DiscountASP.NET attains Swiss-US Privacy Shield Certification

Takeshi Etoprivacy shield frameworkLast year we achieved EU-US Privacy Shield Certification with the help of our privacy management solutions partner, Truste. When we updated our privacy policy we included some legacy language for the old Swiss-US Safe Harbor policy. However, earlier this year, a new Swiss-US Privacy Shield Framework was finalized, and on April 12th, the US Department of Commerce started accepting applications for companies adhering to the new Swiss-US Privacy Shield framework. We again worked with Truste to make sure that our privacy policies and practices meet the requirements of both Privacy Shield frameworks.

I’m  happy to announce that we have achieved Swiss-US Privacy Shield Certification.

I Do Not Think It Means What You Think It Means

John MeeksIf you run a “Define:” search on the word “Exact” in Google you get this:

Not approximated in any way; precise.

Pretty close to what you were thinking, no? Well according to the Google AdWords team YOU ARE WRONG SIR!

If you have ever been a user of Google AdWords you know there are 3 basic keyword types for your advertising; Broad, Phrase, and Exact.

Broad match is pretty simple, anything with that keyword or phrase has the ability to show your ads. The keywords in a phase could be out of order, with words in between them, doesn’t matter. Google puts it this way:

Ads may show on searches that include misspellings, synonyms, related searches, and other relevant variations.

Pretty simple and quick right?

Phrase match gets a little more complex. With phrase match ads will show for searches that match the phrase you provide. Words can come before or after the phrase, but as long as the phrase in in there, your ads can show. Again, Google puts it like this:

Ads may show on searches that match a phrase, or are close variations of that phrase, with additional words before or after. Ads won’t show, however, if a word is added to the middle of the phrase, or if words in the phrase are reordered in any way.

Little more complex, but again pretty simple.

Exact match use to be exact, at least as we all would define it. Before 2012, exact match meant just that: exact. It was very simple and easy. You entered a keyword and your ad only came up for that word. You were responsible for covering misspellings and plurals.

This ended up being the preferred match type of marketers. You had control over where your ad showed and depending on the detail of your keywords you gained insight into the rise and fall in the popularity of specific products or services (internally we were able to watch the rise and fall in popularity of ASP.NET versions, Silverlight, and AJAX).

Then in 2012 Google started their campaign of redefining. It started very innocently really. Google decided in 2012 that they would start to include plurals, misspellings, typos (aren’t those misspellings?), and other versions of a keyword in the exact match definition. For most marketers this was more a minor inconvenience.  Most had already covered these added variations in their keyword lists, if they wanted them covered at all.

After 5 years Google decided it was time to add to their new definition of “exact.”  In April Google announced that on top of the above additions in 2012, they would now include variations in word order and function words. How does Google say it?

Ads may show on searches that match the exact term or are close variations of that exact term. Close variations here may also include a reordering of words if it doesn’t change the meaning, and the addition or removal of function words (prepositions, conjunctions, articles, and other words that don’t impact the intent of a search).

So, in other words kinda sorta exact, when we think it makes sense. Something that really stands out in all this is the reordering of words. Word order can make a big difference, especially in the tech industry. A perfect example for our industry is “Windows Host” and “Host Windows”; One is looking for a Windows host, the other is looking to host Windows, possible on your own server. Google is basically asking advertisers to trust them and their ability to discern searcher’s intent.

Marketers have been pretty vocal about their displeasure over these latest changes, but be sure this is the future for Google. Google is shooting to make AdWords what is called “Set and Forget.” In a perfect world Google would have you enter your keywords into AdWords, add a few ads with a budget, and walk away. Google frames it as making it easier for you as the user, so you can focus on “what is important.” Some cynics might say it is just Google trying to spend more of your money for you.

In either case, it is the future of advertising at Google, so it is time to redefine how we define “exact.”

Microsoft Partnership Renewed With Silver Datacenter Competency

Takeshi EtoI’m proud to announce that we  have successfully renewed our Microsoft Partnership – this year with the Silver Datacenter Competency. Every year we spend time and resources on the Microsoft Partner renewal process, as it demonstrates our commitment to and expertise in Microsoft technologies.

For the past 11 years, we’ve been touting our Microsoft Gold Partner cred so you may be wondering what happened this year?

For 2017, Microsoft made some big changes to their Microsoft Partner Network. First, they retired the Hosting competency and directed all of us to shift to the Datacenter competency – which is what we did.

But another major change was placing more emphasis on revenue generation. With the new requirements, DiscountASP.NET is just not big enough to meet the SPLA licensing revenue requirements to achieve the Gold Partner status – even though we meet all the other requirements.

Attaining the Silver Partner level is nothing to sneeze at, and I’m proud of our team achieving this level of recognition. But we are going to continue to move forward and keep moving toward the Gold.

R.I.P. CodePlex

Takeshi EtoOn March 31, 2017 Brian Harry announced that CodePlex is shutting down. But we should have known this was coming, as over the past few years Microsoft had been running their open source projects on GitHub. In his blog post, Harry wrote that there has been significant decrease in activity at CodePlex, with commits to less than 350 projects over a month’s time.

