TimThumb Vulnerability Fix

The recent Timthumb.php vulnerability has left scores of unsuspecting bloggers hacked. It’s the perfect combination of not so easy to fix for the technically disinclined, and easy to find and exploit for the malicious – resulting in a disastrous number of compromised sites.

About TimThumb:
TimThumb is a simple, flexible, PHP script that resizes images. You give it a bunch of parameters, and it spits out a thumbnail image that you can display on your site
1. Download the latest version of TimThumb.php ( TimThumb.php )
Read More

MYNIC 50% Discount Coupon – 1st Aug – 31st Aug 2011

MYNIC 50% Discount Coupon – 1st Aug – 31st Aug 2011

In conjunction with the Malaysia Merdeka Celebrations, National ICT Month (NIM 2011) and Breast Cancer Month, .my DOMAIN REGISTRY will be offering a 50% discount for all .my domain name registrations.

This promotion will start from 1 August 2011 until 31st August 2011.

DataKL Clients required to use coupon in order to get discount for these following extensions

mynic1 – for domain com.my, net.my and org.my – (Discounted price RM40)

mynic2 – for domain .my – (Discounted price RM60)

Prop .. Propagation What?

What is domain name propagation? For new domain name propagation is a period where you newly registered domain being sent to all name servers (or DNS servers) in the world.

Hosting Migration
Hosting Migration

DNS server caches of your domain name mapping to IP address. This mapping record normally stored for time period to prevent querying or lookups. For example www.datakl.com resolves to and stores in DNS servers around the world for 6 hours.

DNS servers drop stale DNS record based on few factors such as DNS record timing setting and
the practice of flushing records every interval period (normally ISPs)

Your computer stores DNS record for faster browsing to eliminate frequent DNS query to DNS servers.
The caching is beneficial for faster browsing but if you are in the midst of change hosting company or server, this process could cause confusion or downtime. Why confusion? In hosting or computing everything is almost instantaneous – upload your html/php coded page you can view instantly but for DNS the only solution is to wait!

On and off explains (After changing name servers I could view my web site for a moment and later turns to page could not be found or referring me back to old hosting server why?)

Normally your computer or router/modem use two DNS servers or more. The first (on) probably responded by a DNS server which has your newly modified record and the (off) page could not be found now could cause by another DNS server that still keeping your old DNS record -(error page could not be found or returning you to your old hosting company)

Just wait for propagation period to compete – normally 48 hours and your web site will resolve properly. Try on your luck by rebooting your computer – normally rebooting will flush the old DNS record in your computer or use ipconfig/flush command if you are using Windows DOS prompt. To have less impact on your operation or visitors, change your DNS during non busy hours is recommended – after office hours.

Asia Running Out Of IP Address

On April 15 – Apnic – The Asia-Pacific Network Information Centre (APNIC), which is the organization responsible for distributing IP address (IP) in most of Asia, Australia, and the Pacific announced that they no longer have IP address to be distributed.  Chinanet Fujian Province Network apparently the last company to snatch half a million of IP addresses allocated for Internet Service Providers (ISP).


The only solution is to accelerate the implementation of IPV6 but many ISPs especially in Asia pacific region is still not IPV6 ready.  IPv4 uses 32-bit addresses and can support 4.3 billion devices connected directly to the Internet. IPv6, on the other hand, uses 128-bit addresses and supports a virtually unlimited number of devices.

APNIC is holding 16.7 million IPv4 addresses, but the body still has reserves for other usage.  According to Apnic the exhaustion due to IPv4 the growth in fixed and mobile networks experienced in the region.

.My Domain Query Via SMS

Effective from 23 May 2011, you can check .my domain name availability instantly by sending SMS to .MY Domain Registry.
Below are the expected SMS you will receive:
Domain Name is AVAILABLE to apply
Domain Name is NOT AVAILABLE to apply
Domain Name is NOT FOLLOW the Rules of Choices of Domain Name
Type MYcheckand send to 36828.

This service is only available to Celcom, DiGi and Maxis subscribers.
One domain name per SMS only. Each SMS Alert is charged RM0.30. Your mobile number must be active and a minimum of RM1.00 credit balance is required to receive the SMS reply.

Google will house their servers in N9?

Has Google finally decided Malaysia to be one of location to host their servers in the Asian region? Our previous Prime Minister Tun Abdullah Ahmad Badawi met with Google CEO Eric Schmidt at the Davos conference in Switzerland in 2008 and the outcome was positive. Naturally Malaysia is the best choice since formed the highest group of Google users in South-East Asia. Malaysia has lower energy tariffs compared to India or Singapore and outside the ring of fire – certainly removed Asian countries like Taiwan from the list.


