Category: Blog

The best free, open-source password manager (KeePass)
Secure your passwords with an open-source, self-hosted solution

Managing your passwords is a real headache! We all know that the security of our personal data depends on our passwords, but frankly, who hasn't made a mistake when managing them? Let's take a look at how to avoid the most common pitfalls and find the ideal solution for keeping your passwords safe.

Common mistakes in password management

Two simple questions to see where you stand with your password management:
1. Do you remember your passwords?
  - If your answer is "yes", that's not necessarily good news. It means you're probably using the same password everywhere, or you've got a pattern that's easy to guess. A hacker could then have fun discovering other passwords if he ever found one.
2. Do you entrust your passwords to a private company?
  - Here again, beware! Many commercial password managers have already been hacked. And since they're "closed-source", it's impossible to know what they're doing with your data. And as for saving passwords in Chrome... I think you see where I'm going with this. 😬
Don't panic, if you answered "yes" to any of these questions, you're not alone - in fact, you're in the majority. It's time to make it safe and join those who are taking their safety into their own hands!

KeePass: the ultimate open-source solution

The right solution for maximum security and total control?

KeePass

This free, independent, open-source software lets you store your passwords in an encrypted database, protected by a single master password. No more remembering all your passwords - they can be as complicated and random as you like!

Let's be honest, the original KeePass app isn't the prettiest. But don't worry, there's a great alternative: KeePassXC. With KeePassXC, you get an improved interface and top-notch security, whether you're on Windows, macOS or Linux.
- For Windows, MacOS, Linux : KeePassXC
- For Android : KeePassDX
- For iOS : KeePassium
And for even greater convenience, don't forget to install the KeePassXC browser extension. It lets you automatically fill in your password fields and easily save new ones.
And activate the corresponding browser integration in the KeePassXC settings.
- For Firefox : KeePassXC-Browser
- For Chrome-Based : KeePassXC-Browser
Simplified transition from Chrome

As many people use Chrome and will inevitably be lazy to make the switch, you should know that it's very easy to export your passwords:
- Go to Chrome settings
- Then in "Passwords
- Click on "Export passwords".
- Save the .csv file
- Import it via KeePass using the "Import..." function.
- Delete the .csv and empty your recycle garbage can
Stay in control with a self-hosted solution

One of the big advantages of an open-source solution like KeePass is that you can retain total control over your data. No need to entrust your database to a private company. You can host it yourself on a platform like Nextcloud for offline access. With Nextcloud and KeePass, you can synchronize your passwords across all your devices, while keeping control of your data.

What's more, Nextcloud isn't just a storage service. It's a complete solution for managing your files, team collaboration and much more. You get all the benefits of proprietary cloud solutions like those from Microsoft or Google, but with total sovereignty over your data.

If you don't have your Nextcloud instance yet, you can get it very easily with full maintenance here : https://www.lrob.fr/hebergement-web/cloud-prive-nextcloud/

Mention for Passbolt

A self-hosting web-based solution also exists: Passbolt.

Whichever solution you choose, both Passbolt and KeePass feature password import/export functions, so you can switch from one to the other with ease. Once you're free, you're free.

Conclusion

Protecting your passwords is essential. With an open-source, fully self-hosted solution like KeePass and Nextcloud, you're sure to make the right choice. You'll have optimum security and control from A to Z, without having to rely on third-party services that could jeopardize your confidentiality.

So, ready to discover the satisfaction of using a random 128-character password, knowing it's super secure? Now's the time to get started with KeePass and take back control of your data. 💪
12/08/2024
Free LRob migration in August!

Is your site too slow? Insecure? Are you wasting time managing it?
▶️ Migration to LRob is free during August! 👌

Working in the middle of August instead of drinking Mojitos in Ibiza 🍸
Are you taking advantage of the lull to get organized and improve? 💪

Be rewarded at last! 🥇

👉 For all LRob annual hosting subscriptions, migration of your sites and emails is free!

The migration is complete and includes :
✅ Intelligent DNS changes for seamless migration
✅ Migration of your site's files and database
✅ Migration of up to 5 mailboxes
✅ SSL/TLS certificate generation for secure web and mail connections
✅ Verification of your WordPress instance and personalized advice

ℹ️ Do you have several sites or more mailboxes?
Get a group discount too! 👌

We remind you of the LRob "pluses":
➕ High performance guaranteed
➕ Anti-robot anti-hack security, alerts in the event of a flaw in your site
➕ WordPresss Toolkit (one-click login, auto-updates, security, plugin management even in the event of a site bug, etc.).
➕ WordPress expert advice and debugging help
➕ Daily outsourced backup with 1 year retention!

What do I hear? What was I hearing? 👂
"💲hut up and take my money?"

For a site 👉 https://portail.lrob.fr/produit/hebergement-wordpress/
For 3 to 128 sites 👉 https://portail.lrob.fr/produit/hebergement-web-agency/
Webmastering included 👉 https://portail.lrob.fr/produit/webmastering-wordpress/

Happy hosting! 😎

08/08/2024

Apache web server vulnerability affects millions of servers

The Apache HTTP server is one of the most widely used web servers in the world. However, like all software, it is not immune to vulnerabilities. And beware: it's a double vulnerability.

On July 4, a critical security flaw was discovered, affecting Apache version 2.4.60. This flaw is rated CVE-2024-39884.

The flaw allows the source code of PHP files to be disclosed. This is absolutely critical, as these files may contain, for example, database passwords or confidential proprietary code.

A patch was therefore released via version 2.4.61 of the Apache server... Except that this patch did not correctly correct the flaw! A second CVE was therefore released, CVE-2024-40725, to re-identify this ultimately uncorrected flaw.

Here's a summary of these flaws and the corrections made.

Update 07/30/2024: There is a possibility that this vulnerability is related to a wave of hacks targeting sites hosted by o2switch. Nothing has been established with certainty, as the means of exploiting these flaws and the scale of the problem are not yet public. Nor do I have any information from my hosting partner on the Apache versions used.

CVE-2024-39884

Publication date : July 4, 2024
Description : A regression in the kernel of Apache HTTP Server version 2.4.60 means that certain configurations based on content type, such as "AddType", are not correctly taken into account. In some cases, this can lead to the disclosure of the source code of local files, such as PHP scripts, which may be displayed as plain text instead of being interpreted.
Solution: We recommend upgrading to version 2.4.61, which fixes this problem.
Link : CVE-2024-39884

CVE-2024-40725

Publication date : July 17, 2024
Description : This flaw is an additional correction to CVE-2024-39884. It reveals that version 2.4.61 does not completely correct the initial problem. Indeed, certain configurations based on content type may still result in the disclosure of local file source code in certain circumstances.
Solution: We recommend upgrading to version 2.4.62, which permanently fixes this problem.
Link : CVE-2024-40725

Debian Patch Roadmap

Debian, the mother Linux distribution used by LRob, has also taken steps to correct these vulnerabilities in its various versions, either through the "security" repository or natively, depending on the OS version. Here's the roadmap for corrections:

Source Package	Release	Version	Status
apache2 (PTS)	bullseye	2.4.59-1~deb11u1	vulnerable
	bullseye (security)	2.4.61-1~deb11u1	corrected
	bookworm	2.4.59-1~deb12u1	vulnerable
	bookworm (security)	2.4.61-1~deb12u1	corrected
	sid, trixie	2.4.62-1	corrected

Link : Debian patch roadmap

LRob server status

All LRob servers are already up to date and correct this flaw.

Conclusion

Administrators of Apache HTTP servers should immediately check the version of their server and upgrade to the corrected versions (2.4.61-1[security] or 2.4.62) to avoid any inadvertent disclosure of source code.

The open-source community continues to monitor and rapidly correct vulnerabilities to ensure the security and reliability of software used by millions of servers worldwide. Make sure you follow security updates and keep your infrastructure up to date to protect your data and that of your users.