As of now, no new CodePlex projects can be created, but you can still work on existing CodePlex projects. But only until October 2017, when Microsoft will make the CodePlex service read-only.

CodePlex will be shut down on December 15, 2017, but Microsoft plans back up all of the content and launch a read-only archive of the published projects. So you’ll still be able to search and download project files.

The tough part of this is going to be for those with projects that were SEO’d. Microsoft says they will do what they can with redirects of existing URLs, but I would not rely on that to maintain project traffic.

Microsoft is providing information and support for source code migration efforts. So if there is an important project on CodePlex, you may want to get started now migrating the project over to another source code repository, like GitHub.

R.I.P. HostingCon

Takeshi EtoAttending HostingCon 2017 last week was bittersweet.

On the morning of Monday, April 3 – the first day of the conference – a blog post officially announced that HostingCon 2017 would be the last one. I’ve attended every single HostingCon since its inception (with the exception of 2016) twelve of the thirteen shows. I guess that makes me a dinosaur, and somewhat of a fixture at the event.  In fact, back in 2014, I was one of the members of the 10 Year Club – someone who attended every one of the ten annual HostingCon conferences.
HostingCon 2017But it’s not a surprise that HostingCon would end one day, since attendance has been dropping in recent years and marquee vendors, like Microsoft, stopped exhibiting.

With the increasing pace of change in the hosting industry, consolidation in the hosting market, attendees having to choose between an increasing number of competing hosting conferences both in the USA and internationally, exhibitors and vendors having to choose between an increasing number of different trade shows, and vendors adopting the strategy of hosting their own conferences, all signs were pointing to HostingCon’s demise.

Still, I will always have a soft spot for HostingCon. In the early days it was quite exciting seeing all the scrappy hosting entrepreneurs and it was fun getting to know the folks at all of our competitors, as well as those servicing our ecosystem.

It was good while it lasted. Rest in peace HostingCon.

HTTPS: who needs it?

Michael PhillipsI’m sure by now you’ve seen or read about the changes that the big browsers (Chrome and Firefox) have made regarding insecure connections. Google even sent out email late last year that spelled it out pretty plainly: “Beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as ‘Not Secure’ unless the pages are served over HTTPS.”

Of course Google aren’t the only ones being aggressive about forcing the web to move toward encrypting all traffic. The Firefox browser warnings are even more in your face than those in Chrome:

Using HTTPS encrypts connections between your website and your visitor’s browsers to prevent a third-party from listening in on the communication. It also helps protect your site against injections of malicious code which can do all sorts of very bad things and cause a mountain of problems in extreme cases. Not to mention less malicious – but still unwelcome – collection or aggregation of your visitor’s behavior.

So the answer to “who needs HTTPS” is: you do. We all do. But there can be a significant gap between wanting to serve up everything via HTTPS and actually accomplishing it.

We’ve wanted to do it for some time now, but we’re just getting around to making it happen. It isn’t because we’re lazy or we don’t care about security, we just have a wide range of sites and applications that have to be converted, and making sure we do it right takes time and preparation. Two websites (DiscountASP.NET and Everleap), blogs, forums, knowledge bases, helpdesk systems, peaches, apples, pears – you get the idea.

A static website, like DiscountASP.NET is relatively easy to change. Relatively. Things that run on databases, like blogs and forums – and pretty much every modern website – are a bit more complicated. I came up with a checklist for switching over the blogs and forums after a lot of testing on different dev installations, but when the time came to switch the live sites, there were still things that needed to be fixed.

Because if you didn’t already know, real life scoffs at our checklists and planning! It’s still better to go in with a plan than without one, trust me on that. But at the moment you believe that you’ve got it down, that nothing has escaped your eagle eye, something always sneaks in to spoil your celebration.

Right Yahoo?

So if it’s such a pain, why bother? Good question.

As far as the browser warnings go, they may seem unimportant now, especially if there’s no login on your site and you aren’t taking credit card information from visitors. But expect those benign warnings to change in the not-too-distant future. At some point Google and Firefox (everyone else will follow) are going to put up a virtual – or literal – red flag when someone comes to your site and the connection is not HTTPS. Whether there is a login or credit card collection or not.

You don’t want to wait until that happens and find yourself scrambling to make the necessary changes. You’re going to want to have the luxury of time, which you still do if you tackle the project today.

In order to make the move to HTTPS you’ll need an SSL certificate. We can help you there. While there is a monthly fee associated with adding SSL to your account, a free RapidSSL certificate is included. If you need a wildcard or extended validation certificate, we can get you set up with those as well. Here are some Knowledge Base articles to help you get started with HTTPS/ssl.

