Posted on Leave a comment

Advice on Transfering my website from GoDaddy shared Cpanel hosting to DigitalOcean

I asked the same question on r/wordpress and one person suggested to post it here also.

Newbie here. I use Godaddy hosting + Cloudflare CDN. WordPress website. My website is around 400mb (WP_content ~ 130mb). 5-6k visitors/month.

I am currently using this DO tutorial to set up my Droplet. I’m still completing the prerequisites mentioned in the article. I’m stuck at 3rd prerequisite: setup SSL. In the tutorial to set up SSL, they are asking to set up a server block. Which is something I did while installing LEMP (Step 2). But there are some differences, like the commands and code used in the file

Especially this line: server_name*;* and few other extra commands too.

And when I followed the steps from the SSL article (this is the article which they suggested I should follow) I got an error while I entered this command

sudo ln -s /etc/nginx/sites-available/ /etc/nginx/sites-enabled/

Directory already exists. What should I do?

And do I have to do SSL before transferring the file? Because if I do that way I can minimize the downtime (not that anyone would miss my website, but you know).


Is there any other better tutorials that explain everything in one article or a video?

Although I’m just copy-pasting commands from the articles, I really want to learn this. Could you help me?

Posted on Leave a comment

Coronavirus Cybercrime Scaling Up

Just like Coronavirus itself, the Coronavirus-themed cybercrime it has spawned
is quickly becoming a pandemic of its own. Cybercriminals have been quick to
take advantage of the media attention on the story, using lures with a
Coronavirus theme. Many of the attacks Netcraft has observed have used the fear
and uncertainty surrounding the situation to trigger a response from their

Netcraft has tracked Coronavirus-themed cybercrime since 16th March, shortly
after it was declared a pandemic by the WHO. This post covers some of the trends
Netcraft has observed since our previous

on the topic.

Coronavirus certificates

Analysis of certificate transparency logs for new certificates covering
hostnames containing keywords “COVID” and “Coronavirus” shows increasing numbers
of certificates are being issued for Coronavirus-themed hostnames.

Whilst some of the certificates included in the graph will be being used for
legitimate purposes, many certificates – particularly those which have been
registered since the outbreak started – are being used to spread disinformation,
host fake shops and pharmacies, serve phishing websites and to disseminate malware.

New Certificates For Hostnames Containing Keywords 'COVID' or 'Coronavirus' Per Day

Numerous governmental, research and healthcare organisations are making use of
organisation and EV certificates to provide higher levels of assurance to
visitors to their website. Organisation and EV certificates (excluding
Cloudflare organisation validation certificates which validate Cloudflare, not
the website owner, as the organisation responsible for the certificate) account
for 10.5% of certificates included in the chart above.

The more recent plateau in certificate issuance for Coronavirus related
hostnames may in part be due to registrars, such as Godaddy and Namecheap,
restricting the registration of these domains in response to the New York
Attorney General’s

on March 20th. Richard Kirkendall, Namecheap CEO wrote to customers on March
25th stating:

we are actively working with authorities to both proactively prevent, and
take down, any fraudulent or abusive domains or websites related to COVID19.
This includes banning certain terms such as “coronavirus”, “covid”, and
“vaccine” from our domain search tool so they cannot be purchased and used for
– Richard Kirkendall, Namecheap

Recently observed Coronavirus-themed threats


Netcraft has observed cybercriminals making use of SMS to deliver
Coronavirus-themed lures to their victims. Many of the messages that have been
sent within the UK have latched onto the news that the British Government will
be providing support to individuals and companies who are struggling with the
economic effects of the crisis.

Interestingly, whilst the SMS messages have a Coronavirus theme, in many cases,
the phishing sites themselves have remained unchanged from the regular HMRC or
bank phishing attacks Netcraft typically observes.

