Greylisting now available in shared hosting More →

August 18th, 2016

I’m pleased to announce that email greylisting is now available for all of our shared hosting customers. This is an anti-spam measure which delays email delivery from unknown senders the first time a message is received from them, asking them to retry after a few minutes. Legitimate email providers will automatically try delivery again (this is transparent to the person who sent the message), but spammers will typically give up and their messages will be discarded.

Greylisting is enabled by default, but this can be managed in cPanel on a per-domain basis.

A Preview of Our New Design More →

June 3rd, 2016

We’re working on a new design for our website which is due to launch soon, and we’re so excited about it that we wanted to share a sneak preview with everyone. Our current design is getting on for six years old now, so it’s definitely time for a refresh. The new design will work much better on mobile devices and the client area should be much easier to use with a clearer layout and navigation.

To coincide with the launch of the new design, we’ll also be completing a major upgrade to our Valcato Account software.  Soon you’ll be able to view quick stats such as disk usage without needing to log into cPanel, and a range of handy shortcuts will also be available allowing you to complete common tasks quickly.

To celebrate the launch of the new design we’ll also be running some very special promotions through September, so don’t forget to head over to our Facebook page so that you’ll be the first to hear about them!

Here’s the new home page:

And the Shared Hosting page:

And this is what the client area looks like:

We’d love to get some feedback on the design, so do get in touch if you have any comments you’d like to share with us!

World Hosting Days 2016 More →

March 19th, 2016

For the second year, Valcato Hosting sent a representative to the World Hosting Days Global conference in Rust, Germany. This is the world’s largest conference and trade show for hosting and internet related businesses. I met with our vendors to learn about their plans for the future and also spoke to other companies to ensure that we are always offering the best experience to our customers.

Meeting representatives from cPanel World Hosting Days 2016

Of particular interest was a presentation by Edward Snowden (via video) speaking about internet encryption and surveillance. This is a topic close to our hearts, we have blogged in the past about campaigns to ensure internet encryption remains secure from government surveillance and sponsored groups against potentially harmful legislation which could jeopardise this.

Meeting representatives from WHMCS OnApp Closing Party

We will also be attending cP1Con in Edinburgh on 14th April, so if you’re also there it would be great to meet up!

.uk Domain Price Changes More →

February 21st, 2016

Nominet, the authority which oversee all .uk domain names are changing their wholesale charges to ‘simplify and streamline’ the pricing across all domains effective from 1st March, 2016. As always we are doing our utmost to absorb the price increases and avoid having to pass any changes on to our customers. However in some cases this is unavoidable, I have outlined how we will be handling the price increase of each individual domain below.

No Change
1 Year: No Change
2 Year: $16 -> $20
1 Year: No Change
2 Year: $16 -> $20
1 Year: No Change
2 Year: $16 -> $20

This will affect domain renewals, transfers and registrations. All other TLDs are unaffected.

We are always seeking to provide the best pricing possible and absorb the cost of wholesale increases for our customers where possible. If you’ll cast your mind back to 2009 we were able to reduce our .uk pricing by 35%, so overall it’s still cheaper than 2009 prices. Some other companies have announced price increases of upto 50%, meaning Valcato continues to offer some of the lowest prices out there.

Lock in your domain for just £5

Renew your .uk domain now for an extra 2 years and pay just 8USD or 5GBP per year. This way you will not have to pay the increased price until 2018.
To extend your domain now at the current price, click here.

We’re Open Rights Group Corporate Supporters More →

October 6th, 2015

The Open Rights Group recently announced their new corporate supporters scheme, and I’m proud to say that we’re one of the first companies to join. I mentioned in a recent blog post that we’re strong supporters of the right of Internet users to use encryption to secure their communications, and we believe it is important for tech companies in the UK and elsewhere to speak out to make sure that our politicians are as well informed as possible when these issues are debated.

We want to help in whatever way we can, and supporting ORG financially is a great way to do that. If you agree, I encourage you to consider joining the Open Rights Group today.

Proactive WordPress Updates More →

September 3rd, 2015

WordPress is by far the most popular blogging platform and at last count we were hosting over 900 installations of it on our shared hosting servers. Many of these copies of WordPress are very old, and since WordPress is so popular security vulnerabilities in old copies of it are often exploited by attackers to hijack websites. This allows an attacker to redirect visitors to other sites, insert links to manipulate search engine rankings, set up phishing websites, and send spam.

This has always been a problem and it’s not one that’s specific to WordPress. Unfortunately in recent months we’ve seen a noticeable increase in WordPress sites being exploited in this way. We’ve set up measures in the past to detect compromised sites so that we can alert customers quickly, but ideally we want to prevent customers’ sites being compromised in the first place. We offer ModSecurity and CloudFlare, and customers can easily (and automatically) install updates via Softaculous, but we still regularly see sites being compromised simply because they’re out of date.

For that reason we have recently set up a system for automatically finding copies of WordPress which aren’t running the latest version, so that we can proactively ask our customers to update it before it can be exploited. We’ve already contacted dozens of customers to ask them to upgrade, and as a result most of those customers’ sites have now been updated to the latest version. There’s still a long way to go, so if you’re running WordPress (or any other third-party software) why not take this opportunity to make sure that you’ve updated to the latest version, and to turn on automatic updates?

