Oh, I’ve been around.

And not just the block, and not just the bend.

I’ve been to like, 49 U.S. states. And like, 38 countries. And I know cause like, I’ve got a spreadsheet.

And I’ve seen some crazy crapola on those travels.

I’ve seen it rain for three days straight in Riyadh and sunny for three minutes straight on Mount Wai’ale’ale. I’ve seen an entire baseball stadium of Japanese people pack out their trash, and I’ve had my balls grabbed by a Chinese guy in a panda suit.

But there’s one thing I’ve never seen, not once in this whole wide, wild world.

An International Domain Name (IDN)

Not once.

Apparently, at some registrars you can register things like お元気ですか.com … and they’ll actually work in web browsers! Maybe even some email clients?

Silly-ly, the way it works is kind of silly… it actually just translates お元気ですか.com into a regular ascii domain like xn--t8jc5b1c114xnw7a.com … and that is what actually shows up in the browser bar (at least in most browsers)!

Anyway, we always thought that was so silly that we never bothered offering IDN registration at DreamHost. We do of course allow hosting IDN domains with us (you just enter the domain into our panel as xn--t8jc5b1c114xnw7a.com or whatever), and currently host over 4,000 of them.

We just thought actually registering them was a lot of work for not a lot of gain.

A lot of work?

What’s so hard about it? Shouldn’t we be able to register xn--t8jc5b1c114xnw7a.com just like any other .com domain? What extra set up is there?

You’d think that! In fact, I’d think that too!

But no, the registries all require us registrars to specifically activate the ability to register IDNs … and when submitting them we also have to submit what language they’re in!

Why this matters is beyond me. In fact, when you register .com and .net domains, you have a choice of over 100 languages, and they don’t seem to really care what you pick most of the time. However, when you register .org and .info domains you have a choice of only 10 languages, and they’re an odd selection, and they do care.

Those ten languages are: Danish, German, Hungarian, Icelandic, Korean, Latvian, Lithuanian, Polish, Spanish, and Swedish.

Notice any missing? Let’s see, here are the world’s ten most “popular” languages, by native-speaking population:

1. Mandarin Chinese – 882 million (nope)
2. Spanish – 325 million
3. English – 312-380 million (N/A)
4. Arabic – 206-422 million (nope)
5. Hindi – 181 million (nope)
6. Portuguese – 178 million (nope)
7. Bengali – 173 million (nope)
8. Russian – 146 million (nope)
9. Japanese – 128 million (nope)
10. German – 96 million

For crying out loud, they don’t even have FRENCH! Not that I blame them, nyuk nyuk!!

What The Heck

Despite all these short-comings and dubious benefits, we’ve decided to bite the bullet and go ahead and start registering IDNs anyway!

So go crazy… simply visit our registrations area and enter whatever crazy (utf-8 encoded) characters you want … followed by .com (or .net/.org/.info)!

Of course, you still can’t register domains with spaces in them, REALLY weird utf-8 characters, or mix between left-to-right languages and right-to-left languages. And as I mentioned before, .org and .info are practically useless.

So what I mean to say is, taking into consideration those caveats, go crazy!!

And watch out for Chinese guys in panda suits.

We’re big fans of WordPress here at DreamHost.  It powers this website and many of our own personal websites.  It’s also probably the number one most popular web application running on our servers.

It’s so popular in fact that it’s increasingly become the target of security exploits.  Fortunately for all of us, the WordPress coders have done a good job patching up security holes quickly once they’ve been discovered.  Unfortunately, that doesn’t matter one bit if you don’t update the copy of WordPress running your website.

If you are a lucky DreamHost customer, installing and updating WordPress is very easy.  You really have no excuse for not updating.

We provide a one-click installer and upgrader for WordPress (and several other popular web applications) making it as simple as clicking a button in our web panel.  We even let you request that we email you whenever a new release is available so you don’t have to keep track of it yourself.

If that is still too much effort and you are willing to give up some flexibility, we also provide what we call an easy one-click installer, which is really just a fully managed and hosted version of WordPress that we update and maintain for you.  Even better, you can get this service from us absolutely free from DreamHost Apps (which also includes a bunch of other popular web apps for the same $0 price tag).

