Category Archives: Staff Posts

Customers will receive Motherly Care this Mother’s Day

By Don Robbins

 

Mother’s Day is coming up soon on Sunday, May 13 and it is a day that we’ll celebrate motherhood. Happy Mother’s Day from Superb Internet Corporation!

Take advantage of our Multitude of Opportunities all Month (MOM), and every month: which include an extensive variety of cloud hosting options or dedicated servers, from small to large sizes, depending on your needs.

Superb Internet wishes all our customers a Happy Mother’s Day from the host that supports you the most! In celebration of Mother’s Day, we have an exclusive Mother’s Day offer where you’ll receive two months free after just 12 months for all new Tetradeca v4 servers.  This offer will expire on May 31, 2018, so enjoy our motherly loving care of your servers now before this offer ends. To take advantage of this offer now, visit https://www.superb.net/happy-mothers-day

When I was a kid and the weather was bad outside, my mother would always tell me not to leave the house without wearing a hat and coat. As I think about Mother’s Day, that idea of my mom always looking out for my well-being springs to mind. I’ve been told that one of the qualities of a good mother is someone who nurtures and protects her child against the world’s pitfalls.

Just like a good mother, our Superb Cloud nurtures  clients by staying truly “Ahead of the Rest.®” with no overselling, fully dedicated resources and  the world’s most comprehensive cloud hosting SLA.  To look at a variety of choices at our website https://www.superb.net/ to see how we can help grow your business.

I’ve also heard that another quality of a successful mother is someone who puts in the extra effort to keep their kids happy, whether it’s a special birthday party or graduation event.

Unlike many cloud hosting providers who overpromise but under deliver, our Superb Cloud platform gives you exactly what was promised. There is zero overselling, and full disclosure of the exact guaranteed performance. As one of the first web hosting companies in the industry, we are the innovators and we know what it takes to keep customers happy throughout the years.

We feature a full range of cloud hosting services. We have a match for everyone: whether you are a developer, a start-up, an SMB, and even an enterprise that needs the best real-time instant flexibility. Superb Internet has a variety of scalable fixed-fee cloud services which offer great value for most uses. However, those who prefer a pay-by-the-hour cloud for highly variable loads or as a development platform can decide to choose our Superb FlexCloud as the best match for their individual needs.

In fact, we are so confident of our cloud that we not only offer the world’s most comprehensive cloud hosting SLA, but we’re also offering $500 of free cloud for all new clients. This enables them to get started completely risk-free and obligation-free.

For customers who prefer more on the physical side, Superb Internet Corporation is also like a devoted mother to its clients’ data.

Superb Internet’s dedicated servers are always up and running to help our clients. We are passionately devoted to customer service and our servers are designed with state-of-the-art technology.

I know that my mom always urged me to do well in school and strive to achieve my goals and dreams.

For that type of staunch support, we often treat our moms on Mother’s Day to delicious brunch meals, buy them inspiring or funny cards to celebrate their awesomeness, or shower them with bouquets of flowers.

Speaking of support, the Superb Internet Corp. highly trained staff of Systems Administrators and Network Engineers provide exceptional technical support 24 hours a day, seven days a week, 365 days a year. So, we are confident that we have the best customer support team in the industry.

On top of that, we also offer a Price Match Guarantee to ensure that you’ll get your dedicated server or servers at the lowest price available on the market today. If for any reason you are not satisfied, we’ll refund 100 percent of your purchase.

At Superb Internet, we pride ourselves on our company-wide “Customers First” policy. Our core guiding principle ensures that our customers always come first in everything we do. To us, a customer is more than just a number. They are a key partner in our success, just as much as we are in their success.

That kind of reminds how a mom often will put her youngster first, dropping everything to watch her teenager’s basketball game and cheer him or her on from the stands.

I’ve known many moms who help their children plan for their future success, so they can have a better life than their parents.

Superb Internet would also love to help you plan for future success with our dedicated servers. Regardless if you’re thinking about getting a dedicated server to optimize your websites due to high traffic, to enhance security, or to achieve greater flexibility for improved customization and configuration, we have the perfect server solution to help you get to your business goals.

We have a multitude of dedicated servers to choose from, so you will easily find the correct server that is tailored toward your needs at the lowest prices. Among our dedicated servers, customers can choose from a variety of options, such as dual core, quad core, hexa core, octa core, deca core and tetradeca core.

 

 

SSL Certificates, SHA-2 & Why Should I Upgrade?

SHA-2 Compression Family Tree
When you order an SSL certificate for your website, your certificate is signed with a cryptographic hash algorithm that ensures the validity of the signed SSL certificate. In the distant past, SSL certificates were signed with an MD5 hash, but as computational power increased, MD5 became insecure. SHA-1 signing then became the new industry standard. However, SHA-1 has also become technologically insecure.

