How to choose the right laptop for yourself!

Here we explain how to choose the right laptop for yourself, there are many factors you need to understanding while choosing and buying a laptop to prevent from being disappointed later, but we will write 8 essential tips for you.

Compact enough to carry with you, As the laptop is used to work at home, office or at the GO, you need to choose a compact size laptop which can be easily transported and carried.

There’s a wide variety of sizes, features and prices, which makes choosing the right laptop a challenge.

That’s why you need to figure out what your needs are. To make the right call, just follow these steps.

1. Pick a Platform: Mac, Windows or Chrome OS?

This is not an easy question and answer, especially if you’re not familiar with both Macs and PCs.

But this quick overview of each platform’s strengths and weaknesses should help.

Most laptops are coming with one of the most three famous operating systems such as Windows, Chrome OS and Mac OS X, choosing the right one is a personal preference but here’s a quick summery of what each offers.

Windows 10

The most flexible operating system, Windows appears on many more makes and models than Chrome OS or Mac OS X. Windows notebooks range in price from under $200 to several thousand dollars and offer a wide array of features from touch screens to fingerprint readers to dual graphics chips. Windows 10, the latest version of Microsoft’s flagship operating system, provides a number of improvements over Windows 7 and 8, including the ability to switch between tablet and desktop modes, a revamped Start menu with live tiles and the powerful Cortana digital assistant. Since its launch in July 2015, Windows 10 has also added a host of improvements, including the ability to use follow-up questions with Cortana, search your email using natural language and use your stylus to scribble almost anywhere.

Apple OS X EI Capitan

All MacBooks come with Apple’s own operating system, Mac OS X El Capitan. Overall, the operating system offers similar functionality to Windows 10, but with a different take on the interface that substitutes an apps dock at the bottom of the screen for Microsoft’s Start menu and taskbar. iPhone or iPad users will appreciate iOS-like features such as Launch Pad for your apps, superior multitouch gestures, and the ability to take calls and text from your iPhone. However, OS X isn’t made for touch, because no MacBook comes with a touch screen.

Chrome OS

Found on inexpensive “Chromebooks” such as the Lenovo 100S Chromebook, Google’s OS is simple and secure, but limited. The user interface looks a lot like Windows with an application menu, a desktop and the ability to drag windows around, but the main app you use is the Chrome browser. The downside is that there are few offline apps and those that exist don’t always work well. However, the operating if you need a device to surf the Web and check email, navigate social networks and chat online, Chromebooks are inexpensive and highly portable, and they offer good battery life. Google is also planning to add the ability to run Android apps, which would suddenly make this platform a lot more useful for the masses.

2. Decide if you want a 2-in-1

These days, many PC laptops fall into the category of “2-in-1s,” devices that can switch between traditional clamshell mode, tablet mode and other positions in between such as tent or stand modes. The 2-in-1s generally come in two different styles: detachables with screens that come off the keyboard entirely and flexible laptops with hinges that bend back 360 degrees to change modes. Most of these systems are much better at serving one purpose than the other, with bend-backs being laptops first and detachables offering a superior tablet experience. However, if you don’t see the need to use your notebook as a slate, you’ll usually get more performance for your money and a better productivity experience with a traditional clamshell laptop.

If you decide you want a 2-in-1, note that bendables usually have far better battery life than their detachable brethren.

3. Choose the right size

Before you look at specs or pricing, you need to figure out just how portable you need your laptop to be. Laptops are usually categorized by their display sizes:

  • 11 to 12 inches: The thinnest and lightest systems around have 11- to 12-inch screens and typically weigh 2.5 to 3.5 pounds,
  • 13 to 14 inches: Provides the best balance of portability and usability, particularly if you get a laptop that weighs under 4 pounds.
  • 15 inches: The most popular size, 15-inch laptops usually weigh 4.5 to 6.5 pounds. Consider this size if you want a larger screen and you’re not planning to carry your notebook around often.
  • 17 to 18 inches: If your laptop stays on your desk all day every day, a 17- or 18-inch system could provide you with the kind of processing power you need to play high-end games or do workstation-level productivity.

4. Check that keyboard and touchpad

The most impressive specs in the world don’t mean diddly if the laptop you’re shopping for doesn’t have good ergonomics. If you plan to do a lot of work on your computer, make sure the keyboard offers solid tactile feedback, plenty of vertical travel (distance the key goes down when pressed, usually 1 to 2mm) and enough space between the keys.

Look for an accurate touchpad that doesn’t give you a jumpy cursor and responds consistently to multitouch gestures such as pinch-to-zoom. If you’re buying a business laptop, consider getting one with a pointing stick (aka nub) between the G and H keys so you can navigate around the desktop without lifting your fingers off the keyboard’s home row.

5. Pick your specs

Notebook components such as processor, hard drive, RAM and graphics chip can confuse even notebook aficionados, so don’t feel bad if spec sheets look like alphabet soup to you.

Here are the main components to keep an eye on.

  • CPU: The “brains” of your computer, the processor has a huge influence on performance, but depending on what you want to do, even the least-expensive model may be good enough. Here’s a rundown.
    • AMD A series or Intel Core i3 / i5: If you’re looking for a mainstream laptop with the best combination of price and performance, get a Core i5. Core i3 is a small step down. AMD A series CPUs are less common, but promise similar performance.
    • Intel Core i7: High-end performance for gaming rigs and workstations. Models with numbers that end in HQ or K use higher wattage and have four cores, allowing for even faster gaming and productivity.
    • AMD E Series or Intel Pentium/Celeron: Found on low-cost laptops. It provides just enough performance to enable basic tasks such as video viewing, document editing and Web surfing.
    • Intel Atom: Also found on low-cost laptops and 2-in-1s. It offers basic performance but more battery life than Celeron/Pentium.
    • Intel Core m3 / m5 / m7: Low-power and low heat allow systems with these processors to go fanless. Performance is better than Celeron, but a notch below Core i3 / i5.
  • RAM: Some sub-$250 laptops come with only 2GB of RAM, but ideally you want at least 4GB on even a budget system and 8GB if you can spend just a little more. For most users, 16GB or more is overkill.
  • Storage Drive (aka Hard Drive): Even more important than the speed of your CPU is the performance of your storage drive. If you can afford it and don’t need a ton of internal storage, get a laptop with a solid state drive (SSD) rather than a hard drive, because you’ll see at least three times the speed and a much faster laptop overall.Among SSDs, the newer PCIe x4 (aka NVME) units offer triple the speed of traditional SATA drives. Sub-$250 laptops use eMMC memory, which is technically solid-state but not faster than a mechanical hard drive.
  • Display: The more pixels you have, the more content you can fit on-screen, and the sharper it will look. Most budget and mainstream laptops have 1366 x 768 displays, but if you can afford it, we recommend paying extra for a panel that runs at 1920 x 1080, also known as full HD or 1080p. Some higher-end laptops have screens that are 2560 x 1600, 3200 x 1800 or even 3840 x 2160, which all look sharp but consume more power, lowering your battery life.
  • Touch Screen: If you’re buying a regular clamshell laptop, rather than a 2-in-1, you won’t get much benefit from a touch screen and you will get 1 to 3 hours less battery life. On 2-in-1s, touch screens come standard.
  • Graphics Chip: If you’re not playing PC games, creating 3D objects or doing high-res video editing, an integrated graphics chip (one that shares system memory) will be fine. If you have any of the above needs, though, a discrete graphics processor from AMD or Nvidia is essential. As with CPUs, there are both high- and low-end graphics chips. Nvidia maintains a list of its graphics chips from low to high end, as does AMD.
  • DVD/Blu-ray Drives. Few laptops come with optical drives, because all software and movies are downloadable. However, if you really need to read / write discs and your laptop of choice doesn’t come with a built-in DVD drive, you can always buy an external one that connects via USB for under $20.