Why Not?

The only reason I can think of to not upgrade WordPress as soon as it is released is the worry that it will break some plugin you’re using.  While that is a very valid concern, you should really consider how much those pesky plugins are worth to your website.  Are they worth the days of time it might take you to clean up a hacked website?  Are they worth the shame you would feel if your hacked website is used as a base to infect hundreds or thousands of other websites?  These are very real risks.  If you are using a plugin that prevents you from easily upgrading your WordPress install, please consider abandoning it or finding a replacement that’s more robust and compatible.

Do It!

So, long story short:  UPDATE YOUR WORDPRESS RIGHT NOW. There is a major WordPress hack going around targeting older versions of WordPress.  The latest version is unaffected so if you have been a good upgrader you are safe!  A couple of big name bloggers (here and here) got hit recently, and it can also happen to you.  In fact, it might have happened already!  Check this post from Lorelle on WordPress with lots of gorey details about the hack and to find out if you may be a victim.

Whoops, there hasn’t been a blog post in a while.

It’s not that we haven’t been doing anything interesting in the last month, it’s just how could I top the ping pong one?

And, I guess we haven’t really done anything SUPER interesting in the last month… just a lot of little SUB interesting things.

So strap on your spurs, get your lassos out, and clean the poop off your face, it’s time for a good old fashioned July DreamHost Feature round-up!

ROOT on PS

You’d have to venture prettttttttty far out on the prairie to find a single lonesome complaint about DreamHost PS (our VPS service). But let’s say you were out in Peoria, IL .. what complaint would you hear, whispered on the wind?

“Why don’t I get root (e.g. super-user e.g. administrator access) on DreamHost PS!”

And if you listened to that wind one second more, you’d likely hear, “Because you’ll come crying to us when you break everything!”

We are not here to help you with your problems. We’re not. Until now.

We’ve just added a new Manage Admin Users area to our web panel, whereby you can create users with FULL ROOT ACCESS to your private server(s)!

Of course, to add one, you do have to agree to some rather onerous terms:

I understand that the power of an Admin User is mighty and if wielded incorrectly it can cause major damage to my Private Server. I also understand that if I damage my own server through incorrect use of my Admin User power DreamHost’s Happy Tech Support Team may be unable to assist me in repairing the damage, and that I may be forced to reset my Private Server back to its DreamHost-approved configuration via the Reset My Server function of the DreamHost Web Panel.

Once you’ve created an admin user, if you’d like you can tell us to stop managing various aspects of your PS! And, as alluded to in the text above, you can even reset everything to our default configuration (user’s home directories will be untouched)!

Search the Panel

In simpler news, there’s now a search field at the top of the panel. It’s still beta, but not only will it do a Google search of all DreamHost-related sites, it also acts as something of a “command line” to our panel.

Try phrases like “renew domain” or just start typing in the name of any domain/user/email/database on your account!

It’s still “beta” .. we “plan” on making it way “smarter” and “faster” soon, but in the meantime it seemed “good enough” for you yokels.

Rearrange the Panel

In slightly more complicated news, did you notice you can now customize your navigation toolbox?

Just go back to our panel and drag and drop any menu items in the left to the toolbox at the top.. they’ll move!

And stay!

I swear to gopher.

Google AdWords Credit

I’m proud to say we finally caved in and now do what it seems like every other web host on the planet does: outsource our tech support to Wyoming!

AND offer free Google AdWords credits to new and existing DreamHost customers!

To find out what the deal is, and how much credit you get, just visit the Google AdWords area of our panel.

Get along little doggies!

Kill FTP Connections

Like some kind of undead e-tumbleweed, sometimes FTP connections you leave open never die.

If that happens too much, your entire server can become a virtual ghost town, completely choked with zombie FTP processes… potentially putting your user over the max connection limit!

Save yourself the hassle of writing in to support: kill those processes yourself with the new button for just that purpose over at our panel’s Manage Users section.

