Everything fails

On November 24, 2015, in Inside DiscountASP.NET, by mjp

Michael PhillipsYou may have noticed that there were a couple of outages last week, related to moving all of the hardware in our network to a new, larger space in the Los Angeles data center (and if you didn’t notice, forget I said anything).

A large-scale move like that is a major, unusual occurrence, and probably (hopefully!) a one-time thing. For a major move like that, you may have expected some brief periods of downtime related to it.

But we’ve been successfully preventing and avoiding other types of global outages for some time now (not to jinx anything), though individual server outages are still something that happens from time to time. In fact they’re scheduled to happen every month when we do Windows updates.

I know that a lot of you notice when there is an outage, because I talk to you about it here, on Twitter, Google+, Facebook, in the helpdesk, standing in line at the movie theater, at stop lights on my way in to the office…

I hear what you’re saying, no one likes an outage, and we take them very seriously around here. I know that many of you rely on us to provide service to your clients, and when there’s a problem, they rattle your cage, not ours.

But our goal here is to be honest in all of our communication with you, and honestly, things are going to fail. We’re going to have occasional problems. Some small, some large. And as a result, your web site will not be up 100% of the time.

Yes, I said it.

And while it may be a little strange to see someone from an established website hosting company saying it, it really shouldn’t be too surprising. It’s the reality of the situation. Hardware fails, networks fail and humans fail.


For what it’s worth, I think we do provide nearly perfect service

Nearly. But it can’t work 100% of the time because there are a million variables at work here every minute of every day, and we can only control about 999,000 of them.

I’m speaking for us, here at DiscountASP.NET, but what I’m talking about applies to every service that you use. All of them. On the Internet (it’s difficult to think of a single online service or utility that hasn’t had an outage in the past six months), in your home, in your car, on the train – pretty much everything you rely on to always be there – it’s all going to fail at some point.

Considering the complexity of the network that is the Internet, and the interconnectedness of thousands of different kinds of hardware and software, it’s really kind of a minor miracle that it works as well as it does. But no one – ourselves included – likes an interruption, even in their miracles.

Whenever there is an incident that affects a lot of you (or all of you – like a major DDoS), we spend a lot of time after the fact analyzing what went wrong and determining how we can prevent or better react to something similar in the future. That’s time well spent, because every improvement we make, large or small, has a positive impact on the quality of the nearly perfect service we provide to you.

We also spend a considerable amount of time and money preventing and mitigating problems before you even know they’re happening. Network monitoring, intrusion and exploit detection, hardware and software retirement and migration – it’s an ongoing process, and we constantly tweak and improve all of our processes. And by “constantly,” I mean every single day.

But the major improvement we’ve made isn’t actually on the DiscountASP.NET platform

It’s the introduction of a completely new platform at Everleap.

That’s our cloud hosting system built on Windows Azure Pack. It’s all of the good parts of the big cloud combined with the good parts of traditional hosting. Meaning the resilience, redundancy and flexibility of the big cloud, but with the inclusion of a lot of traditional hosting services that you’ve come to expect, but cost extra at the large cloud hosts: email, databases, SQL Reporting Service, usage stats, SSL, DNS, expert, in-house tech support, etc.

What makes Everleap different is that it is much more fault-tolerant than a traditional server set up like we have here at DiscountASP.NET. If an Everleap server goes down, all of the traffic for those sites is routed to a healthy server within seconds. That technology also allows us to do Windows server updates with no web server downtime. Something that’s impossible on a traditional Windows server.

That alone is pretty cool, but you can also run your site simultaneously on multiple servers that are automatically load balanced, increase resources like memory and CPU much more easily, and even get Reserved Cloud Servers and Managed SQL servers – all the resources of a web or SQL server dedicated to a single user. Reserved Cloud and Managed SQL are like having your own server – no unruly neighbors to drag you down – but without any of the maintenance headaches that come with a VPS or dedicated server.

If all of that sounds like a sales pitch, it is! A little bit. We really believe that Everleap is the future of web hosting, and we want everyone to benefit from the advances. Now I know that some of you are probably wondering, “If you believe in it so much, why didn’t you just replace the DiscountASP.NET platform with the Everleap technology?”

And the answer is, we seriously considered it. But it would have been unnecessarily disruptive for a lot of folks, and we feel that there’s still a place for a traditional hosting platform. So ultimately we decided to offer Everleap on its own so that everyone who enjoys DiscountASP.NET just the way it is, thank you, can remain right where they are. Choice is always good.

But if you’re outgrowing the traditional hosting platform, or you just want the speed, flexibility and greatly improved uptime of the new platform, you may want to give Everleap a try. It’s free for 30 days, so you’ve got nothing to lose. If you like it, we’ll even help you move and apply any credit remaining on your DiscountASP.NET account to your new Everleap account.

