Category Archives: Blog

Disk Space Management Tools with cPanel

One of our most popular requests is assisting in identifying where disk space allowance is going. But did you know you have the tools right in your cPanel account to clear up space?

Please note: Before removing anything from your website, it’s always a good idea to have a recent backup available in case something important is deleted.

Viewing Disk Space Usage in cPanel

Once logged into your cPanel account, under Statistics, is a running count of various metrics including Disk Space, MySQL Disk Usage, Bandwidth, Addon Domains, etc. Most of these metrics are clickable links that take you right to a summary of usage! Clicking on Disk Space will redirect you to your account’s Disk Space overview. You can also search for “disk space” in the cPanel search bar to get to the same location.

In the disk space usage overview, you will get just that – an overview of how much individual parts of your account (public_html/your actual site files, email, and databases) are actually using. If you want an overview of specific files disk space usage (like backups, images, etc.) you will want to use the File Manager tool which we will get to later! Similar situation with databases, if you want to see how much space each database on your account is using, we’ll use a different tool later.

File Manager

If you’re not a fan of using FTP like me, File Manager is a great built-in tool for cPanel. Here, you can see how much disk space individual files are using, rather than the directory overview that the disk space tool provides. File Manager is great when you want to delete those random site backups you made years ago to free up space.

What’s also nice is that when attempting to delete a file or folder within File Manager, you will be prompted with a message that first asks you if you want to delete the file, then asks if you want to permanently delete the file or send it to the “secret trash”. The “secret trash” is akin to an iPhone user’s “recently deleted”. If you later find out you made a mistake in removing the file, you can restore it. Please note that if you don’t permanently delete things and send them to the secret trash, those files and folders will still count against your disk space allowance.

Removing Domains and Subdomains

Removing addon domains and subdomains in cPanel is a three-part process. Before you begin, you will need to ascertain the name of the database associated with the addon domain and/or subdomain you wish to remove and the site’s document root. It will make your life that much easier!

Step 1. Removing record of the addon domain and/or subdomain.

This step is what most folks think removes an addon domain or subdomain and its associated data – but there is more to it! In cPanel under Addon Domains or Subdomains, simply click on the “Remove” icon with the trash can to remove the associated addon domain or subdomain record. Before removal, make note of the Document Root for our next step.

Step 2. Removing site files.

Next, we will want to use the File Manager tool in cPanel to remove the associated addon domain and/or subdomain’s site files. Remember that document root you were to note in the previous step? That will help us determine which files to remove!

Step 3. Removing the database.

Now that the site files are removed, we still have to deal with the removal of the site’s database. Under the MySQL Databases section of cPanel, we can see an individual overview of all database and database users. How do you know the name of the database and the database user your site was using? Check the site’s wp-config.php file! This file will clearly contain the database and its attached database user.

Email Account Disk Space Usage

We’ve found that email account disk space usage is one of the most common things that go wildly unchecked. Specifically, the email inbox of your account’s default email address. Did you know you had one? This is where all of our system notifications go if you do not have a contact email listed in cPanel, or if one of your WordPress users uses an email that does not go to a functioning email account. Spam can also find its way here too. Either checking this email account on a regular basis or set up a proper email forwarder can keep this in check.

The same goes for additional email addresses you have set up but just forward to your Gmail account anyway. If you don’t use our Webmail interface to check your email and forward your email to an email client, make sure that you have your email client set up with a POP3 connection instead of IMAP. IMAP is great in some situations where you want to keep a copy of your email on the server too, but this can be a disk space killer.

As always, please do not hesitate to contact us if you have any questions or concerns or just want to chat!

WordPress Cleanup Checklist

Whether you’re a seasoned blogger or just getting your site off the ground and going crazy with uploads and creating content, it’s always a good idea to keep your WordPress site storage in check. “But I have unlimited disk space!” That is probably not the case, unfortunately! A server is just someone else’s computer with a finite amount of disk space. “But I don’t have the time!” Let’s clean some things up together, it will be easier than you think!