29/07/2024

[Solved] o2switch customers targeted by insidious WordPress hack - UPDATE: Hosting company's exemplary handling of the situation
Identification & causes: everything you need to know 👇

Last week, I revealed on LinkedIn widespread piracy among owners of WordPress sites hosted by o2switch. In our capacity as WordPress security experts, and thanks to an investigation among a number of affected and unaffected colleagues, we have been able to find out more.

Updated 07/31/2024 - Summary

According to an internal source, the host is not really to blame. The hypothesis of insufficient maintenance of the pirated sites thus remains the preferred one. Again according to this internal source, the resources put in place by the host to determine the precise origin of the problem are remarkable (a few examples were given to me - I approve of the strategy). Finally, even if the number of sites impacted may seem high, this must be put into perspective with o2switch's large customer base: the real impact would remain very limited in proportion, and the vast majority of customers should not be impacted by this specific problem.

What's more, on the evening of 07/30/2024, o2switch made a remarkable gesture, very rare in the world of large hosting providers, by cleaning up the hack on the impacted sites. It's a courageous move, and one that surprised me from a hosting company. Indeed, larger hosting providers tend to have the opposite habit, i.e. to leave customers to fend for themselves when the problem comes from the end sites themselves. The host's investment is real here, and earns my utmost respect.

We remind you that in security, the most important thing is prevention: maintain your site with automatic updates, good backups and don't forget to use the latest compatible versions of PHP. If you need help with this, it's my speciality 😉

📄 How to hack

The hack redirects mobile users to fraudulent sites, notably related to the Ukraine/Russia war, via a URL shortener hosted in the United Arab Emirates.

Technically, it consists of injecting obfuscated JavaScript code into all WordPress posts on the site. It is therefore loaded into pages and posts, and sometimes into other plugins such as cookie plugins, user review plugins, etc.

Here's an overview of the pirate code after de-obfuscation, so that even if you don't speak the language, you'll understand that the action takes place on click and that a random URL is selected according to the "UserAgent", i.e. the browser used:

Overview of pirate code after de-obfuscation
Additional information 07/31/2024

The request making the hack could be a simple POST request on the index.php file of the site, as a log suggests, which seems to correspond to an effective hack from an American IP (IP and site masked):
```
Jul-2024:213287:199.195.252.[HIDDEN] - - [27/Jul/2024:20:10:59 +0200] "POST /index.php?s=captcha HTTP/1.1" 200 102292 "https://www.[HIDDEN].en/index.php?s=captcha" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MS-RTC LM 8; InfoPath.3; .NET4.0C; .NET4.0E) chromeframe/8.0.552.224"
```
Here we see a query of 102292 bytes made on the index, which is 100x higher than usual queries of around 1000 bytes. Especially as this site has no Captcha... What's disturbing is that the query results in a code 200, which means that the request is accepted, processed without error, whereas a visit to this URL should instead result in a 404 (Not Found) error.
🔍 Identification
- The hack is sometimes poorly inserted in the articles and is displayed textually in the body of the pages instead of being executed.
- Most of the time it is invisible, you can check if your site is impacted by searching for "_0x365b", or "0x3023", or "function _0x", via the inspector of your developer console when visiting the site, or via a search in phpMyAdmin.
- Eset and Avast antiviruses block access to affected sites
- Update 07/31/2024 - One of the affected sites can't be seen via the developer console; instead, you need to use the "curl" command-line tool to observe the malicious code. This may be due to the site cache.
Here is an example of the pirate code as seen from the developer console:

Example of pirate code

🌐 Distribution of the hack

Thanks to a search of the hack's pattern on Google and Bing, I found many infected sites. I contacted all the site owners to alert them, advise them to contact their service provider and offer my help if needed.
- Out of 40 affected domains, found in France and Belgium, only 2 are not with o2switch - update 07/30/2024: Some sites at OVH, Hostinger and other hosting providers are also affected, but more rarely for the moment.
- Other foreign server providers are affected, but I've found fewer than in France.
- This suggests a targeted attack on sites present on o2switch IPs, which the hacker would have found via public lists that reference this. This type of attack can target any host, and there's absolutely nothing they can do about it. That's why you need to be proactive in your security.
💡 Causes still uncertain

Here's what we were able to see and deduce by cross-checking information between colleagues:
- As the hack is insidious, many are not diagnosed and detected quickly, but the earliest occurrence seems to have taken place in May - update 07/30/2024 potentially in July
- This does not affect a specific plugin or theme
- So o2switch's Tiger plugin doesn't seem to be the cause of the problem either, as sites without this plugin are also affected.
- Affected sites generally appear to be less well maintained than others, but this is the case for most sites; and sites that are fairly well monitored (perhaps not well enough) are also affected.
- The vulnerability exploited may have originated in the WordPress core if it was not updated quickly enough.
- This may be due to the use of an obsolete PHP version defined by the hosting manager (end customer).
- It's possible that the presence of a second WordPress instance (a dev instance, for example) in the hosting, which may not be up to date, could rub off on the main instance, due to a lack of isolation (it's the same hosting, the same system user, the same rights, and there doesn't seem to be an open_basedir rule to restrict the directory at PHP level at o2switch).
- This does not affect customers of a specific o2switch server, as they are spread over several shared servers, and some servers are not affected at all, suggesting a marginal problem (i.e. no server or global host intrusion).
- There's a tiny probability that a more global intrusion or hosting flaw has occurred (e.g. a flaw in a system package that allows hacking), but we have no evidence to verify this, and since o2switch hasn't reported anything, it's more reasonable to think that the concern comes from the end application (WordPress) or the version of PHP used by the end customer.
- - Update 29/07/2024 Finally, it is possible that a Apache web server vulnerability was exploited, either when it had not yet been properly corrected, or because o2switch was too late in updating its software versions. The dates seem to coincide for the most recent hacks. Here again, we can't be sure without an official announcement from the hosting provider.
- - Update 31/07/2024 Des vulnerabilities in PHP sub-versions, notably in certain revisions of PHP 8.0, could explain the hack. This is consistent with observed requests that could cause buffer overflow and enable code injection. If the host's PHP 8.0 sub-versions are not up to date, this would explain the possibility of the hack. In any case, the customer is at fault if this is the cause, as we remind you that PHP 8.0 is in any case obsolete and should no longer be used at all. In fact, it is no longer available for selection on LRob hostings.
- No hacks on LRob hostings.
🔨 Hack repair

Repair involves cleaning up the database by deleting the lines corresponding to the hack pattern. Prior to any operation, back-up your database. Website files don't seem to have been affected by this hack, but as with any hack, a full manual check is always recommended. Don't forget to clear the various caches of malicious code.

Need help repairing your sites and staying secure in the future? Find out more about my WordPress repair and security as well as my secure WordPress hosting.

If you've got more info, share it in comments or PM!
29/07/2024
10 criteria for choosing the best WordPress webmaster

When it comes to managing a WordPress site, you need to find a pro, a webmaster who knows what he's doing. A webmaster who knows what he's doing, who can turn an online journey into a joyful cruise!

But how do you choose the right one, or even the best one? WordPress Webmaster ?

Discover the 10 most useful qualities when choosing a WordPress specialist at the top!

1. WordPress culture

A good WordPress webmaster obviously needs to know WordPress inside and out.

First and foremost in its technical structure, but also in its functional and practical aspects. Indeed, among the thousands of themes and plugins, a good WordPress specialist needs to know the most popular scripts and, above all, their most common problems and solutions. While he'll never be able to know everything, his knowledge will enable him to adapt to new developments.

2. Proactive WordPress security

Safety is everything! Yet very few people master it. WordPress is a very popular site, and you need ultra-strict security to avoid hacking!

A good specialist has a security policy that he can provide.

It puts in place a whole host of transparent measures for you.
For example, daily security vulnerability checks, automatic updates, hacker bot blocking and robust firewalls to protect your site.

It should also be able to advise you on any action you need to take to stay safe.

As a result, the risk of piracy is virtually nil. But beware: perfect security doesn't exist, it's an illusion, and anyone who claims otherwise is either ignorant or a liar! But don't worry: we can get pretty close to perfection, and that's the direction we should be heading in.

