Improving the Security of your Website: Website Generated Emails and Spam

Digital Key

Spam email has been a hot topic lately.  Google and Yahoo! both recently implemented new policies to help reduce the amount of spam getting into inboxes.

CU*Answers has been adjusting email policies and processes to conform to these guidelines and update clients to best practices.  You can follow these changes in the CU*Answers Kitchen.

To assist in this process, CU*Answers Web Services recently made a change to how email sent from your website is generated.  Previously, your website might have sent email from any number of domain names (the part after the @ symbol in the email address.)  This can cause several different problems.

Starting this May, the CU*Answers Web Services hosting servers will now automatically set valid email headers and sender envelope address for outgoing mail from domains to reduce chances of being treated as spam.  That means that emails generated from your website will now be changes to appear to be coming from your own domain name.  This aligns with SPF and DKIM policies.  If CU*Answers does not host your DNS and you have not set up these DKIM policies, you may contact us for DKIM DNS entries for the webservers.

Please reach out to CU*Answers Web Services if you have any questions or concerns.

10 Common Accessibility Mistakes and How to Avoid Them

Accessibility is accessible!

The accessibility of your website continues to be an important aspect of managing your website.  Your website should be available to as many visitors as possible, and it should be easy for that visitor to find the information they seek.  The Web Content Accessibility Guidelines (WCAG) are designed to standardize rules that make your website as accessible as possible.

Luckily, following best web development practices makes this easier.  This article on DEV.to highlights 10 common accessibility mistakes and also shows how to address them.  Some of these can be a little technical as they jump into the HTML code that makes up your website.

Need help with accessibility and your website?  CU*Answers Web Services has an accessibility expert on staff and we offer a recurring program that evaluates your websites for common mistakes.  These reviews even go beyond accessibility, we also look at general web hygiene for search engine optimization (SEO) and other topics.

Want to learn more about accessibility, the CU*Answers Web Services team has published several articles on CUSO Magazine. Here are some recent articles:

Network Maintenance – Tuesday, April 16

maintenance

On Tuesday morning, April 16th, from 12:00 AM – 8:00 AM ET, CU*Answers Network Services will be performing internal network maintenance. During this time, there may be brief network interruptions to our website and email hosting.

Improving the Security of your Website: Rate Limiting

Digital Key

CU*Answers Web Services and Network Services employ several layers to keep our servers and websites safe. Starting this week, CU*Answers Web Services is adding an additional layer to your web security by turning on rate limiting on your website web application firewalls. This improves the security of your website by preventing drive-by bad guys from scanning your website for possible issues they could exploit. This is part of our ongoing dedication to ensuring the safety and security of your digital assets.

With rate limiting on your website, the server will begin throttling and slowing down requests and possibly blocking requests for IP addresses that make excessive amounts of requests to your website. We are following the vendor’s recommendations for these levels and monitoring it closely in our dashboards, however, there is always the possibility that regular users are blocked. If this happens, the block will automatically fall off after a short period of time or you can always contact Web Services with the IP address that was inadvertently blocked.

Finally, CU*Answers does not disable security features or whitelist vendors to perform scans or penetration assessments. While we understand these tests are likely to be benign, CU*Answers hosts sites for many clients. All penetration tests risk unintentional denial of service to our clients, no matter how careful the testing firm is in setting parameters.

CU*Answers does hire external audit firms to test our webhosting sites on a regular basis. In addition, CU*Answers also performs its own vulnerability scans on no less than a quarterly basis. While we do not make public the results of testing, all results are reported to the CU*Answers Board of Directors, as well as any plans for remediation. CU*Answers does make publicly available our control scheme through our SSAE-18 SOC 1 and SOC 2 reports, which can be downloaded from the CU*Answers Due Diligence page.

Network Maintenance – Tuesday, March 19

maintenance

On Tuesday morning, March 19th, from 12:00 AM – 8:00 AM ET, CU*Answers Network Services will be performing internal network maintenance. During this time, there may be brief network interruptions to our website and email hosting.

Critical Network Maintenance Project on Sunday, March 10, 2024

maintenance

Please note that all CU*Answers Web Services hosted websites and emails will be impacted by this critical network maintenance project on Sunday, March 10th 2024.

The window for the scheduled downtime is from Sunday, March 10th 2024, from 4:00 AM to 9:00 AM ET and all websites and hosted email will experience some downtime.

For more information on the project and the timelines, please visit CU*Answers Client News.