6. Don’t skimp on battery life

If you’re buying large, bulky notebook that you’ll use only on a desk near an outlet, you don’t have to worry about battery life. However, if you plan to use the laptop on your lap, even if it’s at home and or work, you’ll want at least 6 hours of endurance, with 8+ hours being ideal. To determine a notebook’s expected battery life, don’t take the manufacturer’s word for it. Instead, read third-party results from objective sources, such as our reviews.

You can choose the battery by choosing higher battery cells, like 2 cell battery, 4 cell battery, 6 cell battery and 8 cell battery and also combo batteries.

7. Plan based on your budget

You can find a laptop at $200 but if you increase the budget you can find better laptops, here’s what you can get fro each price range.

  • $150 to $250: The least-expensive noteboo
    ks are either Chromebooks, which run Google’s browser-centric OS, or low-end Windows systems with minimal storage and slower processors, such as the HP Stream 11 and the Lenovo Ideapad 100S. Use these as secondary computers only or give them to the kids.
  • $350 to $600: For well under $600, you can get a notebook with an Intel Core i5 or AMD A8 CPU, 4 to 8GB of RAM, and a 500GB hard drive, all respectable specs. However, at this price, most notebooks don’t have an SSD, a full-HD display or long battery life. There are a few noteable exceptions, such as the Asus VivoBook E403Sa and Lenovo ThinkPad 13.
  • $600 to $900: As you get above $600, you’ll start to see more premium designs, such as metal finishes. Manufacturers also start to add in other features as you climb the price ladder, including higher-resolution displays and SSDs.
  • Above $900: At this price range, expect notebooks that are more portable, more powerful or both. Expect higher-resolution screens, faster processors and possibly discrete graphics. The lightest, longest-lasting ultraportables, like the MacBook Air 13-inch and the Dell XPS 13, tend to cost more than $1,000 (although you can get the Dell for less if you don’t opt for a touch screen). High-end gaming systems and mobile workstations usually cost upward of $1,500 or even as much as $2,500 or $3,000.

8. Mind the brand

Your laptop is only as good as the company that stands behind it. Accurate and timely technical support is paramount.

This past year Apple came in first place, followed by HP and Samsung.This past year Apple came in first place, followed by Microsoft and Samsung.

Support is only part of what makes a notebook brand worth your money. You also have to consider how the manufacturer stacks up to the competition in terms of design, value and selection, review performance and other criteria. In our 2015 Best and Worst Laptop Brands report, Apple placed first, followed by Dell and HP.

Managing file/folder permissions and ownership

How to Manage Files & Folders Ownership and Permissions

The Unix files access is controlled. There are three types of access (permissions):

read
write
execute
Each file belongs to a specific user and group (ownership).

Access to the files is controlled by user, group, and what is called other/everyone permission bits and is usually set using a numerical value.

For example, 644 as permission bit will result in:

Owner / User Group Other/ Everyone 644

Each number represents the access level and it can be from 0 to 7.

The access level, depending on the number is as follows:

0 – no access to the file whatsoever
1 – execute permissions only
2 – write permissions only
3 – write and execute permissions
4 – read permissions only
5 – read and execute permissions
6 – read and write permissions
7 – read, write and execute permissions (full permissions)
Thus the above 644 permissions example will look like this:

Owner / User – Read and Write Group – Read and Write Other/ Everyone – Read only

To allow a script to be executed and read by everyone but the only one who can write in it is your user, you would need to set 755 as permissions:

Owner / UserGroupOther/ Everyone
7 – Full permissions
5 – read and execute
5 – read and execute
Changing the permissions to 700 will make the file visible only for your username and no one else and setting it to 444 will allow only the file creator to modify it.

The command you need to issue to actually change the permissions is called ‘chmod’ and it generally looks like this:

chmod 755 configuration.php
The above example changes the permissions of configuration.php file and sets them to 755.

You can recursively change the permissions of all folders and files using the recursive argument:

chmod -R 755 *This will modify the permissions of all files in the current folder and
set them to 755.
You might wonder what the above user/group values are. These two settings are the actual ownership flags for a file or a folder.

Each file has a primary user that owns it and a group assigned to it. To change those values, a special command exists — ‘chown’.

Its syntax is very easy:

chown user: group file

For example:

Chown user:

pamirwebhost configuration.php

The above line will set the owner of the file to ‘user’ and the group to ‘pamirwebhost’.

Changing ownership recursively is also permitted and the flag (naturally) is -R: chown -R user: pamirwebhost *

How to prevent your hosting account from being hacked

Tips on how to prevent your account from being hacked

The menace of hacking is a very serious issue for the today’s World Wide Web. It is really important to pay a lot of attention to security of your cPanel account. It should be well-protected against manual attacks as well as against automatized means of getting access to your hosting account.

The security of our clients is of the highest priority for us. On our servers we have an effective firewall system along with a complex of other security measures.
However, some aspects of cPanel account protection depend not on Namecheap but on the owner of the account. In this article you will find several useful tips you can use to significantly improve your cPanel account’s security.

 

1. Use safe username and password

This is a quite obvious thing but having a secured password is definitely among the most important aspects of web security. Some people set a password which is easy to remember in order to avoid keeping it somewhere except for memory. It is strongly recommended to avoid using passwords which consist of dictionary words, names of your relatives, friends or pets, important dates, cities, etc. These passwords are not secure as it is really easy to find such information about you especially if you have an account in any of social networks. In Internet security there is even a special term «social engineering» which suggests that some person can get your personal data without any additional means such as special software using methods of psychological manipulation. For example, some important personal data can be gathered during several online conversations with you by means of e-mail, forum, chat or in social network. So in case your password is a date of your mother’s birth then do not be surprised if your account gets hacked.

Also, hackers have special tools for cryptanalytic attacks (also known as Brute-force attacks) which are intended to get your password. The main idea of such attacks is checking all possible words until the correct one is found. Such attacks can be successful if your password is a simple word from a dictionary.

It is strongly recommended to use passwords which consist of randomly mixed low and capital letters, special symbols and digits. Such password’s length should be not less than eight symbols. You can use any special program for passwords generation as well as in-built cPanel password generator. It can be found in cPanel -> Change Password:

Another important aspect is a cPanel username.

By default in a hosting welcome guide you receive a generated username which consist of a part of your main domain name in complex with several random letters. cPanel username can be changed only by our representatives per your request in chat or ticket. There are some restrictions triggered by cPanel functionality. Your username can consist only of alphanumeric characters (digits are also permitted, however they are not permitted as the first symbol in the username). Also cPanel username cannot be longer than eight symbols. It is not recommended to change it to your actual name or nickname as this information can be obtained easily by any other person.

2. Change your password regularly

It is strongly recommended to change your password from time to time. Also we advise changing the password right after receiving a hosting welcome guide e-mail. cPanel password can be changed in cPanel > Change Password. By the way, we recommend checking Allow MySQL password change as this option lets you synchronize the password with the password for phpMyAdmin:
security_03.jpg

Additionally, it makes sense to change passwords for your e-mail accounts as well. This can be done in cPanel > E-mail Accounts:

3. Keep your username and password in a safe place

For example, avoid keeping your hosting welcome guide in the inbox of an e-mail account in case you are not the only person who has access to it. Also, please, avoid storing your cPanel login details in a text file on your desktop especially if you are not the only user of this computer. You can use roboform, lastpass or any other similar password saving software in that case.

Needless to say it is not recommended to share your username and password with anyone.

4. Pay attention to security of your computer.

It is strongly recommended to have an effective firewall and antivirus software with the up-to-date databases on your personal computer. Please, perform a full scan of your computer from time to time. Some viruses are intended to steal your login details and transmit them to someone who needs them. Also there are special applications which are known as keyloggers. They gather a log of keyboard buttons pressed by you, make screenshots of your desktop and send this information to a hacker. Such software can be detected by a good antivirus program so do not forget to check your PC regularly.

