Archives

Act Fast: Critical LiteSpeed Vulnerability

If your WordPress site uses the LiteSpeed Cache plugin, you must take action regarding a new critical security flaw (CVE-2024-28000) that could potentially put your site at risk. This vulnerability allows unauthorized users to gain admin access, potentially leading to a complete takeover. This means that hackers could possibly take full control of your website. A pretty serious concern! The team at WHC moved quickly to safeguard our clients by applying extra protection specific to this vulnerability across all Web Hosting, Managed WordPress, and Reseller Hosting services. This patch is a temporary protection. To keep your website secure action is needed on your part. You must update your LiteSpeed Cache plugin to version 6.4 or higher from your WordPress admin dashboard to ensure proper security and feature usability. Here’s exactly what all this means:

Who is affected?

This vulnerability impacts all WordPress sites running LiteSpeed Cache plugin versions 6.3.0.1 and earlier. As one of the most widely used plugins with over five million active installations, it's critical that site owners upgrade to the latest version (6.4) as soon as possible. If your site has not been updated, it remains vulnerable to potential attacks. This issue primarily affects Linux-based servers, meaning Windows-based WordPress sites are not exposed to this particular risk.

What’s the vulnerability?

CVE-2024-28000 stems from a weak security hash in the plugin’s user simulation feature. This flaw allows attackers to exploit the system, spoof user IDs, and gain admin-level access. Once they have admin privileges, they can install malicious plugins, take over your site, and disrupt its operation. Hackers can use a brute-force method to guess the hash value, which has only one million possible combinations due to the plugin's reliance on an insecure random number generator. Once a valid hash is discovered, attackers can use it to create new admin accounts via the WordPress REST API, giving them full control of your site.

What WHC has done

  1. Deployed virtual protection for Web Hosting: The team installed a wall of protection specific to this vulnerability on all Web Hosting, Managed WordPress, and Reseller Hosting services until users update the LiteSpeed Cache plugin.
  2. Prompted users to Update Plugins: Although we’ve added a layer of protection, it's still crucial for you to manually update the plugin to the latest version of LiteSpeed Cache (6.4) through their WordPress admin interface.
  3. Support for Cloud and Dedicated Server Clients: For those on Cloud or Dedicated servers running LiteSpeed Cache, please follow the official instructions on LiteSpeed’s website for patching or contact our team. We’re ready to assist if needed.
  4. Continuous Monitoring: Our cybersecurity team is keeping a close eye on any threats and will continue to take action if necessary.

Stay informed and secure

Security vulnerabilities like CVE-2024-28000 highlight the importance of staying vigilant and regularly updating your website's software. WHC is committed to keeping your site protected and providing ongoing support to ensure your online presence is safe. If you haven’t already, please update your LiteSpeed Cache plugin to the latest version as soon as possible. If you’re unsure whether your site is secure or need assistance, don’t hesitate to contact us. Our team is here to help, 24/7. Thank you for your trust in us.
Domains Price Increase COM XYZ

Lock in your rate before domain prices go up

Verisign, the registry for .COM, is raising its prices again, drawing scrutiny and concerns from government officials and industry leaders. Essentially, starting September 1, 2024, the price of .COM domains—both new registrations and renewals—will go up. A few other domain extensions as well. 

Don’t let it dominate your budget.

These price increases affect all domain providers, including WHC. So, in the spirit of transparency, we want to give you a heads-up: the price for .COM is going up, but you still have time to lock in the current rate. 

Here's how to avoid paying more as prices rise.

What is increasing?

If you own a .COM domain, the price increase will affect your renewal or any new domain you register after September 1. The difference is minimal, but can quickly add up over the years, especially for those with multiple domains.

Renew your domain at the current lower price before the deadline. And renew for multiple years to save more, and protect yourself from next future hikes. 

What about other domains?

The price increase on .COM will have the most impact because of its popularity, of course. However, a few other domain extensions will have price changes in the coming months. You can find a general list below: 

Extension Current price New price Effective Date
 

Registrations

Renewals

Registrations

Renewals

 

.COM

$13.99

$18.99

$15.49

$19.99

2024-09-01

.XYZ

$15.99

$19.49

$17.49

$20.99

2024-09-02

.CEO

$119.99

$145.99

$161.49

$189.99

2024-09-02

.COLLEGE

$80.99

$100.99

$79.99

$105.99

2024-09-02

.LOL

$40.99

$44.99

$36.99

$47.99

2024-09-02

How can I save?