API Rate Limiting

Remember our sweety-pants application programing interface? Well, even after the original gold rush, its popularity has just been growing and growing.. so much so that we’ve had to impose a limit for run-away apps:

No more than 1000 API calls in an hour and no more than 5000 API calls in a day per key!

Don’t worry, that’s more calls than fort knox.

Wait A Second

I just realized something… the July newsletter is going to just be a link to this post!

Yeeeeeeeeeeeeee-haw.

Hey!

Big props to the dozen or so DreamHosters who showed up and got $61 of credit to their DreamHost account.. I scored 29 points total, Micah 32!

Unfortunately, Micah didn’t get to move on to the next round, tomorrow at 11am in the Venetian (ballroom C).

BUT I DID.

All thanks to my mad 17 point handicap (in a game to 21) against two guys in my round-robin! BOO YAH. And the other guy dropping out because he “hurt his shoulder”. Pshaw.

So, if you missed the first round, here’s your (last) chance to get some more credit.. come root Josh on tomorrow (Saturday) and get $2 a point scored!!

To wrap things up, here’s a pic of the big mac I got on our drive to Vegas:

What, was it their first day?!

You may remember Dream Machine from such sports as basketball, basketball, softball, and basketball.

But what you may NOT remember is that we got in trouble with our building when they saw our elevator lobby table tennis shenanigans.

And what you couldn’t possibly remember, is that Micah and I have been working on our game since then and now are officially USATT rated (771 and 720 respectively).

Which is why I’m pleased to introduce for the first time… Dream Machine Table Tennis!

What’s it to you?

Well, we’re headed to the $100,000 Hard Bat Classic this weekend in Vegas, and anybody who shows up to cheer (either of) us on will get $1 in DreamHost credit for every point each of us score.. THROUGHOUT THE ENTIRE TOURNAMENT!

That could very well end up being THOUSANDS of dollars of DreamHost credit .. or very well end up being TENS of dollars of DreamHost credit!

To illustrate, I will now relay to you a little story of the LAST tournament we went to, less than a month ago…

The California State Open

The way USATT tournaments generally work is that everybody is grouped into four person round-robin contests, where everybody plays everybody else, and only the one winner advances to the “playoff” bracket.

When I showed up for my under-1100-rating tournament, I found my bracket on the board… and things didn’t look too good:

Jones, Josh 725

Lee, Kenneth 927

Liao, Hung Ju (Andrew) 844

Lu, David 958

Hmm, Jones vs. Lee, Liao, and Lu. Not to be prejudiced, but I was nervous.

And in fact, it wasn’t good… I ended up losing all three matches, although I did win one game at least vs. Ken.

Overall, it was still a lot of fun and afterwards I got everybody from our round robin together to take a picture to commemorate their victories:

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

See you tomorrow at the Venetian!

A couple of months ago I announced our new API, as well as a crrrrrazy contest to go with it.

Well, the contest has been over for three weeks now… which, even I grudgingly agree, is more than enough time for my trusty band of interns (no offense Greg) to review the dozens of submissions we got and decide which ones get to share in the $10,000,000 $10,000 of fabulous cash prizes!

One Ado

Before we get to the winners, I thought I’d first reminisce on how far the API has come in just two short months.

Since we started, we’ve added a test API account (use it to test out the contest winners if you want; username: apitest@dreamhost.com key: 6SHU5P2HLDAYECUM), the ability to get your results in xml, json, and “perl”, and of course tons of new functionality (included just-added mysql and mail filter-related).

Without further ado, the winners in the first official DreamHost API Crazy Contest are:

One Further Ado

Oh yeah, one last thing I wanted to say.. we had a real hard time deciding on the winners, there were so many entries of similar quality and essentially identical utility!

So, as a cop out, there are a lot of ties among the winners, and… we decided to give EVERYBODY who didn’t win a $100 DreamHost account credit as a consolation! It’s already been applied to your account.

Without further further ado, the winners:

The Early Bird Prize: $2,000

For the best application completed before May, we had an early-bird prize.. and the winner (as previously announced) was ChirpBot, a twitter interface to the DreamHost API.

Re-mentioned here for completenesses-sake.