Please note: Before removing anything from your website, it’s always a good idea to have a recent backup available in case something important is deleted.

Subscriber and Membership List Purge

Every subscriber is an entry in your site’s database which can (slowly) take up space. Subscriber lists are something that you will want to be careful about going through though; it’s probably best to do this manually. However, this will become less of a daunting task to do over time if you keep up with going through your subscriber lists. The key here, however, is prevention so you won’t have to spend so much time cleaning up spam users. A simple preventative of spam signups is making sure all submission forms have a CAPTCHA that spam bots can’t abuse.

Our recommendation: Google Captcha (reCAPTCHA)

Those Years Old Pending Spam Comments

Like we discussed with maintaining subscriber lists, the key to maintaining comments is prevention. If you do not have some sort of CAPTCHA, spam bots will use and abuse your comments section. Leaving pending spam comments unchecked can be a cleanup nightmare. If you want to clean this manually, it’s best to tackle this process after your site’s peak hours. This can be a resource-intensive process as it involves deleting entries from your site’s database. Having preventative measures in place will save you so much headache and time in the future.

Our recommendation: Akismet Anti-Spam and WP Optimize

Unused and Redundant Media Files

By default, WordPress creates 4 versions of an image when you upload it to your media library. WordPress will resize that image into a thumbnail, medium, large, and full-size version. That’s 4 times the disk space used! If you haven’t been blogging too long, going through media manually shouldn’t take too much time.

Our recommendation: Media Cleaner

Post Revisions and Drafts That Let’s Face It, You’re Never Going to Finish

Hiding in your database are all the saved post revisions that were created while you were working on content. That WP Optimize plugin we recommended above will remove such saved revisions, but you can also change how many revisions are saved per post. Adding WP_POST_REVISIONS in your wp-config.php file like so:

define( ‘WP_POST_REVISIONS’, 3 );

will set a limit of how many revisions per post WordPress will keep at a time. In this example, we’re telling WordPress to only keep 3 revisions at once per post. Uneasy about adding this to your wp-config.php? We can help!

Speaking of sneaky disk space users, let’s clean those abandoned drafts up too! Another alternative to just deleting those drafts if you can’t seem to let them go is copying them to a document and transferring them to an external location such as Google Drive or Dropbox.

Unused Themes and Plugins

This is something that we cannot stress enough and if we’ve worked on your site you probably have gotten a reminder from us! Deleting those unused themes you’ve tested and didn’t like and plugins you weren’t sure about is such a good idea for multiple reasons. Those plugins and themes still have all those site files and database entries that take up disk space. Deactivated or not, would-be hackers and bots can still exploit deactivated themes and plugins. It’s a double whammy if you’ve never updated them either. Keeping what you actually use trimmed down removes that much more points of vulnerable access and keeps your site that much safer.

We do realize the irony in suggesting all these plugins when we tell you to delete unnecessary plugins! Once you’re done with your site cleanup, make note of what plugins you’ve used for future reference and remove them! They can always be reinstalled at a later date for cleanup.

As always, please do not hesitate to contact us if you have any questions or concerns or just want to chat!

How to Use Gmail (not G Suite) with Your Domain

The Evil of Email Forwarders

When an email forwarder is created, all email is forwarded to that address. Bills, invoices, Twitter notifications, those hilarious cat videos from Bob in the cubicle just over the way, and spam. Our IP addresses are then sometimes blocked by third-party providers, such as Google, ATT, Hotmail, and others, due to the volume of mail being sent from them or the spam that is being forwarded from your account(s).

While the spam may not have originated from your email account and is only being forwarded, email providers do not care. They only care about preventing spam from reaching their mail servers. This is why, if you prefer to use Gmail (or whichever third-party email provider you utilize) for all your mail, we always suggest setting up your domain email accounts as POP accounts rather than forward every message from your account.

