, reducing the number of bad requests will allow your website to respond to legitimate visitor requests much faster.

  • Brute force login attackers will attempt thousands of usernames & passwords in the hope of guessing one correctly. With SiteSentinel they will only be able to make a few attempts before they are blocked. The longer they continue, the longer they will be blocked.
  • Web crawlers making too many requests within a period of time will either be slowed down (rate limited) or temporarily blocked, depending on the web crawler. If a previously blocked web crawler subsequently slows down, within just a few seconds or minutes they may be allowed to continue making requests.
  • Some consistently badly behaved web crawlers are totally blocked and never allowed to make requests.
  • Many web crawlers make requests to page paths that they should never need to access, such as adding products to carts. We have seen web crawlers that attempt to add thousands of products to their cart! Where possible, all of these redundant requests are blocked.
  • Some attackers will probe test your website with hundreds or thousands of malicious requests to see if any of the requests work. They might even use a legitimate Website Vulnerability Scanner to do these attacks. These attackers can be incredibly heavy loading on both your website and the web server, but SiteSentinel will normally very quickly blocked them, often within a few seconds.

SiteSentinel also includes a resource monitor, which will notify Arrow Technology if websites have requests that take an unusually long time to complete, use a lot of processing power, or use a lot of memory. Some administration tasks within websites can be expected to use more resources, but if visitors are getting very slow page requests then we can investigate that further.

SiteSentinel Anti-spam is very good at stopping webform spam. It checks commonly used page request path names (URLs) to identify contact forms, etc. If your site uses unusual path names then it might not block some spam. You can contact us to have that path implemented, but due to our human monitoring, we may spot & implement that path before you contact us.

Not only does SiteSentinel block webform spam, it will also block many fake user registrations. Some sites (particularly WordPress and Magento) get inundated with these spam registrations, damaging the customer database and making it useless for marketing purposes.

We can provide some HTML and JavaScript code that you can apply to your forms to significantly improve the detection of spammers, or we can add this code for you. This enhanced protection is even without using a captcha mechanism on your forms.

Arrow Technology regularly reviews the SiteSentinel Anti-spam results to ensure it is not blocking any legitimate requests. Also, we are automatically notified if SiteSentinel thinks there is a more likely chance that someone was incorrectly blocked.

If a visitor is blocked for appearing to send spam, they will be presented with a form that they can use to report to us that they were incorrectly blocked.

There are a variety of captcha mechanisms that are used for protecting webforms. They might be simplistic & useless (what is 2+2), quite intrusive (difficult to work out by a human), annoying (takes time to complete) or be one of the newer invisible captchas like Google reCAPTCHA v2 (recommended!).

Some spammers use technology that is surprisingly good at working out captchas, even difficult to read captchas.

Overall, using captchas is a good idea, but if it can be worked out by spammers or is intrusive, then maybe it won't help much and could annoy visitors. We do recommend Google reCAPTCHA v2 and many websites either have built-in support for that, or plugins that can be used.

Some legitimate activities within some websites may appear to be malicious even if they are not, particularly when editing some content within website admin control panels.

Optionally, SiteSentinel can block access to website login pages when a website is not intended to offer public logins, which reduces the possibily of brute force or slow login attacks.

In these situations, an administrator can be given a SiteSentinel Bypass Code which will provide additional access to bypass some SiteSentinel protection rules.

Bypass Codes do mostly bypass the SiteSentinel Anti-spam system, which is where most problems may appear, such as with website admins editing page content that can often look like spam. SiteSentinel Bypass Codes cannot bypass protection rules where there is a high probability that there is malicious activity, but will still reduce your chances of being invadvertently totally blocked.

Please submit a support ticket if you would like a bypass code for your Arrow Technology hosted website. If required, we can provide separately managed bypass codes for individuals such as contracters & web developers.

You can probably safely test webform anti-spam because you would be unlikely to be fully blocked. However, our anti-spam system uses heuristics and is quite clever, so it might allow you to send spam whereas it would still block a spammer. Of note is that our anti-spam system tries to detect legitimate submissions even if they do look like spam.

