Archives

New SSL Certificates now have a Maximum 1-Year Duration

Security
Effective August 1, in order to increase the security and reliability of certificates, new or renewed SSL certificates now have a maximum duration of 1 year. If you have an upcoming SSL renewal for 2+ years, we’ve automatically changed its billing cycle to 1 year for you. Let’s take a closer look at why these changes have happened and how they might impact you.

First, what’s an SSL or TLS certificate?

SSL (Secure Socket Layer) certificates make your website more secure by encrypting data sent between your website and its visitors. They also help increase trust (and sales!) by displaying a small security lock in your browser’s address bar. Websites that don’t use SSL certificates will often display a small insecure warning in the browser’s address bar, which is likely to impact your visitors’ trust in your website. TLS (Transport Layer Security) represents a newer encryption standard that has replaced SSL for some time now; however, the term SSL is still widely used in the industry today, and the two terms are often used interchangeably. Public SSL/TLS certificates are used on public websites, and need to be signed by a trusted third party (such as Comodo, Sectigo or Digicert) which is recognized by modern web browsers such as Chrome, Firefox or Safari. This process ensures that the website being displayed is actually the one that’s meant to appear, rather than one being shown by an impostor. Since 2019, WHC offers cPanel’s free AutoSSL service for most of its web hosting and Cloud services, allowing all its users to automatically benefit from basic SSL security across all their websites. Of course, for increased trust, warranty, installation and configuration assistance, premium SSL certificates continue to be your best bet; the change being discussed in this article only impacts premium SSL certificates.

Why are Premium SSL certificates being limited to 1 year?

Earlier this summer, Apple and Google announced that TLS/SSL Certificates trusted by their browsers (notably Google Chrome and Safari) will be limited to a lifespan of 13 months. As such, 398 days will be the new maximum lifespan of publicly trusted TLS certificates, approximately halving the previous limit of 825 days. The new rules will apply to all public certificates issued on or after September 1st 2020, meaning those issued beforehand may still have a lifespan of up to two years. Limiting the lifespan of SSL certificates to one year is more secure and encourages better practices from the Certificate Authority down to the end user. It also gives supercomputers less time to crack the encryption algorithm used to secure your content.

What do I need to do and what does this mean for me?

We’ve already made all the changes on our end so that no additional action is required on your part. If you have a two year premium SSL certificate which was issued before August 30th 2020, your multi-year certificate will continue to work as expected. If you are looking to buy or renew a certificate after August 30th, you’ll be limited to a maximum certificate duration of 1 year. If you previously had a 2 or 3-year SSL service subscription with WHC, it will automatically be switched to 1 year come renewal time. If you are using our free AutoSSL service, you will not be impacted. These certificates are already renewed automatically for you every 90 days, so long as your services are active. Ultimately these changes will mean that your websites and its visitors will be safer and less likely to experience security issues, and that the Internet will continue to be a safer space for all of us to enjoy! Should you have any questions about your website’s security, please feel free to reach out to our friendly customer service team. We’re here to help!

DevOps Director

Uncategorized
Apply now
Back to Job List
Web Hosting Canada (WHC) is a privately owned, Canadian technology and IT infrastructure company based in Montreal, Quebec. We’re a team of passionate web professionals providing Canadian businesses with the means to succeed online.

Since 2003, WHC has set the highest standard for service reliability and security and is now trusted by tens of thousands of clients throughout Canada and abroad. It is among the fastest-growing web service providers in Canada.

Web Hosting Canada is accredited by the Canadian Internet Registry Authority (CIRA), is an official cPanel, Cloudlinux, and SpamExperts partner and has consistently been ranked the #1 Canadian domain name provider by the .CA registry.

Every day, Web Hosting Canada helps thousands of Canadian individuals, small businesses and organisations grow and succeed online with its powerful yet affordable web solutions. We’d love to count you among them.

How you fit in

Reporting directly to the CEO, the Director of DevOps will be responsible for managing WHC’s Development and System Administrator teams. The incumbent will be expected to understand the technical landscape and spearhead products and projects by delegating responsibilities to the appropriate team member.

You Will Make an Impact By

  • Managing and supporting the DevOps teams, including:
    • Dev
    • Systems (including IT)
    • L3 Support
  • Ensuring the proper functioning of WHC’s infrastructure and monitoring systems
  • Participating in the elaboration and implementation of new technical projects and improvements
  • Developing and sustaining a DevOps vision and strategy
  • Managing the DevOps service budget
  • Participating in the hiring, onboarding and technical training initiatives
  • Providing oversight to the team leads
  • Managing compliance
  • Spearheading IT initiatives
  • Ensuring system security and best practices
  • Helping evolve WHC’s technology stack

Who you are

  • You have a strong technical background in Cloud infrastructure, a keen interest in open-source projects, and are well-versed in security, virtualization and automation.
  • You understand what it takes to scale a web system from 100 users per day to 1,000,000.
  • You also have proven leadership and management skills.
  • You are an excellent communicator, highly dependable, and are able to effectively manage multiple teams, budgets and priorities with an agile approach.
  • You have a sharp business sense and understand the web hosting and Cloud business not only as it stands today, but also where it’s likely headed in the next few years, including potential risks and pitfalls.