You’ve probably also heard that you can get a free SSL certificate from Let’s Encrypt. That’s true, and you can use those certs here at DiscountASP.NET. But the Let’s Encrypt certificates come with some drawbacks (among other things: they do not verify sites, so you can’t get a security seal, and they have to be manually renewed every 90 days). Make sure you’re aware of what’s involved in using such a cert before you commit to one.

And guess what? The benefit of moving to HTTPS goes beyond security.

Check out what Google says right now about HTTPS and search results: “Google uses HTTPS as a positive ranking signal. This signal is one amongst many others, and currently carries less weight than high-quality site content; you should not expect a major SEO advantage for moving to HTTPS in the short term. In the longer term, Google may increase the strength of the HTTPS boost.”

Eventually, when everything is HTTPS, that Google search advantage won’t mean anything. But right now, when half the web still doesn’t use HTTPS, it can mean a lot.

So what are you waiting for?

Top 10 things we accomplished in 2016

Takeshi EtoAnother year flew by. I usually do a Top 10 list at the end of the year, but I was too swamped with family obligations to finish the post in December. But fear not, here is our Top 10 list of accomplishments for 2016!

  1. Launched ASP.NET Core Hosting
    Years in the making, what was to be ASP.NET 5 was renamed and launched as ASP.NET Core 1.0 in June 2016. And of course, we made ASP.NET Core Hosting available on our Windows 2012 platform. ASP.NET Core is a complete rewrite, a modular framework distributed via NuGet packages that supports side-by-side app versioning. It’s also cross-platform (Windows, Linux, Mac).
  2. Launched SQL 2016 Hosting
    sql 2016 hosting2016 also saw the release of the newest Microsoft SQL Server 2016. With new enhancements like stretch databases and temporal tables, we wanted to make it available to our customers as quickly as we could. And so SQL 2016 was launched in both the US and UK data centers!
  3. Launched SpamExperts Email Inbox Filtering and Inbox Archiving Solutions
    SpamExperts Spam Filtering and ArchivingWe’ve evaluated many spam filtering solutions over the years, and we finally found a partner who provided a good spam filter product at a very cost-effective rate. Most professional spam filter services charge per email box which gets pricey. With SpamExperts we can provide filtering on a per domain basis. Through SpamExperts, we provide Inbox Filtering, a premium spam filter solution with a feature-rich management portal, and Inbox Archiving, a service that will store a backup of your clean incoming emails in encrypted format and in the cloud. Check it out.
  4. Launched PHP 7 Hosting
    Yes, we are a Windows hosting shop, but we keep up to date with PHP too. We launched support for PHP 7 and PHP 5.6.
  5. Kept pace with ASP.NET Updates
    Installing a new framework on the server is just a start. It’s also important to keep up to date its updates and with Microsoft’s rapid release cadence, this can be a challenge. But we are up to the task and we’ve updated our Windows 2012 platform with ASP.NET Core 1.1. In addition, even with all the fanfare with the release of ASP.NET Core, the truth is that ASP.NET Core is not yet at feature parity with ASP.NET 4.x. So we understand that not everyone is going to go all-in with bleeding edge frameworks. So we made sure to continue to update our .NET 4.x frameworks. We are now at ASP.NET 4.6.1 on our Windows 2012 hosting platform.
  6. Kept pace with Team Foundation Server Updates
    Setting and forgetting is not good enough. We also keep up to date with Team Foundation Server updates too. For example, we updated TFS 2015 with Update 3 and introduced new features such as Work Item Deletion and Team Project Creation/Deletion.
  7. Launched Free Website Migration
    With all our experience in migrating sites away from Windows 2003, and knowing that the pain of moving could stop people from migrating from their current host – even when they perform poorly – we introduced free site migration services. Sign up and then let us know that you want migration assistance. You can sit back and relax while we do all the heavy lifting to move your website.
  8. Continued with Enhancements at Everleap.com
    I’d be remiss not to mention the enhancements we launched over at our Cloud Hosting solution at Everleap.com. We launched both Shared SQL 2016 and Managed SQL 2016. We introduced WebJobs and Auto Heal on the Everleap SSD Reserved Cloud Servers. We launched support for multiple versions of node.js, added PHP 7 support, and added our Website Cloud Backup solution too.
  9. Renewed our Microsoft Gold Certification
    microsoft gold partner - hosting competencyFor the 11th year in a row, we renewed our Microsoft Gold Certification status. This is a significant investment of resources and time, but we feel that this status is a differentiator and shows our commitment to staying on top of Microsoft technologies.
  10. Attained Privacy Shield Certification
    privacy shield frameworkThe former EU Safe Harbor framework was struck down in a EU court, so the US and EU went to work to negotiate a new framework. In July 2016, a new “Privacy Shield” framework was approved. The Department of Commerce started accepting certifications in August 2016. We worked with our partner, Truste, to help get us certified and we were able to achieve Privacy Shield certification.

So that’s the Top 10 for 2016. As we look forward, we’ve been planning for 2017 and there are a lot of things brewing. We will keep making enhancements to our hosting services, and if you have any suggestions or feedback, please let us know.

We wish you a very happy new year!