If you have recently used a SiteSentinel Bypass Code then you might bypass the anti-spam checking, which means you tests won't work correctly. Even if you close all browser windows, that bypass might still be active.

Any vulnerability testing that you do has the significant chance that you will be blocked, either immediatelly or after a short delay.

We do not allow unapproved large scale vulnerability testing. If you want to do a larger test, please first let us approve that test. These tests will probably be very quickly blocked by SiteSentinel, which does not really allow proper website vulnerability testing, but does at least demonstrate the site has some protection.

We can also allow approved testing with SiteSentinel temporarily disabled, which would give true website vulnerability testing. However, these tests will have some conditions, with the main one being that requests are sent at a lower rate so as not to heavily load the web server.

We can provide you with a mechanism that will check if your Arrow Technology hosted website is protected by SiteSentinel and also show you the form that your visitors will see if they are inadvertently blocked. Please submit a support ticket if you would like to able check your website.

IP Addresses

IP addresses are used to uniquely identify a website or computer. Any device that is connected to the internet is assigned an IP address. IP stands for Internet Protocol, which is the mechism through which data is transmitted over the internet. When a computer or web server is connected to a network it will have an assigned IP address that uniquely identifies it. Some IP addresses are automatically assigned and dynamic, which means they can change at any time. Web servers and some internet connections will have static IP addresses, which means they will not change.

An IP address is a string of numbers separated by dots that appear in the formats 210.48.32.83 (known as IPv4) or 0:0:0:0:0:ffff:d230:205d (known as IPv6).

Your internet address is also referred to as your public IP address. Your computer or device might also have a private IP address, which is not seen on the internet.

If you are connected to the internet right now then you have a public IP address assigned to you and you can find it out by using either our what-is-my-ip-address page or a google search query.

IP addresses are crucial to internet communication because they dictate where a request for information is sent to. For example, if a website visitors your website and clicks on a button, information is sent from their IP address to your website. In order to return the proper information, the web server needs to know the IP address of your computer.

Modern web servers and browsers do not require websites to have their own IP addresses. Many websites can share the same IP address.

We can provide unique IP addresses for websites, but it is unlikely you need one. Please submit a support ticket if you do think you require a unique IP addesss.

Domain Names

Domain names are much like VIN number of a vehicle, there are no two that are exactly the same.

Domain names are the identity cards of the Internet, representing the face of each website. In basic terms, a domain name is simply the name of your website. However, behind each domain name is a process that turns a local web address into a word or phrase that anyone can use to access your website from around the world. Domain name is a phrase or even just a word that people input in their browsers to be pointed directly to a specific website.

Domain names actually originate as the IP address of your website, which is a number that appears in the following syntax – xx.xx.xxx.xx or 77.77.777.77. A domain name is perhaps one of the most important part of any website, because it is ultimately what the visitor will remember when they try to return to the site.

The ideal domain name is short, memorable and contains no dashes and/or numbers.

Domain names end with extensions called Top Level Domains or TLDs. The TLD is the letters that appear after the last dot in the domain name. For example, .com is a TLD. There are a wide variety of TLDs available. There are many geographically specific TLDs that are intended to specify the geographic location of a website, although these days they often don't really do that. The cost of a domain name will usually depend upon the TLD.

If you have a brand name, you might want to register a variety of domain names using different TLDs to try and protect your brand.

For New Zealand websites the most common TLD is .nz and for Australia it is .au

Other popular TLDs include .com, .org, .net and .info

Subdomains are actually extensions of a website that are primarily used to separate and categorize website content. The address of the subdomain appears before the main domain name, such as subdomain.example.com. It does not cost anything to add a subdomain to your main domain.

You can have additional websites using subdomains, which is a true subdomain, or have your main website do something different when it receives requests using a subdomain, which might be referred to as an alias.

The www that appears in front of many website domain names is actually a subdomain. Those websites would often accept requests from either www.example.com or just example.com so that means one of those domain names is really an alias of the other.

Yes, we recommend that you do use www. Some designers & website owners remove the www for vanity reasons. There are differing opinions, but there are some good technical reasons for using www. These days most web browsers will hide the www anyway, even though it is still being used, so you may as well use www and get the technical benefits just in case they are useful in the future.