Qualifications

  • 5+ years of leadership or management experience
  • 10+ years of technical infrastructure/Cloud experience
  • Degree in engineering, management, or related
  • Excellent communicator (EN/FR) is required
  • In-depth knowledge of the following systems or concepts:
    • DNS
    • SSL
    • PHP
    • cPanel
    • CentOS/CloudLinux
    • Virtualization: OpenVZ, KVM, OpenStack
    • Firewalls & Edge security
    • Performance
    • WordPress
    • Rundeck
    • Icinga
    • Agile methodology: Jira
  • Experience with cPanel/WHM control panel (Plesk an asset)
  • Excellent understanding of email protocols (POP/IMAP/SMTP)
  • Experience with virtualization technologies such as OpenVZ, KVM, Xen, VMWare, or OpenStack
  • Experience with Bash or similar command-line scripting languages
  • Experience with Ansible or similar automation toolsGood understanding of web concepts such as DNS and IPv4/6
  • Experience managing and optimizing database systems such as MySQL and MariaDB
  • Working knowledge of common website scripting languages such as PHP, Perl, and Python

What we offer

  • A modern Work From Anywhere approach to working remotely AND a wonderful office in Montreal, should you choose to work from there!
  • Group Insurance (if you’re in Canada)
  • Free Friday company-wide lunches
  • Highly collaborative work environment with a proactive leadership team
Apply now
Back to Job List

Job

Uncategorized
english job pagehello world

Beginner’s Guide to DNS and Nameservers

Performance
If you’ve ever worked with a domain name, web hosting account, or website, chances are that you’ve had to work with DNS and nameservers. Simply put, DNS and nameservers are systems that connect your domain name to your website and email. In this article, we’ll take a closer look at both these concepts and help you better understand them so as to avoid common pitfalls and mistakes.
If you’re trying to change your WHC website’s nameservers, consult our article on how to change my domain’s nameservers. If you’re looking to learn more about how DNS works, read on!
dns

What is DNS?

DNS stands for Domain Name System. It’s the system that translates an easy to remember domain name like example.com to a machine-readable IP (Internet Protocol) address like 93.184.216.34.
Mapping IP to domain
Any device that connects to the Internet, including the servers that run your web hosting, have unique IP addresses (your current Internet connection has one too!). By “mapping” a domain name to a specific IP address with the help of DNS and nameservers, you’re helping visitors access your online content, which includes your website and email. Sounds simple, right? Well, it can get tricky, fast! DNS is actually one of the most misunderstood parts of how websites and domains work, and can lead to problems or errors with your website and email if used incorrectly.
domain-name

What is a Domain Name, anyhow?

Domain names like google.com and whc.ca are online addresses, used to access websites for business, news sources and whatever other treasures (or oddities!) the Internet holds. Technically, a domain name is a string of characters that can be translated into an electronic address (called an Internet Protocol, or IP, address) by computer systems connected to the Internet, thanks to -- you guessed it -- DNS. Available domain names can be registered for a modest yearly fee through a domain name registration provider (called a registrar) such as Web Hosting Canada, and can be renewed indefinitely. The registrar will ensure your domain is correctly registered with the organization (called the registry) that manages the Top Level Domain (or TLD) you chose to use. Examples of popular TLDs include .CA (managed by CIRA), .COM (managed by Verisign) and .QUEBEC (managed by Registre Point Québec).
Registrant, Registrar and Registry schema
Since each registry sets and manages its own pricing, the cost of the domain registration can vary depending on the TLD you choose and generally ranges between $10-$30 per year, with some niche TLDs costing substantially more. .LUXURY domains, for example, cost a whopping 699$ for the first year of registration!
Need help finding your perfect domain name? Check out our Canadian Guide to Finding your Perfect Domain Name.
Nameservers

What are Nameservers?