Keeping in mind that the deadline is September 1st, 2024, to avoid paying more for your domains, there are 3 things you can do:

  • Renew your domains now: Act before the price increases and renew your domains at the current lower price. 
  • Renew them for multiple years: Some domains can be renewed for up to 10 years. Renew them for a longer period and avoid price increases in the near future.
  • Transfer your domains to WHC: WHC always strives to give you the lowest price. If you have domains registered somewhere else, now is the time to consolidate them.

How do I renew early?

You can renew at any point in the life cycle of your domain name. It only takes a few minutes. Here’s how to do it: 

  1. Log into your Client Area
  2. Click on My Domains in the left menu
  3. Choose the domain you want to renew
  4. Click on Renew next to that domain Domain renewal
  5. And remember you can choose the maximum number of years to maximize savings!  Domain renewal duration

Own 25+ domains? Save even more!

If you have more than 25 domains with WHC, you qualify for The Domain Club. This free program offers exclusive discounts and premium features, helping you save even more as prices go up. If you think you’re eligible, reach out to us and start saving today!

Why .CA is always a good choice

For Canadians, .CA domains are an excellent choice. They’re not only usually more affordable, but they also help strengthen your online presence by signalling that you’re a trusted, local brand. Canadian shoppers are 4x more likely to choose .CA when shopping online. 

A .CA domain builds credibility with Canadian consumers and boosts your visibility in local search results. Plus, there’s no price increase on the horizon for .CA domains, making them a stable and cost-effective option for the long term.

Domain Tip: Securing the .CA version of your .COM domain is best practice and can help protect your brand from competitors. 

Clock is ticking

Whether you’re renewing your .COM or considering a .CA, we recommend that you take action today to save money while keeping your domains. 

WHC is here to help you stay ahead of the changes while keeping your online presence secure and affordable.

OS Upgrades

Now Available: AlmaLinux 9, Ubuntu 22 and CloudLinux 9

We're thrilled to announce that AlmaLinux 9 & Ubuntu 22 are now seamlessly integrated with our Cloud and Dedicated server offerings, and CloudLinux 9 is available with our Dedicated Servers. If you're running your own servers or looking to spin up a new one, keep reading to discover how these updates can benefit you.

What is AlmaLinux 9?

AlmaLinux 9 is an enterprise-grade operating system (OS) designed as a successor to CentOS, offering a robust platform for your servers to efficiently manage and deliver websites and email services. It was developed to provide a stable and secure alternative in response to the shifting support landscape of CentOS, and addresses the discontinuation of essential security updates following CentOS 7 reaching 'end of life'.

What is Ubuntu 22?

Ubuntu 22, officially known as Ubuntu 22.04 LTS 'Jammy Jellyfish' is the latest Long-Term Support version from Canonical, optimized for both cloud and dedicated servers. It delivers a stable and secure environment with enhanced hardware support and advanced security features. With five years of guaranteed support, it's an ideal choice for server administrators looking for reliable and consistent server performance.

What is CloudLinux 9?

CloudLinux 9 is a high-performance operating system designed for web hosting, offering enhanced security, stability, and resource control. It isolates users in Lightweight Virtual Environments (LVE), ensuring consistent performance without disruptions. Key features like CageFS for account security and MySQL Governor for resource management make it an ideal choice for Dedicated servers. With long-term support, CloudLinux 9 is perfect for administrators seeking reliable security and optimized efficiency.

If you have a Dedicated Server, we recommend CloudLinux 9 for its superior security, stability, and resource management, ensuring optimal performance for your server.
Please note: CloudLinux 9 is not an available option for Cloud servers.

All new Cloud or Dedicated activated servers can be provisioned with AlmaLinux 9 or Ubuntu 22, while Dedicated servers come with the additional option for CloudLinux 9, allowing you to take advantage of the latest security and performance enhancements right from the start.

Why choose AlmaLinux 9?

AlmaLinux 9 brings several compelling benefits that make it a top choice for enterprise environments. Here are some of the notable advantages:

  • Enterprise-Ready: As an enterprise-grade OS, AlmaLinux 9 is well-equipped to handle heavy server workloads with stability and efficiency.
  • Extended Support: AlmaLinux 9 is guaranteed support until at least 2031, providing long-term security patches and updates to keep your systems secure and compliant.
  • Seamless Transition: AlmaLinux offers a 1:1 binary compatibility with Red Hat Enterprise Linux (RHEL), making the switch from CentOS or other RHEL derivatives straightforward and hassle-free.
  • Full cPanel Compatibility: AlmaLinux has strong support for cPanel, ensuring smooth management of hosting environments and websites right from the start.

