That’s where WordWatch comes in!  Chris Bauman, VP of WordWatch approached us late last year about bringing their services to our customers.  We knew Chris from working on the Sproutit’s Mailroom project and knew how committed he was to providing a wonderfully useful services for small to medium-sized business at affordable prices.  I jumped at the chance that he offered to extend this incredibly useful service to our customers.

WordWatch will automatically manage your Google AdWord campaign for you.  It takes the stress and burden out of doing it yourself and since it can react faster than you can.  Those who initially used it to automate their Google AdWords have found that it also saves them money and can increase their traffic.  WordWatch has shown us that you really can have your cake and eat it too!

Take a moment to watch this short video detailing how WordWatch works:

Then head on over to WordWatch and give it a spin.  They offer a 30 day free trial, so you have nothing to lose!

Click Here to Register Your Domain!

.ORG domains are perfect for non-profit groups and organizations, churches, non-profit sites providing help and information, charities, and religious/spiritual sites.

OCS Solutions gives back to our community and those in need.  We are happy to assist charities and non-profit organizations with their technical and Internet needs at discount, or in some cases, as time is available, for free.  If you want more information, please contact us.

All domain names get a free POP3 e-mail account that can be accessed from e-mail programs like Microsoft Outlook® or Apple Mail®, from your iPhone®, Android®, or BlackBerry® phone, or from our advanced webmail system with a built in calendar, task list, and address book.

If you already have an e-mail address you like, you can take advantage of the free forwarding service we offer on every domain.  You can forward you@yourdomain.com (for example) to any other e-mail address.

Learn more about and activate you free e-mail or forwarding service for your domain.  If you don’t have a domain name through us, you can transfer your domain or register a domain for less than the competition and receive customer support second to none!

Any outages you encounter should be brief and after the 11 PM mark, so please bear with us.  We appreciate your understanding and patience and apologize for any inconvenience this may cause.

This technology helps prevent both small and large-scale attacks on our network by limiting the number of simultaneous connections from one IP address to a reasonable amount generally encountered during normal web, e-mail, and FTP traffic.

Unfortunately, the default settings on many FTP clients cause a large download or upload to make too many active connections, far more than is usually encountered in a regular FTP session, thus triggering the ban accidentally.  This guide will show you how to configure your FTP client to avoid this.  The examples below assume you’re using FileZilla, but the settings should be similar in other FTP clients.

In FileZilla, go to the Edit menu and click Settings, then click the Transfers section on the left hand side to bring up the following menu.  In this, make sure that the maximum simultaneous transfers is set to no higher than 2, and concurrent uploads and downloads are set to 2 as well.

You’ll need to adjust one other setting in FileZilla.  In the site profile you use to connect to your site, click on the Transfer Settings tab and adjust the number of simultaneous connections to no more than 2 and save the profile.

Using these settings you should not accidentally trigger our anti-DoS protection measures.

If you have any questions, please let us know.

The OCS Website Protection Scanner performs an initial scan on your site and checks for vulnerabilities and security issues.  Once our scan is done (typically within 24 hours), we present you with a full report highlighting any issues that need attention with specific help on fixing them.  If you need assistance with any particular issue, our security support team is available via phone or e-mail to give you the advice you need to fix it.

You might expect a service like this to be expensive, but the OCS Website Protection Scanner service is only $4.99 per month.

To learn more or to get started securing your site today, please contact us or visit our Website Protection Scanner page.

The entire OCS staff was uninjured and we only sustained minor damage.  Our thoughts go out to the families that weren’t so lucky.

Our offices were without power and Internet services for all of yesterday and most of today, but things are starting to come back up.  Phone service is still very limited so the best way to reach us now is to open a ticket if you need assistance.

None of our datacenter locations were affected by the storms and continued with Internet connection and power without interruption.

IE9 is a leap forward for Microsoft, both in terms of user-oriented design and standards compliance.  It’s not where it should be considering Microsoft has been at the browser and PC software business for longer than the other players, but its definitely getting there.

I enjoy using it on my Windows machines, but whenever I try to do any serious work with it, I find myself missing the spell checker that I take for granted in all other browsers. I know I’m not the only one to complain about this.