5. Use a secured connection when it is possible

For example, with Namecheap you can connect by FTP in two ways. You can use a conventional port 21 or you can connect using a non-standard secured port 21098. If there are no network restrictions then it is recommended to use port 21098. Also, it is better to access your cPanel using non-standard port 2083 instead of standard port 80. A link which looks like http://cpanel.yourdomain.com uses port 80. If you wish to use port 2083 then, please, use link which looks like https://yourdomain.com:2083

6. Scan your webspace

To avoid having the files located in your hosting account being at hazard it is recommended to use different means of scanning for malicious software. First of all you can use an in-built cPanel virus scanner:

Also you can use some free online scanners such as this:
http://sitecheck.sucuri.net/scanner/

It is better to combine these two ways of checking your account for viruses. In order to prevent having viruses and malware on your account it is recommended to use themes and plugins only from trusted providers. In case you have any suspects regarding your account’s security then, please, feel free to contact our Support Team at any moment.

7. Always have a backup

Even though backups are scheduled on a weekly basis on our shared servers it is recommended to keep a backup of your account somewhere in a safe place on your PC or third party server. Please do not forget to update it from time to time in order to avoid losing the important information. You can create a full cPanel backup in cPanel > Backups. Note, that if your account gets bigger than 10GB or contains more than 150 000 inodes then it will be automatically excluded from weekly backups:

Even more advanced and convenient solution for creating backups is CodeGuard (later, CG). It’s main advantage is the possibility of creating *automatized* backups of your site. Using CG you can partially completely restore your site if there any changes arose, which you wish to get rid of. As CG is fully integrated in your cPanel, only several clicks are required for you to start taking advantages of this great feature we have!

8. Enable CloudFlare

We recommend you enabling CloudFlare in your cPanel. It is a great solution which improves your account’s performance and security. It can help you in protecting your account against DDoS attacks, SQL injections and other similar threats.

You can find more information in our guide How to enable CloudFlare for your domain name.

Update all third party scripts to the latest versions (e.g. Joomla!, WordPress, Magentoo or any other CMS).
Don’t load your website with every script, theme, gadget, feature, function, and code snippet you can find on the web. Each of them could let a hacker into your site. Before you use something new, read its vulnerability report.

9. CMS security tips

If your site is build on WordPress we recommend you to read our WordPress security guides:

CMS Security Issues. WordPress Security and Optimization
Internal Protection “.htaccess” (Manual setup)

and use the security tips listed there to prevent hack attempts in the future.

Following these simple recommendations you can improve your account’s security greatly. From our side we do our best to keep your account safe but if you undertake these measures a level of security increases drastically. We recommend our clients not to ignore the safety of data and always feel free to contact our Support Team in case you have any questions or complications.

How to improve WordPress website security

1. Introduction

Nowadays we face a lot of security issues with different content management systems (CMS) and web applications. WordPress is not an exception as it`s one of the most popular and powerful blogging content management systems.

There are several reasons for it:

  • CMS uses typical files for passwords and settings located in the same directories for each account (wp-config.php, wp-admin/ directory etc) so they are very easy to locate, modify after gaining partial access.
  • The admin panel (wp-admin) runs under the same domain and uses the same codebase/permission as the rest of the application.
  • Admin users can install a plugin/theme, which can then modify any file or change anything in the database (this is related to corrupted, non-official, non-updated, self-modified or fraudulent themes or plugins).

This article provides you with a list of tips and instructions that can improve a security level of your WordPress installation.

2. Making backups regularly

Making regular backups of your WordPress site is the first and the most important step. Before you apply any changes, make sure to backup your entire WordPress installation or databases.

It is recommended to create regular backups for your entire cPanel account using cPanel > Backupstool and creating Full cPanel Backup.

Also, you can backup your WordPress site using CodeGuard.

3. Updating WordPress, themes and plugins to the latest version


The latest version of WordPress is always available on official WordPress site. Official release is not available from other websites or resources, thus, NEVER update WordPress from third party resources. Also, you can easily update WordPress from Admin Dashboard directly or via Softaculous.

Make sure that your blog’s version is up to date. WordPress team works on creating patches for fixing security ‘holes’ and backdoors on a constant basis. That`s why it is very important to have the latest version of WordPress.

It is strongly recommended to update your plugins and themes to the latest versions too, as a bug in one of these can affect your whole installation. You can update both plugins and themes via Admin Dashboard > choose Plugins or Themes menu and click ‘Update now’ near the necessary plugin or theme:

NOTE: it is recommended to create backups of your WordPress files and database before applying any changes.

4. Using trusted sources


Many custom ‘free’ WordPress themes included base64 encoding, which is often used to hide malicious code. So, with such themes or plugins you can easily upload malware into your account. This is how most of the ‘hackers’ get access to your files and site.

We recommend using content only from official resource like http://wordpress.org/ as it`s the safest place to get themes and plugins.

5. Using secure username and password

The default WordPress login is ‘admin’ and most hackers know that. It should be changed to custom one with a strong password which include upper/lower keys, numbers and symbols.

Assuming you use Softaculous, you specify the username on the install screen:

Also, it is not recommended to use passwords or email addresses similar to your accounts from other web-resources.

You can change your Admin username or Password via the database, you can find the corresponding instructions here.

6. Changing database prefix, username and password


6.1 Changing database prefix

It is highly recommended to change the database prefix as the default table prefix for WordPress iswp_ . SQL Injection attacks are easier with the default table prefix because it is easier to guess. We recommend to change the database prefix to something more secure than wp_.

NOTE: create backup of your database before applying any changes.

If you install WordPress from Softaculous, you can set custom table prefix and database name at installation screen:

If you have already installed WordPress you can still change database prefix in two ways: either manually or using a special plugin.

For manual database prefix change, go to cPanel > phpMyAdmin menu > choose the necessarydatabase from the left side > click on SQL option above.

Here you need to run RENAME SQL queries on tables in your WordPress database:

RENAME table `wp_commentmeta` TO `newprefix_commentmeta`;
RENAME table `wp_comments` TO `newprefix_comments`;
RENAME table `wp_links` TO `newprefix_links`;
RENAME table `wp_options` TO `newprefix_options`;
RENAME table `wp_postmeta` TO `newprefix_postmeta`;
RENAME table `wp_posts` TO `newprefix_posts`;
RENAME table `wp_terms` TO `newprefix_terms`;
RENAME table `wp_term_relationships` TO `newprefix_term_relationships`;
RENAME table `wp_term_taxonomy` TO `newprefix_term_taxonomy`;
RENAME table `wp_usermeta` TO `newprefix_usermeta`;
RENAME table `wp_users` TO `newprefix_users`;

*where newprefix_ should be replaced with new database prefix you wish to have instead of wp_, then click Go:

Once done, you will see the new database prefix has been applied to your WordPress database:

After that you will need to search the options table for any other fields that is using wp_ as a prefix in order to replace them. It is necessary to run the following query in the same way:

SELECT * FROM `newprefix_options` WHERE `option_name` LIKE ‘%wp_%’

Then click Go and you will get the result as on the screenshot below:

Here you will need to go one by one to change these lines and replace the old database prefix with the new one. Once done, we need to search the usermeta for all fields that is using wp_ as a prefix with the help of this SQL query:

SELECT * FROM `newprefix_usermeta` WHERE `meta_key` LIKE ‘%wp_%’

After that click Go and the following results will appear:



Number of entries may vary on how many plugins you are using and such. Here you need to change everything that has wp_ to the new prefix as well.

Once done, make sure to update your wp-config.php file with new database prefix:

Also, you can change database prefix using special plugins, like Change DB prefix or Change table prefix.

