Easy Drag And Drop Website Builder

Website Builder is an Internet-based website designing application that allows users to produce professional-looking website in very little time.  With this, you can help your customers develop websites within minutes. An online website builder helps your customers obtain a fully functional online presence. Besides, updating the website’s content or adding new content, images or multimedia content is easier via a user-friendly interface.
What are website builders for?
These systems are perfect for individuals, freelancers, photographers, small-time businesses and start-ups.

Give Customers a Comprehensive Website Builder
Website Builder tool helps your customers build fully fledged websites quickly. Your customer can be charged on the basis of the Web Space and the number of web pages specified with a particular plan.
While conventional content management systems were designed to administer large websites, online website builders were designed keeping smaller website projects in mind. Essentially, the user doesn’t require much of technical know-how or special programming skills like installing a CMS, applying a template, or creating a database.

Advantages of Using a Website Builder
  • Reduced Cost – Using a website builder reduces the cost of developing and maintaining a website significantly.
  • No Coding – With a website builder, one doesn’t need to learn HTML or any other type of website coding. Choose any of the templates to develop a website that fits the business perfectly.
  • High Quality Graphics – A website builder gives you access to high-quality website graphics which can be used at no additional cost. These graphics can be used to enhance the website pages thereby making the site more attractive for visitors.
  • Ease of use – Almost all website builders offer a drag and drop facility, which means the user need not write a new code every time for every change he wishes to make to the website. It thus gives the user the ability to upgrade content and images very easily.

Drag and Drop Website Editor
No need to know HTML. Simply drag elements to your website.

Free Stock Photos and Beautiful Fonts
Modify any theme with professional photography and unique typography.

Responsive Website Templates
Website templates that look great on all devices, no extra work required!

Ecommerce Shopping Cart and Paypal Sales
Sell products from your website - one at a time or with a complete shopping cart.

Dynamic eBay Product Listings
Keep your website visitors up to date on all of your eBay auction items.

Search Engine Optimization and Real-time Statistics
Comprehensive SEO features ensure your site will be ranked prominently in the search engines.

Custom Domains
Whether for a business site or a personal site, it is always beneficial to have a domain name.

Expand your audience with social sharing
Twitter,Facebook, Google Plus, and hundreds of other social activity widgets available.

Upload Photos and Create Galleries and Slideshows
Amazing Photo Organization and Management with easy Drag and Drop Folders.

Thousands of Professional Stock Photos
Don't pay for professional photography, we have the perfect image you are looking for.

Engage Users with MultiMedia
Add audio files and videos from YouTube and Vimeo, or upload your own.

MTA Solutions Website Builder is the easiest way to build a website - what are you waiting for? ORDER NOW


Why You Should Never Use a Free Web Hosting

Who doesn’t love FREE Stuff? I’m sure you do. Honestly, we also love freebies. Although, not everything free is good for you. Here are a few reasons for why you must contemplate before opting for free web-hosting.
  1. Limited Templates

    You will have very few options when it comes to templates. Selecting a limited range of templates may not be an issue, but manipulating or making changes to them may not really be an option. Free web hosting providers may not provide you with an efficient content management system which limits the functionality of your website. Not having an efficient CMS just makes things more problematic if you want to add more visual appeal to your site. Basically, you will have to follow the norms given to you by your free web hosting provider.

  2. Unpredictable:

    Hypothetically, say you have a business website, a free site that gets a lot of traffic and ultimately helping you rake in money. If you’re using a free web host, your website is practically owned by your hosting provider. So, there might be a risk of it being taken down. Free web hosting providers may not offer you regular backups. You are responsible for backing up your files and unless you do it yourself, you’re most likely to lose all your data. Another thing to keep in mind is that there is no formal contract, no support since it a free service. Thus, no one is liable to answer you if things go awry.  Free web hosting providers could cause you to lose income. They are also stringent on their advertising policy.

  3. Hacker-prone: 

    Since free websites lack versatility when it comes to the visual aspect of it, security-wise, you should definitely not be expecting much. If you are unable to integrate SSL certificates & anti-malware, you are pretty vulnerable to hackers and spammers.

  4. Not search engine-friendly: 

    There are multiple reasons for why search engines can avoid your free site from showing up at all. Slow website load speed, downtime, not to forget the point mentioned above are some of the prominent reasons. Yes! Low-quality spam sites which are often hosted on free servers can result in poor search engine ranking as well. Free websites and servers are a hacker’s playground. All in all, search engines may have a very unfriendly disposition towards your site.

  5. Limited file upload: 

    Free web servers provide a stipulated amount of space for each website it hosts. And when I say stipulated I mean highly unrealistic limits on file uploads, bandwidth and storage. If you are planning to upload files on a regular basis and manage to reach your limit, you may have to go through an optional paid service to add more storage space to your website. A free hosting provider can give you a platform with too many constraints and you could reach  resource limits very soon. This makes things very unsavory for you and your audience. Also, your hosting provider may delete your content whenever they feel like which is in accordance with their terms and conditions.