POP accounts, by default, download the messages from the server. They can be configured to leave a copy on the server but I generally advise against that. IMAP accounts are a direct connection to the server in which you make changes (mark as read, delete, move to different folders) on the server itself. Mail does not get downloaded to the email client being used.

Benefits of using POP in Gmail

  • We never block Google’s IP addresses.
  • You can continue to use the amazing Gmail interface to read and respond to your emails.
    • You will even be able to respond as your domain-based email address rather than using your Gmail address.
  • Spam messages will no longer be forwarded from the server (but rather retrieved by Gmail) which will help lower the chances the server being blocked by Gmail for sending spam.
    • Even if you are using something other than Gmail, if you can set up the account as a POP account in that email (Yahoo!, Outlook, Hotmail, etc…), the same concept applies of less spam being sent from the server.

Potential Downsides

The only potential downside we can come up with is that Gmail checks periodically (about every hour or so) so you may need to wait for it to automatically pull your new messages. Alternatively, you can initiate a fetch-request by clicking the Refresh icon within Gmail, not your browser Refresh icon.

Let’s Set It Up!

  1. Log into your Gmail account.
  2. Click the settings icon (gear) in the top right and then click Settings.
  3. Click the Accounts and Import tab.
  4. In the Check mail from other accounts section, click Add a mail account.
  5. Enter your email address and click Next.
  6. Select the default option (POP3) and click Next.
  7. Change the Username to your full email address and enter the email account’s password.
  8. Change the POP Server to your server’s hostname, generally something like river.blackchickenhost.com. If you’re not sure what your server’s hostname is, please reach out to us!
  9. Select port 995 and check the box for Always use a secure connection (SSL) when retrieving mail.
  10. Click Add Account.

  11. Once your account has been added successfully, you can set up the email address so you can send mail from that account. Click Next.
  12. You can change the Name if you wish, this is what will be displayed when sending messages from this email address. Be sure to leave the Treat as an alias box checked.
  13. Use your server’s hostname for the SMTP Server, ensure you use your full email address for the Username, and enter your Password. Leave the Secured connection using TLS option selected and click Add Account.
  14. The email address you are adding to your Gmail account will receive a confirmation code to enter here.

You should now be able to send and receive your domain-based email through your Gmail account!

As always, please do not hesitate to contact us if you have any questions or concerns or just want to chat!

Two common WordPress plugins have been exploited

You have probably heard of Easy WP SMTP and Social Warfare and may even be using them. There were exploits found in each plugin which allowed hackers to compromise websites by creating administrative accounts and redirecting traffic. Updates for each plugin have been released; version 1.3.9.1 of Easy WP SMTP and 3.5.3 of Social Warfare.

If you are using either or both plugins, please make sure to either disable the plugin or update it to at least the version(s) mentioned above. You will then want to check your site for additional administrative users that may have been created and remove them. If you find extra administrative users you did not create or your site is redirecting unexpectedly, please let us know and we’ll take a look!

If you are redirected from your site to a page that looks like warnings, errors, or other messages from your Operating System, do not click any of the links and exit the page.

More information about the exploit can be found at:

https://arstechnica.com/information-technology/2019/03/two-serious-wordpress-plugin-vulnerabilities-are-being-exploited-in-the-wild/

As always, please do not hesitate to reach out if you have any questions, especially when site vulnerabilities are involved!

Mindful WordPress Security Practices

Secure WordPress Practices

With WordPress, one of the easiest tasks to complete is to harden your site but it’s one of the most overlooked tasks! In this day in age with data breaches and hacks running rampant, it’s never too late to implement security practices on your website. While absolutely no site is 110%-without-a-doubt-no-way-in-hell-is-anyone-hacking-anything secure, there are many ways to minimize such risk. By not following any security practices or just “letting things go” you’re not only putting your site at risk, but you’re putting your audience at risk as well.