Fourth Place: $750

A three-way tie between all the iPhone Apps created to manage your DreamHost account:

A couple of weeks ago I posted Broken Browsers Part One, which I can only pray gave you ample preparation for today’s post, Broken Browsers Part Two!

The truth is, not that much is broken in browsers these days. They’ve been around 15 some years now, so it’s not the biggest surprise all the major flaws to be resolved by now.

In fact, I’d say the reason these two broken behaviors of modern web browsers still exist is because most still (and as I’ll try to convince you, erroneously) consider them features!

The browser should just listen to the caching info sent by the server!

Agreed… WHEN REQUESTING CONTENT FROM THE SERVER!

The fact is, pressing back or forward shouldn’t even request content from the server at all!

As one commenter brought up last week, whatever happened to “offline mode” in web browsers? Because that’s what back/forward should still be… instant “offline mode”!

Anyway, on to the second (and final) part of this browser brokenness brouhaha.

SSL Secure Certificates!

Way back in the day, a secure certificate for your website meant two things:

Web browsers have been around for a pretty long time now.

Web browsers have been broken for a pretty long time now.

Bring on the rotten tomatoes, but I still predominantly use Internet Explorer because it is still the least broken browser when it comes to one of the most important features for me:

The Back Button!

(and forward too!)

I cannot understand why, after zillions of versions and dozens of years, no browser implements forward and back correctly.

It’s like the FIRST feature web browsers even had!

What’s Broken About It?

It’s simple really… what do you expect to happen when you click back (or forward)?

You expect the web browser to immediately display what you were looking at before your last click.

What actually happens?

Sometimes you get a “cache expired” message.

Sometimes you get a dialog window asking if you want to re-post to display the results again (ahem, Firefox).

Sometimes you get sort of what you last saw, but it takes a second while it connects to the Internet and gets updated with new content.

Sometimes everything is the same except that the big text field you had typed your blog post into is now EMPTY!

And sometimes, yes sometimes, it works exactly as it should.

Google Too

I kinda like Google’s new browser Chrome. It’s fast and lightweight. But, I also can’t stand it because it doesn’t seem to cache our web panel or intranet pages at all!

Believe it or not, every once in a while our panel is just a weeee bit slow.. and if I use my back or forward buttons as I navigate around, those teeeeeeeeeeensy delays can add up! All the unnecessary page loads probably aren’t doing us any favors on the server-side either!

Google’s apparently making a big push for Chrome soon, including TV ads etc… but before they push too hard, I wish they’d fix their back buttons!

And Here’s How

The craziest thing about all this is, fixing it would be incredibly simple! In fact, I’ve already worked it all out!

Let me demonstrate how the back and forward buttons should work. You can do this at home.

Click this link.

That should have opened in a new window (or tab) for you. And if you’re back here now, you’ve switched windows or tabs, correct?

Ta da!

That’s it! That’s exactly how the back/forward buttons should work! See how FAST it was to get back to this page? See how you were scrolled to EXACTLY the same place you were before? See how you didn’t even have to be on the NETWORK to continue reading this post? See how you didn’t get any pop up warnings or expired CACHE messages? See how you could switch back to that other window (like going FORWARD) just as easily?

Internally, every time you click a link, the browser should handle it exactly the same no matter if you are opening a new tab, a new window, or staying in the same window.

The only difference when you click a link “normally” is it shouldn’t add a “new tab” to the interface … it should put that “new tab” in your back history!

I’d even say the reason tabbed browsing is so popular nowadays is actually because back and forward are broken!

Internet Explorer has always done the best (though not perfect) job with this; it’s probably why they were the last to add tabs.

It’s the main reason why I still use it… honestly, I’d switch away if there were a single browser (or a browser plugin?) that handled it right.

In fact, if somebody can either fix an open source browser to behave like this (or make a working plugin), DreamHost will pay them $1000!

More formally:

The first person to release a plugin for firefox or chrome that does this should post their submission in the comments.

The plugin should make it so that when you click “back” or “forward”, it behaves EXACTLY as though you just switched to an open tab/window with that content in it (though of course visually you stay in the same tab/window).

As for how many pages to keep “open” in the back/forward history, it should be as many as it can, dropping them out in order of oldest to newest as it needs to due to memory constraints.