  • Follow the website hxxps://gocgglee[.]com/en
    to receive your tax refund due
    to the corona virus pandemic
    – Sent from Payback

  • [HMRC]: As a result of the current Coronavirus Outbreak, we have been
    forced to issue you with the full amount of your current tax refund. You have
    a pending tax refund of up to £450.47GBP. Please follow the link to calculate
    your claim. hxxps://taxuk-id[.]com
    – Sent from +44754XXXXX75

  • From HMRC: You are due a tax refund. Please fill out form at
    – Sent from Govt_UK

  • URGENT: The UKGOV has issued a payment of £258 to all residents as part of
    it’s promise to battle COVID 19. TAP here hxxps://uk-covid-19-relieve[.]com

    to apply – Sent from COVID19

  • [HMRC]: As a result of the current Coronavirus Outbreak, we have been
    forced to issue you with the full amount of your tax refund. You have a
    pending tax refund of up to £388.67. Please follow the link to calculate your
    claim. hxxps://tax-verifyuk[.]com
    – Sent from +44771XXXXX47

  • [HMRC]: As a result of the current Coronavirus Outbreak, we have been
    forced to issue you with the full amount of your current tax refund. You have
    a pending tax refund of up to £388.67. Please follow the link to calculate
    your claim. hxxps://taxuk-return[.]com
    – Sent from +44771XXXXX47

  • [HMRC]: As a result of the current Coronavirus Outbreak, we have been
    forced to issue you with the full amount of your current tax refund. You have
    a pending tax refund of up to £450.47GBP. Please follow the link to calculate
    your claim. hxxps://uktax-id[.]com
    – Sent from +44754XXXXX77

  • As Part of the NHS promise to battle the COV- 19virus , HMRC has issued a
    payment of £258 as a goodwill payment. Follow link to apply
    – Sent from CORONAVIRUS

  • BANKIA-ONLINE > Confirme la informacion de su ceuenta bancaria en>
    hxxps://bit[.]ly/SPAIN-COVID-19 , #751773
    – Sent from COVID-19-SP

Coronavirus-themed SMiShing lure directing visitors to a standard HMRC tax refund phish

Coronavirus-themed SMiShing lure directing visitors to a standard HMRC tax refund phish

Fake shops using cloud platforms

Cybercriminals have set up a large number of Coronavirus-themed fake shops
selling related goods which are in high-demand – including masks, hand
sanitiser, gloves, and toilet paper – as well as individual testing kits and
cures for COVID-19. At the time of writing the latter two are not available to
the general public in many jurisdictions.

One trend that Netcraft has observed is the reliance on shopping cart cloud
platforms for the deployment of Coronavirus-themed fake shops – in particular
Shopify. This is in contrast with the pattern Netcraft typically observes in
which fake shops utilise self-hosted platforms such as Zencart or Opencart. This
may be due to cybercriminals, who have not previously been involved in this
area, recognising the demand for such products but not having the infrastructure
or expertise so choosing to leverage the easiest and cheapest option available.
It could also be because they recognise that the window in which their fake
shops can generate revenue is much smaller than usual, making the additional
measure of self-hosting to increase the time they stay up unnecessary.

A recently created fake shop -- hosted at Shopify and selling highly sought after face masks at an inflated price

A recently created fake shop – hosted at Shopify and selling highly sought after face masks at an inflated price

Business Email Compromise & Phishing

In one incident cybercriminals used the compromised email accounts of a British
employment charity to send out targeted emails with a Coronavirus-themed lure.
The emails were especially convincing as the recipients are likely to be
concerned about their job security during the ongoing crisis. Clicking the link
in the email sends the victim to a Sharepoint page which purportedly offers a
PDF for download. Victims who attempt to download the PDF are instead redirected
to a Microsoft OneDrive phishing site which logs the victim’s email address and
password before redirecting them to an unrelated PDF. In this instance, the
cybercriminals made use of a HTML sandbox
) and image sharing site
) to host their attack. Leveraging these free
services makes launching a campaign cheap and easy for the criminal.

Phishing attack impersonating Microsoft OneDrive which victims arrive at in the belief they will receive advice about their job

Phishing attack impersonating Microsoft OneDrive which victims arrive at in the belief they will receive advice about their job

Password stealing malware

In one malware campaign, Netcraft observed, an email claiming to be from the
World Health Organisation contains an attachment enticingly named “Covid-19 Immunity Diet”. The email claims the attachment contains “various
diets and tips to keep us from being effected (sic) with the virus.”
and that
“Many affected patients are already responding positively to treatment after
effecting the guidelines and tips.”
. However, anyone who opens the attachment
will find their computer infected with another kind of virus – Agent Tesla.
Agent Tesla is a password stealer capable of retrieving credentials saved in the
victim’s web browser, email and FTP clients as well as logging all their

Email with a malware attachment claiming to be from the World Health Organisation

Meanwhile, a malware campaign posing as Doctors without borders includes a
Microsoft Excel spreadsheet named “Malicious Facts and Figures of Coronavirus.xlsx” under the false pretence that it contains Coronavirus
infection statistics. When in reality the spreadsheet exploits a buffer overflow
in Microsoft’s Equation Editor to download and install an encrypted copy of
NanoCore RAT from Google Drive. NanoCore is a Remote Access Trojan capable of
stealing personal information including passwords and payment information as
well as secretly recording the user’s audio and video.