Sunsetting SHA-1

US NIST has recommended that SHA-1 no longer be used, and as of late 2014, the SSL Certification Authority industry has moved quickly to discontinue use of the SHA-1 hashing mechanism for SSL certificate signing in favor of SHA-2.

In order to facilitate this transition, major browser vendors, including Mozilla, Google, and Microsoft have announced relatively fast deprecation policies for SHA-1 signed certificates.

  • Microsoft will stop trusting any SHA-1 signed certificates after January 1, 2017. [1]
  • As of Chrome 41 (Mar 2015), Google Chrome will show SHA-1 certificates that expire after January 1, 2017, as insecure. SHA-1 certificates that expire between Jan 1 – Dec. 31, 2016, will be shown as “secure with minor errors”. [2]
  • Firefox will display a warning for SHA-1 certs after January 1, 2016, and stop trusting them after January 1, 2017. [3]

Using SHA-2

SHA-2 is actually a crypto family that includes six different hash functions, including SHA-224, SHA-256, SHA-384, SHA-512, etc. For SSL certificates, SHA-256 is what is used, so for the purposes of this article, SHA2 and SHA256 will be used interchangeably.

Issuing

All the major Certificate Authorities are now issuing SHA-2 certificates, but not necessarily by default. Some will give you SHA-2 by default. Some of them will allow you to choose SHA-1 or SHA-2 at the time of certificate ordering. Others will give you a SHA-1 or SHA-2 certificate depending on how you sign the CSR (with either a SHA-1 or SHA-2 signature) that you submit to them.

When you order an SSL certificate, in order to ensure that the CA receives a SHA-256-signed CSR from you, which will usually be a “signal” for them to issue you a SHA-256 cert, you need to use the “-sha256” flag during CSR generation, instead of the “-sha1” flag, like so:

openssl req -new -out www.domain.com.csr -key www.domain.com.key -sha256

Re-issuing

If you have a current SHA-1 certificate that expires after January 1, 2017, you’re probably going to want to reissue it with a SHA-2 signature, due to the web browsers eventually showing it as insecure. If you have an existing cert that expires in 2016, you may also want to reissue that, because of the security warnings that browsers will display.

Installing and Using

SHA-2 certificates are installed the same way as any SSL certificate, using Apache directives like this:

SSLCertificateFile /path/to/www.domain.com.crt
SSLCertificateKeyfile /path/to/www.domain.com.key
SSLCertificateChainFile /path/to/intermediate_cert.crt

One thing to be aware of is that SHA-2 certificates are usually signed by separate SHA-2 intermediate certs which are different from the SHA-1 intermediate certs that you may have seen or used previously. Therefore, it’s very important to make sure you obtain and install the correct intermediate certificate. SHA-2 intermediate certs ensure that there is a SHA-2 secured trust chain all the way to the root certificate (root certificates are mostly SHA-1 at this point, and that is not a problem since SSL roots are trusted by their identity, and not by their signature; essentially, signatures are not used for anything on root certificates).

Once installed, you can (and should) test that the certificate chain has been constructed correctly by testing it here:
https://www.sslshopper.com/ssl-checker.html

Testing

You can test your SSL certificate installation to see if it has SHA-2 signatures all the way to the root with this tool:

https://shaaaaaaaaaaaaa.com/

You can check any individual cert or CSR that you have to see if it was generated with a SHA-2 signature by pasting it into this tool:

https://certlogik.com/decoder/

Look for the field called “Signature Algorithm”, which will tell you if it’s SHA-1 or SHA-256.

Server requirements

On the server, you need a TLS/SSL stack that supports SHA-2 hashing, both for CSR generation, and for certificate reading/serving. Usually the server software (Apache, etc.) relies entirely on the encryption stack/OS to handle the hashing functions, so there’s nothing specific in software that needs to be updated, just the OS and/or SSL tools.

  • OpenSSL 0.9.8 or later (although 0.9.8o (or 0.9.8e-18 on CentOS 5) may be required for full compatibility with all applications)

The stock OpenSSL included in CentOS 5.0 or later includes support for SHA-2.

  • Windows Server 2003 with SP2 and KB2868626
  • Windows Server 2008 or later

Client requirements

On the client side, you also need a compatible OS and web browser that can properly understand SHA-2-hashed certificates.

Operating Systems

  • Windows XP SP3 or later
  • Mac OS X 10.5 Leopard or later

Desktop Browsers

Basically, if you’re using any modern browser, you should be fine.

Highlights:

  • Internet Explorer 6 or later (with SP3 when using XP)
  • Firefox 1.5 or later
  • Chrome 26 or later
  • Safari 3.0 or later

Mobile Browsers

  • iOS 3.0 or later
  • Android 2.3 or later
  • Windows Phone 7 or later

Tools/Libraries

  • libcurl / cURL 7.19.6 or later
  • Java 1.4.2 or later
  • Python 2.6.6 or later

By Todd Bangerter

Image via Wikipedia