6.2 Changing database username and password

In order to change the database username or password, log into cPanel >> and click on MySQL Databasesmenu in Databases section:

Under Current users you will see all created database users in your account. Here you can Set new password orRename the necessary database user by choosing the corresponding option:

For changing password, click on Set password. In the new window insert your new password two times and click Change password:

To change the database username, click Rename. In the new window you need to specify the new username you wish to have (this will be the part after cPanelusername_ ) and click Proceed in order to save changes:

Once the database username or password are changed, you need to update your wp-config.php file with the corresponding details:


7. Setting password protection for important files and folders

In order to prevent your WordPress site from being hacked we recommend setting the password protection for system files and folders.

To create the password protection follow these steps:

7.1 Go to cPanel > Security > Password Protect Directories to access a list of your site’s folders:

7.2 Choose the directory you wish to protect and click on it:

7.3 Put a tick on Password protect this directory and name your protected directory, insert the username and password and click on Add or Modify the Authorized User button to save your changes:

NOTE: it is very important to protect wp-config.php file and wp-adminfolder since they are more susceptible for hacker attack.

8. Using secure FTP (SFTP) and Shell access (SSH)

Uploading files via FTP is a quick way to make a new site up and running or add new files to your account. However, SFTP is more secure and your passwords are encrypted to help prevent hackers from learning it. You can find a more detailed guide on how to upload your files via FTP or SFTP.

If you do want to use FTP (or use cPanel details for FTP connection), it’s a good idea to delete any FTP accounts that you’re not using to prevent them from being accessed without your consent. This is a great way to help keep your site and information more secure.

9. Hiding WordPress version

Another good idea is to remove the generator meta for WordPress. This meta shows the version of your WordPress site. You may open your website and check your source code by pressingCTRL + U on Windows orOption+Command+U on Mac. If WordPress version is visible for hackers it’s more easy for them to target the vulnerabilities of the specific version to hack into your website.

In order to hide your WordPress version, navigate your current theme at /wp-content/themes/yourtheme/ and insert the code below into function.php file:

/* Hide WP version strings from scripts and styles
* @return {string} $src
* @filter script_loader_src
* @filter style_loader_src
*/
function fjarrett_remove_wp_version_strings( $src ) {
global $wp_version;
parse_str(parse_url($src, PHP_URL_QUERY), $query);
if ( !empty($query[‘ver’]) && $query[‘ver’] === $wp_version ) {
$src = remove_query_arg(‘ver’, $src);
}
return $src;
}
add_filter( ‘script_loader_src’, ‘fjarrett_remove_wp_version_strings’ );
add_filter( ‘style_loader_src’, ‘fjarrett_remove_wp_version_strings’ );
/* Hide WP version strings from generator meta tag */
function wpmudev_remove_version() {
return ”;
}
add_filter(‘the_generator’, ‘wpmudev_remove_version’);

10. Limiting the number of failed connections


It is recommended to limit the number of login attempts to your WordPress Dashboard with the help of Login LockDown plugin. It records the IP addresses of every failed login within a certain time period of time. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This allows to prevent brute force password discovery.

11. Plugins for WordPress security

One of the most important step for making your WordPress site well-protected is to use security plugins:


Wordfence Security:

Wordfence Security is free WordPress security plugin that allows to scan your website looking for malicious code, backdoors or shells that hackers have installed, shows website analytics and traffic in real time, set up automatic scanning and much more. You can find description of each option here.

Acunetix WP Security plugin:

Acunetix WP Security checks your WordPress site for security vulnerabilities and suggests corrective actions such as passwords, file permissions, database security, WordPress version hiding and admin protection.

All In One WordPress Security plugin:

All In One WordPress Security plugin is a user-friendly plugin that will bring security of your WordPress site on a new level. It provides with user accounts and login security, database and file system security, brute force login attack prevention, website scanning and much more.

12. Account and external security

Here are the tips and general recommendations that will help you to increase account and external security:

  • To keep your local environment updated and clean from viruses.
  • To protect your hosting (cPanel account) and here you can find the general tips on how to prevent it from being hacked
  • To use secure passwords and SFTP connection + type for FTP/files upload.
  • To change cPanel password regularly. Try to use strong passwords (with high and low register Aa-Zz and special symbols) and we recommend you to change the passwords for all your email accounts, as well.
  • Do not store passwords in places where they can be obtained easily (e.g. passwords.txt file on desktop is not very secure).
  • To update all third party scripts to latest versions.
  • To enable CloudFlare in cPanel. CloudFlare is a broad security solution that is designed to provide protection from many forms of malicious activity online including: comment spam, email harvesting, SQL injection, cross-site scripting, credential hacking, web software vulnerability and DDoS (denial of service) attacks.
  • Always have a backup copy of your entire website and its databases.

The tips provided above do not guarantee 100% secure of your WordPress website, however, they drastically decrease chances of getting hacked. We sincerely hope this article helped you enough in securing your online business and becoming a trouble-free and happy customer.

That’s it!

Source: NC

 

How to setup internal protection for .htaccess

This part is applicable only for cases, when you wish manually set up all the necessary settings and rules. All these settings can be done automatically with secure plugins (especially BulletProof Security). We recommend using the secure plugins first and only if they fail to deliver necessary control, perform manual configuration. If you do need to make specific changes to the .htaccess file manually, kindly use the guide provided below:

.htaccess (hypertext access) is the default name of directory-level configuration file specific for web servers running Apache

It is the one most often modified when dealing with redirects and is often used to change file types to make them executable. It is also the one you will be using to harden your environment.

To protect it you apply a few simple rules:
Set Low Permissions
Deny Access

Apply Low Permissions
The basic guidance for permissions is simple, the lower the number the harder access becomes. Good rule of thumb is keep the number as low as possible where the performance or functionality is not impacted. For most users, setting it to 640 will grant level of access that you need.
Add .HTACCESS Directives
What’s important to note here is that this only works if the attack is external. This won’t protect you from internal attacks (if entire cPanel accout is hacked, for example)
This is the .htaccess directive you can use:

#PROTECT HTACCESS
<Files .htaccess>
Order Allow, Deny
Deny from all
</Files>

Note: this only protects the file from external access.

  • Disable directory browsing

If you do not want to allow your visitors to browse through your entire directory, simply add the piece of 2 lines in your .htaccess in the root directory of your WordPress blog:

# disable directory browsing
Options All –Indexes

  • wp-config file protection

Wp-config.php is important because it contains all the sensitive data and configuration of your blog and therefore it should be locked through .htaccess. Add the code below to the .htaccess file in the root directory:

# protect wp-config.php
<files wp-config.php>
Order deny,allow
Deny from all
</files> 

The code denies access to the wp-config.php file to everyone.

  • Access to wp-content directory

Wp-content contains all content for your WordPress installation. This is a very important folder and it should be secured. Users should be only able to view and access certain file types like images (jpg, gif, png), Javascript, css and XML.

Place the code below in the .htaccess file within the wp-content folder (not the root):

Order deny,allow
Deny from all
<Files ~ “.(xml|css|jpeg|png|gif|js)$”>
Allow from all
</Files>

  • wp-admin files

Wp-admin should be accessed only by you and your fellow bloggers (if any).  You may use .htaccess to restrict access and allow only specific IP addresses to this directory.
If you have static IP address and you always blog from your computer, then this can be a good option for you. However, if you run a multiple user blog then either you can opt out from this or you can allow access from a range of IPs.

Copy and paste the code below to the .htaccess in wp-admin folder (not root folder):

# deny access to wp admin
order deny,allow
allow from xx.xx.xx.xx # This is your static IP
deny from all 

The above code will prevent browser access to any file in these directories other than “xx.xx.xx.xx” which should be your static IP address.

  • Prevent script injection

To protect your WordPress blog from script injection, and unwanted modification of _REQUEST and/or GLOBALS copy and paste the code below to your .htaccess in the root:

# protect from sql injection
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]

That’s it!

Why is it beneficial to have a dedicated IP address?

When it comes to hosting a website on a shared server, there is always quite a common controversial issue: Is it necessary to have a dedicated IP address for your website and why, if you just can use a shared one? Using dedicated IP address provides with certain crucial advantages, but let’s start with the definition first.