Email with a malware attachment claiming to be from Doctors without borders

Protecting yourself and others from cybercrime

Netcraft’s browser extensions
and mobile

provide protection against online threats,
such as phishing, SMiShing and malicious JavaScript. To help protect the
internet community you can also report cybercrime using the extensions or

Posted on Leave a comment

Need help making a decision for website

So currently for my family’s small business we have a website hosted with godaddy on their managed wordpress plan. It is set to renew end of summer so I was evaluating other options to potentially switch.

Since our old webdev isn’t making our site anymore I wanted to switch to something like wix since it would be easier for my parents to drag and drop elements and edit the site on their own (I only know basic HTML atm).

However, I saw old posts here and other subs saying wix is trash and uses proprietary code and google SEO doesn’t like wix sites, and how wix sites are slow and to not use them etc. But since these were older posts 1+ years old I wanted to ask again to see if this hold up.

My two options are:

  • First Option: make a brand new site on Wix and then transfer domain to namecheap (or just keep it at godaddy) and have the hosting and site done by Wix. This is the easiest way to do it, but at the same time I am unsure about it in the long run with what I have heard about Wix.

  • Second Option: Switch hosting to another hosting provider for Managed WordPress (haven’t decided and need help choosing) and then transfer current site over and use Staging to create a new site using Elementor. This one would keep our existing site so I wouldn’t need to make a new one on Wix and I could preserve our SEO since we currently use Yoast. I haven’t used Elementor, but I heard it’s a great page builder so I could always mess around with it in Staging.

Also, to prevent me from making a second post here, which hosting providers are recommended for a Managed WordPress? Siteground caught my eye since a bunch of people mention it here and it’s one of 3 recommend. We don’t need email through a hosting service since we are also getting Office 365 separately to ditch the crappy godaddy email.

Posted on Leave a comment

Coronavirus Cybercrime

Netcraft has tracked Coronavirus-themed cybercrime since 16th March, shortly after it was declared a pandemic by the WHO. Scammers have been quick to take advantage of the massive worldwide attention to Coronavirus
(COVID-19), and are increasingly making use of it as a theme for online fraud.

Netcraft is the largest provider of anti-phishing takedowns
in the world and provides countermeasures against some 75 other types of cybercrime for governments, internet infrastructure and many of the world’s largest banks and enterprises. Coronavirus-themed cybercrime accounts for around 5% of all the attacks we perform countermeasures against, even without accounting for attacks that may otherwise be attributed to existing phishing targets.

Coronavirus phishing attack impersonating the World Health Organisation

Coronavirus Phishing attack impersonating the World Health Organisation

Coronavirus Themed Attacks

Advance Fee Frauds

Advance fee frauds typically involve promising the victim a large amount of money, with only a relatively small up-front fee required (for example, to cover processing). These attacks have required only very small changes to adapt to Coronavirus. Examples include:

  • I am currently receiving treatment for the COVID-19 in Huoshenshan Hospital, Wuhan, China. I am 68 years old and I have been told that I will not survive this virus. I need you to help claim and distribute my funds (us$7.5M.) to support people with the COVID-19…

  • My Name is Andrew Contarini from Venice Italy. I was diagnosed with Leukemia which has defied all forms of medical treatment, and last week miraculously survived Coronavirus infection… I intend and willing to empower the change of ownership for the transfer of my wealth to your possession for further Investment and Charity Disbursement to the Less Privileged and Homeless…

  • The COVID-19 Cash Donations policy is a 30-day free coverage that provides you to help people in your community, for hospital confinement and a benefit lump sum payout ($2,000,000.00) for you .