3. Managing WordPress backups

Regular, outsourced backups are a must!

Daily backups and 12-month retention guarantee peace of mind. Backups should be outsourced from the site and even from the main host, and managed directly at server level, for greater reliability. In the event of a problem, restoration must be rapid. With your back-up thus assured, you'll be able to work on your site yourself, without the fear of breaking it!

4. System administration

A good specialist must master the entire web hosting chain. He or she must have system administration skills.

So, he understands the challenges in terms of the chain of operation of a web server that hosts the site, he understands the issues of performance, security chain, he also manages emails, DNS and domain names without worry. He'll be at ease in any context, so you can manage your online life seamlessly.

In fact, he literally has to be passionate about IT to have a vast and broad culture of all the tools and knowledge that enable excellent management of your WordPress site.

5. He must accommodate you

If he doesn't host your site, your webmaster will be ineffective and won't be able to guarantee its security.

Your webmaster needs a secure server with WordPress-specific management tools.

In terms of security, we know that the first link in the security chain is the server. If your webmaster uses a silly shared hosting solution with no WordPress-specific security measures, security can't reasonably be guaranteed.

And in terms of efficiency, if your WordPress specialist has all the server access and centralized management of the sites he manages, then he'll be much more efficient at solving your problems. With access to backups, access to the terminal, access to logs (history of actions and errors), this makes for efficient, high-quality work. The most demanding (like me) will say that you can't do a good job without these tools.

6. Responsive, efficient human support

Support must be fast, efficient and human.

He or she must be able to resolve bugs efficiently, thanks to a well-thought-out methodology. Available by phone, e-mail or ticket, your specialist must respond quickly and effectively to your (reasonable) requests. If your site is critical, then an on-call service must be available for emergency interventions outside working hours.

7. Flexibility and customer freedom

You have to stay free.

Adapting to each customer's needs is essential. You need to be free to access all your data and intervene on your site yourself if you feel like it. Conversely, you can choose to delegate everything. Either way, the choice must be yours, and you must be free to leave whenever you like, for whatever reason.

8. Self-taught and adaptable

You're looking for a true genius.

Because WordPress evolves extremely quickly, your specialist needs to be able to constantly acquire new knowledge and adapt at lightning speed. Because it's impossible to know everything, even for an expert, you need to be able to learn quickly.

Thus, the self-taught person who has already learned successfully on his or her own initiative is often better able to maintain an excellent level over time.

9. A good environment

He knows how to direct you to the right person.

Tomorrow, you may have specific web-related needs. For example, you may need to launch a webmarketing campaign, increase your presence on social networks, redesign your graphic identity, or even create a physical event.

The right WordPress specialist can't know all of these topics because he's specialized in WordPress; on the other hand, he should be able to redirect you to trusted providers to fulfill your ambitions.

10. Sympathetic and outspoken

Aim for a relationship of trust.

Your webmaster is your best ally, and you need him to accompany you on the Internet just as much as he needs you to take pride in his work and earn a living. It's important that the conversation flows smoothly and without filters.

The best part: he has to be able to tell you the hard-to-hear truths when you need them to move in the right direction!

Where can I find my ideal WordPress webmaster?

If you want to check all these boxes, I'm your man.

Discover my webmastering services.

21/07/2024
Don't just use "digital" any old way!
Article from this LinkedIn post. Follow me so you don't miss a thing.

"I'm crazy about digital!"

What I imagine when I hear "digital": FINGERS!

The word "DIGITAL" is obsolete and misused! ⚠️
Let's do better 👇

I defend and use certain anglicisms... But one of them saddens me:

DIGITAL 🙉🙉

Chances are you'll overuse that word! 🙊 Don't worry, I love you anyway! 🥰

This word has become a must in webmarketing!

But is it that good ❓ My answer 👇

Overuse of the word

⚠️ The use of this word everywhere has two dramatic effects:

1- Semantic satiation A psychological phenomenon in which the repetition of a word causes us to forget its meaning.

2- Loss of competitive edge: If everyone's doing digital, it doesn't make you stand out any more, it puts you up against huge competition in terms of SEO!

Double meaning

👉 This word already exists in French with a very different meaning!

In French, "digital" means :
️ "Which belongs to the fingers." Example: fingerprint.

In English, "digital" means :
️ "Digital technology; digital media, as digital television, digital audio, etc."
-> This refers to computer technology, which evokes the opposition to analog.

ℹ️ In terms of etymology, in English, "digital" comes from "digit", derived from the habit of counting on one's fingers... But in the end, "digital" doesn't have the same meaning in English as it does in French!

Lack of precision

👉 When we use the word "digital", we're talking about information technology.

🌊 But it's vague... Too vague.
🏄‍♂️ Surfing is cool, but being precise is even better!

As quoted by the excellent developer Simon Janvier in LinkedIn comment :

"To misname an object is to add to the unhappiness of this world".
Albert Camus

️ Digital, even taken with its English meaning is too broad to evoke anything concrete.

What to do ❓
Use real English

By replacing a Franglais expression with a true English expression (sometimes it's a question of word order), you'll break the double meaning and awkwardness of the expression.

Examples:
- Digital marketing ▶️ Digital Marketing
- Digital agency ▶️ Digital Agency
- Digital presence ▶️ Digital Presence
- Digital investment ▶️
- Se tourner vers le digital ▶️ Turn to Digital
Use "digital

⏭ The French equivalent of the word "digital" is, of course, NUMÉRIQUE.

👉 Simply replace expressions like "digital support" with "digital support".

💡 It doesn't take much longer to write! 💡
Use more precise or alternative words

Examples:
- Internet
- On line
- Social networking
- Operating systems
- Software suite
- Data storage
- Internet communication
- Webmarketing (English, but precise)
Change the meaning of the word

Samuel Haubois, Creative Director, even gives us a new meaning by LinkedIn comment :

I think the origin of the term is what happens at the tip of the finger(s) on a smartphone. From this stems all the other contemporary actions linked to digital technology. But that's a misnomer.
Samuel Haubois - July 21, 2024 - LinkedIn

Digital is about touch devices and more. The Wikitionary (the most up-to-date dictionary and meta-dictionary) doesn't yet mention this usage, but such a meaning would be an excellent way of revitalizing and enriching the meaning of this word. Here's to the creative minds who, like Samuel, will be able to make better use of it in their... digital communication campaigns!

Challenge: Can you find the word "digital" on lrob.fr? Apart from this article, of course!

⚠️ Revolutionize your WordPress security and management
🤙 Set a call here
20/07/2024
The cloud doesn't exist: pitfalls and dangers of the proprietary cloud and open-source alternatives
The word "cloud" has lost its meaning. It's so misused that I've coined a phrase for it: "cloud bullshit".

The cloud is often synonymous with a proprietary solution that locks you into an all-in-one ecosystem that's extremely difficult to get out of.

When the price of your "cloud solution" goes up by 300%, or a revolting new general condition of use appears, or the service is down: what do you do? Do you suffer like a victim, or are you suitably prepared to switch providers?

Today, your Linux System Administrator specializing in WordPress web hosting gives you all the secrets you need to know to avoid being trapped by cloud bullshit.

The Cloud doesn't exist?

The spoon doesn't exist.

Cloud: Definition

Visit cloud computing (French for "cloud computing") refers to the use of the memory and computing capacity of computers and servers distributed around the world and linked by a network. Applications and data are no longer located on a specific computer, but in a cloud (cloud) made up of numerous interconnected remote servers.
Definition by CNIL.

Cloud : Translation

We don't know where your data is. They're scattered all over an obscure computer system. Usually on a third party's premises, where you know nothing about the infrastructure and nothing about the data accesses and exploits carried out.

Is this really the future? No longer knowing where your data is?

Semantic shift of the word "cloud

Cloud" doesn't really exist any more, because it has lost its meaning. From a delocalized web infrastructure with resources scattered across several machines, a semantic shift has gradually taken place.