What is Dedicated IP Address?

IP stands for Internet Protocol and is defined as unique address assigned to each computer that is connected to a certain network. Internet Protocol address plays the role of unique identifier that is used to provide actual location of a machine or a website in a given network.

What is the difference between Shared and Dedicated IP address?

The difference between shared and dedicated IP addresses is quite simple. Shared IP address is a single address that is used by multiple websites within one web-server. In this case web-server should do some extra work, parsing user’s request to the correct website. Having Dedicated IP address means that the website has its very own address and you can use whether this IP address or domain name of your website to access it from the Web. For more illustrative example, please check the diagram below:

SNI_01.jpg

Why having dedicated IP address is beneficial?

There are a lot of reasons why it is recommended to use Dedicated IP address for a website, hosted on a Shared server, but we shall look through the main ones here:

  • It provides a higher stability

The fact that multiple websites share single IP address on the Web gives a clear picture about difficulties that may appear with a separate website. Just imagine that one of the websites hosted on a Shared server as well as yours, was suddenly flagged as a malicious one or the actual IP address of the server was blacklisted due to possible spamming activity of one of the users. Unfortunately there is a possibility that your website would suffer the consequences as well, however dedicated IP address will allow to control reputation of the website on your own in this case, and it won’t be affected by the others activity.

 

  • It grants access to your website anytime you need

Sometimes it is quite necessary to check how website is going to look before pointing domain name to the server and launching your website on the web. Dedicated IP address will provide with ability to access server directly without changing DNS settings for the domain name.

  • It is beneficial for email sender’s reputation

As it was already mentioned above, having your website run over a single IP address may cause unpredictable difficulties and email service may also be affected in this case. There are some situations when some user, sharing the same IP address with you gets banned or blacklisted for spamming which may possibly affect your email service as well. Using dedicated IP address for email, isolates your service from being affected by consequences of abuses made by others.

 

  • It is good for a business identity

If you are going to host your own online-store or other e-commerce related website, and you are not going to use some additional third-party services for handling payments, it is quite necessary to grab some Dedicated IP address and SSL certificate for the website, in order to provide security for your customer’s data. Customers will feel more safe making transactions on the website which uses dedicated IP address.

 

  • It is required for particular third-party applications/scripts

Sometimes a particular application or a script that you may wish to run on your server, requires a dedicated IP address.

 

  • SNI technology and incompatibility with some old browsers

With a recent cPanel update, we started to support SNI technology that allows to install multiple SSL certificates on a Shared IP address. However having a few SSL certificates on a shared IP address may cause issues with older versions of some browsers. In this case, all the visitors of such websites will receive a message containing information about untrusted connection, indeed the website is going to be available via HTTPS protocol. Dedicated IP address helps to avoid such issues.

.af Domain Registration Policy

1: Definition
• “.af DNS authority” means the Afghanistan Domain Administration Committee (as of November 2002, the Ministry of Communications of Afghanistan) supported by the Technical Focal Point which has the right to grant licenses to use domain names in the “.af” domain;
• “the registrar” means the organization or undertaking that enters into a non-exclusive registrar agreement with the .af DNS authority and obtains from the .af DNS authority the right to apply for the registration and renewal of domain names under the “.af” domain on behalf of its clients but for its own account. As of November 2002, UNDP Afghanistan office in Kabul is one authorized registrar;
• “the license” means the person that applies for or has obtained a license from the .af DNS authority to use a particular name in the “.af” domain.

2. Acceptable Domain Names
The .af DNS authority will not accept the following domain names for registration:
• Names that are already registered (“first come, first served” -principle) or that are put on hold. A name is put on hold if:
• Legal proceedings, whether within or outside the scope of a court of law, are in progress over that name, or
• The .af DNS authority has asked the domain name holder to replace his registrar in case the registrars contract with the .af DNS authority is terminated.
• Names that consist of characters other than “a-z”, “A-Z”, “0-9” and “-“, or that start or end with “-” (as recommended in RFC 1035).
• Names of more than three characters or less than sixty-three (63) characters.
• Names with “-” on the third and the fourth position.
• All domain names registered with two characters will be either redirected to minimum three characters or will be cancelled as per domain policy by the end of this year.
Names will be registered for the person whose application is completed first, notwithstanding earlier applications for those names that are not yet complete. An application is complete when it is received with all the required data by the .af DNS authority computer system (not when it was sent). The refusal to register a domain name by the .af DNS authority does not create any rights (priority rights or other) for the applicant. The applicant may file a new application, in competition with anybody else, if that name later becomes available to the public.

3. License
a) After the registrar completes the registration process and pays the registration fees, the .af DNS authority grants an exclusive license to the licensee to use the domain name in the application.

b) The license is valid for one year and is renewable as long as the registration fee has been settled.

c) The license is not transferable unless the domain name is transferred with the business assets of the licensee. The license for a domain name that is on hold cannot be transferred, with exception for the appointment of a new registrar as described in article 6, b, second paragraph.

d) The .af DNS authority may terminate the license if the licensee breaches any of the terms and conditions of the domain name registration, including non-payment of the license fee by the licensee’s registrar. In case of a breach of the terms and conditions, the .af DNS authority can send a reminder by e-mail to both the registrar and the licensee informing them that the license will be terminated if the breach is not remedied within 14 days.

4. Fees and Payment
a) The licensee is aware that the registrar acting on his behalf must pay the initial registration fee and the renewal fee according to the agreement between the registrar and the .af DNS authority.
As of November 2002, the registration fees are as follow:

b) The registrar has access to the computer system of the .af DNS authority in order to verify the status and expiration date of the domain names that he manages. The registrar is responsible for the timely advice to the licensee that the license for his registered domain names is due to be renewed.

c) The .af DNS authority is not responsible for the registrar’s non-payment of registration or renewal fees, which may result in the non-registration or cancellation of a domain name (even if the licensee has paid the registrar).

5. Obligation to have a working e-mail address
The licensee must have a working e-mail address, which is inserted in the .af DNS authority database. The .af DNS authority and the licensee must use this e-mail address for official communication between them, and the licensee must keep the address up-to-date through his registrar. If the e-mail address is not kept up-to-date, the licensee is in breach of these terms and conditions and the .af DNS authority may terminate the license as provided in article 3 above.

6. Agreement between Licensee and Registrar
a) The registration and renewal process with the .af DNS authority can only be conducted by the licensee through an authorized registrar, who is acting on behalf of the licensee but for its own account. The .af DNS authority must make available on its web site a list of the authorized registrars, and a copy of the typical agreement between the .af DNS authority and the registrar. The .af DNS authority is not a party to the agreement between the licensee and his registrar incurs no obligation or liability from that agreement.

b) If a registrar is no longer an authorized registrar because the agreement with the .af DNS authority is terminated, the .af DNS authority must send an e-mail to the licensees informing them that their domain name is put on hold and asking them to appoint another registrar within one month. If the licensee does not appoint another registrar within one month, the license agreement between the .af DNS authority and the licensee will be terminated at the end of its term with no possibility of renewal. The licensee’s domain name will remain on hold until the later of three months after the .af DNS authority sent the on hold notice to the licensee, or two months after the license was terminated. While the domain name is on hold, the licensee may appoint another registrar who may send a request, including its reasons, to the .af DNS authority to become the new registrar of the licensee and restore the license if terminated.

c) If a licensee terminates the agreement with his registrar, he must at the same time designate a new registrar who must inform the .af DNS authority of the proposed change of registrar. The .af DNS authority must inform the licensee and the new registrar of the proposed change by e-mail and the licensee may object to the proposed change by sending a reply e-mail to the .af DNS authority within seven days. The change of registrar will take effect if the licensee confirms the change to the .af DNS authority within seven days after the e-mail from the .af DNS authority. If the licensee does not respond within seven days, the .af DNS authority must send a reminder by e-mail to the new registrar informing him that the transfer will only take effect if the licensee confirms the change to the .af DNS authority by fax within 7 days following the reminder by e-mail.