  • Using www on your website domain means that cookies are restricted to your www website. If you have other subdomains for various purposes and did not use www for your main website, your main website would receive all of the cookies for your subdomains. This could cause significant issues for both websites.
  • If you subsequently want to use a content delivery network (CDN) or a separate subdomain for website resources (both mechanisms can improve website response times), then using www on your main domain name will make the resource loading more efficient.

Parked domains are domain names that are not currently being utilized by the website owner. Parked domains often have holding pages provided by the domain name registrar or advertisements on them.

There are two ways a domain name is parked; either by a domain owner through a domain name registrar, or by default. When you first purchase a domain name it is parked by the domain name registrar automatically. For example, if you were to purchase a domain name from GoDaddy or 1st Domains, the domain would be parked automatically until the domain name is configured to point to a website.

The Domain Name System (DNS) is responsible for the allocation of domain names and traffic direction based on URLs in the address bar of the web browser. The Domain Name System is the largest distributed database in the world, containing information about every website in existence. There are currently more than 350 million unique active domains on the Internet.

Websites are identified by the IP address of their web server. An IP address is a number, which is far more difficult to remember than a simple name or phrase. In order to convert the IP address of a website into a memorable phrase that is the domain name, a DNS server is needed.

A name server is a web server assigned with the task of sending and receiving requests pertaining to domain names and IP addresses. The job of the domain name server is to take a number like an IP address and turn it into a readable term that can be typed into a browser's address bar, or vice versa.

Computers read Internet addresses much differently than humans. All computer language is in numbers and not letters. Therefore, in order for information to be transmitted from the nameserver to a user's computer, the DNS has to transmit information pertaining to the address and meaning of the domain name.

The first thing you should do when you are ready is to select a domain registrar and then open an account with them. Once you have registered you will need to choose your domain name and make sure it is available. The registrar will be able to provide you with your login information so that you may use their interface to edit the name servers and other domain properties.

You can register domain names using the Arrow Technology website, or contact us to do the registration for you. If we register your domain names using Arrow Technology, you are still the legal owner and can transfer that domain to a different registrar in the future.

Domain name registrars are companies that have direct access to the registry of domain names. When you buy a domain name, you are actually purchasing it from a domain name registrar. A very well known domain registrar is GoDaddy, which has registered more domain names than any other company.

Domain name registrars host your domains by default, until the domain is are pointed towards another Name Server. Whilst the basic function of all registrars is the same (to provide a domain name service), different registrars vary in both costs and features for domain name management.

Disk Space

Disk space is the amount of storage space allocated to your website files, database and email. Having adequate disk space is important because it affects the total size limits of your website.

With some web hosting services, if you use up all of your disk space you will be unable to update your website with new content. This can cause aspects of the the website to fail.

Arrow Technology allows over-usage. When you get closer to using up all of your disk space you will start receiving regular notifications. For a lower capacity plan that might be at 80% and for a higher capacity plan it might be 90%. That is an opportunity to remove old files, data and emails that are no longer required and contact Arrow Technology for assistance if required.

If you continue increasing your disk space usage you will ultimately exceed your allowance. Notifications will be sent for this, but you will be allowed to continue over using your disk space. Arrow Technology will discuss with you how best to resolve the situation, such as a web hosting plan upgrade or suggestions on reducing the usage.

Disk space requirements for websites varies significantly depending on the purpose of the website, what sort of data it stores and whether the website is configured to purge data that is no longer required. It is a common problem for websites to continue storing old data and Arrow Technology has good experience assisting with the discovery of these issues.

As a rule of thumb and based on the sizes of existing websites that we host, we find most Content Management System (CMS) will easily fit in 5GB storage and many online stores will fit in 10GB.

Some sites that have lots of videos and other large files can use external storage services to provide a variety of benefits, including using less website storage. Those services includes YouTube, Vimeo and Amazon Simple Storage Service (AWS S3).