Cloud now means more than that: one or more servers in a datacenter hosting services. Basically, any online service belongs in the cloud.

In any case, it's still someone else's computer or computers...

Cloud = marabouage

With the cloud, everything seems to work as if by magic, without anyone understanding a thing. It's like magic!

If you don't understand, you're putting yourself at risk.

Solutions need to be simplified to make them intelligible.

It's by mastering your tools that you can protect yourself.

Linking applications and hosting: the danger of imprisonment

A major danger of the cloud: when hosting and service merge.

You're trapped in this solution. At 100%, you're dependent on the goodwill of an American company that owns your data, your work tools, over which you have no control.

For example, if you use the Office 365 suite, not only are you hosting your data on Microsoft's cloud infrastructure, but the services (calendar, excel editors, etc.) you use are proprietary and don't easily allow you to output your data to an alternative service.

The case of worldwide computer failure in July shows just what the problem is: until the service provider restores the service, you're completely stuck. Your business is held hostage.

The problem is the same with Google Cloud, but also with many service providers who provide you with proprietary solutions for your website or e-mail, which are often difficult to get out of.

Once you've got hundreds of employees on such a system, the organization and cost of getting out of it will turn off more than a few managers, even if it saves money in the long run.

My advice: If you're just starting out, go straight to open-source systems such as standard IMAP e-mail included with all LRob hosting packagesand the Nextcloud collaborative suite. If you are imprisoned, get advice and start adding an open-source solution, taking your time to transition to it, until you've done away with the proprietary solution altogether.

The "good" and the "bad" cloud: the three criteria
What is a "good" cloud?

From my point of view as a system administrator, who therefore directly manages cloud infrastructures, there are three major criteria that characterize a good cloud:

It lets you know where your data is stored.

It does not exploit your data.

It's simple and standard, so you can change it as you like.
The GAFAMs (Google, Apple, Facebook, Amazon, Microsoft) are therefore directly excluded: proprietary solutions, impossibility of localizing data which generally leaves Europe, commercial exploitation of data (statistics, social engineering, etc.) and as a bonus: government partnerships giving the US authorities a free pass to access your data.

You've got it: the chosen solution must be simple, transportable, localizable, free and independent.

We can add that the solution must remain easily reachable and ready to help you unconditionally, even if it's with the aim of getting your data out of their hands.

Finally, an ideal cloud includes additional security features such as application firewalls or anti-bruteforce, anti-robot blocking solutions. And as surprising as it may seem, the biggest cloud providers generally omit this type of security, as it would require additional human support that they don't seem to want to provide.

The perfect cloud exists

Thanks to my expertise in free hosting, I've created the perfect cloud!

So perfect, in fact, that it's my entire business and my entire life. Proof, if proof were needed, of my total confidence in this system and its total viability.

What does it consist of?

Transparent localization

LRob web servers are perfectly identifiable. You can find out exactly where your machine is located.

Visit LRob server status is public.

LRob servers are located exclusively in Europe. Simplifying your RGPD management.

Open & portable solutions

WordPress websites, POP/IMAP/SMTP emails, Nextcloud open source collaborative suite: everything is standard and can be transported!

There's nothing to hold you back, and you have all the access you need to migrate your data if required.

So you'll be staying with LRob for pleasure!

No data processing

No statistical analysis of your use is made. There are no governmental agreements. Your data is stored on a free, open-source server, devoid of any intrusive analysis tools.

Enhanced safety

Although this requires occasional support in the event of a false positive, LRob isn't afraid to get in touch with you, and implements additional safeguards directly on the server.

Simple management

A simple, intuitive control panel (Plesk) lets you easily manage your domains and sub-domains, emails, databases, FTP access and backups. This access gives you total control over all your data.

The WordPress Toolkit helps you manage your WordPress installations without being intrusive. You save a lot of time and security, without losing your freedom.

If you need a collaborative suite, LRob can provide installation and maintenance of your Nextcloud installation. Here again, the solution is standard, so you are free to migrate to the host of your choice at any time.

And do you know what? With LRob, you're so free that you can even mix free and non-free solutions. If you really want to use Microsoft 365 or Google Workspace, it's still possible, and I'll even help you if you need it.

What about you? When will the perfect cloud arrive?

Discover LRob accommodation
20/07/2024
Why choose a WordPress hosting specialist?
As the owner of one or more sites WordPress websitesYou should be aware of just how much practical, high-performance, reliable and secure web hosting can revolutionize your approach.

You have no idea how much you can revolutionize your WordPress management.

Revolutionize your management with the WordPress Toolkit

Whether you're an expert or not, managing and maintaining a WordPress site can be tedious and time-consuming. If you have several sites, it becomes even more complex.

Fortunately, with the WordPress Toolkit included with LRob hosting, maintenance becomes child's play! You'll save an incredible amount of time! The WordPress Toolkit totally revolutionizes the approach to WordPress management, making it much more efficient and scalable.

ℹ️ Unlike other tools, the WordPress Toolkit is non-intrusive: there are no plugins to install, and your WordPress installation remains perfectly standard!

✅ Install WordPress in just a few clicks, customize the installation if you like. No more having to create a database by hand.
✅ Check at a glance that all is well, and connect to your sites' back-office with a single click.
✅ Change your administrator password or email in 3 clicks
✅ In 1 click: enable/disable indexing, debug mode, server execution of wp-cron!

✅ Automatically update your sites, themes and plugins and check for security vulnerabilities at a glance (and be alerted by email when a new vulnerability is detected).
🔒 Apply a dozen security enhancements in just a few clicks.
🔨 Has your site crashed after installing a plugin? Deactivate this plugin in 2 clicks with the WP Toolkit!
🔨 Clone your site simply with the wizard

ℹ️ If you have several sites, then they are isolated from the system, but you can display them all on the same screen, so you can manage all your installations efficiently!

This makes complex, time-consuming tasks extremely simple. It's a revolution that will enable you to manage a large number of sites very easily.

Maximum performance for your WordPress sites

The speed of your site is critical to user experience and SEO.
It also determines whether you'll be wasting your time in a slow WordPress back-office.

As a site manager, you certainly have a role to play in choosing well-optimized plugins. But that's not all: performance measurements before and after the switch to LRob show an improvement in performance by a factor of 2 to 15 compared with traditional hosting providers!

Here are the gains measured before (left) and after (right) migration to LRob.

LRob loads between 3 and 15x faster and load times stabilized

10x faster loading at LRob and stabilization of loading times

How is this possible? Are the classic web hosts pulling our leg?

Conventional web hosts often sell you old, saturated server "clusters", which add latency at every stage of processing your site's pages and requests. Also, there's often no easy-to-use, high-performance caching solution directly on the server.

The LRob secret: simple, high-performance, well-managed servers!
- A simple, state-of-the-art infrastructure Dedicated servers: physical dedicated servers perfectly OVER-SIZED so that everyone benefits from maximum performance whenever they need it. With local NVME SSDs for ultra-fast access to your files and MySQL databases, state-of-the-art CPUs for fast processing and huge performance margin, with far more RAM than you need.
- Unique, intelligent management Exclusive anti-robot protection to avoid unnecessary server saturation, while protecting your sites. And optimized configuration of every web server software component.
- A Redis cache in server RAM No more thousands of cache files stored on your site: Redis lets you store your site cache directly in server RAM!
Native security for your WordPress sites

Your site's security is paramount. Yet securing a WordPress site is often a headache that nobody really understands. Security plugins aren't very effective, they waste your time and hinder your site's performance.

A website hack is always a tragedy. That's why you need to do everything you can to protect your site. And that starts with a secure, native configuration of the server hosting your sites.

A specialized WordPress host drastically improves the security of your site over any plugin, thanks to rigorous server configuration.