Quick Changes to Make Right Now

WordPress user practices

Please do not ever use the username of “admin” for your main administrative login. It is the WordPress default when creating a WordPress site, but it’s also the easiest to guess and easiest to start exploiting. Even if you use your email to log in to WordPress but still have your user created as “admin” you are still at a risk.

It’s always a great idea to periodically go through registered users and audit users that have any dashboard access whatsoever such as other Administrators, Editors, and Authors. That administrative user you made for a plugin support developer a few years ago that’s never been used again? You should delete that user ASAP. Multiple users with dashboard access are just more points of entry for bad guys.

Minimum password strength and password change schedule

Consider setting a schedule for yourself and additional users to change their login passwords. Your password that you haven’t updated since your site’s inception in 2013? Take a few seconds to change that today! We have a wonderful article on password security practices when creating new passwords. Try and put more thought into your passwords, and never use anything easy to guess like names and important dates.

If you care about your site at all, keep it up to date!

When Black Chicken Host receives a client request to install a new WordPress site, we always make sure to enable automatic core WordPress updates per our Terms of Service. Most likely if you’ve migrated to us you will need to enable automatic WordPress updates.

https://codex.wordpress.org/Configuring_Automatic_Background_Updates

Any theme or plugin developer worth their salt will test theme and plugin updates for compatibility with multiple versions of WordPress. While it is still an excellent practice to backup your site (you can ask us for help, we don’t mind!)  before doing major updates, unless your own website developer or “IT person” went to town with poorly coding your site, hit that update button!

…and just delete unused themes and plugins

The more themes and plugins, the more points of entry. Added bonus: reduces disk space!

Hide author usernames

Using your WordPress username as your “published” name on posts and pages is just handing people half of your login on a silver platter. But there’s a simple fix! Under your user profile, set a nickname for your user and change the “Display name publicly as” option:

“Advanced” Practices:

Change wp-login.php

One of the most common reasons we see for elevated server load/slow sites is IP addresses trying to brute force their way into your WordPress login landing pages. Since WordPress has a default www.yoursite.com/wp-login.php site landing page, this makes it easy for would be hackers and troublemakers to try and force their way into your WordPress dashboard. If your WordPress login landing page is a different URL that makes more “work” for the bad guys to try and locate and can help keep you safe!

We do not recommend editing your core WordPress files via FTP or File Manager to change your wp-login.php file or theme files. This can go wrong so quickly for so many reasons. There is however a myriad of plugins that quickly and safely change the default login landing page for your WordPress dashboard, just give a quick search! We’ve seen a few of our clients use WPS Hide Login.

Please note that if you do change the login for your site and later require our assistance with your site that involves logging into your site, please give us a heads up on what your login URL is. That will save us all some time and back and forth!

Use .htaccess to limit wp-login.php altogether

Via your site’s .htaccess file, we can deny all requests to your WordPress login page except for specified IP addresses. This is usually a last resort method as most folks do not have static IP addresses from their ISPs. So once your IP address changes, you will be locked out of your WordPress login page until your new IP address is added to your .htaccess file. If you would like assistance setting up this directive in your .htaccess, please contact us for assistance.

A Final Piece of Advice

Keep any computers and devices that access your WordPress site and email updated! If there are viruses to hack your email accounts, there are viruses to gain access to any site that requires a login. Make sure your computer has anti-virus setup and regularly updated, don’t slack on that! It’s an absolute nightmare trying to clean up an infected computer (we speak from experience).

When you don’t take your own computer and site security seriously, you aren’t taking your reader’s or customer’s security seriously. Data breaches aren’t just the huge ones you hear on the news, they can happen to any site no matter how small.

As always, please do not hesitate to contact us if you have any questions or concerns or just want to chat!

Why *Everyone* Should Have Off-Server Backups

We have all heard the horror stories, and indeed, some of us have lived them ourselves – my hard drive failed, and I lost everything. Backups are so very important! However, there are many different kinds of backups, and which of those backups we use is something we all need to think about before catastrophe strikes.