7. Privacy Policy 
a) The licensee authorizes the .af DNS authority to process personal and other data required to operate the “.af” domain name system. The .af DNS authority must only use the data for operating the system and may only transfer the data to third parties if ordered to do so by the public authorities, upon demand of the dispute resolution entity mentioned in article 10 or as provided in paragraph (c) of this article. The licensee has the right to access his personal data and to arrange for it to be amended, where errors exist.

b) The licensee must keep the .af DNS authority immediately informed through the registrar of any change in name, address, e-mail address, telephone and fax numbers. An omission or delay in informing the .af DNS authority of such changes may result in the termination of the license.

c) The licensee authorizes the .af DNS authority to make the following personal data accessible on its web site – along with some other technical data – to guarantee the transparency of the domain name system towards the public:

• Name, address and telephone and fax number of licensee;
• Date of registration and status of the domain name;
• E-mail address of licensee;
• Language chosen for the dispute resolution set out in article 10.
The licensee also authorizes the .af DNS authority to transfer that data to third parties for the purpose of inclusion in a publicly available directory. The licensee may at any time and without giving any reason inform the .af DNS authority that his personal data may not be transferred. The .af DNS authority must then take all necessary steps to block the data transfer within five working days.

8. Representations and Warranties
a) The licensee agrees and warrants that:
• All statements made during the registration process and the term of the license are complete and accurate.
• Registering the domain name will not infringe or otherwise violate the rights of a third party.
• The domain name is not registered for an unlawful purpose.
• The domain name is not used in violation of any applicable laws or regulations, such as a name that helps to discriminate on the basis of race, language, sex, religion or political view;
• The domain name is not contrary to public order or morality (e.g. obscene or offensive names).

b) The .af DNS authority is not liable for any damage, direct or indirect damage, consequential damage and loss of profits, whether in contract, tort (including negligence), or otherwise, resulting from or related to the registration or use of a domain name, or to the use of its software or web site, even if the .af DNS authority has been advised of the possibility of such damage. Examples of exclusions include :

• Registration or renewal (or the default of registration or renewal) of a domain name in favor of a licensee or a third party due to an error concerning their identity.
• Termination of the .af DNS authority’s rights to register domain names in the “.af” domain.
• Rights that third parties claim to domain names.
• Technical problems or faults.
• Acts or omissions of the registrars regarding the application, registration or renewal of domain names, which may result in the non-registration, or cancellation of a domain name.

The .af DNS authority will exercise its best efforts to provide its services according to the “best practices” standard of the registration authorities. The .af DNS authority will exercise its best efforts to provide its services according to the “best practices” standards adopted and approved in the national or international context.
The licensee must indemnify the .af DNS authority against any claim (and the resulting costs, including attorneys’ fees) originating from the use or registration of a domain name that infringes the rights of a third party. Disputes between the .af DNS authority and the licensee must be brought before the appropriate Afghanistan courts which will have exclusive jurisdiction, and must be governed and interpreted in accordance with the laws of Afghanistan.

9. Change of Registration Rules
a) The rules of the domain name registration procedure are dynamic and subject to change.

b) If the .af DNS authority decides to change its rules, it will make the new rules available to the public by posting them on its web site at least thirty (30) days before the new rules take effect. Each registration procedure will be handled according to the rules in effect on the date the application is complete.

c) As a deviation of the previous rule, the .af DNS authority can modify the technical registration rules without the application of the mentioned minimum delay of thirty (30) days. Such modifications will take effect from the moment of their announcement on the website of the .af DNS authority. The .af DNS authority can only make use of this specific procedure as far as those modifications seem justified within the national or international technical context and as far as they are intended to prevent registrations of speculative nature.

d) The .af DNS authority will not personally inform licensees, whose domain names have been rejected in the past, that new rules apply, even if the rejected names would be allowed under the new rules.

10. Dispute Resolution Policy
a) Dispute resolution.
The licensee must submit the type of disputes set out below to alternative dispute resolution proceedings and accepts in this regard the competence of an accredited. Dispute Resolution Entity. The licensee accepts that those proceedings must be conducted before one of the accredited. Dispute Resolution Entities listed at the web site of the .af DNS authority. The procedure will be conducted in the language chosen by the licensee during his application. Every dispute will be governed by the dispute resolution policy applicable when the complaint is filed.
As of November 2002, the designated Dispute Resolution Entity for .AF is

b) Applicable disputes.
• The licensee must submit a dispute to alternative dispute resolution proceedings if a third party (a “Complainant”) asserts to the Dispute Resolution Entity, in compliance with the rules of procedure, and proves that:
1. The licensee’s domain name is identical or confusingly similar to a trademark, a trade name, a social name or corporation name, a geographical designation, a name of origin, a designation of source, a personal name or name of a geographical entity in which the Complainant has rights; and
2. The licensee has no rights or legitimate interests in the domain name; and
3. The licensee’s domain name has been registered or is being used in bad faith.
• The evidence of such in bad faith registration or use of a domain name can, inter alia, be demonstrated by the following circumstances:
1. Circumstances indicating that the domain name was registered or acquired primarily for the purpose of selling, renting, or otherwise transferring the domain name to the Complainant who is the owner of the trademark, trade name, social name or corporation name, geographical designation, name of origin, designation of source, personal name or name of the geographical entity, or to a competitor of that Complainant, for valuable consideration in excess of the costs directly related to the domain name; or
2. The domain name was registered in order to prevent the owner of a trademark, a trade name, a social name or corporation name, a geographical designation, a name of origin, a designation of source, a personal name or a name of a geographical entity from reflecting this name in a corresponding domain name, provided that the licensee has engaged in a pattern of such conduct; or
3. The domain name was registered primarily for the purpose of disrupting the business of a competitor; or
4. The domain name was intentionally used to attract, for commercial gain, Internet users to the licensee’s web site or other on-line location, by creating a likelihood of confusion with the Complainant’s trademark, trade name, social name or corporation name, geographical designation, name of origin, designation of source, personal name or name of a geographical entity as to the source, sponsorship, affiliation, or endorsement of the licensee’s web site or location or of a product or service on his web site or location.
5. The licensee registers one or more personal names without the existence of a demonstrable link between the licensee and the registered domain names.
• If a complaint is filed, the licensee can demonstrate his rights or legitimate interests to the domain name by the following circumstances:
1. Prior to any notice of the dispute, the licensee used the domain name or a name corresponding to the domain name in connection with a bona fide offering of goods or services or made demonstrable preparations for such use; or
2. The licensee (as an individual, business, or other organization) has been commonly known by the domain name, even if he has acquired no trademark; or
3. The licensee is making a legitimate and non-commercial or fair use of the domain name, without intent for commercial gain to misleadingly divert consumers or to tarnish the trademark, trade name, social name or corporation name, geographical designation, name of origin, designation of source, personal name or name of the geographical entity at issue.

c) Rules of procedure. The rules of procedure of the Dispute Resolution Entity state the process for initiating and conducting the proceedings and for appointing the Third-party Decider that will decide the dispute. The rules of procedure also determine the fees that the Complainant must pay. The Dispute Resolution Entity publishes the rules of procedure on his web site.

d) Non-intervention of the .af DNS authority. The .af DNS authority does not, and will not, participate in the administration or conduct of any proceedings before. Neither the .af DNS authority, the Dispute Resolution Entity of the Third-party Decider will be liable as a result of any fault made in the dispute resolution process, except for intentional faults.

e) Remedies. The remedies available to a Complainant under any proceedings before the Third-party Decider are limited to requiring the cancellation of the domain name registration or the transfer of the domain name to the Complainant.

f) Notification and publication. The Dispute Resolution Entity must publish all decisions under this dispute resolution policy on the Internet during a reasonable term.

