Gandi Bar

A new ICANN registrar agreement is on the way - What does it mean for Gandi customers?

Thomas — Sat, 11 May 2013 11:59:00 -0700

With the arrival of new gTLD extensions set for late 2013, ICANN has, more or less in agreement with registrars like Gandi, decided to implement a new registrar accreditation agreement. We will be required to sign this new contract to continue registering new domains. This will have ripple effects through the industry for everyone who holds domain registrations, and is therefore subject to ICANN's contracts. The effects will mainly have to do with the validity of customer data in the whois database.
With the arrival of new gTLD extensions set for late 2013, ICANN has, more or less in agreement with registrars like Gandi, decided to implement a new registrar accreditation agreement. We will be required to sign this new contract to continue registering new domains. This will have ripple effects through the industry for everyone who holds domain registrations, and is therefore subject to ICANN's contracts. The effects will mainly have to do with the validity of customer data in the whois database.
1) Registrars will be required to validate the consistency of customer data.
We already do this in some areas, but now we will be forced to go further, validating contact data for public or private entities around the world (!) This rule will apply to all registrars. It will be enforced for new domain registrations, and also for old domains upon renewal.
2) Registrars should verify the reachability of contacts.
We'll have to check the email address of the owner by sending a validation link, check the phone by calling it or sending a validation SMS, etc. This rule will apply to all new contacts or all existing contacts who make changes to their data. If these validations go unanswered, all related records may be suspended or destroyed.
3) Customers will need to keep their data up to date.
You will now have 7 days to inform us of any change of address, email or phone. If, when we email you as required (under WDRP) every year, we find that your email address is no longer functional, or we proactively ask to update your data, your non-response within 15 days may result in suspension or removal of domains.
4) We will have to keep your data longer
The new contract requires us to keep all of your data (account transactions, IP addresses, etc.) for 2 years after the removal or transfer of your domain. There will be exceptions to this rule if it violates local data protection laws. Today, when you have no more contracts with us, you can delete your account.
5) You should no longer receive fake renewal reminders from other companies
ICANN has added an interrupt contract clause for any registrar that sends fake renewal reminders. If they are caught doing this, they have to cease very quickly or lose accrediation. Perhaps this will mean the end of "DROA" and other fake "Internet Registries". It will be interesting to see how these unethical companies react!
6) Private whois services are (finally!) properly regulated
Note that all the registrars that offered this service up till now did so without clear regulations. This has led to problems, and, in some cases to lost domains from some registrars. Now it will be easier for registrars to offer this service in a consistent manner that preserves the ownership of the domain by the registrant, which is what Gandi has always done. Registrars who plan to offer this service will now need to arrange for a verified backup of certain contact information in their private whois records. These backups will be held in secure escrow by ICANN, and used should the registrar somehow be unable to continue, like if they lose accreditation or go bankrupt.
7) The display format for whois information is now standardized
To stop the practice of some registrars providing an exotic whois format that prevents transfer to another registrar, a standard format and content is now imposed. This should make transfers of some exotic top-level domains much easier.

The new contract is currently being validated, and we should be able to sign it in about two months. However, ICANN gives everyone until January 1st 2014 to comply with all of these rules.

The new Gandi cloud is on its way!

Thomas — Wed, 24 Apr 2013 10:37:00 -0700

We are making huge changes to our Cloud VPS systems. In a few weeks, several features that the market expects and that our customers have been demanding will be available. This will mean big improvements in the flexibility and operation of our IaaS products.

We are making huge changes to our Cloud VPS systems. In a few weeks, several features that the market expects and that our customers have been demanding will be available. This will mean big improvements in the flexibility and operation of our IaaS products.

First, for Gandi Cloud VPS servers, payment in advance for resources will vanish. It will be replaced by a single, simple, Gandi credit unit. You will be able to purchase these credits on demand from your Gandi prepaid account, or in packs at a discount proportional to the amount you buy. The more you commit to spend in Gandi credits, the bigger a discount you get.

To enhance flexibility, we are switching from a daily charge period to an "hourly" model, allowing us to charge for use with precise granularity, and to free ourselves from the concept of "shares".

Yes, the famous "share" will disappear, allowing you to resize your servers according to your whim, with the resources you want, when you want. You can kind of do this now, with a rather coarse daily scale, but the new system is much better, allowing you to pay just for what you play.