There have been numerous events across many major hosting companies, ranging from “unexpected thermal events” (which is to say, fires) to hardware failures to natural disasters, all of which have resulted in some measure of data loss. You can protect yourself from these events 100% by taking a few simple steps.

The Backup Lowdown

Before we get into those specific steps, though, let’s talk about backup security in general. Black Chicken Host provides on-server backups as a courtesy service; per our Terms of Service, these backups are not guaranteed. While they are typically very robust and trouble-free, it is possible something might happen to them rendering them unusable.

The most important step in obtaining additional backup security is to have off-server backups. You can set this up either with a WordPress plugin, such as BackupBuddy or Updraft, or you can manually download cPanel backups to your home or office computer.

Pro tip! If you are utilizing a backup plugin we recommend downloading those backups immediately. Otherwise, your disk space allowance will quickly fill up which can render your site inaccessible.

Your Options

For our Standard Shared clients, we have our courtesy backup system which backs up your sites once a month and several times during the week. You can manually generate and download backups via your cPanel account access too! The Backup Wizard feature allows you to create a full backup of your entire account for download (site files, databases, and email) or you can pick and choose which part of your account you want to backup. We always recommend having a full download of everything, just in case!

For our WordPress Only clients, we have a rolling incremental backup available of your site taken every morning. We highly recommend utilizing a backup plugin to keep local backups saved to your computer. Again, you will want to make sure you have these backup plugins download to your computer or other remote location (Dropbox or Google Drive) to keep your disk space allowance in check.

For our VPS server clients, we offer the widest range of backup solutions. Like our Standard Shared clients, we have our courtesy backup system which backs up your sites once a month and several times during the week. You can also manually generate and download backups via your cPanel account access. If you have a dedicated WordPress Only server, we have a rolling incremental backup available of your site taken every morning. For all of our VPS server clients, we also offer a paid-for, off-server backup option called “Time Snap”; this takes weekly snapshots of all files on the server, and retains four rolling restore points. Rather than restoring a single site or account, this restores the server as a whole, which is great in the event the whole server becomes unusable. The cost of these server-level backups is 20% of the server cost.

A Solution for Everyone

Our BCH Managed WP Services also include backup plans! Backups are stored offsite at the Amazon S3 infrastructure and retained for 90 days before being rotated out. We can also download, restore, and even clone your site with a few clicks of a button. Plans include Weekly, Daily, 2x Daily, 4x Daily, and Hourly. Learn more here!

As always, please contact us if you have any additional questions or concerns about site backups or what options are best for you.

BCH Managed WP Services FAQ

If you were part of our beta testing this past summer, you already know the wonders that is our BCH Managed WP Service. Let us help you manage those mundane WordPress tasks for you! From offsite backup management to extra security scans, let us worry about the nitty gritty so you can focus on content creation and interacting with visitors.

Here are some common questions regarding our BCH Managed WP Services but if you don’t see a specific answer here, let us know!

If we don’t use this plugin, will we not have backups of our site(s)?

We do take backups for disaster recovery, however, they should not be relied upon as a viable backup solution as they may not include everything from your site. Depending on how far back or what day you need to restore from, we may not have that specific day or timeframe available.

Per our terms of service, backups are the customer’s responsibility:

Courtesy Services for Customers
All services such as backup and cPanel are provided for the courtesy of the subscriber. It is the sole responsibility of the subscriber to maintain the subscriber’s own backup of any data. Black Chicken Host is not responsible for lost data or for lost data due to third-party software that is not maintained by Black Chicken Host staff (cPanel, Softaculous, WordPress, et cetera, are not associated with Black Chicken Host.).