Here's everything provided "out of the box" by specialized WordPress host LRob :
- Application firewall customizable to block hacking attempts
- Automatic blocking of pirate robots to prevent their queries from reaching your sites
- WordPress-specific security enhancements in just a few clicks with the WordPress Toolkit.
- Security alerts If a vulnerability is made public on your site, you'll be alerted directly by e-mail, so you can take effective action!
- SSL Certificates Wildcard Let's Encrypt included to secure your site communications and related services such as email.
- Daily outsourced backup with one-year retention period. Made at the highest level, i.e. directly by the server. More reliable than a backup made by your site, this backup can withstand the worst disasters! What's more, it's never sent to a GAFAM, and remains in LRob's private infrastructure, ensuring the confidentiality of your data. You can also configure your own backups to the FTP of your choice.
Simplified management with Plesk

Managing your WordPress hosting has never been easier than with Plesk.

This intuitive control panel lets you manage all aspects of your hosting with just a few clicks in an extremely well-presented panel! Good old cPanel is a poor substitute for Plesk's excellent presentation and practicality!

Whether you want to create email addresses, manage FTP access, configure your MySQL databases or modify your DNS zone, everything is at your fingertips. Including the WordPress Toolkit, which we'll talk about next.

You can even access web logs to quickly diagnose and resolve problems on your site.

Passionate WordPresss support and assistance

By choosing a specialized WordPress hosting provider, you also benefit from expert and passionate support that will do everything to help you, without reading a dumb script or blaming the customer.

Whether it's configuration advice, access problems or technical questions, LRob is always happy to help, sharing its knowledge and experience to help you achieve your goals.

This quality assistance is a complete game-changer for your day-to-day needs.

By the way: each of our hosted sites is monitored 24/7 all year round! In other words, if your site crashes following an update, we let you know as soon as possible, before you even notice! And we'll help you understand the problem and get it back up and running!

Outstanding options for dealers

Do you have several sites? Save even more time (and money)!

With the Plesk reseller panel, centralize and simplify your management, and become a hosting provider!

The more sites you have, the more economical the solution becomes. For example, at 2024 LRob rates, if you have 8 sites, hosting costs €47.5/year per site. If you have 128 sites, it's €15.5/year per site.

Become a single point of contact for your customers, create access for them when they need it, and offer a more reliable and efficient service.

You save time, you get a better margin on hosting... And you offer a better service! With expert support to back you up every day.

Treat yourself to peace of mind with dedicated WordPress hosting

Opting for specialized WordPress hosting means choosing serenity and performance for your site. You benefit from a secure, easy-to-manage service optimized for WordPress, and the best expert support when you need it most.

LRob offers performance beyond what you could dream of, even on a dedicated NASA server, with perfect management included, at an ultra-reasonable cost!

So don't wait any longer, put your trust in an expert WordPress host like LRob and give yourself the peace of mind you deserve.

To host a WordPress site: choose a WordPress hosting !
To host between 5 and 128 WordPress sites: choose a package Web Agency !
Looking for a webmaster? Opt forHosting with WordPress Webmastering.

Contact me at for more info.
08/07/2024
Cybersecurity - Why do a WordPress security audit?
WordPress: A popular but vulnerable CMS

WordPress is without doubt the most widely used CMS in the world. Its popularity makes it a prime target for hackers. Owning a WordPress site therefore requires constant vigilance when it comes to security. But why is it so important to have a WordPress site security audit? What are the risks involved, and why is it particularly important for companies whose website is central to their business?

Safety risks: an unavoidable reality

Cyberspace is riddled with potential dangers. For a WordPress site, threats can materialize in a variety of ways:
- Fraudulent redirections Your site can be hijacked to redirect visitors to malicious sites.
- Blacklisting Your site may be marked as dangerous, resulting in a loss of trust and traffic.
- Spam and data theft Hackers can use your site to send spam on your behalf, or steal the e-mail addresses of your users and customers.
These situations can cause irreparable damage to your business, damaging your reputation and directly impacting your sales. Imagine the cost and loss of credibility if your customers were to receive spam on your behalf, or if their personal data were compromised.

The importance of auditing for companies

For businesses, especially those whose website plays an indispensable role, security must be a top priority. If your site generates revenue, collects sensitive data, or serves as the primary showcase for your products and services, a WordPress security audit becomes indispensable. A hacked site can lead to significant financial losses, legal disputes and brand image damage.

Beyond the CMS: The importance of server auditing

It's important to understand that securing the WordPress CMS alone isn't enough. A website relies on a complex infrastructure where every link in the chain counts. The server hosting your site plays a key role in its overall security.

The final safety level is equal to that of the weakest link in the chain.

A comprehensive safety audit should therefore include server security analysis:
- Evaluation of server configurations
- Access control
- Checking open ports and active services
- Software version and security vulnerability assessment
- Assessment and recommendations for maintenance policies
Protect your site, protect your business

A WordPress security audit is much more than a simple examination of the CMS. It's a comprehensive assessment of the entire infrastructure that supports your website. By taking proactive steps to secure your site, you protect not only your data, but also the reputation and viability of your business.

Don't let pirates get the upper hand. Invest in a WordPress security audit and ensure that your site remains a valuable asset for your business, not a vulnerability exploited by cybercriminals.
08/07/2024
Web greenwashing: How can you be truly green?
Everyone's trying their hand at eco-responsible sites. While this won't save the planet, it does help to raise awareness. It's a step in the right direction.

But the aim is to maximize efforts. And while site optimization from the visitor's point of view ("customer" side) is often emphasized, server-side optimization and choices are all too often neglected.

Yet hosting is the cornerstone of a truly "greener" web, accounting for most of the resource savings you can achieve.

Deciphering. 👇

1 - Customer optimization

This is the best-known and most obvious aspect. It involves reducing the weight of resources sent to visitors, thus improving loading times and reducing the site's carbon footprint.

This focuses on two main points:
- Design: choose optimized themes and plugins to avoid sending massive amounts of fonts and useless JavaScript or CSS code.
- Image optimization: use suitable image formats, compressed to modern standards such as webp, to minimize bandwidth consumption.
But that's just the tip of the iceberg.

Let's move on to the really decisive aspect! 👇

2. Hosting and server resource optimization

This point is often underestimated, yet in my opinion it represents 90% of the impact!

Choice of host 🏭

Hosting companies have a lot of room for maneuver when it comes to going green.

Green electricity, geographical location, heat recovery, type of cooling, choice of sustainable, low-energy machines.

For example, my server provider Hetzner uses 100% of green energy and caseless servers, scalable and durable. 🌱

Fighting robots 🤖

Removing up to 99% of unwanted traffic generated by hacker bots reduces machine power consumption by more than 50%. However, hardly any web hosts apply these filters, as it requires additional support to deal with false positives (and, in concrete terms, to unblock customers who repeatedly enter the wrong password, or use plugins making suspicious requests).

This has the added benefit of drastically boosting performance for real users.

I achieve this with attack detection and blocking techniques such as ModSecurity and Fail2ban, which are standard for those most familiar with web hosting system administration.

CPU optimization 🧮

Developers need to write light, fast code, and use high-performance caches like Redis (available on my hosting services), to maximize server efficiency.

What we're talking about here is a factor of 2 to 10 reduction in server CPU usage thanks to a good cache.

It's worth noting that traditional caches that write temporary files to servers are less optimal than Redis, which stores everything in RAM, thus avoiding unnecessary consumption of space and I/O (disk read/write) resources.

Efficient pooling 🫂

Optimized management of servers and sites, based on the above points, avoids wasting physical machines (each server can hold more sites) while ensuring maximum performance for all.

This approach also relies on a close relationship with customers to ensure customized management. For example, if a site is consuming more resources than expected, it may be due to an attack that needs to be blocked, or a concern about site optimization that needs to be brought to the customer's attention, with personalized advice.

Hopefully, you've learned something. In any case, from now on you won't be able to say you didn't know. 🌟👍

A project? Contact me at. 🤝
Or order the perfect accommodation directly from https://portail.lrob.fr/ 🚀
05/07/2024
Is freelance web design a job for the hyperactive?
Don't you have to be a little crazy and hyperactive to freelance web? 🤯🤯

No typical week and new challenges all the time! 😱

It seems to me that multi-tasking and constant adaptation can't be for everyone...