Tips to Secure Your Linux Server

At MTA Solutions, our primary objective has always been to provide you with powerful, secure and robust hosting solutions. While for product such as Shared Hosting, we take utmost care to ensure maximum server level security and redundancy, products such as Dedicated Servers and VPS, we can ensure network level security while the OS level control lies in your hands.

Although Linux based Operating Systems are relatively more secure and include inbuilt security mechanisms like SELINUX when compared to the others, a small vulnerability or bug can give a hacker easy access to your system. Keeping this in mind, we’ve put together a comprehensive set of steps that you can take to mitigate the risk of getting hacked.

1. Always stay up to date

A great way to ensure maximum server security at all times is to keep your system up to date with the latest bug fixes or the latest version of your Operating System. A good way to keep track of update announcements is to sign up for email alerts. CentOS  and Ubuntu have a security mailing list where all security and vulnerability fixes are discussed and released.

2. Verify Permissions

It is essential to review permission settings to ensure that a server remains secure. There are certain files such as the “/etc/passwd”, “/etc/shadow”, “/etc/group” and “/etc/gshadow“ files that contain critical user, password and group information. These files have a greater chance of being subjected to malicious attacks.

Several utilities also require read access to the password file to function properly, however read access to the shadow file will allow malicious attacks against system passwords, and should never be enabled and should never be enabled.

Below are the default permissions and owners that should be set for these files.  
# cd /etc
# chown root:root password shadow group gshadow
# chmod 644 password group
# chmod 400 shadow gshadow

3. Find unauthorized World Writable files

The following command discovers and prints any world-writable files in local partitions. Run it once for each local partition

# find /tmp -xdev -type f -perm -0002 -print

If this command produces any output, fix each reported file file using the command:

# chmod o-w file

Data in world writable files can be modified by any user on the system. In almost all circumstances, files can be configured using a combination of user and group permissions to support whatever legitimate access is needed without the risk caused by world-writable files.

It is generally a good idea to remove global (other) write access to a file when it is discovered. However, it is always advisable to check relevant documentation for applications before making changes. Also, monitor for recurring world-writable files, as these may be symptoms of a misconfigured application or user account.

4. Set the sticky bit on World Writable directories

Setting the sticky bit prevents users from removing each other’s files.  When a sticky-bit is set on a directory, only the owner of a given file is given the right to remove it from the directory. Without the sticky bit, any user with write access to a directory can remove any file from it.

Use the following command to discover and print any world writable files that do not have their sticky bits set.

# find /tmp -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print

If this command produces any output, fix each reported directory /dir using the command:

# chmod +t /dir

In cases where there is no reason for a directory to be world writable, a better solution is to remove that permission rather than to set the sticky bit.

5. Enable ExecShield

ExecShield helps in reducing the risk of worm or other automated remote attacks. It comprises a number of kernel features to provide protection against buffer overflows. These features include random placement of the stack and other memory regions and special handling of text buffers.

To ensure ExecShield (including random placement of virtual memory regions) is activated at boot, add or correct the following settings in /etc/sysctl.conf:

#kernel.exec-shield = 1
#kernel.randomize_va_space = 1

6. Configure Sudo to improve auditing of Root accessC

The sudo command allows fine-grained control through which users can execute commands using other accounts. The primary benefit associated with the configuration of sudo is that it provides an audit trail of every command run by a privileged user. It is possible for a malicious administrator to circumvent this restriction, but, if there is an established procedure that all root commands are run using sudo, then it is easy for an auditor to detect unusual behavior when this procedure is not followed.

7. Set Strict password requirements

Setting more stringent password requirements can be an additional measure taken to step up server security.

User passwords should be strengthened with the PAM module which can be configured to require at least one uppercase character, lowercase character, digit, and other(special) character,

You can modify your password by following the steps listed below:
Locate the following line in /etc/pam.d/system-auth:
#password requisite pam_cracklib.so try_first_pass retry=3
and then alter it to read (placing the text on one line):
#password required pam_cracklib.so try_first_pass retry=3 minlen=14 \dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1

You may also modify the arguments to ensure compliance with your organization’s security policy. Note that the password quality requirements are not enforced for the root account

8. Install LFD and Config Server Firewall
ConfigServer.com has created a script which by default blocks all ports and provides you the opportunity to allow usage of only those ports on which you have applications running.

Download and install these scripts from configserver.com

Open the config server conf file /etc/csf/csf.conf and modify the below lines to your requirements

# Allow incoming TCP ports
TCP_IN = “22,80”

# Allow outgoing TCP ports
TCP_OUT = “22,25,80”

In the example I have allowed port 22 for ssh, port 80 for http and only outgoing for port 25 since I do not want any other server or client using my server for sending emails.

Also modify the below line to your email address.

#LF_ALERT_TO = your email address

Along with the firewall, LFD will also be installed. LFD is a daemon which scans log files and blocks IP addresses trying to brute force your server.
You can whitelist your IP address in /etc/csf/csf.ignore. Please use caution while executing the above commands and if possible test changes on a demo server.

In addition to the above mentioned security measures, we also sell SiteLock – a powerful, cloud-based, website protection service that works as an early detection alarm for common online threats like malware injections, bot attacks etc. 