Whilst you can look at the amount of disk space offered by various hosting services, this is not an accurate assessment. Some hosting service plans claim to offer unlimited disk space, yet cost a fraction of a plan that places a limit on the disk space. Which one is best?

In general, you don't want to compare unlimited plans with limited plans, simply because unlimited plans do not accurately depict your limitations. Unlimited hosting plans are actually quite limited in reality, especially when you read their terms which will normally exclude storage of certain types of files. The hosting services know the vast majority of webmasters never reach those limits.

When you have an Arrow Technology hosting plan you know that your disk space allocation also includes:

  • Website replication every 6 hours to another web server for emergency failover purposes.
  • Data centre backups every 6 hours with a 10 day history.
  • Off-site backups every day with a 60 day history.

When we are providing significantly comprehensive backup services, it is not possible for us to provide 'unlimited' disk space, because we need to allocate sufficient failover and backup resources. However, no sites really ever need unlimited disk space anyway.

Traffic & Bandwidth

Traffic is the data that your website receives and transmits. Most websites do not receive a huge amount of data, unless they accept lots of uploads. The largest proportion of the traffic is normally the data that is sent back to visitors, which might include page content, images, videos and file downloads.

Web crawlers, particularly badly behaved search engine crawlers, can often be the biggest user of traffic for many websites. Our SiteSentinel protection forces most web crawlers to be better behaved and have less of an impact on your website traffic.

Hosting plans have limits on the total amount of traffic for the month, measured in gigabytes (GB). Most websites will fit within those limits. If a website has a significant amount of traffic there are often techniques that can be used to make a website more efficient. This is good for both lowering your traffic usage and making your website faster for visitors.

Notifications are sent when a hosting plan gets close to its total traffic usage or exceeds it. The Arrow Technology over use policy applies to traffic, so exceeding the traffic limits won't stop your website working but you will need to either resolve any issues causing excessive usage or may need to upgrade your plan.

If you are on a plan which has unlimited traffic then our fair usage policy applies, which is detailed in our Terms & Conditions.

Web hosting bandwidth is measured as the volume of data that can be carried in a given period of time. Whilst it is technically different to speed, it can have a significant effect on speed.

Every visitor that views a page on your website is consuming bandwidth because they are downloading and uploading information to the website. Having adequate bandwidth is one of the most important features to consider when looking for a suitable web hosting plan, because it will affect your website visitors' experience, especially when there are high traffic levels.

All Arrow Technology web hosting plans come with unlimited bandwidth, which means there is a not a set limit that determines how much data can be downloaded and uploaded from the web server at any one time.

There is still a physical bandwidth maximum for the whole web server, but individual sites are not restricted.

Whilst we do not restrict bandwidth on individual sites, bandwidth usage is offered on a fair usage policy. This means you are expected to have your website operating fairly in accordance with our Terms & Conditions and not run web services that consume unusually high amounts of bandwidth.

Most normal websites will easily operate within our fair usage policy. An example of websites that might not could include gaming servers, search engines, search engine crawlers and video streaming services.

Probably the biggest usage of bandwidth on most normal websites would be videos and over-sized images.

If you put your videos on services such as YouTube and Vimeo, you will lower your website bandwidth requirements. You will also get the significant video management & processing features that are offered by those services.

Over-sized images are caused by uploading 'raw' images from digital cameras to your website. Typically these images are significantly too large for a web page and should first be web optimised, which makes them much smaller and also more efficient for transferring over the internet.

Many modern websites will automatically web optimise uploaded images, but will also still store the original over-sized image. Some websites will still send that large image to visitors and not use the optimised images even when they are available.

It is nearly always a good idea to web optimise your images before uploading them.

Do not use PNG images for photos when transparency is not required. They are significantly larger than the equivalent JPG/JPEG images.

Whilst we do not limit bandwidth on individual websites, the various hosting plans do have different limits for the number of simultaneous visitor requests that can be processed at the same time.

If the allowance are exceeded, requests will be queued and processed when other requests have finished. Normally that happens very quickly and is not noticeable.