If you need more CPU, it will no longer be necessary to have CPU resources available in your account: you just add the desired number of processors, and the number of credits consumed per hour changes, and that's all. When you no longer need the extra power, you lower the number of CPUs, and this lowers the hourly consumption and price, and that's all. Really.

Another great (and frequently requested) benefit is the synchronization of the renewal dates for resources. All that remains is for you to keep an eye on the number of credits and the estimated time remaining for your use of resources available in your account. No more calculations for available resources!

We have included a cost-saving gradual reduction of price, based on the resources used per server. That means, for example, a single server with 8 CPUs and 8 GB of RAM will consume a little less credit than 8 servers with 1 GB of RAM each. You will see the levels of price reduction when you create your server:

To give you even more flexibility, if you want to stop a configured server and return to it later, just stop it. You will only pay for the static resources it consumes, namely the storage and IP address. When you want to restart the server, click it to wake it up

The billing will also be much easier. You will always have access to a clear picture of what you consume, by resource and by server, and the corresponding credit/cash balance.
You also can set alerts, and automatically purchase credit packs.

All these simplifications make use of the API, which is much easier as well!

Bandwidth management is also improving. The current model requires you to buy more shares to access more bandwidth, but soon, when the famous share disappears, you will be able to freely create your network interfaces, giving them limits of 1 to 100Mbps. Throughput will now be charged for, based on consumption per month. We will charge for use that is more than 90% of the maximum our current customers use, so nothing will change for the vast majority of users. For the remaining 10%, the reduction in price/resources on large servers offsets the additional cost for the extra bandwidth. For just a handful of high-bandwidth consumers, the rate will increase, and so will correspond much more precisely to our costs.

What about migration? We will start in May. The first thing we will do is send you an email (soon!) summarizing the resources available in your account, and the equivalent credits you will be given to replace them in the new model. Your servers, of course, will continue to run without any changes to the originally-contracted expiration dates. Unused resources in your account will be automatically removed, and converted to equivalent credits, which you can then use to run the servers you have, or for more resources or servers. Credits awarded in this way also come with a discount, based on the current commitment. Credits will not be refundable. They will be like a server is now with an annual commitment.

We are sure that you have a lot of questions about the details, specific operations, etc., so we have created this little FAQ in our wiki on these new features. If you do not find an answer for your question there, you can leave us a comment here, or email us directly at feedback@gandi.net . Please use email if you have a question that is specific to your account.

We are absolutely sure that this new model will simplify your life, by making your servers more flexible and easier to manage.

Deeply flawed security law passes the House - your privacy at risk!

Thomas — Thu, 18 Apr 2013 10:16:00 -0700

As long-time advocates of sensible Internet laws, Gandi is watching the CISPA bill closely as it tracks through the US Congress. Unfortunately, it has just passed the house of representatives. It now heads to the Senate, and a despite a potential veto threat from Obama, there are still big problems.

As long-time advocates of sensible Internet laws, Gandi is watching the CISPA bill closely as it tracks through the US Congress. Unfortunately, it has just passed the house of representatives. It now heads to the Senate, and a despite a potential veto threat from Obama, there are still big problems. You can help!

We have several concerns with the current form of the proposed law, among them:

Warrantless monitoring of customer activity and data by online service providers
Provision for service providers to share private customer data with the US Government, again without a warrant
Exemptions on the free access to the data the government collects about you in this way (you won't be able to see what they have under the Freedom of Information Act)
The ability for the government to be "affirmatively searching" the shared data (that is, going fishing)

The CISPA bill itself

ACLU Analysis of CISPA

Fight for the future

Take action with the EFF

Gandi Supports CFAA Reform – the right way

Thomas — Tue, 02 Apr 2013 14:24:00 -0700

Some of you are aware that Gandi supports many non-profit organizations and philanthropic associations with free or discounted hosting and/or domains. Often we choose who to support based on the mission of the organization, and whether that mission aligns with the needs and interests of our community: the community of Internet innovators, of which we are proud to be members. Every so often the interests of our community need more than just support. They need to be defended from attack by narrower interests, and so today Gandi is participating in a campaign with the EFF, CDT and others to help create a meaningful improvement in a dangerously broad law in the USA: The Computer Fraud and Abuse Act (CFAA).