With WordPress, there are many backup plugins that you can use to back up your site either locally on the server in your account or they can even be sent to a remote location like Dropbox, Google Drive, or other locations. If you are interested in using a different backup plugin/solution, you are definitely more than welcome to choose that option. While we wouldn’t be managing that plugin/solution, we can definitely assist with any questions you may have regarding it and get you pointed in the right direction.

What is the fee for these services?

The pricing of these services can be found on the BCH Managed Services product page.

Don’t forget to check the “Bundled Savings” category for occasional savings!

How many backups are retained?

Backups are stored for 90 days, so the answer to this depends on what backup schedule you choose. For example, if you choose daily backups, you will have 90 backups available. If you choose 4x daily backups, 360 restore points from the past 90 days will be available for restoration.

What if I need a backup restored?

Open a ticket and let us know! We’ll get the backup restoration started and let you know when it’s complete.

What does the security scan do?

The security scan checks for various malware and exploits, as well as to see if your domain is on any blacklists. If there is anything found, you can receive a notification.

What is updated with the updates service?

In short: everything. You can choose to update all or only some plugins or themes. The WordPress software itself is a yes or no. There is also a great feature that will roll back an update if an issue is detected.

How is this all performed?

We utilize a very small plugin that we can actually hide from your list of plugins in the administration area of your site. Out of sight, out of mind! Let us manage the software so you can create more content!

As always, let us know if you have any questions about our BCH Managed WP Service by emailing us at support@blackchickenhost.com.

PHP 7 and why you should be using it

New and Improved PHP

The long-awaited next version of PHP, version 7.0, was released at the end of 2015 and has been since receiving regular updates. With this new version of PHP, amazing speed and new features came along with it. Because it was released over three years ago now, PHP 7.0 itself is actually nearing End of Life status (this means it will not receive updates in any capacity) and PHP 7.3 or 7.2 are the more preferred versions of PHP to have your site use.

The life-cycle of PHP can be found here:

https://secure.php.net/supported-versions.php

The graph from the PHP link above can be translated into this easier to read/understand text:

  • 5.6 stopped receiving Security Support at the end of 2018
  • 7.0 stopped receiving Security Support at the beginning of December 2018
  • 7.1 received regular updates until the beginning of December 2018 and will continue to receive Security Support until the beginning of December 2019
  • 7.2 will receive regular updates until the beginning of December 2019 and Security Support until the beginning of December 2020
  • 7.3 will receive regular updates until the beginning of December 2020 and Security Support until the beginning of December 2021

While version 5.6 and 7.0 recently received critical security updates, your sites really should be using PHP 7.3, if not, PHP 7.2. PHP 7.3 is available on both cPanel and WordPress Only hosting platforms!

There have been some new features added, some things taken away (for good reason), and it’s wicked fast. As PHP 5.6 and 7.0 support ended recently, and 7.1 support ending at the end of the year, we would like to start getting everyone switched over to at least 7.2 or preferably 7.3.

How to Update PHP for Your Site on cPanel

There are a couple ways you can get the PHP version for your site changed. If you or your developer would like to handle this all yourself, you can change the PHP version using the MultiPHP Manager in your cPanel account. In the search box at the top of your cPanel account, search for “MultiPHP Manager” and click the resulting icon. Now, it’s all on a site-by-site basis, so you will need to change each site to a new version of PHP. You can click the checkbox to select all and mass change them or go one-by-one and then test the site to ensure it still functions as expected.

The second option would be to have us switch the versions for you. We can do this site-by-site or all at once. If you would like to schedule this change, please visit the following URL and sign up for a timeslot, adding the domain(s) you want to be switched into the “additional info” box:

https://calendly.com/bch-status/30min

We will switch the PHP version to 7.3 and make sure the site(s) load and click a few links to see that they still work. If there are any issues, we will try 7.2, 7.1, or 7.0 if needed, and failing that change, switch you back to PHP 5.6. Once we’ve finished the testing, we’ll send you an email letting you know the outcome of the change. At that point, we highly encourage you to test all facets of your site to ensure that they function as expected. After all, you know your site best!

