Domains, DNS and Hosting
What is DNS Propagation?
When you setup your domain name you add a list of 2 or more authoritative nameservers that host the DNS zone file for that domain. This allows your domain to resolve so that when someone on the internet requests the IP address for your domain, the request will lookup the nameservers and then look at the DNS zone file.
This is similar to listing yourself in a directory that everyone would go to when they want to find out how to get in touch with you.
Each ISP (internet service provider) uses caching to store DNS records to save network traffic from having to query the authoritative nameservers everytime a domain name is requested, for example when visiting a website in a browser, or sending an email to a domain based email address. So the DNS records are stored in the memory of the ISP servers.
This record is stored for a short period of time, generally between 4 hours and 72 hours, and can be affected by TTL (time to live) values set in your DNS records. Your ISP nameserver will continue to lookup the cached DNS information until its TTL period has lapsed, at which point it will re-fetch the DNS zone information.
So when you change your DNS records it takes time before your records will be updated or re-fetched. This is called DNS propagation and often requires the day or 2 for your DNS zone to be updated across the internet, so some users will be directed to your new records while some users will be directed to your old records until propagation has completed.
During propagation, it is also a good idea to flush the local DNS resolver of your computer, as your DNS records may also be cached there. You may also need to flush the cache for your browser. However your ISP will also be caching DNS settings so until their cache refreshes you will not see the changes.
The links below can be used to help you monitor DNS propagation, and also tips on how to flush your cache.
How do I check emails on my computer?
Once you have setup your email hosting, then you can access your emails on the webmail interface that came with your email account. If you do not know how to access this, then check with your provider.
Most people are accustomed to using an email client to check emails on their computers or their phones. Examples of email clients include Outlook (Windows) and Mail (Mac OS). There are many other email clients available including Thunderbird and Opera Mail.
So how do you setup your computer’s email client to access your new email accounts for your domain name?
You have 2 options, namely POP or IMAP. The original protocol is POP and provides a way to download the emails off your email server. IMAP is a slightly newer method that enables you to synchronise your email accounts between local email clients and the remote server.
The recommended protocol is IMAP as the email server then becomes a form of “cloud storage” whereby you can connect multiple email clients to access your emails, such as your smartphone, your work computer and your home computer.
You will find specific instructions on how to setup IMAP from your email hosting provider including the IMAP settings for incoming email and the SMTP settings for outgoing email. It’s a relatively simple process to setup and you can find out more at the links below:
Website editing and changes
Why are my website changes not showing?
Websites use a mix of static and dynamic content to display each page. Web pages are often made up of a great number of files, stylesheets, scripts and data from a database. All of these combine together to produce the page. However the more “assets” that a page uses, the slower it is likely to load.
This can be a real problem, so a temporary storage system known as “caching” is used. Your web browser uses a cache so that it doesn’t need to load the same images and files every time you view a page. Your website might have a caching module/plugin installed to speed up the loading of your website. The server that hosts your website possibly also implements a caching system also to reduce the amount of communication between the database and the website.
As a result of this, often when you view a website you are not seeing the latest version of that website, or recent changes.
If you make changes to your website and you do not see the changes immediately, then try the following:
- Do a hard/full refresh of your webpage – Here is the info for different browsers to bypass your browser cache.
- Check if your website dashboard has a cache clearing option – caching options include W3 Total Cache plugin, Cloudflare and others.
- Check if your web hosting server has caching implemented. If so then these are often configured to refresh the cache automatically at set intervals or on file updating on your website.
Website Maintenance and Security
Why do I need to worry about security?
Security is a major concern for websites at the moment. Most websites are undergoing attacks on a daily basis. These attacks are 99.9% opportunistic and automated attempts to find vulnerabilities in websites to then access and takeover the site.
Attack types vary, but generally fall into one of 3 categories – access attacks, software vulnerabilities, or 3rd party integrations and interconnected services.
Access attacks can be internal or external attempts to gain access to your website, your hosting server, your computer, your social media or other areas that you log into. Obviously secure secret passwords are important, but attacks such as brute force attacks, phishing attempts and malware can lead to compromised logins. External attacks to your website can also include DDoS and automated scanning to find security misconfigurations.
Software vulnerability is a leading cause of successful attacks and hacking. Security issues are constantly being uncovered in software (especially plugins and integrations including WordPress plugins) and then documented online in detail with steps on how to abuse. Keeping your software and plugins updated regularly is an essential aspect of keeping your website secure, but updating can also lead to other issues such as compatibility with other software and integrations.
3rd party integrations and interconnected or related services can include attacks such as cross site contamination, access via hosting misconfigurations, compromise of 3rd party integrations such as ad network malware attacks and even attacks to your DNS server.
Common reasons for attacking are for malware distribution, phishing lures, SEO spam, email spam, DDoS and backdoors, defacement and ransomware.
If a business website is compromised then this has both business and technical impacts to the business, and can affect reputation of brand, lead to economic loss and liability, website blacklisting, SEO impact, email deliverability issues and even compromise a visitor’s computer.
The dangers are not only very real, but many websites are already hacked. As such it is critical that every business monitors the security of their website. This is achieved through a multilayer approach of protection, monitoring, detection and response.
Many options are available including proactive protection such as web application firewalls, and we are happy to discuss needs with clients based on the level of security anticipated.