We Support The Right to Encrypt More →

July 17th, 2015

The UK government is pressing ahead with plans to introduce legislation this year which will ban the use of encrypted communications, the contents of which can not be viewed by the security services. Undoubtedly terrorists and other criminals who use encrypted communications stand a better chance of evading state surveillance than those who don’t. However, the suggestion that this is a good reason to ban service providers from properly securing communications is misguided.

Banning encryption will achieve nothing other than putting us all at greater risk. Terrorists and criminals will adapt and find ways to circumvent the law, and meanwhile the rest of us will be left with no secure way to communicate. There is no way to allow access to encrypted communications for law enforcement without weakening such communications for everyone. Any weakness added for the convenience of the authorities will eventually be exploited by criminals. Any system which controls the collection of and access to communications data would itself be vulnerable to attack.

When David Cameron talks about denying terrorists “safe spaces“, what he really means is he wants to deny private spaces to everyone. He wants to prevent you from keeping information from the government for any reason, and he’s willing to make you less safe in the process. This would also set a precedent for the governments of other countries to enact similar restrictions, with potentially deadly consequences for political dissidents in some parts of the world.

As a service provider we fully appreciate the need to prevent our services being used for nefarious purposes. We are proactive in screening new clients to prevent fraud, we perform regular scans to look for compromised accounts, and we fully investigate all reports of abuse that we receive. We’ve cooperated with law enforcement when there was evidence of unlawful activity, and we’ve denied requests from law enforcement when there wasn’t. There is a balance to be struck between securing our systems against attack and preventing those systems being used by criminals. The Snoopers’ Charter strikes us as unbalanced.

There are numerous technical reasons why these proposals won’t work. However, this issue is about more than whether or not we could do this. It’s about whether we should do this. It’s about whether it’s right to deny privacy to everyone and whether we want our governments to have access to our communications en masse. We believe this would be a mistake. We strongly believe in the principles of free speech and the right to privacy. These go hand in hand, and these proposals would diminish the right to privacy and thereby harm free speech. If you’re a UK citizen please make sure your MP knows your views, and please consider supporting the Open Rights Group today by becoming a member and by signing their petition to stop the Snoopers’ Charter.

Two-Factor Authentication Now Available More →

May 9th, 2015

Security is a top priority for us at Valcato Hosting and we’re always looking for ways to pro-actively protect our clients. For that reason I am pleased to announce that Two-Factor Authentication is now available to add an extra layer of security to your Valcato Account.

We are using a system called ‘Time Based Tokens’ which you may have encountered already on other websites such as Microsoft and WordPress. It works by requiring a 6 digit number which changes every 30 seconds – in addition to the email address and password – to login.

The 6 digit number, or token, is generated by an app on your phone or tablet. This means that even if a malicious person were to obtain your password, they wouldn’t be able to login as they don’t have your phone, so cannot know the token.

To set up Two-Factor Authentication on your Valcato Account head over to:

Domain Price Changes More →

April 1st, 2015

The authorities which oversee a number of different domain names are changing their wholesale prices. As always we are doing our utmost to absorb the price increases and avoid having to pass any changes on to our customers. However in some cases this is unavoidable, I have outlined how we will be handling the price increase of each individual domain below.

Increase from $13 to $14/year effective from 1st April 2015.

Increase from $12 to $13/year effective from 30th April 2015.

Increase from $21 to $23/year effective from 29th April 2015.

This will affect domain renewals, transfers and registrations. All other TLDs are unaffected.
We appreciate your understanding that these are wholesale price increases and not our decision. This is the first time we’ve had to pass on wholesale price increases in 2 years, but unfortunately it has now reached a point where we are no longer able to absorb the increased cost for our customers.

More memory and IP-less SSL/TLS for shared hosting More →

February 10th, 2015

Towards the end of last year we completed a series of upgrades to our shared hosting infrastructure. This involved both software updates and the deployment of new hardware, the combination of which has allowed us to not only ensure that reliability and performance remain as good as ever, but we’ve also been able to make two exciting improvements:

  • Increased memory limits — More sophisticated usage tracking in the new OS software, along with the upgraded hardware, has allowed us to double the memory limit for all customers. All shared hosting accounts now have 1 GB of memory available, rather than the 512 MB previously available. We made this change experimentally a few weeks ago and haven’t seen any ill effects, so we have now made the new limit permanent.
  • SSL/TLS without a dedicated IP — As of today, all customers are able to install SSL certificates without needing a dedicated IP address, using SNI (Server Name Indication). All modern browsers support this, so in most cases a dedicated IP won’t be necessary. If you want to support older browsers which can’t use SNI, then you can still purchase a dedicated IP as before. To set up an SSL certificate with SNI, simply use the SSL/TLS manager in cPanel as normal.

We are always looking for ways to make our services better, so if there’s a new feature you want or anything you think we could improve, do feel free to get in touch.