If there are any issues, it’s likely going to be due to a plugin that either needs to be updated within your site or the developers need to push out an update. Either way, we’ll make sure you have all the needed information to move forward.

How to Update PHP For Your Site on WordPress Only

If you are using our WordPress Only product, please visit the following URL and sign up for a timeslot, adding the domain(s) you want to be switched into the “additional info” box:

https://calendly.com/bch-status/30min

We will switch the PHP version to 7.3 and make sure the site(s) load and click a few links to see that they still work. If there are any issues, we will work our way down to a version that works with your site. Once we’ve finished the testing, we’ll send you an email letting you know the outcome of the change. At that point, we highly encourage you to test all facets of your site to ensure that they function as expected. After all, you know your site best!

If there are any issues, it’s likely going to be due to a plugin that either needs to be updated within your site or the developers need to push out an update. Either way, we’ll make sure you have all the needed information to move forward.

PHP Compatibility Checker

This plugin can be used to scan your site for potential issues with PHP 7+. It does rely on wp-cron to be functioning properly or else the scan can get stuck. While this plugin is written to detect as many problems as accurately as possible, 100% reliable detection is very difficult to ensure. Please note that this is a third-party plugin (not provided by BCH) that we found to help aid you in the transition from PHP 5 to PHP 7.

https://wordpress.org/plugins/php-compatibility-checker/

There is an option to scan only active themes and plugins which would help the scan complete sooner. Though, if you have any inactive plugins that you intend to use, you should scan them as well. Any plugins you do not plan to use should be removed (bonus: this helps save on disk space!).

If any questions arise about the version change process, PHP in general, or whatever else, please don’t hesitate to open a ticket with support@blackchickenhost.com.

2019 Affiliate Referral Contest

It’s been a minute since we hosted our last Affiliate Referral Contest (in 2012 to be exact, yikes!) and we thought it was time for another one! We hope to hold these contests on a more frequent basis because who doesn’t like prizes??

Did you know Black Chicken Host has an affiliate program?

We are grateful to our affiliate partners for helping us spread the word about our services they are currently the only source of our “advertising”! Because we know you’re putting time and effort into promoting us, we want to reward you even more than the $5.00 bonus just for signing up and the 3% monthly commission for the lifetime of referred accounts. This commission is applied to your account as account credit which can be used to pay any of your invoices – domain orders and renewals, hosting packages, SSLs, anything!

Starting Saturday, February 2, 2019, we’ll be launching an affiliate contest!

The affiliate with the most sales during the three-week contest will win their choice of one of the following prizes:

  • One free domain registration
  • $30 Amazon gift card
  • $30 account credit
  • Free SSL certificate for one year ($29.99 value)

Feel free to promote your affiliate link however you want, there are no limitations! You can place a button on your website, write a review of our services, post to Twitter, Facebook, and other social media, put a link in the footer of your newsletter, etc.

Of course, there are a few rules:

  • To qualify, referred sales must have completed payment in full within three days of the contest’s end date (contest ends Monday, 2/25/2019)
  • All product referrals will qualify as a sale – web hosting, domain registrations, SSL’s, et cetera all count toward your totals
  • Fraudulent orders will be cancelled & cannot count toward totals – we know you’d never intentionally refer a fraudulent party!

If you’re not signed up for affiliate rewards yet, there’s still time! If you would like to sign up for our Affiliate Program, you can do so via this link after logging into your Black Chicken Host Customer Portal. Note, you must be an active Black Chicken Host client with active services to qualify for our Affiliate Program.

Ready, set, go! Let’s keep growing our Black Chicken Host community!

 

GDPR: a breakdown and what we’re doing about it

What is GDPR?