g) Courts of competent jurisdiction. The submittance to the alternative dispute resolution procedures does not prevent either the licensee or the Complainant from submitting the dispute to a court of competent jurisdiction for independent resolution before, during or after those proceedings. If Third-party Decider decides that the domain name registration should be cancelled or transferred, the .af DNS authority must wait thirty (30) business days after being informed of the Third-party Decider’s decision before implementing that decision. The .af DNS authority may then implement the decision unless during those thirty (30) business days it receives from the licensee evidence that a judicial decision, enforceable in Afghanistan, rendered in a dispute between the licensee and the Complainant, blocks the transfer or the cancellation. If the .af DNS authority receives such documentation, it will not take any further action (whilst leaving the domain name ‘on hold’) till it receives (i) satisfactory evidence of a resolution between the licensee and the Complainant; or (ii) satisfactory evidence that the lawsuit has been dismissed or withdrawn; or (iii) a copy of an order on the merits from that court dismissing the lawsuit or stipulating that the licensee does not have the right to continue to use the domain name.

h) Other disputes. All other disputes between the licensee and any party other than the .af DNS authority over the domain name registration that are not brought under the alternative dispute resolution procedures must be resolved through any court proceedings, arbitration or other available proceedings.

i) Defences. The .af DNS authority will not participate in any dispute between the licensee and any party other than the .af DNS authority over the registration and use of the domain name, neither in the alternative dispute resolution proceedings, nor in any other proceedings. The licensee must not name the .af DNS authority as a party or otherwise include it in any such proceedings. If the .af DNS authority is named as a party in any such proceedings, it reserves the right to raise any and all defences deemed appropriate, and to take any other action necessary to defend itself.

j) Domain name on hold. As soon as a request for alternative dispute resolution is properly filed with the Dispute Resolution Entity and the appropriate fee is paid, the Dispute Resolution Entity must inform the .af DNS authority of the identity of the Complainant and the domain name involved. The .af DNS authority must immediately put the domain name involved “on hold”, under articles 2 and 3 of these terms and conditions. The domain name remains on hold until the end of the proceedings set out in paragraph (g).

11. Rules For Domain Name Use
Domain name registration is strictly prohibited by any of the following purposes:
1. The display of sexually offensive contents;
2. Spamming activities including the development of tools used to spam ; or any software or resources to be used for illegal activities, including viruses and hacking tools;
3. Any other activity which is illegal under Afghan law.

12. Required Documents
The registrant must bring the following documents for the registration of domain names under .af domain.
1. If the registrant wants to register a domain name ending in “.com.af”
a. Trade license / Business authorization or approval from the Ministry of Commerce for any other Ministry or body responsible for registration or licensing of such bodies.
2. If the registrant wants to register a domain name ending in “.org.af”
a. Approval of registration documents from the ministry of planning for verification of the specified organization or any other Ministry or body responsible for registration or licensing of such bodies.

13. Disclaimer
13.1 The Registrant agrees that AFGNIC will not be liable for any damage, liability, loss, costs, charges and expenses due to or related to registration of, application for, deletion of, suspension of, transfer of, reverse transfer of and/or use of Registrant’s domain name, or for interruption of business, or any direct, indirect, special, incidental, or consequential damages of any kind (including loss of profits) regardless of the form of actions, cause of actions, suits, claims and demands whether in contract, tort (including negligence), or otherwise, even if AFGNIC has been advised of the possibility of such damages. Notwithstanding the foregoing, in the event AFGNIC is found to be liable under this Agreement, in no event shall AFGNIC’s aggregate liability under the terms and conditions of this Agreement or otherwise (including negligence) exceed the cumulative total of the Fees paid by the Registrant.
13.2 The Registrant agrees that all conditions and warranties which would otherwise be implied into this Agreement are hereby excluded to the fullest extent permissible by law.

14. Indemnity
The Registrant agrees to indemnify and hold and save harmless AFGNIC, against any and all actions, causes of action, suits, claims and demands of any nature or kind as well as from and against any and all damages, liabilities, losses, costs, charges and expenses including reasonable legal fees resulting from the Registrant’s breach of the terms and conditions of this Agreement, registration of, application of, transfer of and/or use of the domain name.

This Agreement (including AFGNIC’s applicable rules, policies and procedures), as amended and supplemented by AFGNIC from time to time, contains the entire understanding between the Registrant and AFGNIC with respect to the subject matter hereof and supersedes all prior agreements or understandings, inducements or conditions, express or implied, oral or written made between the parties hereto.

By submitting this registration form the registrant is constrained and agrees to with all applicable rules and policies effective from time to time

Note: For more information and domain registrations visit http://www.pamirwebhost.com

Windows 10: release date, price, news and features

The future of Windows is coming on July 29

Windows 10 release date news and features

Update: With less than two months to go until the big launch, Microsoft is slowing down its Windows Technical Preview updates and introducing fewer brand new features. The latest is a “Delay” feature that allows users to, well, delay the download and installation of new features. More details below.

And during Computex 2015, Microsoft showed off a slew of upcoming PCs and laptops that will run Windows 10 either out of the box or through the free upgrade. Check them all out here.

Original article follows…

With Windows 8 and today Windows 8.1, Microsoft tried – not entirely successfully – to deliver an operating system (OS) that could handle the needs of not only number-crunching workstations and high-end gaming rigs, but touch-controlled systems from all-in-one PCs for the family and thin-and-light notebooks down to slender tablets.

When Microsoft pulled the curtain back on Windows 10 back in September of 2014, it was clear that, with an operating system optimized for PCs, tablets and phones in unique ways, the Redmond, Wash.-based firm was onto something. Skipping the Windows 9 name entirely, Microsoft issued a public preview of the shiny new OS later that autumn, known as Windows Technical Preview (WTP).

You can try it out for yourself through Microsoft’s Windows Insider Program (nearly 4 million have, as of May 2015). You’ll need a Microsoft account to get it, and it’s worth bearing in mind that it’s not the finished product, so it will be a bit rough around the edges.

Since its September 2014 reveal, Microsoft held a consumer-facing preview of the upcoming OS in January 2015, and shelled out even more details during its Build 2015 conference back in April. As the months have passed through those milestones, new features rolled in with each Windows 10 preview build update. And now, with a release date announced, the OS is mighty close to completion.

Cut to the chase

  • What is it? A complete update for Windows
  • When is it out? July 29
  • What will it cost? For Windows 7 and 8.1 users, it will be free for one year
Microsoft’s Terry Myerson says ‘this summer’

When is the Windows 10 release date?

Microsoft slated Windows 10 for a summer launch, and the company has stuck to its word. Following several leaks (and one giant snafu from US retailer NewEgg which published an incorrect launch date), it has now been confirmed that Windows 10 will launch on July 29.

That said, it’s unlikely that Windows 10 will release for all device types on this date.Judging from comments made by Microsoft Corporate VP of Operating Systems Joe Belfiore, the company has planned a phased approach to the launch. Windows 10 will release for desktop and laptop devices first, then trickle down to phones, the Xbox One, Arduino machines and its own HoloLens.

For Windows 7 and 8.1 users, the cost is free-99

How much will Windows 10 cost?

For Windows 7 and 8.1 users, Windows 10 will be free for one year. After that period – not to mention for standalone copies of the OS – the asking price starts at $119.

Microsoft’s Executive Vice President of Operating Systems Terry Myerson announced in January that Windows 10 will be free for existing Windows 7 and 8.1 users for its first year. Microsoft also confirmed a while ago that the two most recent Windows versions will be able to upgrade to Windows 10 directly.

However, if you’re not eligible for Microsoft’s upgrade program – those who upgrade after the first year free offer, or those running a non-genuine Windows version or one older than Windows 7 – Windows 10 Home will cost $119 (about £78, AU$156) and Windows 10 Pro will cost $199 (£131, AU$262) per license, Microsoft confirmed to TechRadar. Windows 10 Home users who want to upgrade to Pro will have to pay an additional $99 (£65, AU$130) for the Windows 10 Pro Pack.

