Working with HTTP rate-limiting

Overview All HTTP servers enforce a collection of HTTP rate-limiting to reduce abuse and achieve a high reliability. This system is built on a fork of mod_evasive, which implements an interval-based bean counter, in other words it begins counting URI requests for a given duration once the first request is received. There are two classes of…

Connection to mail over SSL fails

Overview IMAP, POP3, and SSL that connect over SSL either via STARTTLS on port 143/110/587 or 993/995/465 respectively fail with a certificate warning without any symptoms prior to October 25, 2016. Symptoms include the following dialog from Thunderbird: Cause With the proliferation of free SSL certificates via Let’s Encrypt, vendors have begun to tighten requirements on…

Account security notices

Account security is very important to us. To improve client safety and the safety of those who share server space with you, account logins are monitored to ensure only trusted users access your account. In the event that an unrecognized browser logs into your account, a notification email is sent to the contact address on record.…

Understanding fortification

Overview Fortification Mode is a new feature introduced in apnscp as of May 2016. Fortification simplifies permission management for PHP-based applications, which run as a separate user from the account holder to enhance site security. Fortification mode is done within the control panel on a known application via Web > Web Apps. When disabled, fortification…

File uploads in a Passenger-backed application fail

Overview A file upload initiated in an application written in Ruby, Node, or Python launched through Passenger will fail to upload. Thus far, the confirmed failure occurs in RefineryCMS with a generic undefined route message following upload. Cause It is a conflict between upload screening and Passenger, but the underlying cause is not clearly understood. Upload…

Let’s Encrypt Certificates

Overview v5+ and above platforms support Let’s Encrypt certificates within the control panel. Let’s Encrypt is a free certificate authority that provides free trusted certificates accepted by all modern browsers. Let’s Encrypt certificates may be issued within the control panel under Web > SSL Certificates. Let’s Encrypt has a few limitations: Only 100 hostnames may be bundled into a…