The future is now! Come on over and see it for yourself.


Martin OrtegaIn this tutorial we will be reinstalling WordPress after it’s been compromised or “hacked.” The tutorial assumes three things: 1) The MySQL database your WordPress site was using wasn’t compromised, 2) The WordPress files were the only thing modified, and, 3) You have no other web applications installed in your site’s root directory.

These instructions are specifically for WordPress installations running on IIS, but you can use the same basic steps to reinstall WordPress on any platform.


Quick overview of the steps we’re about to take

  • Creating a two different directories locally on your computer.
    • One containing your hacked WordPress site.
    • The other containing your clean WordPress site.
  • Before changing anything we will be making a backup of your current WordPress site by downloading it via FTP. Yes, the current compromised WordPress site.
  • Downloading a clean copy of WordPress
  • Re-downloading your themes folder
  • Re-downloading your plugins folder
  • Copying your web.config and wp-config.php files from the old WordPress site to the root directory of your clean WordPress site
  • Restoring your images/upload files


Step 1 – Create two different directories on your computer

Create two different empty directories on your local computer.


Step 2 – Create a backup of your hacked WordPress Site

First you will need to establish an FTP connection to your site. Instructions on how to connect to your site via FTP can be found in this knowledge base article.

Once the FTP connection has been made, navigate to your local directory within FileZilla where you wish to place your backup.


Highlight all of the files and directories within your WordPress site and right click on Download to copy them to your local environment.

Important: We’re putting the files here for safe keeping, don’t open any of the files unless specified in this article.


Step 3 – Download a clean copy of WordPress

Go to WordPress Downloads and download the zip file.


Next you want to extract the clean files to the clean folder directory on your local computer.



Step 4 – Re-Download your theme files

Everyone uses a different theme for their WordPress site, so everyone’s case is going to be unique. If you remember where you downloaded your theme then go ahead and download it from the source and and skip to section Step 4 B.


Step 4a.

If you are unsure which theme you were using, navigate your \wp-content\themes directory in the hacked backup WordPress files.

WARNING: Don’t use the theme from the hacked WordPress site, it’s important to download a new copy from the source.

Within the \wp-content\themes\ directory you will see different directories. You will most likely see some of the default themes that come with WordPress:

  • Twentyfifteen
  • Twentyfourteen
  • Twentythirteen

But the other themes that are located in the \wp-content\themes\ directory will be the themes you downloaded for your WordPress site before it was compromised.

In my case I forgot the name of the theme I was using. From the list I see in the \wp-content\themes\ directory I can see that I was using the “rendition” theme.

CleanHackedWordPress_5My next step was to Google “rendition wordpress theme,” and I was able to locate the source of the theme.


Step 4b

Download and extract the clean theme files into the clean WordPress directory locally on your computer.

Once you have downloaded the zip copy of your theme locally on your computer, extract it to a location where you can simply copy and paste the clean theme into the \wp-content\themes\ directory within the clean copy of your WordPress file structure.


Step 5 Re-download your plugins

The plugins folder will be in the \wp-content\plugins directory.

If you don’t recall which plugins you had installed, you can always go into the hacked WordPress file structure to see which plugins were installed.


Make a list of the plugins you need to download and download them manually from the WordPress plugins site.

Extract the clean plugins you just downloaded into an empty file on your computer.

Copy and paste them into the clean copy of the WordPress site’s \wp-content\plugins directory.


Step 6 Copy web.config & wp-config.php file

We have to copy and paste the old web.config and wp-config.php file into the clean copy of the WordPress site’s root directory.

The web.config file contains the URL Rewrite rules for your WordPress permalinks links to work correctly on the IIS server.

The wp-config.php file contains the settings needed to reestablish a MySQL database connection to the original MySQL database.

Go to the hacked WordPress site root directory where your wp-config.php file is located and open it in a text editor like Notepad. You want to check for malicious code that you don’t recognize. Basically, you just want to make sure your old wp-config.php file is clean. You can compare it against the sample wp-config.php file. If you’re not sure what it’s supposed to look like. You can always check the clean version by checking the Github sample page of the wp-config file.


Once you have confirmed it’s clean, you’re going to want to change the password for your MySQL database.

Log into Control Panel and change the password for your MySQL database within the MySQL Manage section:

Click Manage next to the MySQL database.

Click Update Password.

Next you’re going to need to update the following line in your wp-config file with the new password.

Look for:

define(DB_PASSWORD, ‘OLD_password_here);

Replace it with:

define(DB_PASSWORD, New_Password_Here);

Save the wp-config.php file and place it into the root directory of your clean copy of WordPress.