What's more, as a freelancer, you add an accounting and sales dimension. And specifically for me, as a web host with one or more specialties centered around security, web hosting, WordPress and email, you have to master an extremely wide range of skills, and you're all the more likely to have to discover new subjects.

Let's take a random week as an example.

Between Monday and Thursday, here are the kinds of tasks I was able to accomplish:
- Drawing up estimates and invoices
- Validate and fulfill hosting orders
- Update servers like every first Monday of the month
- Monitor an incident causing a 1-hour downtime on a VPS node (secondary DNS server, no noticeable impact on service), and be happy that the monitoring is doing its job properly.
- Analyzing and correcting WordPress security vulnerabilities, again and again
- Analyze visitor metrics via Matomo and Google Search Console
- Preparing a safety collaboration and identifying a few points to watch out for
- Improve the clarity and reflection of an offer and propose an order via my site
- Researching an atypical in-house directory project
- Respond to various requests for additions and improvements to a recently launched project, and discover Swikly and the Channel Managers in the process.
- Train a trainee to make her first web migration and correct her mistakes, give her a few tips on how to get started, then accompany the customer to make the DNS changes.
- Help a customer regain lost access to his hosting for migration purposes
- Learn how to decrypt a PGP-encrypted archive
- Discover LDAP within Nextcloud and start looking for ways to switch back to native operation without LDAP
- Discuss Gutenberg and business with a new customer with whom we'll be bartering skills
- Advise a customer on Android emulation
- Advise a colleague between AlmaLinux and Debian
- Updating a Mediawiki and solving related problems
And I'm sure I'm forgetting things...

As I write this for you, I realize how crazy it is. Because this isn't a particularly busy week, it's my daily routine!

And yet, after almost a year of full-time self-employment, I've finally found a balance in all this. If I've always managed to go out, see people, make connections and have romantic relationships, now I'm going back to sports and music with my friends, a sign of a happy and fulfilled life! 😄

It's all thanks to you, our customers, and I'd like to take this opportunity to thank you for your trust. 🤝

Now at the age of 34, I feel like I'm at my most productive! Of course, I do feel tired sometimes, but seeing how much I'm able to accomplish, I tell myself that it's normal to need a bit of a rest from time to time.

Does this sound like you? Do you also think you have to be a bit of a zany to adopt this lifestyle ⁉️
05/07/2024
Optimize the management of your WordPress sites: 10 Practical Tips

Are you wasting time maintaining your WordPress sites? 🥵

Here are 10 key points for managing hundreds of them super efficiently! 😎👇

1. Centralize your sites

Group your sites together on just one or a few servers, but make sure that each site remains system-isolated for security. This will be much easier to manage and more economical than hosting each site individually.

2. Manage DNS via the host server

Manage DNS of your domains directly via the hosting server. The creation of sub-domains will be simplified, your e-mails will be pre-configured for good deliverability, and you'll be able to benefit from a free WildCard certificate to protect all your domains with SSL/TLS encrypted connections. You'll also be able to centralize your email management, for even greater efficiency.

3. Choose high-performance hosting

Don't waste your time with a slow back-office. Choose high-performance hosting like LRob's to be sure that if your site is slow, the problem isn't with the server but with site optimization.

4. Use the WordPress Toolkit

Choose hosting with the WordPress Toolkit. You'll be able to log in to each site with a single click, receive security alerts, add additional protection with a few clicks, benefit from automatic updates and deactivate a problematic plugin even if the site has a problem.

5. Make sure you have a good daily backup

A good backup should be managed on the server side, not by the site itself. For peace of mind, have a copy at home in addition to the one at your host. Problems with a site? Restore a backup. And test your backups before you need them, so you won't be caught short in the event of a problem.

6. Easy access to server logs

In the event of a bug on your site, which is bound to happen one day, access to server logs is essential to find and correct the error quickly.

7. Choose a service provider who has your back

Choose a reliable provider for backup, support and monitoring. When the going gets tough, you'll know the difference between a good provider and a bad one.

8. Enable automatic site updates

With a good backup and a good provider, activate automatic updates for your sites, as enabled by the WordPress Toolkit. This eliminates the need for manual updates, increases security and saves you a lot of time. You'd be surprised how few problems occur when updates are made regularly.

9. Use additional server-level security

Choose a server with additional security features such as an application firewall, anti-bruteforce and automatic banning of attacking IPs. This, combined with the above measures, reduces the risk of hacking by 99 %, while drastically reducing unnecessary load on the server, for optimum performance.

10. Add value to your hosting and maintenance

Communicate your safety and maintenance measures. Invoice your customers for this added value, and secure your business with high value-added subscriptions. And be proud of the service you offer, so you can grow your business.

Do you have between 5 and 128 WordPress sites to host while respecting all these criteria? My offers Web Agency are made for you! Contact me at for more info.

Would you like to share your own method? Any points to add? Comment below! 👇

With these tips, you'll optimize the management of your WordPress sites, save time and improve their security and performance. Don't hesitate to contact me to find out how we can work with you to achieve your goals.

05/07/2024
DNS essentials - In 2 minutes
Every web player needs to master these points!

By mastering DNS, you can FREE with your websites and domain names! 👇

Learn the essentials in 2 intense, effective minutes instead of a boring 3-hour course. 🤯

What is the DNS system?

📄 The Domain Name System is the digital highway that makes a domain name (e.g. lrob.fr or google.com) accessible. Basically, the domain is "pointed" to a destination.

Examples:
- If you visit a domain like lrob.fr, your web browser makes a DNS resolution request in the background to find out the IP address of the server hosting the site.
- When you send an e-mail, further requests are made to find the destination mail server and authenticate the sender.
How does the DNS system work?

1 - Registrar 🏢

Domain names such as lrob.fr are registered with a "registrar" such as HaiSoft, Gandi, NameCheap, OVH and others.

Each registrar must go through a "registry" that is the authority for domain name extensions. For example :
- .en AFNIC
- .com / .net Verisign
- .org Public Interest Registry (PIR)
2 - NS (Name Servers) 🌍

To make a domain "resolvable" (accessible), it must have "name servers" or NS (Name Servers).

NSs contain the domain's pointing information and are said to be "authoritative". Always define at least two NS for redundancy. The registrar sends this information to the registry.

ℹ️ The domain owner ("registrant") is free to use the NS of his choice, or even to create his own, using values called Glue Records.

Various providers exist and you can create your own directly with a little knowledge. This is the case, for example, with lrob.net, my infrastructure domain with a complete autonomous DNS system supplied to all hosted customers to centralize their DNS management independently of the registrar used. How convenient!

More info

3 - DNS zone 🌐

⚠️ This is what you absolutely must master!

NS servers contain the domain's DNS zone. It is this DNS zone that contains the actual pointing values.

For example:
- the IP of the server hosting the site
- IP or host name of mail server
- Meta-information such as the list of servers authorized to send mail for a domain.
Click here to discover all possible DNS values and how to manage your DNS zone via LRob.

What do we do with all this?

You're now free to register a domain name with any registrar, to manage your NS (and therefore your DNS zone) wherever you like. And your sites and e-mails can be placed with as many different providers as you like, with complete freedom thanks to DNS zone settings!

To never go wrong with your DNS, choose a Hosting LRob ! 💪
I can help you with all your web challenges! 🤝

You have 1 site: Choose one WordPress Hosting.
You have between 8 and 128 sites: Choose one Web Agency Hosting.
05/07/2024
I had an internal OVH bug corrected on .fr domains

Recently, I discovered a new problem at OVH: anyone who had registered a .fr domain name with OVH was affected by a new limitation.

Here's the story of a 2-week journey that, for once, ended in success.

Article from this post LinkedIn.

The problem

Technically ▶️ OVH blocked DNS server changes unless all NS present in the destination DNS zone were defined.

In practice ▶️ This prevented flexible and efficient management for hosts like me.

Vulgarization ▶️ OVH thought it was god. 😅😅

The impact was dramatic for French internet freedom... 🥐

What to do about it ❓

I started by opening a ticket at OVH.