  • The United Nations in cooperation with World Bank have agreed to compensate you with the sum of One Million Two Hundred Thousand US Dollars ($1.2M)… This payment Program is organized for charity organization/Scam victims and current Corona Virus issue

  • Since i resume office i saw some files of Abandon compensation funds , and for the case of this Corona virus issue we also agree to compensate every citizin with little cash

There are some examples however of slightly more carefully crafted AFF scams, such as the following impersonation of the Bill & Melinda Gates foundation.

Coronavirus themed Advanced Fee Fraud

Coronavirus themed Advanced Fee Fraud

Malware Attachments

Coronavirus has additionally presented fraudsters with an effective lure to encourage victims to open email attachments. These emails are typically impersonating health organisations and governments with updates on Coronavirus, new recommendations or guidelines, information on cures, tests, and face masks.

Email with a malware attachment that impersonates the World Health Organisation

Email with a malware attachment that impersonates the World Health Organisation

Social Media Pages

All of the fraudulent social media pages seen to date are fairly basic, and have claimed to have a cure/vaccine available, and encourage victims to DM or otherwise contact the page creator.

Coronavirus fake cure social media pages

Coronavirus fake cure social media pages

Fake Shops

Fake shops have become prolific in recent years, providing criminals with a good alternative to phishing, where their attacks are more routinely disrupted. Fake shops claim to offer highly discounted luxury goods, typically for premium clothing, shoe or electronics brands. However, in reality they are simply a front to capture users’ payment information: after the victim completes the checkout process, they will be delivered counterfeit products, or possibly even no products at all.

In the wake of coronavirus, new fake shops have appeared offering protective products such as face masks, and detectors.

Coronavirus themed fake shop

Coronavirus themed fake shop

Phishing Attacks

The World Health Organisation

A number of phishing attacks have appeared impersonating the World Health Organization, offering access to a COVID-19 safety portal.

Coronavirus phishing attack impersonating the World Health Organisation

Coronavirus Phishing attack impersonating the World Health Organisation

Government Tax Refunds/Relief

As governments begin to offer various financial protections for citizens, we expect to rapidly see fraudsters launching fake sites for claiming money or tax relief. The following example impersonates the UK Government.

Coronavirus government tax refund scam

Coronavirus government tax refund scam

Office 365 lures

We are also seeing attacks mentioning Coronavirus that are attributed to other targets. The following screenshot shows a SharePoint-themed attack using a COVID-19 CURE lure to steal credentials for Microsoft Office 365, Google, Yahoo, as well as arbitrary email providers.

Coronavirus phishing attack using Office 365 lure

Coronavirus phishing attack using Office 365 lure

Following the ‘Login with Google’ link, then leads to a Google-themed sign-in page.

Coronavirus phishing attack redirects to fake Google Sign-in page

Coronavirus phishing attack redirects to fake Google Sign-in page

Other Microsoft-themed attacks redirect to after harvesting corporate Outlook credentials through a spoof Outlook Web Access page or serve the victim a malicious executable binary with the name ‘Interim Guidance for CoViD19’ from a fake Microsoft OneDrive page.

Supermarket Impersonations

As panic buying leaves supermarkets struggling to remain stocked, fraudsters have been seen targeting potential suppliers with requests for in-stock goods. The following example impersonates Sainsbury’s Supermarkets, a large UK retailer, suggesting payment within 30 days.

Coronavirus themed supermarket impersonation email

Coronavirus themed supermarket impersonation email

What’s Next

We expect attacks leveraging coronavirus to evolve rapidly. The attacks seen to date have required relatively simple changes by fraudsters on existing themes, and there are many more similar opportunities available for them to exploit. In particular we expect:

  • Fake shops to evolve from face masks and other protective products into fake vaccines/cures.

  • Investment scams to evolve, given the large amount of infrastructure involved, into Coronavirus scams. These scams currently involve fake news articles purportedly evangelised by widely respected people promoting get-rich-quick schemes.

  • Fake insurance claim emails.

  • Traditional phishing attacks against banks to make use of Coronavirus themed mails.

Posted on Leave a comment

A Record Question

Hey guys,

I’m trying to help a friend fix something. He has his domain on BlueHost, his WordPress on SiteGround, and his developer bailed on him, so this is the first time I’m seeing any of this.