MTA Solutions New Client Area Interface

We are happy to inform that we have upgraded the user interface for our client area. It is more user-friendly and easy to navigate with a lot of new features. Cpanel users now can control main function in client area without the need to re-authenticate.

Please do login and check it out. Should you have any feedback, as always we welcome them and will seek continuous improvements in providing better services to you.

Thank you for your support.

IMPORTANT: Vulnerabilities Discovered in WordPress & Magneto

WordPress Vulnerability 
What is it?
This is a new, serious vulnerability, announced recently which has the potential to cause some damage and disruption.
Current versions of WordPress are vulnerable to a stored XSS. An unauthenticated attacker can inject JavaScript in WordPress comments. The script is triggered when the comment is viewed.
If triggered by a logged-in administrator, under default settings the attacker can leverage the vulnerability to execute arbitrary code on the server via the plugin and theme editors.
Alternatively the attacker could change the administrator’s password, create new administrator accounts, or do whatever else the currently logged-in administrator can do on the target system. You can find more details about the impact and solution for the same here.
What you need to do?
We would request you to go through the recommendations and update your WordPress website using the patch available here.

Magneto Vulnerability
What is it?
This is a vulnerability that has been recently reported too. The vulnerability is actually comprised of a chain of several vulnerabilities that ultimately allow an unauthenticated attacker to execute PHP code on the web server. The attacker bypasses all security mechanisms and gains control of the store and its complete database, allowing credit card theft or any other administrative access into the system.
This attack is not limited to any particular plugin or theme. All the vulnerabilities are present in the Magento core, and affects any default installation of both Community and Enterprise Editions. 

What you need to do?
If you are using the mentioned vulnerable versions of Magento, we would request you to patch it using the updates provided in the following link : http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/
You can test your Magento website’s vulnerability using this tool.
We strongly recommend you access all your packages and patch them immediately to avoid any issues. Please feel free to contact our support helpdesk in case you have any queries.

.XYZ: For Every Website, Everywhere.

The new gTLDs have marked a new era in the online world and opened up options previously unheard of! You can now register your domain name with a TLD that perfectly explains your brand. For example, a .DOCTOR, a .PRESS or a .TECH.
But what if your brand is generic or you don’t want to brand your company with a single TLD? That’s where .XYZ steps in!

What is .XYZ?
.XYZ is the most popular new extension with nearly 500,000 registrations in the first three months of availability and nearly a million up to date! It’s an extension that doesn’t limit your brand to a product, a service or a country.

Who is it for?
It’s for everyone, everywhere. For small businesses and large businesses and individuals alike.

Why should I pick .XYZ?
For well over two decades, the .COM has ruled the roost so why should you pick .XYZ? Try looking up a domain name you want with a .COM. In all probability, it’s already been taken. A .XYZ is a fresh, affordable, diverse, global new alternative. Your brand can reach international markets by registering .XYZ in over 200 languages! Its short, memorable and easy-to-connect-with features makes it deal for your brand. Moreover, you don’t have to worry about losing traffic if people type in .COM. .XYZ redirects YourName.xyz.com to YourName.xyz automatically and is the only domain extension that can do this!

Does a .XYZ domain hinder my SEO performance?
No. A .XYZ domain name is on par with any other domain including a .COM.

Do other brands use .XYZ?
Absolutely. With a number as huge as 500,000 registrations in the first three months & nearly a million today, .XYZ is going great guns without any sign of slowdown as each month goes by. The extension is hugely popular and more and more brands are opting for this TLD. If you wish to move your existing brand, you can upgrade easily. If you’re already on the .XYZ bandwagon, renew it for another term today!
Here are two examples of brands that have registered with .XYZ:
Get your brand registered at .XYZ. If you’ve already got a .XYZ, don’t forget to renew it! The English alphabet ends with it. So should your brand.

.ASIA: Connecting Asia with One Domain

What is .ASIA? 

The .ASIA organisation, the registry for .ASIA, is a non-profit organisation for the promotion of Internet development and adoption. Asia is the largest Internet marketplace in the world & .ASIA is a great TLD for companies or brands looking to target the Asian audience & for individuals to connect with Asians communities across the world. .ASIA is the one domain with instant access to the Asian audience.

Become Asia- Friendly, Instantly
Make your website, brand, organisation or company Asia friendly instantly with .ASIA. Connect with the audience that matter to your brand. The extension is open to all individuals, organisations & communities, irrespective of if you’re a local seller or a multinational company.

Search Engine Optimisation Relevance & Benefits
Keyword domains enhance search results ranking. A .ASIA domain naturally enhances search for Asian information. Th extension helps your brand rank favourably.

Contribute to the Internet with .ASIA
Every .ASIA domain name adds to the development of the Internet. Your .ASIA domain registration contributes to the Internet through digital inclusion projects. Some of these initiatives are: One Laptop Per Child (www.OLPC.asia), NetMission (www.NetMission.asia), the Information Society Innovations Fund (www.ISIF.asia) and many other meaningful projects that promote Internet development and adoption across Asia.