If a website significantly exceeds the allowance then some additional requests might be discarded. This is rare and tends to only happen when something unusual is happening with a website which causes a lot of requests, such as an attack, an aggressive search engine crawler, or a marketing campaign. Our SiteSentinel web application firewall significantly protects from attacks and search engine crawlers. Our website error monitoring will also detect & notify about these occurrences and possible site over-loading.

Most websites work great with a limit of 5 simultaneous requests. A busy website or a website that is responding to a lot of requests such as a marketing campaign can benefit from having a limit of 10 or more.

Web Control Panels

The web control panel is a graphical user interface that you can use to manage your web hosting account. Within your control panel you can upload and manage website content, schedule regular background tasks, manage email and perform many other actions.

Control panels give you control over your hosting account within a centralized user-friendly interface. We provide the Plesk Control Panel, which includes additional features such as the Plesk WordPress Toolkit.

If you are starting a new website then you can even use the control panel to install a website application from a selection, such as WordPress, Drupal or Joomla.

Content Management Systems (CMS) and Web Applications

Web Application is a generic term that describes most websites that have any sort of programmed functionality. Nearly all modern websites will be web applications.

Content management systems (CMS) are web applications which provide comprehensive website & content management features. It is possible for a novice to use a CMS to build, organise and maintain a website with no formal training, and nothing more than a basic hosting account.

With a user-friendly interface, using a CMS you can control nearly every aspect of your website. Most modern sites use a CMS to manage content and many non-CMS web applications such as online stores will provide some CMS capabilities. Most dedicated CMS also have add-on online store capabilities.

There is a large selection of different CMS web applications to choose from and they each individually have both advantages and disadvantages. Please feel free to contact us if you would like to discuss what might be best for your site.

One of the most advantageous aspects of content management systems is the ability to quickly create websites with no programming or web design skills. With content management systems like WordPress it has never been easier to design and manage multiple websites.

There are many themes, templates & plugins available which are available for free or paid-for. Some of the paid-for add-ons have free versions with reduced functionality.

A new website design can often be applied to a website almost with just a click of the mouse. Most content management systems allow the design to be changed without affecting the content of the pages and posts. You can test out new designs and create your own custom themes without having to worry about losing data or disrupting the site's content.

Most web applications have a variety of add-on themes and plugins. Some are charged for and some are free. However, we unfortunately see themes & plugins that have issues with functionality, security vulnerabilities and bugs. It is very important to regularly update them and sometimes updates can cause problems because they can introduce incompatibilities between various components of the site.

Some themes change the website content in such a way that the content becomes dependant on the theme. If you decide to change the theme, it might not be as easy as it should be because you will also need to update the content. Visual layout editors for WordPress are mostly great, but they do significantly suffer from this issue.

Only use themes, templates & plugins from reputable sources, because it is possible for them to have issues and security vulnerabilities.

Plugins can significantly assist the success of any website that is being managed using a content management system. Plugins are software enhancements that improve the functionality of your CMS. Wordpress is well known for having an large library of plugins available that cover many aspects of website management, content and marketing.

Backups

If something in your website changes which you do not want to lose, then you should backup. For a rarely changing website you might not have to backup very often and for a busy web store you might want to backup multiple times a day.

It is recommended that you do make a backup of your Arrow Technology hosted website every so often, so that you have your own complete copy of your website. You can do that using either website plugins or your Plesk control panel. If that backup is within your website, you must then copy that backup to another location and delete it from your website.

  • We do not want to be backing up your backups.
  • A backup that is stored within a website should not be considered a safe backup.

We do not recommend that you backup your website every day or even every time there is a change because we do guarantee to keep good website backups. Our backups will be more efficient than yours and probably have a significantly longer history.

For damaged websites we most commonly restore from backups that are at least 10 days old and on many occasions have restored from backups a few weeks old. Many web hosting services do not provide a long enough backup history; many will overwrite the previous backup with each new backup.

Unfortunately, no, they do not. Many web hosting services, even including large providers, do not do any backups at all and a lot of them only do a full backup once a week. Of the ones that do regular backups, very few of them do separate database backups, which is really bad news because databases do require special separate backups.