Some of you are aware that Gandi supports many non-profit organizations and philanthropic associations with free or discounted hosting and/or domains. Often we choose who to support based on the mission of the organization, and whether that mission aligns with the needs and interests of our community: the community of Internet innovators, of which we are proud to be members.

Every so often the interests of our community need more than just support. They need to be defended from attack by narrower interests. Just as we did when we opposed SOPA, today Gandi is taking part in a campaign with the EFF, CDT and others to help create a meaningful improvement in a dangerously broad law in the USA: The Computer Fraud and Abuse Act (CFAA).

You may be familiar with the tragic case of Aaron Swartz, who took his own life on January 11, after being threatened with outrageous penalties under the CFAA for his alleged actions in downloading academic articles. Aaron Swartz’s suicide raises serious questions about the way the law was applied, and the way it is written, which severely criminalizes common actions and blunders many of us make online, often unintentionally.

Interpretations of the current law by prosecutors must be reined in, and the law has to be targeted to stopping those who harm the interests of law-abiding public citizens. It should not be a tool for law enforcement to retaliate against activists who (whether you agree with what they do or not) act in good faith for the common good. We know there are plenty of real criminals out there, so lets help Congress make a law that works for everyone.

So far, the proposed changes are taking us in the wrong direction, and making the law broader and the penalties even more draconian.

Gandi, and the Internet Infrastructure Coalition that Gandi helped to found, have already signed a letter to congress in support of CFAA reform, and made it part of our lobbying efforts. The EFF, who Gandi supports, has put up an action campaign. Aaron Swartz’s advocacy organization, Demand Progress, has called for a week of action starting April 8, to lobby for positive changes to CFAA. The Center for Democracy and Technology has sent another letter to Congress calling for this reform, and has the support of many advocacy groups. Representative Zoe Loftgren has proposed a bill known as Aaron’s law, that would take a step in the right direction.

If you agree that we need to reform CFAA the right way, join us in supporting this reform. Contact your congressional representative, and do your part to keep the Internet safe, free, and open. That’s the only way it will continue to enable innovation such as that our community creates.

New extensions on the way!

Thomas — Mon, 25 Mar 2013 12:48:00 -0700

Unless you have spent the last year studiously avoiding Domain Name news, you probably know that there is something happening at ICANN this year. Yes, that's right, ICANN has authorized the creation of nearly 2,000 new top-level extensions over the next 3 years. That's a big number! Probably more than you will want to register. While this flood of new possibilities is exciting, and we do hope that it enables a lot of creative activity, we expect the new extensions to be seriously underutilized, for the most part.

Over a third of these domain extensions are in the hands of brand-name owners, and will not be made available for public registration. Take Amazon for example, who has filed for at least 76 extensions. Amazon can soon publish sites dedicated to their reading lamps, if they want to, thanks to their exclusive ownership of the .kindle extension.

There are also extensions for whom several parties are vying, and ICANN must decide who is the most worthy contestant. Sticking with Amazon for our example, they have requested .book, but there are nine applicants and an objection has been filed against Amazon (though not against the other 8). There are even extensions where all applicants are objected to (for example .gmbh), and these can't be created at all until the objections are resolved.

There are also a number of extensions known as IDNs, or Internationalized Domain Names. These extensions contain non-ASCII characters (see this post on IDN if you want more details). IDNs represent a little over a hundred new extensions, of which we propose a dozen candidates.

So with all these complicated rules and disputes, it's probably going to be pretty hard to decide which of these new opportunities for domain name registration you will want to take advantage of for your online presence. To help you hack through this jungle, we have selected an initial set of some 600 interesting extensions to consider offering, with edited summaries based on the documentation filed by the requestors. So far it's been a big job, and we need your help to select the most important candidates in this set.

If you click here right now, you can pre-select for free any terms you might like to eventually register, along with the corresponding extensions. This will allow us to see fairly quickly where the demand is, and to keep you informed of the latest news about the extensions you wish to acquire.

When we eventually receive the information (release dates, conditions, prices, etc) on the new extensions you select, before they are activated at the Registry we will contact you and give you the opportunity to change your free pre-booking to a genuine registration request, for a fee. We won't do this automatically, or without asking you first, we promise.