Those familiar with OVH won't be surprised to learn that this was a waste of time: after an off-the-cuff response, then a call and a few exchanges, the final answer was that there was no way to override this limitation. 😰😰

OVH even silently closed my ticket after I told them that they were the support that least bothered to solve the real problems I was experiencing. It wasn't a very nice remark, but it was true and was intended to make people react in the direction of solving the problem and not closing the ticket. 😅

My reaction ❓

▶️ First, I transferred my .fr domains to HaiSoft, a trusted registrar with excellent support and Afnic accreditation. Because transferring a domain is very simple.

▶️ Then, as a "little guy", getting a behemoth like OVH to move is no easy task... So I used my brain! 🤯
💡 If OVH doesn't listen to me, it'll probably listen to the authority responsible for .fr domains!

So I contacted Afnic.
And that's where the story begins! 🍿🍿

I was lucky enough to be taken care of by David Chansard, whose commitment is no longer in question. 💪
You can read his post here to find out more about his investment in the French Internet.

🕒🕝🕜🕐
So David patiently contacted OVH and kept me informed of the roller-coaster exchanges: one minute the problem was fixed, the next I had to re-open a ticket... His follow-up was exemplary despite these difficulties.

👉 In the end, OVH announced it was correcting the problem last Friday (a strange day for a production launch).

And on Monday, July 1, I was able to confirm this thanks to a test by one of my valued customers Mathieu Cellucci (Labographic) whom I thank, that it was indeed well resolved! 🍾🥂

Conclusion ▶️ When you're small, you can make things happen if you're smart and you meet the right people.

Never give up, you can make things better! 💪

Thanks again to Afnic, David Chansard and Mathieu Cellucci, without whom this would not have been possible. The world is a better place thanks to you.

To choose the best WordPress hosting from a company committed to your comfort and freedom, click here. this way.

03/07/2024
I fixed a Linux kernel bug!

Literally billions of peripherals will benefit! 🥹

❓What is the kernel?

This is the most primordial code: in short, it enables the operating system to talk to the components of a device, and handles the most basic functions such as reading/writing data to disk, executing programs, etc.

ℹ️ Which devices are affected?

The term "peripheral" is very broad.

The Linux kernel is present on web servers (90 to 99% of the market), Android smartphones (85% of the market), and the few million computers that have installed a GNU/Linux OS (2 to 4%)!

Not to mention the boxes and other connected objects running Linux.

Mac OS and iOS also use part of Linux. Basically, only Windows desktops are not affected at all.

The whole thing really does make billions of devices involved, without exaggerating. 🤪

Thanks to its creator Linus Torvalds which always maintains the code.

❓ What is the specific problem corrected here?

👉 I've noticed an anomaly on LG Gram series laptops running Linux, raising a potential kernel issue.

The problem: A system process that uses more resources than expected (and causes unnecessary heating and power consumption) when the device is charging and connected to a dock.

1) Discovering the bug

At the end of 2022, I discovered the problem and the fact that I wasn't alone: the Ubuntu community was starting to talk about it. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1987829
I reproduced the problem under Ubuntu and Fedora, which are quite different distributions, indicating that the problem was not with the OS but rather with Linux.

2) Initial understanding of the bug

In February 2023, the problem began to become clearer, and there was enough evidence to suggest that it was a kernel issue that had not yet been corrected, even on the latest versions.
I then created an account on kernel.org and opened this issue to try to warn the right people: https://bugzilla.kernel.org/show_bug.cgi?id=217076

I wasn't sure of myself at the time, as it was my first time, but I guess I did it right.

3) Thorough understanding and resolution of the bug

What happens next is totally beyond me, it's all about advanced Linux Dev Kernel... Some people make hypotheses, test them, understand exactly what the problem is, suggest a hotfix to test. And some of them confirm that the bug has been solved. All this takes almost a year and a half.

4) Publication of the patch

The corrective code is then proposed and accepted into the kernel for everyone to benefit from. This is precisely what is now underway: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9e3caa9dd51b23e232f095a98336a84f42e4a7f2

What's next?

In the next two weeks, the whole world will benefit from the patch.
The idea of having impacted billions of peripherals makes you dizzy! 🥵

It took time, and required extremely specific skills, but the result is there. 🍾

Open-source is beautiful! 😍

01/07/2024
Is your company locked into the Google or Microsoft Clouds?

Do you know where your data is physically located? In which datacenter? Who has access to it?

If only one of these answers is "no", it's more serious than you might think.

Regain control in 3 steps.

1 - Becoming aware of the problem

Using a Google or Microsoft service can be a source of pride and even joy, at first...

This is where marketing really comes into its own: customers who are happy to pay premium rates, i.e. several hundred or even thousands of euros a month in the case of large teams.

But who really wants to hand over their most precious data to the American giants? Who wants to get caught up in a retention mechanism that's hard to get out of? Who doesn't want to know where their data is, who has access to it, and what is done with it? And pay premium for it...

Without even needing to talk about "Big Brother" (which is a reality, these companies know you better than you know yourself, enabling mass surveillance and subtle manipulation of your search and other results that you can't even notice), such an operation can only be worrying, whether for an individual (even if they have nothing to hide), or for a company, whose business depends in particular on its documents and emails.

If you're able to say "I don't have a choice, everyone else is using it", you're wrong. Other independent solutions do the same job, or even better, for less money, while allowing you to retain full control over your data! Their development is solid, and these tools are being used by more and more people who value control over their data.

2 - Control your emails

Mails are an extremely standard service, and many service providers offer them.

But how do you choose?

A mailbox is not a calendar, a document-editing suite, a coffee machine, or anything else. If you have a problem with one of these services tomorrow, it doesn't have to be linked up in such a way as to complicate the changeover.

Choose a simple provider: a mailbox is a mailbox and should be nothing more than that.

Also, choose a secure provider: any web host or email service provider must comply with email sending standards (rDNS/HELO/SPF/DKIM/DMARC) and actively combat spamming from its network, which is of course the case with LRob, which comes with these security features without any additional configuration on your part.

To connect to the mailboxes, the service provider must supply a standard webmail like Roundcube (free and open-source, perfectly optimized, standard and simple), as well as a POP/IMAP/SMTP connection. For the connection, you'll use either the webmail provided, or the software of your choice (Thunderbird, Outlook, or email apps on smartphones). Need I remind you that LRob also provides Roundcube and POP/IMAP/SMTP connection as standard on all web hosting packages with email included?

An unresolved problem with your service provider? Migration can be as simple as copying mailboxes to IMAP and making clever DNS changes to avoid service interruption. If you need to migrate, even from a Microsoft cloud, contact me!

Host your website and e-mail efficiently, securely and freely with LRob.

3 - The collaborative suite

To work as a team, many use a collaborative suite like those integrated with Microsoft Office 365 or Gmail mailboxes.

But as we've seen, this has nothing to do with a mailbox and should be a separate service.

For this, a free, open-source solution exists: it's called Nextcloud.

More and more data-sensitive professionals are using it. The reason is simple: it's a website like any other, admittedly a little heavier than average, but it can be hosted by any powerful host like LRob!

Well managed with the addition of a document-editing suite like Collabora Online, Nextcloud enables collaborative editing, file sharing with teams or customers, calendar sharing, task management, chat, and much more.

Compatible with Windows, Mac, Linux, Android and iOS, Nextcloud lets you access your files from anywhere!

For contacts and calendars, Nextcloud uses the CardDAV and CalDAV standards. On Android, for example, you can use the DAVx5 app to dispense with the Google calendar and contacts altogether, and store everything on Nextcloud. Ideal for business environments.

Host your Nextcloud instance via LRob, with backup and maintenance included.

Any comments or questions? Feel free to comment on this post or to contact me directly.

01/07/2024
[TUTO] Backing up Plesk hosting on your home NAS
Data loss can have disastrous consequences. That's why it's essential for any company or individual to control and secure their data. And there's nothing better than backing them up on your own premises.