After infiltrating a website, it is common for attackers to wait days or even weeks before subsequently utilising the website for nefarious purposes or damaging it further. They wait either because the attack is automated and it takes a while for them to get back to your website, or they deliberately want backups to be overwritten with their changes. Those backups will then already contain their changes so that a restore will keep the website infected.

Before any restore is done, it is essential to ascertain when the website was infiltrated.

If your website rarely changes, then a full restore of an uninfiltrated website may be quickest. If your website changes often, such as for an online store, or if you recently made a lot of changes you do not want to lose, our backup systems allow us to compare your website files and database to discover exactly what was changed & when, down to a very accurate level of detail. We have a 100% success rate of fixing up damaged websites and provide this service to other hosting providers.

Before the restored website becomes available to visitors, the vulnerability that allowed the infiltration must be fixed or blocked. Our SiteSentinel system allows us to forensically examine how an attack happened, so that it can be immediately blocked and a proper fix implemented on the website.

If a restore is required due to a software or data issue (and not infiltration by attackers) then it is somewhat easier to choose a suitable backup to restore from.

Assuming your website is 100% secure is not a good idea. You never know when a vulnerability may be discovered, even in website frameworks that have an excellent reputation for good security.

The majority of restores that we do are for sites that were damaged by automatic updates (particularly with WordPress), manual updates by developers that went wrong, or inadvertent admin changes. Often these actions only require a partial restore, although for a website that rarely changes much, a full restore might be quicker.

With appropriate knowledge & experience you can do your own restores from backups that you created. Depending on the reason for the restore you may require more or less knowledge. Any restore should be done with care. If your site was infiltrated then you do need a good understanding of whether a restore is a good idea or not. You can expect a restore to at least leave you with the same vulnerability that caused the issue in the first place, so you must update/upgrade or do whatever is needed to block that vulnerability.

If you want a restore from the Arrow Technology backups then we will have to do it for you. Our backups use a one-way mechanism where the backup servers retrieve files & data from the websites but it is not possible for the website to access the backup. This means that whilst an attacker can change the website, they cannot directly change the backup history. If you require a restore then please submit a support ticket. We can either do a full restore for you or provide you with files and/or databases.

All Arrow Technology web servers have mirrored disks (often referred to as RAID), but mirrored disks are not even close to being the same as backups. Mirrored disks do help protect your data from a disk fault. Disk faults are quite rare.

Nearly all data problems that require a restore are due to website specific issues rather than disks. Disk mirroring will immediately duplicate the same data problem to other disks.

Occasionally it is even possible for multiple mirrored disks to fail at the same time. Replacing a faulty disk raises the chances of another disk failing due to the intensive disk activity during the rebuild of the replaced disk. You do need good backups with a reasonable length of history.

Probably not and some cloud hosts don't even do duplication, despite being called cloud. Most data duplication services make fairly immediate copies of data changes to a separate copy of your data elsewhere, which can be good for redundancy. Those copies might be within seconds or just a few minutes. These services probably do not keep a history of your data, just a copy of whatever data was last changed.

Because nearly all issues that require a restore are due to website faults, failed website updates (often automatic updates), your own website administration accidents, or infiltrations by attackers, this data duplication merely quickly copies those same issues to the other location.

Arrow Technology backups do also duplicate your data to another location, but at longer regular intervals rather than immediate and also with a good history. This allows both fail-over redundancy and the ability to restore from historical backups.

Backups

Email services use communication protocols:

  • POP: Post Office Protocol

    Provides the ability to transfer incoming email from the server into your email application inbox. Normally your email application would subsequently delete this transferred email from the server, although maybe not immediately.

  • IMAP: Internet Message Access Protocol

    This allows email to be stored on the server and for an email application to access it, including keeping a full or partial copy of the emails within the email application. Email changes are synchronised: changing emails within the email application will reproduce those changes on the server, changing emails on the server will reproduce those changes in the email application.

    Note: When using IMAP, most email applications will not synchronise the outbox or sent items folders. Those folders are local/private to the email application.

  • SMTP: Simple Mail Transfer Protocol
    This allows you to send outgoing email. Both POP and IMAP will often also use SMTP.