Nameservers are the address books of the Internet and a critical part of what makes DNS work. Just like your personal address book may contain the address and phone number of your friends Mike, Sue, and James, nameservers will contain website and email routing information for domain names like mikespizza.ca, sueshop.com, and jamesco.net Unlike the address book you may have at home, nameservers are fully electronic and are generally managed by service providers such as WHC, Google, or Amazon. Each nameserver can contain information for multiple domains (sometimes even millions of them). In order to function properly, each domain name must define its authoritative nameservers (these are the nameservers that are actively being used according to the registry). These nameservers will answer the question: who should I ask to find out where my website or email is hosted? With Web Hosting Canada, your domain’s nameservers are set when you first register your domain name, and you can change your nameservers at any time from your Client Area.
Your domain should use a minimum of 2 nameservers to avoid potential problems, and may support upwards of 8 nameservers. The number of nameservers you use is generally unimportant, so long as you have at least 2.
For example, new domain names registered with WHC will usually set the following authoritative nameservers by default: ns1.whc.ca ns2.whc.ca ns3.whc.ca The set of information each nameserver holds for a specific domain name is called a DNS zone, and a zone may contain multiple resource records, including one to identify where your website is hosted and another for where your email is hosted.
DNS Zone

What are DNS Zones and Resource Records?

A DNS zone is a set of DNS information about a specific domain name. Going back to our address book example, you can think of a zone as all the information you have recorded for your friend Mike. For example, you’ll have his home address, his mobile phone, and his email address. Each distinct piece of information, such as his mobile phone, can be considered a resource record. Online, DNS zones and resource records help answer questions such as:
  • Where is this domain’s website hosted?
  • Which email server (or provider) handles this domain’s incoming emails?
DNS Zone and DNS Record
There are a number of different types of DNS resource records, but we’re going to focus on two of the most commonly used records:
  • A Record: this is the main and most important resource record in your domain’s DNS zone. The “A” stands for address and this record will contain the IP address of the device hosting your main website. Example of an A Record: example.com 194.142.23.128
  • MX records are mail exchange records and will contain a hostname. They define which mail servers handle incoming emails to your domain. If you want to be able to receive email from an address using your domain name, you’ll need to have properly configured MX records. Example of an MX Record: example.com mx.yourdomain.ca
There are dozens of other DNS resource record types available, including CNAME and TXT records, which are sometimes used with hosting accounts to establish domain ownership, or to enhance email security, but we’ll save those geeky technical details for a later article.

How can I change my domain’s DNS Resource Records?

You may occasionally need to change your domain’s DNS resource records. Common reasons for changing DNS records include pointing your website to a specialized service provider (like a website builder or third party e-commerce platform) or switching your email service provider (to Microsoft 365 or G Suite, for example). How you can execute this change will depend on how your domain and DNS are set up. In most cases, you’ll connect to your domain name or hosting provider’s client portal, look for a zone or DNS editor, and then fill out the new resource record information as instructed by your new service provider. If your domain is registered with Web Hosting Canada, consult How to change DNS Records with the Zone Editor for step-by-step instructions.
Careful! Incorrectly manipulating your domain’s DNS records could cause your website and email to stop working.
DNS propagation

What is DNS Propagation?

DNS propagation is the process through which changes to DNS records or nameservers take effect on all networks around the world. It usually involves a delay that can vary from a few seconds to a few hours, depending on where you are in the world and how your Internet-enabled device is configured. In short, when changing a DNS record, don’t expect instant results all over the world. The process often takes several hours to propagate everywhere and in some cases can take over 24 hours, because of how some DNS services memorize (or cache) DNS records.
DNS propagation schema
The propagation process can be accelerated by reducing a setting on your DNS records called the Time to Live (or TTL), at least a day in advance of making your changes. This setting provides a suggestion for how long other secondary DNS services should save old entries, so reducing it increases your chances of applying the changes faster. Unfortunately, not all DNS services interpret TTL values the same way, so specific results can’t be guaranteed. TTL is defined in seconds, so common values are 3600 (1 hour), 86400 (1 day), or 60 (1 minute). Setting this value to 60 at least one day before your DNS change can help reduce DNS propagation delays. Setting it back to 3600 or 86400 once your change has finished propagating is also recommended, in order to reduce the number of requests handled by your authoritative DNS service.
Steps

DNS Resolution Steps

Now that you understand the basic components of DNS, let’s see how a DNS request gets handled from the moment you type in a website address in your browser’s address bar to the moment its content is displayed on your screen. We'll work with "example.ca" as the domain name:
  1. Is the website "example.ca" available in your browser’s cache (memory)? If so, instantly display it; otherwise proceed to next step
  2. Is the website’s DNS information available in your computer or router’s cache (memory)? If so, use it to obtain the website’s IP and proceed to the last step
  3. The DNS resolution process begins:
    DNS resolution steps
    1. Query your primary DNS resolver (its location is defined on your device’s operating system) for the the domain’s IP address (found within its DNS A Record). The DNS resolver service is often provided by your Internet Service Provider (Bell, Telus, Vidéotron, etc)
    2. Is the domain’s IP already cached (memorized) inside your primary DNS resolver? If so, return the website’s IP and proceed to the last step.
    3. Query the Internet’s root servers to obtain the TLD name server responsible for .CA TLD
    4. Query one of .CA TLD’s nameservers to obtain this specific domain’s nameserver
    5. Query one of the domain’s nameservers to obtain the specific domain’s IP address
    6. We finally have the IP address of the website we’re trying to reach! The DNS part of this process has completed successfully. The DNS information may now be cached (memorized) in multiple locations, including your browser, operating system, router, ISP’s resolvers, and other recursive nameservers, for a duration equal to or shorter than the record’s TTL.
  4. Connect to the IP address of the web server, and obtain the website content, then display it on the screen. The website content may also now be cached (memorized) by your browser for faster load times in the future.
Problem solving