Next you want to simply copy and paste your old web.config file from the compromised WordPress site to the root of the clean WordPress site. web.config is not a file targeted in the typical WordPress compromise, so it’s usually safe to use the old version. You may want to take a look at it in any case, just to make sure it hasn’t been altered.



Step 7 – Delete your old WordPress files and upload the clean WordPress site

Connect to your site via FTP and delete everything from the root of the site.


You want to make sure you have an empty root since you will be uploading a clean copy of your WordPress site.

Once your root directory is clean go ahead and upload the clean copy of the WordPress site located on your local computer to the root of the site.

Your site should work now. Visit the site to verify that you did everything correctly.


Step 8 – Restore your old image and upload files

The last step is restoring your image files from your old installation of WordPress to your clean WordPress site.


First, browse your site to make sure you don’t have any missing images. If you do find that some images aren’t displaying correctly, you can use Google Chrome’s Developer tools to troubleshoot. By using the network tab you can see which images are missing and which directory they need to be uploaded to.


Once you find the image that is missing in the copy of your hacked WordPress backup, you can upload each image one by one.


In the image above we can see where our missing image file will need to go into our file directory structure. Simply locate the missing file from your compromised site backup and upload it via FTP to your clean site.


An important next step is to make sure you update any outdated plugins and themes from within your WordPress admin section. You should also update the password for your WordPress admin user.


November Updates

On October 28, 2015, in Announcements, by Ray

Ray HuangHere’s a list of our Web Application Gallery updates for November:

  • DotNetNuke 7.4.1 Platform
  • Joomla 3.4.5
  • Kentico 8.2
  • mediaWiki 1.25.2
  • Moodle 2.9.2
  • nopCommerce 3.60
  • phpBB 3.1.6
  • phpMyAdmin
  • SilverStripe CMS 3.1.15
  • Umbraco 7.2.8
  • VevoCart 6.4.0
  • WordPress 4.3.1

Managed TFS 2015 Now Available

On October 14, 2015, in Announcements, Team Foundation Server, by Takeshi Eto

Takeshi EtoA few weeks ago we launched Shared TFS 2015 Hosting and today we are announcing the launch of Managed TFS 2015 Hosting in both our U.S-based and U.K-based data centers.

With Managed TFS you get your own instance of Team Foundation Server on a private VM that is not shared with any other customer. Since you’re on your own private VM, we can offer server-side customization that is not possible with our Shared TFS hosting service. And on top of that, the solution is fully managed. You can concentrate on your software development and we’ll take care of all the TFS infrastructure, security updates and patching.

As with our previous Managed TFS 2013/2012/2010 service, with Managed TFS 2015 we offer both the TFS Basic and TFS Full configurations. TFS Basic includes source control and task management just like our Shared TFS – but the TFS Full option will add SharePoint and Reporting.

If you’re interested in a Managed TFS Hosting solution, please contact us for a quote.

If you’re not completely sure if Managed TFS is for you, you can first try out our Shared TFS hosting for 30 days free for up to 5 users. You can test it out before you commit to a Managed TFS solution.


Takeshi EtoShared Team Foundation Server (TFS) 2015 hosting is now available in both our U.S. and European data centers.

Visual Studio Team Foundation Server 2015 is Microsoft’s latest update to their application lifecycle management solution.

TFS 2015 brings a wide range of improvements. Some of the new enhancements in TFS 2015 include the ability to rename team projects, quick code editing through the web portal, ability to display bugs in the task board, backlog and Kanban board management improvements, customizable cards, better identity control and Git integration improvements.

We offer a 30 day FREE trial of our shared TFS 2015 hosting solution for up to 5 users, so you can take it for a spin today.


Ray HuangFor those tech gurus who just love to work with the latest Microsoft programming technologies, here’s a simple tutorial on how you can publish an ASP.NET 5 (vNext) application to DiscountASP.NET.

Please note that ASP.NET 5 (vNext) is still in Beta, so the instructions given today may or may not be valid in the future. The Release Candidate will not be available until November with the final release being slated for some time in the first quarter of 2016. More information can be found at Microsoft’s Roadmap. You’ll also want to go to the Official Website to read up on the new features as the file structure is very different from traditional web forms and MVC programming.

Another key feature is that vNext has been designed for maximum portability, allowing you to deploy your code to a Mac or Linux operating system. This guide is meant for developers who want to try it out now and only covers the publishing aspect, using the sample ASP.NET 5 Preview Template as an example.

Publishing the application locally and then uploading it using FTP:

In order to create a vNext application, you’ll need to obtain a copy of Visual Studio 2015 Professional or higher. Install it and then launch the program.

1) Select File -> New -> Project…


2) Under Visual C#, select Web and to the right, select ASP.NET Web Application. I’ll give this project a name vNextDemo.