The GDPR (General Data Protection Regulation) compliance deadline of 5/25/2018 is swiftly approaching. If you’re not familiar with GDPR, it’s basically a new/updated set of privacy protection guidelines the EU is requiring for anyone that obtains, stores, or processes personal information about an EU resident. This includes name, email, city, favorite color, hair color, shoe size, type of car they drive, or even their height. Yes, all of this information is considered personal information. Additional information about GDPR can be found at these official resources:

https://www.eugdpr.org/ (the main site to find information regarding this regulation)

https://ico.org.uk/

https://www.cfte.education/gdpr/

How Does GDPR Affect Me?

If you collect any information about your visitors/users and think they might be EU or UK residents, please continue to follow along.

We will be starting to perform periodic checks of all sites for EU country references (and potentially other information) to identify if you have EU resident data saved in your database/site. If you do have EU resident data, it ultimately comes down to you as a site owner contacting them if you have any information at all. This includes email address, phone number, postal address, anything that could be used to contact them. Let them know specifically what information of theirs that you have and ask the EU resident what they would like you to do with their information. Or, you can simply choose to delete all associated data of EU and UK visitors. We actually recommend this if you have no further use of such data.

Through our research, bloggers and site owners should also plan to do the following:

  • Displaying a privacy notice anytime they collect personal information classified under GDPR,
  • Have a data processing and security policy, and
  • Have robust security anywhere data is processed.

The following should also be reviewed on your site(s) to make sure they comply with GDPR requirements:

  • Remove auto opt ins. Opt ins on newsletters need to have a “tickable” option, not something that is pre-ticked, or “assumed” to be accepted by the end user.
  • Do not use opt in freebies to get email addresses for one purpose then use them for another. If you gained email addresses this way you should go out to gain consent or you may be in breach of GDPR. You may use opt in freebies if you explicitly state what other purposes their contact information may be used for.
  • Discontinue sharing data with anyone else who wasn’t named at the point where data was provided, for example, a brand who asks for the email addresses of giveaway entrants.
  • Stop collecting data where not necessary, for example, contact forms and comments.
  • Do not share named brand PR contacts without explicit permission from end users.

Overall, it seems a privacy page and making sure mailing lists are compliant are the big tasks. There are a plethora of resources for bloggers and site owners regarding GDPR and getting your site ready. Just take to Google!

As most of you are using WordPress, we found that they are adding some tools to WordPress itself to help make things easier for website owners. They have already started adding some of these, but the rest should be out by the end of April or beginning of May. Information on this can be found at:

https://wordpress.org/news/2018/04/gdpr-compliance-tools-in-wordpress/

We will keep you apprised of any additional information/requirements we come across as the deadline approaches and as requirements develop. Again, this would only impact you and your site if you are storing personal information of EU residents.

We have been asked by several of our clients if we can just straight up block EU/UK resident IP addresses from accessing their site(s). Yes, there are a few ways we might go about that, however you would still either have to delete or notify EU/UK resident personal information from your site/databases. Just something to keep in mind! If you are interested in blocking the EU/UK from visiting your site(s), please open a support ticket so that we might discuss your options.

If you do not collect user data on your site, GDPR shouldn’t apply to you. If you do require GDPR compliance or just aren’t sure, please feel free to open a ticket with us (preferred method of communication) or send us a message through our Facebook page https://www.facebook.com/blackchickenhost/ .

What Black Chicken Host Has Done

We’ve always been about your rights to privacy here at Black Chicken Host, and already had processes in place in our system to allow you to alter or remove any personal data from your account. To make sure we explicitly comply with these new GDPR requirements, we have made changes to our Terms of Service and Privacy Policies, which can be found on our website:

https://blackchickenhost.com/our-products/terms-of-service/

https://blackchickenhost.com/privacy-policy/

We did review our own system for EU residents and sent messages to get in contact about their rights under GDPR as our clients. If you are an EU resident with an incorrect Country selection or we otherwise somehow missed contacting you outside of this message, please contact us as soon as possible!

If any of this sounds alarming or daunting, please do not worry. We are always here to help to the best of our ability!