Teliti International is currently building and hiring NOCS engineer and specialists. Together with Cisco they are building DC in Bandar Enstek Technology Park in Negeri Sembilan, which is close to KLIA and 120,000 sq ft in size and claimed the biggest Data enter in Asia. The state-of-the-art centre is designed to have minimal levels of energy consumption and a low environmental impact. It incorporates a reliable and fully redundant power supply to enable 99.9% uptime to all equipment as well as smart cooling systems to recycle waste heat. Solar energy and rainwater harvesting are also used for day-to-day operations.

Will Google be placing their equipment there? The IDC with sheer size is carrier neutral and recently in joined the consortium of Malaysian ISPs to purchase international bandwidth at cheaper rate. Teliti also informed that 40% of the space already been booked by Multinational companies. Whether Google servers will be placed there or not this is certainly good for our economy. Thumbs up for Teliti International!

Did you know that we run DNS clustering ?

Did you know that we run DNS clustering for all our shared hosting Accounts?
Why DNS Clustering

1. Unified nameserver. We use only a pair of nameservers – ns1.datakl.com and ns2.datakl no matter where your site is hosted. Your addon domain will use the same nameservers as well. That is what we call easy and clean.
2. Or ns1 and ns2 are geographically diverse. Ns1 being hosted in Malaysia responds to DNS query for Malaysia and Asia primarily. Ns2 being hosted in the USA to answer any queries from North America and Europe.
3. 1. 0% downtime due to DNS service being down. If the DNS service is down in the server, the domain DNS will be served by the other servers in the cluster.
4. If a server is down (say being rebooted), and at that point if someone tries to send an email to a domain on that server, they will get a delivery failure message and the mail will not be sent again. This is because the sender’s mail server will assume the domain does not exist. But in case a DNS cluster is setup, the mail server sending the mail will only assume the mail server is down, and hold the mail in its queue to be retried again. No delivery failure report message will be sent.
5. It is easy to transfer domains among servers. The client will not have to change the nameservers used by the domains. The same nameservers can be used to point the domain to the new server. Easy migrations for us to move you to better specifications in the future. Other providers might have to contact you and ask you to dig up your domain control panel login, which might delay migration and causing downtime.
6. Faster recovery from server reboots. If you typed your domain name during maintenance and the DNS was down as well, page could not be found could be cached in your computer. It takes a few hours for your site’s DNS to refresh. This can cause confusion and. If you are hosted in DNS clustering environment, the moment server is up and running you can view your web site immediately.

cPanel DNS clustering
cPanel DNS clustering

7. Less work for web server. Our web server only handles web content serving and email. No DNS means less work for web server and fast loading web sites!.

How can you tell? If your current hosted giving out nameservers for example 105.nameserver.com and n106.nameserver.com think again because you are not hosted in clustered environment. The DNS, mail, database and content are hosted in the same server

Case Study: During Taiwan earthquake that ruptured undersea cables, internet connection including dns queries were delayed and timed out. Our USA DNS servers pointed the email towards the right server. Most of client emails got through even though the connections was slow. Other hosting providers email transmission timed out due to DNS record could not be reached. Geographical distance and latency caused their email to bounced back to the original sender.

SG & MY Discounted Roaming Charges

Source Thestar
PUTRAJAYA: Effective May 1, mobile phone rates for incoming roaming calls and SMS between Malaysia and Singapore will be reduced by 20% and 30% respectively.

Information, Communications and Culture Minister Datuk Seri Dr Rais Yatim said the cuts will be reduced further to 30% and 50% for voice and SMS respectively from May 1, 2012.

The cuts are applicable to prepaid and postpaid users subscribing to Celcom, Digi, M1, Maxis, SingTel, Star Hub and U-Mobile, he added. “These are minimum reductions in rates as traffic between both countries increase,” he said at the joint-launch of the rates reduction with Singapore Information, Communications and the Arts Minister Lui Tuck Yew on Wednesday.

The rates reduction follows Dr Rais and Lui’s joint announcement in June last year to cut mobile phone roaming rates for both countries.

Thumbs up for the discounted roaming charges. What about data charges? I think both countries should consider having a flat rate data charges. Most of us use our phones to check on emails, update status, downloading maps for directions and traffic abroad. We don’t want a huge ‘surprise’ when we receive our bills.

Deterring Spambot

Spam comments and fake user registrations are really annoying. You got tonnes of fake registrations for your forum and blog and it is time consuming to delete and manually approve registrations. Did you know that these automated process can be minimized.
All you need is .htaccess file inside your public_html folder and include lines below.

RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)=http [NC]
RewriteRule ^(.*)$ – [F,L]

The rules above will block perl user agents. Normally being used by automated fake user sign ups for forums and blogs.
What is user agents? Yes you can read about it here Visitors normally visit your web site and use Mozillla user agents (Firefox and IE 9) and IE user agents for older IE browsers. Spambots use perl scripts to automate their job.

Illustration purpose only
Illustration purpose only

p/s User agents can be faked but most common spammers are not that smart! Grrr