Common DNS Problems & Solutions

Here are some common DNS-related issues:

Changes to my DNS still haven’t taken effect over 24 hours later

This may occur for several reasons:
  1. You made the change on a nameserver that isn’t authoritative
    This means you’ve made these changes in the wrong place. You’ll need to find out what your authoritative nameservers are, usually by inspecting the results of a whois or dig query, then make your DNS changes in the correct place.
  2. You made an error in your DNS record
    Double-check the exact value/syntax you used in your DNS record, using tools like intoDNS or DNS validator. A small error such as an extra period or space can cause problems. You may also have indicated the wrong IP address in your A Record.
  3. You’re seeing a stale (cached) version of your page
    Try clearing your browser’s cache and flushing your operating system’s DNS cache.

My domain is no longer working or responding to DNS requests

This could mean that:
  • You have set the wrong nameservers for your domain name
    Double-check which nameservers you should be using with your domain name and hosting provider, and update your nameservers to the ones recommended by your provider. Contact their support team if you are unsure.
  • Your domain name is expired or disabled
    Inspect its whois output and consider renewing your domain ASAP. If it’s suspended, contact your domain name provider to find out why. Oftentimes, a domain name can get temporarily disabled if changes were made to its administrative email contacts that were not validated within 2 weeks.
  • Your DNS service might be offline, unreachable, or otherwise malfunctioning
    Verify the status of your DNS service using tools such as intoDNS or DNS validator, and contact your DNS service provider for assistance if you see errors.
Picto WHC

Discover Web Hosting Canada’s DNS

Web Hosting Canada provides reliable, secure, and high-performing DNS service along with 24/7 expert support with all its hosting services. Basic DNS provides redundant DNS service from multiple Canadian locations, and includes a DNS zone editor to help you easily change your DNS settings, as often as necessary, with low TTL support. It’s included with all of WHC’s hosting and domain name services. Premium DNS improves the basic offering by distributing the DNS service to multiple locations around the world through Anycast technology, effectively improving its performance and routing, in addition to other security enhancements. It’s included with the Pro and Enterprise hosting plans, and can be ordered as a standalone service.
Tools

Useful Tools & Final Thoughts

To help better troubleshoot and explore DNS issues, we’ve compiled some of our favorite DNS tools below: Hopefully this article has taught you, or clarified, a few things about DNS. As a rule of thumb, avoid making DNS changes that you are unsure of, and consider checking with your website/email administrator or hosting provider before any major changes. DNS remains a relatively complex (and oftentimes confusing) topic that can take considerable time to master. The Internet is full of excellent resources describing the inner workings of DNS in various levels of detail. That being said, unless you’re working in IT, we’ll understand if you decide you know enough about DNS as-is. After all, that’s why you trust experts with this stuff!

We’re moving to a new office!

WHC News & Events
As our team continues to grow, we’re moving to a bigger office by August 1! Here’s our new office address: 7250 Clark Street, #301 Montreal, Quebec H2R 2Y3 Located just minutes away from Jean Talon market, Jarry park and Little Italy, in a dynamic part of Montreal’s tech hub, this new space help empower our team (as well as the small business & tech communities) located in and around Montreal. If you’re used to paying by cheque, please make sure to send your correspondence to our new address starting July 27. Better yet, consider reducing your carbon footprint by going paper-free and switching to payments by credit card or Interac e-transfer. With the ongoing disruptions caused by COVID-19, our offices (both old and new) will continue to be closed for visits for the foreseeable future and most of our team continues to work remotely. In fact, we’ve recently adopted a remote work policy that enables our team to work from home, all across Canada, for as long as they need. Nonetheless, the new office is being designed with social distancing and sanitation in mind so as to allow staff and visitors to interact and work safely. With nearly 5000 square feet of available space, we’re not just creating an environment for our team to thrive, but also setting up a space for techies and entrepreneurs to gather and exchange ideas that help push Canadian small businesses forward. We expect the work in our new space to be fully completed by October 2020 and we’ll be sure to post updates, pictures, and videos as we have them!