Anyway, SiteGround emailed him saying he needs to update the A Record to a new IP address on BlueHost, so I logged in to take a look. Usually, the only A record I see is “@” but he has pages of different records. They all go the same IP address, so I’m guessing I can just change all of them, but I’m not sure as I don’t what some of these are.

I usually just work in WordPress, not much with hosting/DNS stuff, so I haven’t seen a lot of these A records. If SiteGround says the A record IP address needs to be changed, would I just change all of these? I don’t want to mess up his site, I’ve just never seen these records before.

I blocked them out but they are all the exact same IP address, minus “localhost”

A Records

Posted on Leave a comment

March 2020 Web Server Survey

In the March 2020 survey we received responses from 1,263,025,546 sites across 257,194,796 unique domains and 9,659,223 web-facing computers. This reflects a gain of 94,300 computers, 2.12 million sites and 3.00 million domains.

Microsoft and nginx both saw increases in the total number of domains in March 2020, with nginx gaining 4.84 million domains (+7.2%) and increasing its market share by 1.6 percentage points to 28.1%. Microsoft gained 215,000 domains, though this was not substantial enough to avoid losing market share to nginx.

nginx’s sharp increase saw it overtake Apache in terms of domain market share for the first time, with a marginal lead of 136,000 domains. However Apache continues to lead nginx by a considerable amount in terms of active sites
—despite losing 225,000 active sites this month, Apache maintains an 8.21 percentage point lead in market share over nginx. Apache also leads in terms of web-facing computers, though with only 3.17 percentage points separating them from nginx.

Several server vendors which hold a lower market share saw mixed results this month. Google lost 115,000 domains but gained 510,000 active sites, while Oracle lost 27,800 domains and 22,200 active sites. Both hold less than one percent of domain market share, with Google claiming 0.87% (-0.06 percentage points), and Oracle holding 0.22% (-0.01 percentage points).

After having gained almost 2 million domains every month since December, Cloudflare’s rapid growth slowed this month with a gain of only 714,929 domains. Cloudflare power their content delivery network with their own server software, originally based on nginx
, which accounted for 9.31% of observed domains.

Vendor News

NGINX released several new versions of its products this month. The nginx web server was updated to 1.17.9
with several small changes and bug fixes, one of which is related to HTTP/2 support. The company’s dynamic application server NGINX Unit
was updated to 1.16.0, adding functionality which allows more configurable round-robin load balancing.

LiteSpeed Technologies released version 5.4.6 of their LiteSpeed Web Server
. This release adds support for the latest draft specification of HTTP/3, which itself was published in mid-February. The release also hardens the server’s default TLS configuration by disabling support for TLS 1.1 unless enabled by the user.

Apache also released versions
8.5.53, 9.0.33, and 10.0.0-M3 of Apache Tomcat, which include several small feature updates and bug fixes.

Total number of websites

Web server market share

Developer February 2020 Percent March 2020 Percent Change
nginx 459,966,569 36.48% 473,308,955 37.47% 1.00
Apache 309,061,300 24.51% 306,114,673 24.24% -0.27
Microsoft 179,225,073 14.21% 170,567,386 13.50% -0.71
Google 40,120,733 3.18% 41,227,959 3.26% 0.08
Web server market share for active sites

Developer February 2020 Percent March 2020 Percent Change
Apache 53,656,055 28.22% 53,431,366 28.20% -0.02
nginx 37,738,509 19.85% 37,868,433 19.98% 0.14
Google 18,045,633 9.49% 18,556,132 9.79% 0.30
Microsoft 9,209,748 4.84% 9,346,422 4.93% 0.09

For more information see Active Sites

Web server market share for top million busiest sites

Developer February 2020 Percent March 2020 Percent Change
Apache 297,034 29.70% 295,454 29.55% -0.16
nginx 256,816 25.68% 256,501 25.65% -0.03
Microsoft 80,071 8.01% 79,064 7.91% -0.10
LiteSpeed 18,771 1.88% 18,584 1.86% -0.02
Web server market share for computers

Developer February 2020 Percent March 2020 Percent Change
Apache 3,347,812 35.00% 3,365,305 34.84% -0.16
nginx 3,029,931 31.68% 3,059,483 31.67% -0.00
Microsoft 1,663,155 17.39% 1,670,835 17.30% -0.09
Web server market share for domains

