Announcing our new abuse detection system!


Our goal is to provide you with hosting services that are reliable, stable and perform well. This is a task which gets more and more difficult as hackers find new ways to abuse and hack websites and email accounts. In response to some of the latest craziness, we’ve developed an internal system to combat brute force abuse, which has been very effective. Here’s some information we’d like to pass along to you now that the system has reached a certain level of maturit

In early March 2013 we started seeing a huge increase in brute force attacks, particularly against WordPress driven websites. In the days and weeks to come, organizations all over the world started noticing and reporting this as well. For example, by mid April the US-CERT (Computer Emergency Readiness Team) had written about it.

You may recall emails from us warning WordPress users to install security plugins to combat the abuse. Some folks did and it helped, some folks did and it caused other problems, and some folks didn’t do anything. We quickly realized that we had to do something globally to combat the problem, and began developing an abuse detection system.

This system scans updated apache log files every 5 minutes: looking for patterns of abuse: those hitting WordPress’ wp-login.php or Joomla’s administrator/index.php URLs, (the most heavily abused targets), and others as well. When abuse is detected, the offending IP addresses are null routed at the server–cutting off all access to the server by the abusers.

This is far more protective than security plugins that we have to rely on WordPress users installing, and which only temporarily block abusers’ http access. This system has been very effective–stopping even highly distributed attacks from thousands of simultaneous IP addresses. It has also experienced false positives along the way and we’ve had to manually unblock clients who have been incorrectly blocked.

Understand that this system only blocks IP addresses that are hitting website backends–not regular users. In other words, for a WordPress site, anyone trying to access the WordPress admin backend via the wp-login.php login page may be blocked. A regular user browsing a WordPress website will never be blocked. Some clients incorrectly blocked by the system have expressed concern that the system may be blocking their users, but this is not the case. The system is only looking at traffic to administrative logins, which is where the abuse is directed.

Any IP address that has logged into a account is whitelisted for a month. As a website owner, if for some reason you do find yourself blocked when using your website admin area, you probably haven’t logged into your account from your current IP address. If you do, you’ll be automatically unblocked within 5 minutes. So, just remember if you find yourself blocked for any reason, just log in to your Blue Sky Hosts account and that should unblock you–as well as whitelist your current IP address for a month.

Incorrect blocks are usually caused when we’ve seen an unusually high level of abuse directed at your site, and we’ve increased the sensitivity of the abuse system specifically for your site to fight it off. When we do that, your legitimate use of the WordPress backend, Joomla backend, etc. may block you. This should affect only a few clients from time to time, and logging into your Blue Sky Hosts account will clear it right up.

This system has so far kept server loads at low levels and has reduced bandwidth across the board from abusive sources, increasing server stability and website performance.
If you have any questions or concerns just submit a support ticket to

Web Hosting Secrets

secretbWell web hosting doesn’t really have any secrets but our secret to successful web hosting as a company is to offer you the best possible service that we can. That means putting you first all the time. We have a good set of old fashioned standards like the customer is always right and we are here to help you and to offer a web hosting service that you actually can rely on.
We’ve released a short video about the secret to Web Hosting

Web Hosting, Shared Hosting

cloudbIf you are looking for web hosting you will have heard about VPS and SHARED HOSTING by now, we offer shared hosting which is a great economical way to host your website and should be just as stable as any other service. If you need web hosting that is for an extremely large scale project or with tens of thousands of clients you may want to look at getting VPS for your web hosting. The chances are if you are reading this then shared hosting is the web hosting that is right for you.

However! Web hosting on shared hosting is not always the best option.
If you are using a company that doesn’t give you real person support then the chances are your site is being hosted on a shared hosting account that is not monitored or cared about. We treat each client as if they were our only client and do everything to provide the best web hosting possible. We care so much that in recent days we have actually had to move web hosting for some customers as there sites became vicitims of DDOS attacks and rather than continue to offer them web hosting that puts other users on the same server at risk we worked with them to find a better solution for them which ultimately meant shifting there site to another hosting provider. The amazing part is that our web hosting support is so good that even though they are with a new host they want to continue to pay us for web support.

We care about us customers and their web hosting to the extent that we are prepared to lose money in order to see you and your business succeed.

Trust Blue Sky Hosts Ltd for your Web Hosting needs!

Tuesday, March 19, 2013