Duplicate Web Site

Published on July 20th, 2018

We have launched a new feature called Duplicate which is an extension of the Staging feature that is already available. The existing Staging feature works by copying a web site and database and automatically updating the CMS config file with the new database. However Staging is only available if STORM can detect which CMS you are using, ie WordPress or Magento.

Duplicate works by offering this feature to every other web site that cannot use Staging. Duplicate will copy all of the files into a new web site. If there is a database connected to the web site the configuration will remain the same. During the creation of this site you can enable password protection to prevent anyone from viewing the web site.

This feature is particularly helpful if you would like to create a snapshot of an existing web site for further development without affecting the live site.

Git Deployment

Published on June 27th, 2018

Git Deployment

We know how frustrating and confusing it can be to configure deployment from a Git repository like BitBucket and Github so we’ve spent a considerable amount of time making this feature really easy to use with the least clicks as possible.

We have made it easy to access by adding a Deployment tab under each web site which hook directly into BitBucket and GitHub. You’ll be asked to authorise to one of these providers which gives STORM access to a list of your repositories.

Once you have authorised BitBucket or GitHub you can mirror a repository and branch directly with a web site or folder on your STORM server. Therefore any changes that are made can either be pulled instantly with a single click from inside STORM or automatically deployed if you enable the automatic deployment toggle.

You will find that either of these options are much faster than using FTP and SSH as changes are deployed within seconds rather than waiting for local file transfers to be completed. This process is even faster if you are already using GitHub or BitBucket to store and manage your code.

We expect Git Deployment to be a very popular feature inside STORM but we would love to receive your feedback on how we can further develop this feature.

GDPR Update: Force Two Factor Authentication

Published on May 23rd, 2018

With GDPR very much a hot topic with the go live date on Friday (25th) of this week we have launched a new feature to improve server security. You can now toggle Force Two Factor, which will only allow STORM users with Two Factor enabled to view and manage a STORM server.

You can only enable this feature if you are an Owner of a server and have Two Factor enabled on your own STORM account. Once this feature is enabled users with Two Factor switched off on their account will not be removed from that server but will not be able to access it until they switch on Two Factor. You can enable Two Factor on any STORM account under Profile.

Two Factor is an extra layer of security when logging into STORM. STORM will require you to enter a 6 digit code along side your password. The 6 digit code changes every 60 seconds based on a HMAC based algorithm. You can use any HMAC based algorithm on STORM although we recommend either 1Password or the Google Authenticator available on iPhone or Android. If you regularly use the same computer you can tick for STORM to remember you so you do not have to enter the code each time.

Improved Security with Pwned Passwords

Published on April 12th, 2018

Back in February Pwned Passwords launched an API service for their database of compromised passwords. At Nimbus Hosting, as security is so important, we decided to integrate this into STORM. Each time a password is set, ie when someone new registers to use STORM or changes their password in their profile we automatically check it against the Pwned Password database. Before checking the password with Pwned Password API it’s hashed so your password is never revealed to anyone. On top of this when we save your password into our database we encrypt it so it’s never saved in plain text.

Pwned Password database has a list of over 500 million compromised passwords that have been gathered from a number of worldwide high profile compromises. On their web site they have a number of additional features. You can find out which website leaked your password, search their database for your email address to see if you’ve been caught up in any other data or sign up to their notification service.

Integrating this feature into STORM has pushed our security onto the next level to keep your web site and server secure.

ionCube and Even Faster PHP (7.2)

Published on January 17th, 2018

 ioncube Loaders
This week we’ve launched two new enhancements to STORM. The first is ionCube Loaders are now installed across all STORM servers. ionCube Loaders is a PHP extension that decodes Secured PHP files built by third party developers.

The second is adding in PHP 7.2. PHP 7.2.1 was launched on the 4th of January 2018 and offers a 15% page load time improvement over PHP 7.1. PHP 7.2.1 is available on all STORM servers and will be automatically updated with future updates.

Keeping your Server Secure

Published on January 4th, 2018

A couple of STORM users have contacted us recently about making sure their servers are as secure as possible. Although STORM is secure by design there are a three additional methods for improving your security.

Independent User Access

Make sure you don’t share your STORM login with anyone else. Instead you can invite users to your server with just an email address. Unless they’ve been upgraded by one of the Nimbus team a user cannot invite anyone else to STORM.

Should a user leave, rather than resetting all your passwords, you can remove their access by clicking the X against their email address. All their actions will remain in the log for future viewing but access is completely removed.

Keep an eye on the list of users who have access and remove users who are no longer relevant.

Inviting Users to STORM

Two Factor Authentication

For additional login security you can use two-factor authentication under each user profile. STORM supports any TOTP based app like Google Authenticator, Authy or even 1Password.

Once enabled on each login you’ll be asked for a one-time password alongside your usual password.

Two Factor

PCI Compliance

By enabling the PCI Compliance setting in STORM it makes a number of changes to improve security. Firstly it disables the old and rather insecure TLS 1.0 encryption method for https. Secondly it only allows access to FTP from the IP addresses under the Security Tab.

Enabling PCI Compliance

If you need any help with these options please contact the Nimbus Hosting Support Team.

Browser Cache Expiration Time

Published on December 27th, 2017

As STORM is all about performance and faster loading web sites we’ve had some feedback from some users about setting expiration times on static files. This is actually pretty important to improve your Google Page Speed Score and improve page load times. By setting a Browser Cache Expiration Time it sets the amount of time a static file, like images Javascript and CSS, on your visitor’s computer before requesting a fresh copy. If a visitor is browsing through multiple pages with the same files it can make a significant saving.

We’ve therefore made it really easy to set the Browser Cache Expiration time with just a drop down menu. This feature is available under Configuration of each web site. At the moment this feature is only available if you have NGINX set to serve your static files. However we are looking to expand this functionality shortly to include Apache too. The default cache time is 1 month although can be changed from Never to 12 Months.

  1. Pages:
  2. 1
  3. 2
  4. 3
  5. 4

Newsletter Signup

Signup to the STORM News for regular updates