Choosing AlmaLinux 9 means opting for a robust, secure, and well-supported OS that aligns with the needs of modern enterprise servers and applications.

AlmaLinux 9 vs. AlmaLinux 8

The upgrade from AlmaLinux 8 to AlmaLinux 9 introduces a range of enhancements aimed at improving performance, security, and manageability:

  • Kernel and System Updates: AlmaLinux 9 runs on the Linux kernel 5.14, which offers better hardware support and performance optimizations compared to the 4.18 kernel used in AlmaLinux 8. This ensures enhanced compatibility with the latest hardware technologies.
  • Security Enhancements: Enhanced security features include stronger encryption protocols and automated security patching, better equipping the latest release to handle modern cybersecurity threats.
  • Software and Tools Upgrade: The upgrade includes newer versions of key software packages such as Python, PHP, and MySQL, which are more stable and feature-rich.
  • Streamlined System Management: AlmaLinux 9 introduces a more intuitive system management interface, making tasks like software updates and network configurations easier and reducing administrative overhead.

CloudLinux 9 vs. AlmaLinux 9

CloudLinux is a commercial OS built specifically for website and email hosting. It’s the OS that currently powers WHC’s Web Hosting, Reseller Hosting, and Managed WordPress Hosting services, and it’s the recommended OS for Dedicated Servers.

The main benefits of CloudLinux 9 over AlmaLinux 9 are:

  • Superior Security: CloudLinux 9 offers advanced security features like CageFS, a virtual per-user filesystem that prevents attacks, HardenedPHP, which secures outdated PHP versions, and SecureLinks, a kernel-level protection mechanism. These features help ensure a higher level of security in hosting environments.
  • Enhanced Performance: CloudLinux 9 utilizes Mod_lsapi, an optimized PHP handler that delivers faster and more reliable PHP performance. Additionally, the OS provides centralized monitoring and diagnostics tools, enabling quicker identification and resolution of performance issues.
  • Resource Isolation: With CloudLinux 9, resource isolation through LVE technology limits the impact of high resource usage on the specific tenant, preventing downtime and improving overall server stability and performance in shared environments.
  • Advanced Hosting Features: CloudLinux 9 includes specialized tools like MySQL Governor for monitoring and managing SQL usage and LVE Manager for enhanced control panel management, offering greater control and efficiency in managing hosting services.
  • Full cPanel Compatibility: CloudLinux is fully compatible with cPanel, and many of its features can be managed directly from your WHM/cPanel interface. 

What about Ubuntu 22?

Ubuntu 22 brings a host of compelling features and benefits, making it a viable candidate for both enterprise environments and individual users. Here are some of the notable advantages:

  • Enterprise-Ready with Long-Term Support: Designed for stability and efficiency, Ubuntu 22 is now a supported OS for servers running cPanel with Long-Term Support (LTS) until 2027, ensuring continuous security updates and compliance.
  • Enhanced Security: Ubuntu 22 features advanced security measures like kernel live patching and improved security modules, providing robust protection for your data and infrastructure.
  • Optimized Performance: With optimizations for the latest hardware, Ubuntu 22 delivers exceptional performance, particularly for multi-core processors and modern GPUs, ensuring smooth and efficient application operations.
  • Community Support: Ubuntu has a large, active community that offers extensive documentation, forums, and third-party resources, making it easier to find solutions, share knowledge, and receive support.
  • Cloud and Container Ready: Ubuntu 22 is optimized for cloud deployments and containerized applications, with robust support for Docker, Kubernetes, and other cloud-native technologies, ensuring seamless integration and management.

While WHC recommends CloudLinux 9 or AlmaLinux 9 for most servers, choosing Ubuntu 22 means opting for a secure, high-performance, and enterprise-ready operating system supported by a vibrant community that meets the needs of modern IT environments.

Should I upgrade my server’s OS?

If you have a Cloud or Dedicated server with an older operating system like CentOS 7, you should strongly consider upgrading your operating system as CentOS 7 has now reached its end-of-life (EOL). Dedicated server users can choose from AlmaLinux 9, Ubuntu 22, or CloudLinux 9 (recommended). For Cloud server users, you can choose between AlmaLinux 9 (recommended) or Ubuntu 22.

Upgrading brings enhanced security features, better performance, and access to the latest tools and software. This move is essential to ensure your server remains secure, efficient, and compliant with current standards.

The process of upgrading varies based on your setup, but may involve setting up a new server with your desired Operating System, and then carefully migrating your data from the old server to ensure continuity and integrity. Our support team is available to help guide you through the upgrade process, and can even take on the process for you, making it as seamless as possible.