Developer February 2020 Percent March 2020 Percent Change
nginx 67,454,081 26.54% 72,289,580 28.11% 1.57
Apache 72,218,665 28.41% 72,153,645 28.05% -0.36
Microsoft 46,668,662 18.36% 46,884,134 18.23% -0.13
Google 2,349,555 0.92% 2,234,601 0.87% -0.06
Posted on Leave a comment

Good News! WHMCS Alternative Billing System to go ahead…

Early this month we discussed a possibility of a WHMCS alternative billing system. Many of you with different views. We have the funding and decided to go ahead with the build as a free opensource billing system for all the download and enjoy.

It will be built using CodeIgniter 4 as the framework and rolled out to github with updates periodically. This is a huge task and will take many months to get going. The project will start around April.

The initial release will support both cPanel and DirectAdmin out of the box. Project plans and goals are yet to be established.

If you want to support this project please join our discord server to keep tabs on the project start and progress. Any suggestions and feedback are more than welcome.

Posted on Leave a comment

Cheers to the 25,000th member of the ModulesGarden family!

At ModulesGarden we have been on a clear-set mission since the very beginning of our software development adventure – to make day-to-day business management easier for each web hosting enterprise around the world. Having such a clear objective in mind, we embarked on this travel full of hope and faith in the bright future ahead. But none of us did then have the faintest idea that after so little time we will receive recognition among over 25,000 customers from all over the globe! As there will not be any more perfect occasion than that to tell you all how much we value your presence, faith and support exerted on our company, please accept our most heartfelt – thank you!

We wish to take this exceptional opportunity to recollect some of ours most noble achievements and milestones reached thanks to every single one of you, our beloved clients, by our side – it has been a challenging and exciting path, fueled by incredibly hard work, much talent, countless cups of coffee, and undying passion for software engineering. Among the accomplishments we boast of the most is our continuously expanding collection of nearly a hundred ready-made WHMCS modules next to thousands of custom software development projects delivered into the hands of the most demanding business entrepreneurs. What we are particularly proud of is the very recent launch of the absolutely unprecedented, complete WHMCS Cloud Billing solution with an end-to-end AWS integration. Aimed at expanding your target audience and broadening the scope of available revenue channels, the tool is meant to remove the pain of managing separate invoicing systems and automate the entire billing process from A to Z.

While our faces fill up with an ineffable sense of pride and accomplishment upon reviewing those victories, we are nowhere close to the end of our adventure! In the forthcoming future, we hope to reach even more spectacular heights with your unspoken patronage. So, what is on our agenda for the upcoming months? A while back we have started the development of three brand-new products that are bound to leave you at awe once they see the light of day. First off, you will soon receive the opportunity to bring maximum automation and comfort into reselling your products with our innovative Products Reseller For WHMCS. Not to mention that we are also putting the last final touches to the fully customizable One Step Checkout Template For WHMCS solution that along with the truly pioneering Google Cloud Billing For WHMCS will take effect in the second quarter this year – be ready!

25,000 Customers Promotion at ModulesGarden

Even after saying all the above, the main reason why we are all here may still be a bit of a secret. We are rushing with the exciting unveiling then! For this significant moment on the ModulesGarden timeline we feel particularly obliged to direct a due dose of attention to all of you, our dearest clients, about whom this celebration is really all about. Feel warmly invited to treat yourself to our two special offers!

Unlock for yourself the staggering possibility to save 25% on the purchase of every single product available on our Product Marketplace.

Promo Code: ThankYou25K

For the price cut to be added correctly, simply copy the above code and paste it in the appropriate box while at the checkout. Be sure though to make most of the promotion before the end of March 15th, 2020!

Set off to the Product Marketplace!

Thirsty for more? Here comes our second treat!

Briefly describe your partnering with ModulesGarden and leave the story in the comments section down below before our promotion vanishes for good at the end of March 15th. We will then randomly choose the three lucky winners out of all submissions who will receive extra $25 in credits to be used for absolutely anything until the end of June 2020.

We will be awaiting your answers with bated breath!

VN:F [1.9.22_1171]

Rating: 5.0/5 (21 votes cast)

Cheers to the 25,000th member of the ModulesGarden family!, 5.0 out of 5 based on 21 ratings