Whilst Arrow Technology allows all of these protocols, we do not provide large server mailboxes for use with IMAP. If you require a large server mailbox then we recommend using an email service such as Gmail or Office 365.

Arrow Technology supports all of the standard combinations of email settings. These are the settings that we recommend:

ServerThe server name will be similar to vpsX.arrowtechnology.com where X is a number. Using this server name means that SSL security certificates can be verified and will encrypt your email during transfer.
UsernameYour email address.
PasswordYour assigned password.
POPPort 995 with SSL
Ensure POP authentication is used.
SMTPPort 587 with STARTTLS or TLS
Ensure SMTP authentication is enabled. Some email applications allow you to tick a box to use the same authentication settings as incoming/POP.

All email applications will provide a setting to automatically deleted downloaded emails from the server. Your main email application should have that setting enabled and deleting after 7 days is often a good option. Unfortunately some email applications such as newer Microsoft Outlook will hide this setting, but the setting is still there. Please submit a support ticket if you need assistance.

If you use multiple email applications, only the main application should automatically delete emails, which then allows the other email applications to also get a copy of those emails before they are automatically deleted.

Please ensure your email application only does an automatic POP check every 5 or more minutes. Many email applications default to something like every 30 minutes.

Miscellaneous

SSL, or Secure Socket Layer, is a security protocol used to protect data as it is transmitted between devices on the Internet.

SSL certificates indicate the presence of this technology being used by a website. Most online shoppers will not shop at your website unless you have an SSL certificate.

When you visit a website that uses SSL, it will use https: at the start of the address instead of http: and most browsers will show a padlock/security icon.

An FTP client is an application you run on your computer that allows you to transfer files to & from your website using File Transfer Protocol.

Popular FTP clients include FileZilla, CuteFTP & SmartFTP and there are many others.

The web server has an FTP server which accepts connections from your FTP client.

You do not require an FTP client for some websites, because not all websites require file transfers. It is possible to transfer files using the Plesk hosting control panel. Website developers will often prefer to use FTP because they find it more convenient.

Spam is defined as overwhelming or fraudulent web mail or website commenting that is meant to overload a system, annoy a website owner, or ruin the content of a website. If a website is not properly moderated it can quickly be overrun with spam of all types. Spam affects your online efforts and it wastes time as you try to clear it from your website or mailbox.

Many spammers will attempt to post spam comments on your posts, causing your web pages to become inundated with spam, which can be difficult to get rid of. Other spammers will send you a lot of emails using the contact form of your website.

Arrow Technology SiteSentinel provides significant protection from website spam. If you receive a lot of spam via your website that is hosted with Arrow Technology then please contact us, because we can probably do something about it.

SEO stands for Search Engine Optimization, which is a very commonly used term in the web hosting industry. Search engine optimization involves the optimising of your web page content for better search engine rankings.

Being ranked highly for popular phrases & keywords in search engines is the best way to receive 'organic traffic' with very little effort. Organic traffic is visitors that land on your website as a result of results from unpaid searches. You can also pay search engines for improved search results.

Some website applications come with built-in SEO tools and most will have various SEO plugins available.

Search engines are perhaps the best possible sources of traffic. If you can properly optimise your website for search engines, then you will be able to enjoy a consistent flow of traffic without any additional efforts. The process of SEO involves optimizing your web pages so that the search engines will direct visitors to your website when they search for specific phrases & keywords.

The robots.txt file is very important part of the way your website interacts with other sites, website visitors, and most importantly, search engines. The file dictates what visitors can view your site. The reason why it is called the robots.txt file is because it is generally used to block search engine robots from crawling & indexing your site.

Search engine robots crawl the web routinely, indexing every piece of data along the way. If your website is not ready for search engines then you could edit your robots.txt file to block all robots.

The usage of the robots.txt file is completely voluntary. Most well behaved & large search engines do use it. Badly behaved search engines will either ignore it, or will even use it to find pages that you indicated should not be crawled.

Some web applications do not include a robots.txt file automatically, so it is up to you to create one. If you are having trouble creating or using your robots.txt file then you can submit a support ticket.

Back to top