Plesk, LRob's web hosting management panel, offers robust solutions for automating backups and guaranteeing data protection. This tutorial will guide you through the steps required to back up your Plesk-hosted data to a home or office NAS (Network Attached Storage).

As equipment can vary, the aim will be to give you the general principles concerning your NAS and network configuration, but to be very precise about the configuration at Plesk level.

Prerequisites

Before you start, make sure you have :
- A NAS with FTP support.
- Ideally an operator that allows you to have a fixed public IP address (for Orange you need Orange Pro with the free fixed IP option active, for Free you need to request a fullstack IP, for SFR and Bouygues I have no information).
- If you don't have a fixed IP, you'll need to set up a DynDNS service. DynDNS example.
- Some basic network concepts: local IP, public IP, network port, domain name.
The basics: creating FTP access and port forwarding via NAT

To transfer your backups from Plesk to a NAS, you'll need to create an FTP access and make it accessible over the Internet.

A few basic notions: Each service on a server is said to "listen" on a "port", which allows you to direct (via a NAT rule on your router) Internet traffic destined for one service rather than another. The challenge is to redirect traffic destined for FTP ports to your NAS on your local network.

Create FTP access

How to create FTP access depends on your NAS model. If necessary, refer to your NAS's official documentation.

For ports, the default control port is 21. For passive FTP (recommended), the default port range is 49152-65534.

Here's a general procedure for Synology and QNAP NAS, two popular brands.

For a Synology NAS :

Official Synology Doc
1. Connect to the DSM interface on your NAS.
2. Go to "Control Panel" > "File Services".
3. Activate FTP service and configure settings (default port: 21).
4. Create a user with FTP access permissions.
For a QNAP NAS :

Official QNAP doc
1. Log in to the management interface of your QNAP NAS.
2. Go to "Control Panel" > "Applications" > "FTP Server Station".
3. Activate the FTP server and configure the necessary settings.
4. Create a user with appropriate FTP permissions.
Port forwarding

The port forwarding procedure varies according to your operator or router. Here are the general steps:
1. Access your router's administration interface. The most common default URLs are: http://192.168.1.1 http://192.168.0.1 http://192.168.1.254 http://192.168.0.254
2. Make sure you have set a static IP lease for your NAS so that its local IP always remains the same.
3. Find the port forwarding section (often in "Advanced" or "NAT/PAT").
4. Add a new TCP rule to redirect port 21 (or the port configured for FTP) to the local IP address of your NAS.
5. Add a new TCP rule to redirect port range 49152-65534 to the local IP of your NAS.
6. Save changes.
Good to know:
- On recent Orange Liveboxes, ports 50222 and 50805 are unavailable. So you'll need to do three port forwarding ranges: 49152-50221, 5023-50804, 50806-65534. Doc Orange.
Point a domain name to the IP or use DynDNS

To facilitate access to your NAS, you can use your domain name to point to your fixed IP.

If you have a fixed IP, go to https://ip.lafibre.info to get to know her.

Then configure a sub-domain to point to your fixed IPv4. Specifically, you need to create an "A" record in your DNS manager (if you're hosted by LRob, go to your Plesk control panel, in the desired domain, heading "Hosting and DNS" then "DNS") to point to your fixed public IP address.

For example: office A 128.42.16.XXX

If you're using DynDNS, then you can make a CNAME instead.

For example: office CNAME monsuperdyndns.dyndns.fr

Set up automated backup via Plesk

Finally, configure automated backups in Plesk.

Start by logging on to your Plesk control panel.

If you are a reseller (offering multiple domains), go to Tools & Utilities > Backup Manager

If you only have one domain, go to the relevant domain page, then in the right-hand pane choose "Backup and restore".

Click on "Remote storage settings".

Then click on "FTP(S)".

Enter your FTP access information :

Then validate with "Apply" (or "OK", which will return you to the previous page after applying the change). Access will be tested. If the service is not correctly accessible from the outside, or if your user does not have sufficient permissions, then you will get an error and need to correct your configuration. For passive mode and FTPS, this must of course be configured beforehand in your NAS settings.

Return to the Backup Manager page, but this time choose "Schedule".

Set up your backup, preferably at night, incrementally, with a full one every month. The maximum number of backups should not exceed 12. Make sure you choose a value that won't fill your NAS completely.

Confirm with OK.

Check for backups the next day. If everything is OK, after a while it should look like this screen:

By following these steps, you will have put in place a robust solution for backing up your Plesk-hosted data to your NAS, ensuring its security and availability should the need arise.

Looking for Plesk hosting? contact me.
05/06/2024
Hosting in Germany with Hetzner: Eco-responsibility, Interconnection and Privacy

In the world of web hosting, ecological and privacy concerns are paramount. Certain preconceived ideas can hinder the choice of a web hosting provider, particularly in Germany. This article aims to dispel these prejudices, highlighting the excellence of Hetzner, my German hosting partner, in terms of eco-responsibility, interconnection and confidentiality.

Ecoresponsibility: Beyond Greenwashing

🌿 Hetzner, a key player in the German and European hosting industry, is actively committed to preserving the environment. Contrary to the accusations of greenwashing often levelled at companies in this sector, Hetzner proves its eco-responsible commitment by using exclusively green energy, supplied by Energiedienst AG, a company specializing in renewable energies such as wind and hydroelectric power. But that's not all.

Innovative Server Architecture

📉 Hetzner is also revolutionizing its server architecture. By opting for a customized chassis-less design, the company saves raw materials, improves ventilation (outperforming traditional servers such as those from Dell), and reduces overall costs. This innovation translates into greater energy efficiency, the ability to operate at higher temperatures (reducing the need for air conditioning), and the ease with which components can be upgraded and reused.

By optimizing its design, Hetzner offers better prices while preserving our beloved planet as much as possible.

Reliability and Performance in Practice

⏩⏩ The efficiency of Hetzner custom servers is not limited to their design. When the going gets tough, you need to be able to rely on your hosting provider. Hetzner succeeds in this too, and can, for example, replace a faulty hard disk in its datacenter in just 15 minutes - a speed unmatched by other providers.

Exemplary customer support

🤝 Customer support at Hetzner is not only competent but also efficient, reflecting the overall reliability of their services. This operational excellence translates into minimal demand for support intervention.

Optimal Interconnection

🌍 Hetzner ensures impeccable interconnection with France, thanks to direct peering with France-IX Paris, which handles peaks of 2.5TBit/s. Hetzner's peering is 100Gbit/s on France-IX Paris, which has an impressive 99.9997% reachability rate over the past year.

There is a 5 to 10ms latency, however, due to distance. In practice, with HTTP/2 (and 3) the impact is of the order of the margin of error, and the superior performance of the machines more than compensates for this micro-loss, with loading speeds between 2 and 4x faster than many French servers.

Network performance in practice

In practice, the major French ISPs such as Orange, SFR and OVH can saturate a gigabit link with Hetzner without a hitch. Free, the worst pupil of interconnection in my general experience with them, still reaches Gigabit in burst then oscillates between 100 and 250Mbit/s) because of its very conservative (not to say stingy) QoS rules. As for Bouygues, I know that you can saturate a 5G link without any problem, but I haven't yet had a chance to test the fiber link; as their interconnection is generally among the best, I imagine that you can saturate a gigabit link too.

Security and Confidentiality at the European Level

⚖️ Germany, like France, is subject to strict European privacy regulations. Hetzner complies with the DIN ISO/IEC 27001 standard, guaranteeing a high level of data security and confidentiality. With the Hetzner cloud on a dedicated server, customers can be sure of knowing where their data is stored.

An Advantageous and Reliable Choice

✅ Hetzner stands out not only for its commitment to eco-responsibility, reliability and security, but also for its competitive pricing. It represents a cost-effective hosting choice, surpassing many French offerings in terms of quality and performance.

To take advantage

Take advantage of hosting on one of my 24/7 managed and monitored Hetzner servers.

Site hosting

Webmastered WordPress hosting

Hosting multiple sites

Nextcloud managed private cloud

31/01/2024