The company promises that it will support those who scored a free upgrade to Windows 10 with security and system updates for the lifetime of those Windows devices.

Neowin reported back in February that Microsoft has trademarked the term “Windows 365,” supposedly with the intent of it being a service. The news and speculation has sent folks buzzing about the possibility of a subscription-based Windows to come, though that’s not likely to be Windows 10. Oh, we hope not.

This could be you right now

How will I get to download Windows 10?

Confirming the rumors and leaks leading up, Microsoft has already started the upgrade process for current Windows 7 and Windows 8 users. If your machine is up to date today, you will soon see a small icon of the Windows logo on your task bar next to the internet status icon.

Clicking it will open a window that details the upgrade process and will allow you to “reserve” your free Windows 10 download by providing your email address. Presumably on or in advance of launch day, Microsoft will download the OS to your device and notify you when it’s ready to install.

What follows that prompt are a few bits of info to tease the new release and get users excited. It’s that easy.

Seven shades of Windows 10

Windows 10 will be available in 7 versions, far more than one would have expected in the first place. While IoT, Mobile, Home, Enterprise and Professional were already confirmed, Mobile Enterprise and Education were unexpected. In comparison, there were only four versions of Windows 8.1 (five if you include Windows Phone 8) and one of them was Windows RT.

Microsoft clarified the free upgrade offer for Windows 10, adding that Windows 10 Home and Pro will be available for free to Windows 7 and Windows 8.1 users that have appropriate licenses (presumably, Windows 8.1 Home users will only be able to upgrade to Windows 10 Home).

It pays to be an Insider

What’s new in Windows Technical Preview?

The latest WTP build available for all testers is build #10074, released during Build 2015. The update builds on what was released in the last stable build, namely streamlining the Virtual Desktop experience and giving the Photos app some much-needed functionality.

For the more experienced or foolhardy users in Microsoft’s “Fast” ring, they’re already looking at a leaked version of preview build #10134. The new build is not as stable as the “Slow” ring’s aforementioned latest release, and introduces one new feature of note: Delay.

This tool allows users to, as the name implies, delay the download and installation of future preview build updates. This will be a boon to IT managers running fleets of Windows 10 machines, and could signal a shift in focus for for the time being toward enterprise users.

Build #10134 also brings a small update to the Windows Snippet tool. However, keep in mind that these builds are always less stable than the more tested “Slow” releases.

But back to build #10074, this version brings the debut of the resizable Start menu from “Fast” ring build #10056, not to mention the first look at Microsoft’s new Mail and Calendar apps in a stable environment. Most importantly, this version gives users their first look at Microsoft Edge, the company’s new default browser for Windows 10. The release also includes the translucent, resizable Start menu as well as deeper Cortana functionality and Live Tiles on the Start menu.

More importantly, Microsoft detailed how the Windows Technical Preview will endlater this year. For build numbers 9841 through 9879, those already stopped booting on April 30. For build numbers 9926 through 10049, those will stop working on October 15 – well after the final release of Windows 10, of course.

What Microsoft hasn’t seemed to address yet is how folks who installed Windows 10 outright on a machine will be able to “upgrade” to the final version once it launches this summer.

Further updates are in the works (already)

Before Windows 10 has even launched, Microsoft’s upgrade plans for the OS have leaked. Operating under the codename “Redstone”, the Windows maker will issue updates in two waves.

According to Neowin’s report, the first will come June 2016 and the other October of next year. But don’t expect huge, sprawling changes from these updates – they’re likely to be tweaks to the new OS for specific types of hardware and other improvements.

Move on to the next page to read about the biggest changes coming to Windows 10 in depth.

General Information About Afghanistan

Afghanistan: An Introduction

Afghanistan, (which literally means Land of the Afghan) is a mountainous land-locked country located in Central Asia. It has a history and culture that goes back over 5000 years. Throughout its long, splendid, and sometiScreen Shot 2015-05-28 at 1.53.49 AMmes chaotic history, this area of the world has been known by various names. In ancient times, its inhabitants called the land Aryana. In the medieval era, it was called Khorasan, and in modern times, its people have decided to call it Afghanistan. The exact population of Afghanistan is unknown, however, it is estimated to be somewhere close to 32 million.

Afghanistan is a heterogeneous nation, in which there are four major ethnic groups: Pashtoons, Tajiks, Hazaras, and Uzbeks. Numerous other minor ethnic groups (Nuristanis, Baluchis, Turkmens, etc.) also call Afghanistan their home. While the majority of Afghans (99%) belong to the Islamic faith, there are also small pockets of Sikhs, Hindus and even some Jews. The official languages of the country are Pashto and Dari (Afghan Persian aka Farsi). The capital of Afghanistan is Kabul, which throughout history, was admired by many great figures, such as the great Central Asian conqueror, Zahirudeen Babur. Unfortunately, due to many years of war, this great city has been shattered and nearly destroyed.

Today, Afghanistan is on a road to recovery, however, after decades of war, the economy is still in ruins, and its environment is in a state of crises (by darryl). After pushing the date back twice, Afghanistan’s presidential elections were finally held on October 9, 2004. Over 8 million Afghans voted in the elections. The Joint Electoral Management Body of Afghanistan certified the elections on November 3rd, and declared Hamid Karzai, the interim President, the winner with 55.4% of the votes. Karzai’s strongest challenger, Yunis Qanooni, came in second with 16.3% of the votes.

With help from the United States and the United Nations, Afghanistan adopted its new constitution, establishing the country as an Islamic Republic, in early January 2004. According to the constitution, the Afghan government consists of a powerful and popularly elected President, two Vice Presidents, and a National Assembly consisting of two Houses: the House of People (Wolesi Jirga), and the House of Elders (Meshrano Jirga). There is also an independent Judiciary branch consisting of the Supreme Court (Stera Mahkama), High Courts and Appeal Courts. The President appoints the members of the Supreme Court with the approval of the Wolesi Jirga. Assembly elections were held in late 2005.

For a detailed statistical look at Afghanistan check out the following link:

USBKill — Code That Kills Computers Before They Examine USBs for Secrets

USBkill — A new program that once activated, will instantly disable the laptop or computer if there is any activity on USB port.
Hey Wait, don’t compare USBkill with the USB Killer stick that destroy sensitive components of a computer when plugged-in.
“USBKill” is a new weapon that could be a boon for whistleblowers, journalists, activists, and even cyber criminals who want to keep their information away from police and cyber thieves.
It is like, if you are caught, kill yourself. In the same fashion as terrorists do.

Here I am not talking about to kill yourself, but to kill the data from your laptop if the law enforcement has caught your laptop.

USBkill does exactly this by turning a thumb drive into a kill switch that if unplugged, forces systems to shut down.
Hephaestos (@h3phaestos), the author of USBkill, reports that the tool will help prevent users from becoming the next Ross Ulbricht, founder of the infamous underground drug marketplace Silk Road, who was arrested in a 2013 FBI raid in which his laptop was seized by law enforcement agencies.

USBKill waits for a change on your USB ports, then immediately kills your computer,” a Githubdocument states.

Completely Wipe up any pieces of evidence before Feds caught you:

Generally, the kind of activities on USB port include the police installing a mouse jiggler – a tool that prevents computer systems from going to sleep, and any USB drive being removed from the computer.
If this happens you would like your computer to shut down immediately,” Hephaestos says. Simply, tie a flash USB key to your ankle, and instantly start USBkill when the police or any other law enforcement official caught you with a laptop.
In case, they steal or take your laptop or computer with them, they would definitely remove the USB drive that will immediately shut down your laptop.
The author of USBkill states that the program could be very effective when running on a virtual machine, which would vanish when you reboot.
The author says that USBKill will be added to additional commands and functions. However, it does work correctly and efficiently in its current state as well.
Source: THN