3) Now in the New ASP.NET Project window, select Web Application for the ASP.NET 5 Preview Template. You can also uncheck Host in the cloud under Microsoft Azure. Click the OK button to continue.


4) Notice the new file structure in the Solution Explorer window. All the configuration files are now stored as JSON (JavaScript Object Notation) format. I won’t go into details regarding any programming aspects as this is not the purpose of this guide but wanted to point out a few things that you should be aware of. References are now added to your project using NuGet, and an ASP.NET vNext application publishes two folders, an approot folder containing all your assemblies, runtime libraries, and source code and a wwwroot folder which contains the static content of your website (e.g. html, images, css, etc.). This is important to know as it must be maintained in order for your application to work properly.


5) Since the sample application is already complete, let’s start the publishing process. Select Build -> Publish from the menu bar.


6) Click on File System.


7) Give the profile a name.


8) Find a path on your local machine to target the publishing. I created a vNextDemo folder under the Downloads folder. Click the Next> button.


9) On the Settings page, choose Release for Configuration. For the Target DNX Version, you should be able to choose any, but it should match the framework your application is written in. For more information about DNX and what it is, the official documentation can be found here.  If you plan to use the 64-bit versions, you will need to open up a support ticket to request that support for 32-bit applications to be disabled in order for it to work properly.  You can uncheck Publish using Powershell script. Click on Next>.


10) Click the Publish button to start.


11) After your project has been published, you should see the two folders approot and wwwroot.


12) Open up the web.config file in the wwwroot folder and add the following XML markup in the <configuration> section to enable Full trust:

    <trust level="Full" />

Upload these two folders to your hosting account. You can ignore the other files. Now, mark the wwwroot folder as a Web Application using the tool in the DiscountASP.NET Control Panel.


13) That’s it. Your application now works but only from a sub-directory (i.e. http://www.mysite.com/wwwroot).


Publishing the application to the root of the site:

If you want it to work in the root, you just need to make a few modifications after publishing. First, modify the project.json file in /approot/src/projectname directory by changing the first line from “webroot”: “../../../wwwroot” to “webroot”: “../../../htdocs”.  Upload the contents of the wwwroot folder directly to the root of the hosting account along with the approot folder. Open a support ticket and request that we move the approot folder one level up (i.e. on the same level as the htdocs folder). And voila, your application is now working from the root.


Publishing Directly Using FTP within Visual Studio:

You can also publish directly using FTP within Visual Studio by creating and using a publishing profile. Open up Notepad, copy and paste the following markup (contents) into Notepad:

<?xml version="1.0" encoding="utf-8"?>
  <publishProfile profileName="FTP" publishMethod="FTP" publishUrl="ftp://ftpaddress" userName="username" userPWD="password" destinationAppUrl="http://wwwaddress" />

replacing ftpaddress, username, password, and wwwaddress with the appropriate values. Save the file and name it ftp.publishhsettings without the .txt extension. Now at Step 6 above, instead of choosing File System, select Import instead and use the ftp.publishsettings file. The rest of the instructions that follow should apply when configuring the application.

Please note that Web Deploy publishing is not supported at this time and to run an ASP.NET 5 (vNext) application requires it to be deployed to an IIS 7.5 or higher server.


Takeshi Etocloud backup solutionI’m excited to announce that our Cloud Backup service will now automatically back up your SQL databases off-site to the Amazon cloud. So Cloud Backup has you covered for your website, SQL and MySQL databases.  You are in full control of when backups are made and how many versions to keep.

Automated SQL backups is a feature that many customers have been asking for over the years and we are happy to be able to deliver this solution to you.

And that’s not all….

While we were working on enhancements, we added Blacklist Monitoring as well. With this feature, we will monitor Google to detect if they ever flag your site for being compromised. If we detect a Blacklist event, we’ll alert you and stop the backups of your site and databases so that you are not making backups of compromised files. This should help you recover your clean backups more easily.

The “peace of mind” Cloud Backup solution starts at $1.75/mo. You can order Cloud Backup in Control Panel.


July Updates

On July 23, 2015, in Announcements, by Ray

Ray HuangHere’s a list of our Web Application Gallery updates for July:

  • Acquia Drupal 7.37.43
  • BlogEngine.NET 3.1
  • DotNetNuke 7.4.0 Community Edition
  • Joomla 3.4.1
  • mediaWiki 1.24.2
  • mojoPortal
  • MonoX
  • nopCommerce 3.50
  • Orchard 1.9
  • phpBB 3.1.4
  • phpMyAdmin 4.4.7
  • SilverStripe CMS 3.1.12
  • Umbraco CMS 7.2.5
  • VevoCart 6.2.0 *NEW*
  • WordPress 4.2.2
iBlog by PageLines