If you have any questions, please feel free to reach out!

Domain Protection

Domain Protection

Protect your domain and your privacy

  • Deter Hackers
  • Secure your Brand
  • Prevent Mistakes
  • 24/7 Expert Support
Protect Now
C$9.99/yr
or less

Find a new domain name with added protection

Already have domains with us? Sign in and add protection.

Why choose Domain Protection?

Shield your domain from unauthorized or accidental changes and protect your brand’s ownership.

  Domain Protection Domain Privacy
Protects your Identity
Ownership Protection
Enhanced Account Security
C$9.99/yr INCLUDED
Add Domain Protection now! Add Protection

Domain Protection FAQ

Domain Protection adds an extra layer of security to your domain by requiring Two-Factor Authentication (2FA) for any critical changes, such as updating nameservers or modifying contacts. This ensures that only authorized users can make changes to your domain, keeping it secure from unauthorized access.
Whenever you make critical changes to your domain or account information, you will receive a Two-Factor Authentication (2FA) code via email. Entering this code will grant you the ability to make changes to your domain for a 15-minute window. After this period, the changes will be automatically locked again.
You can easily activate Domain Protection for your existing domain by logging into your account, navigating to the domain management section, and enabling the Domain Protection feature. Once activated, you’ll be prompted to verify all critical actions.
Disabling Domain Protection removes the Two-Factor Authentication (2FA) requirement for critical domain changes, potentially leaving your domain vulnerable to unauthorized modifications. We strongly advise keeping Domain Protection enabled to maintain the highest level of security for your domain.
Absolutely! You can easily combine Domain Protection with other products or services during the checkout process. For example, when purchasing a new domain or any other eligible service, you can add Domain Protection to enhance the security of your new assets.

Pro Services

Professional Web Services

Your website,
our expertise.

From web design to care plans, we’ll handle your site so you can focus on what you do best.

Trustpilot logo
Trustpilot star icons

Trustscore 4.8/5 | 1,756 reviews

Google logo

Rating: 4.9/5 | 5,631 reviews

Proudly
Canadian

Everything your site needs to succeed.

Website
Design

Bring your project to life!

Need a stunning new website? Save time and let our experts do the heavy lifting.

Learn more

Care
Plans

Keep your site in top shape!

Enjoy a stress-free website with smooth updates, robust security, and peak performance.

Learn more

SEO
Optimization

Increase your visibility!

Drive more traffic on your site through improved search rankings, optimized keywords, and more.

Learn more

We’re here to help.

With personalized support, expert advice, and tailored solutions, we’re here to make sure your online presence packs a punch. WHC is here to handle all the details while you focus on your business.

Get your quote
Pro Services Web Design

Explore all we have to offer.

From building your website to ranking higher in search results,
explore our services and launch your journey to success.

Website Rebuild

Revitalize your existing site with a fresh, trendy design.

New Website

Build an incredible new website from scratch.

eCommerce

Everything you need to offer users a seamless shopping experience.

Custom
Design

Designs that pop, tailored to your unique brand identity and vision.

WordPress
Care Plans

Proactive maintenance to keep your website running smoothly and securely.

Training
Sessions

Essential tools, best practices, and tips to help you get the most out of your online presence.

Engaging
Content

Compelling, relevant content that keeps users coming back for more.

Search Engine
Optimization

Targeted strategies to enhance your online visibility, making your website easy to find and impossible to ignore.

Performance
Optimization

Maximize your website’s speed and efficiency to keep it running smoothly for your visitors.

3rd Party
Integration

Seamlessly connect all your essential tools and platforms for a streamlined operation.

Let’s make things easier for you.

Tell us what you need and we'll be happy to help.

Let's talk

Professional Web Services FAQ

Professional services encompass specialized expertise and support for areas like web design, SEO, and care/maintenance. They ensure your business operates efficiently online, allowing you to focus on growth.
A consultation can help assess your business goals and identify gaps in your current online presence. Services are then tailored to meet your specific needs.
It depends on the service! Some, like web design, are project-based, while others, such as maintenance and SEO, are ongoing to ensure optimal performance.
We do! This service is designed to enhance your site’s speed, performance, and overall user experience. It’s a quick, effective way to give your site a boost without committing to ongoing maintenance.
Yes, services are tailored to align with your industry’s unique needs and standards, ensuring relevance and effectiveness.
Timelines vary depending on the scope of the service. You'll receive a detailed timeline during the initial consultation.

Chat with an expert.

Feel free to reach out to us for any questions you might have!