I know that you can get toolbars like Google’s that offer spell check, but its not seamless, and you shouldn’t have to do this to get functionality that should be in the core of the browser itself.  Also, from what I remember about Google Toolbar for IE, it doesn’t automatically do a spell check – you must click the button to check the contents of forms before you submit.  I would forget most of the time.

Microsoft is a great company that makes a lot of good products.  The “I hate Microsoft” crowd generally isn’t well informed about all the company does and isn’t keeping an open mind in today’s fast-paced IT world.  Of course, we’re a Linux-oriented company, but we do offer Windows hosting and appreciate Microsoft’s contribution to the web.

I’d appreciate them even more, and consider using IE again on my PC’s if they would implement a spell checker for IE9.

I am blogging about domain registration today because I helped a client today try to get their domain transfered from their previous hosting company, but was ultimately unsuccessful. They went through months of trying to get an approval on the transfer from the previous host.  They ended up registering another domain name to avoid the problem. It is a very unfortunate situation, but is completely preventable.

You can protect yourself from this hassle quite easily. Simply have your domain registered in your name, under your control. All OCS Solutions hosting customers enjoy this, and if you order your domain name from OCS Domains, you can fully control your domain – including changing your registration information (WHOIS), nameservers, DNS, and other vital data concerning your domain name anytime you wish.  It’s under your complete control.

If you are an OCS hosting customer and had us register your domain for you, we’ll be glad to make changes for you at any time – just contact us.  However, we can also put your domain in your own domain registration account that allows you to fully control nameservers, DNS, WHOIS info, and even transfer the domain to another registrar.  If you’d like us to enable this domain registration control center for your domain(s), just let us know.  We’ll be glad to do it at no charge!

If you don’t host with us, please make sure you’re in full control of your domain.  If you can’t change your own nameservers or WHOIS information, contact your hosting company to see how you can do that if you wanted to.  It’s an important piece of information you need to know to manage your internet property address.

If you have any questions about these vulnerabilities please contact us.

CVE-2011-0446 – Potential XSS Problem with mail_to :encode => :javascript

This vulnerably can allow an attacker to circumvent the Cross-Site Request Forgery mechanism inside Ruby on Rails.

This issue is likely to affect many 2.3.x and 3.x users, and thus we recommend applying the patch found at the above link.  There are no workarounds known at this time.

CVE-2011-0449 - Filter Problems on Case-Insensitive Filesystems

This vulnerability can allow attackers to circumvent filters in your application.  This can be a potentially devastating impact, but it only applies to Rails applications using Ruby on Rails 3.x (2.x or 1.x series aren’t affected) on file systems that are case-insensitive.

This means that all Rails applications hosted by OCS Solutions are presumed safe from this issue, because we use Linux and ext3/ext4 based filesystems which are case sensitive.

If you run your Rails application in production on a Windows server (thought I wouldn’t advise that anyway), you are advised to click the link above and apply the patch.

CVE-2011-0448 - Potential SQL Injection in Rails 3.0.x

This vulnerability allows an attacker to potentially perform an SQL injection on a Rails 3 application.  This can be serious, and users of Rails 3.x are advised to upgrade to Rails 3.0.4 immediately.  We’ll be installing Rails 3.0.4 on all of our servers over the next 2-3 days but you may use 3.0.4 immediately by freezing Rails 3.0.4 to your application and redeploying.

Note that Rails 1.x and 2.x users are unaffected by this issue.

A workaround is available as well at the above link, but given the ease of upgrade from 3.x to 3.0.4 an upgrade to 3.0.4 is recommended.

CVE-2011-0447 – CSRF Protection Bypass in Ruby on Rails

This issue allows the Cross-Site Request Forgery protection included in Ruby on Rails 2.1.x and above (including the 3.x series) to be circumvented in certain cases.

A patch has been included in the above link and all users with Rails applications using versions 2.1.x and above are encouraged to either use it or upgrade to 2.3.11 (if you’re using the 2.x series) or 3.0.4 (if you’re using the 3.x series).  We’ll be installing these versions on our servers over the next 2-3 days but you may use these new versions immediately by freezing 2.3.11 or 3.0.4 to your application and redeploying.