(Oh yeah, you know what browser would benefit the most from this? Safari on the iPhone! It seemingly does NO caching, even though because of its slow connection/processor it needs it the most! You can’t even fake it with tabs because there’s no way (that I know of?) to “open link in new tab”. It supports tabs though (up to eight), so it should be able to keep at least eight back/forward history pages in memory too!)

Speaking of Prizes

Just a quick reminder that our API contest is still going strong with a due date for contest entries of May 31st!

The prizes are as follows:

Grand Prize: $5,000
1st Place: $2,500
2nd Place: $1,250
3rd Place: $500
4th Place: $750

All the entries so far are up on the wiki, and the winner of the April 30th “early-bird” contest ($2000 to the best app done by April 30th) is…

ChirpBot!

It’s a Twitter interface to the DreamHost API!

It’s simple, it works, it looks nice, and it has the whole CRAZY INSANE SUPER HYPE BANDWAGON going for it to boot!

But don’t worry everybody else, there’s a lot more prizes to be won, and it’s still not too late to enter now!

We’ve recently added a test account and lots of new functions, so check out our API documentation and submit your entries over here!

Way back in March, one of our sysadmins Terri attended the Australian linux conference to give a talk about sysadminning at DreamHost as well as the open source distributed file system Sage’s been working on called Ceph!

Blah blah blah, on to the IMPORTANT stuff.

Apparently there’s some country or island or state or something next to Australia called “Tasmania”. And just like Australia, they’ve got totally fake animals and plants growing all over. The place is just lousy with them.

ALSO apparently, one of those crazy fauna known as the “Tasmanian Devil” has started getting FACE CANCER and is now totally endangered!

When Linus Torvlads heard about this, he was so ENRAGED he decided to do something about it. In linux-speak, that means he shaved the beard off some nerd.

He also irrationally and temporarily changed the linux logo from tux to “tuz” for kernel release

This had the unintended and unfortunate side-effect of raising awareness for the SAVE THE TASMANIAN DEVIL fund.

Not to be outdone, Terri and another one of our resident nerds, Jeremy, decided to show their RAGE as well; by getting “tuz” tattoos.

They also forced me to make this blog post about it as well as change the charity that we match donations to to be that same SAVE THE TASMANIAN DEVIL fund.

I said fine, but I’m waiting a couple months so it’s not so topical. And to see if those tattoos really are permanent.

They were. So far. So, they also made me make a special sale where anybody who signs up with the promo code SAVETHEDEVIL gets $50 off PLUS we donate another $50 to save these disgusting little beasties!

I’m enraged.

While we do offer telephone-based technical support in the form of callbacks, we don’t have a public phone number that customers can dial for technical support.

We do have a phone number, but it’s reserved for vendors and other specific applications – not technical support.

From time to time customers may find this number and they often leave irate/angry/pleading messages for assistance. We haven’t had one in a while, but this morning we received a voicemail that melted our hearts and moistened our eyeballs.

(We’ve obscured his domain name to protect his identity.)

903k, .wav file
– removed –

This customer of ours had their domain registration transferred away from DreamHost to another registrar (in this case, GoDaddy.com) without their consent. This can only happen if an unauthorized party gains access to our customer’s account control panel to authorize the transfer, and we’ve indeed logged the actions and IP address of this individual.

The customer may have used an insecure password, been infected with a password-stealing keylogger, or may have simply fallen prey to a phishing scheme.

We’ve done all that we can do in situations like these – we’ve advised our customer to begin the dispute resolution process with the domain’s current registrar.

In the end, he should be able to get his domain back. Unfortunately it’ll take time and a fair amount of money, depending on how receptive the current registrar is to his situation.

To help soften the blow we’ve sent him a huge bouquet of flowers to help get him through this difficult time.

Update 5/4: We didn’t realize this would strike such a chord with so many people and have removed the anonymized voicemail from this blog post. We’ve been working with this customer to proceed through the UDRP and are confident a resolution is near. This should serve as a good reminder that you should always be very careful about disclosing your passwords to anyone on the Internet.