Finally, to avoid the ethically repugnant system of internal auction that some other registrars have created, we have implemented first-come-first-served registration for any domain name that has multiple requests. For example, if the domain name choucroute.alsace is pre-booked by 3 people at Gandi, the first customer to ask for it will be in first place. But, if at the time of changing from a pre-reservation to an actual booking, the first customer does not confirm their desire to register the domain, then the second client will get the chance to do so. But wait! What if, say, the registry for .alsace for reasons of their own, requires a certificate of residence in the Alsace region? If the second customer to request "choucroute.alsace" can't provide this, then the third customer to pre-register will move up, and if they can provide the required documents, they will get the chance to register the domain at Gandi at the opening of the extension. Obviously, this will not give you the guarantee of obtaining the domain name, since other registrars file their applications at the same time, but at least we will not have asked you for money for the dubious practice of moving up your request. That would be just... wrong.

The history of prices for Domain Names, updated

Thomas — Wed, 13 Mar 2013 11:05:00 -0700

Like a bad dream that keeps coming back, once again the old registries leverage their position and take advantage of what ICANN allows: A unilateral price increase for Domain Name registrations.

Like a bad dream that keeps coming back, once again the old registries leverage their position and take advantage of what ICANN allows: A unilateral price increase for Domain Name registrations.

This time we are getting off easy. Only 5 extensions are going up: .ORG, .NET, .BIZ, .INFO and .NAME. The price increase is different for each one, and ranges from $0.51 to $0.78 (you can find more information at the end of this article).

The reason this is possible is that the registries are in a dominant position, in that they control the extensions. Add to this the indulgence of the ICANN (the master of domain names), and the prices creep higher each year. As you may know, at Gandi we have absorbed most of those increases in the past, even though we were increasing our quality of service, adding extensions, and hiring more highly-qualified support agents. As was the case last year, it is once again impossible for us not to pass along these prices increases. With the number of domains we handle, these few cents make up a lot of our operational budget.

Nevertheless, there is some good news. The .COM extension, which was set to increase by 10%, was blocked by the US government. The increase was seen as abusive of a dominant market position.

When will the price increases stop? Sadly, we don't know if they ever will… However, with the arrival next year of around 1500 new general extensions, with around two thirds of these for public registration, it seems that the sale of domain names will undergo a small revolution. Buying-habits will have to evolve. If you forgo the old extensions and chose the new ones, or those that don't increase in price, maybe the registries will have to think twice before requesting increases in the future. You have the power, use it properly!

Here is the list of planned increases this year, by date:
1 July 2013:
- The .ORG will go up by $0.55 (€ 0.43), for price level A, to $16.05 instead of $15.50 today
- The. NET will go up by $ 0.51 (€ 0.40), for price level A, to $16.01 instead of $15.50 today

1 August 2013:
- The .NAME will go up by $0.60 (€ 0.47), for price level A, to $15.60 instead of $15.00 today

1 September 2013:
- The .BIZ will go up by $0.78 (€ 0.60), for price level A, to $16.28 instead of $15.50 today
- The .INFO will go up by $0.74 (€ 0.57), for price level A, to $15.74 instead of $15.00 today

Obviously, renewals are also affected, and are subject to the same increases (though for some extensions, the renewal price is different from the creation price).

Gandi's Advocacy for Innovators in US Congress

Thomas — Mon, 25 Feb 2013 20:07:00 -0800

Gandi is participating in an advocacy day in the US Congress on Feb 25th.
This week we are heading to the US Capitol, braving the chilly weather and organized chaos we call the US Congress to talk to our representatives. After what happened with SOPA last year, it’s clear that our lawmakers need to have a more detailed understanding of exactly what the Internet is and does, and how we as web hosting and DNS providers make it work if they intend to improve it. We need to make sure the laws they create respect the decentralized nature of the web, and protect the incredible benefits that the Internet has created.

We share the concerns stated in the open letter from Internet Engineers to Congress, which is why Gandi is joining with other members of the Internet Infrastructure Coalition in a day of Advocacy on the Hill on Wednesday February 27th, 2013. We will be presenting on Internet services and business models to members of Congress in an informational session and a series of direct meetings.
The priorities of Gandi's advocacy are positive: we don’t just say no to bad laws like SOPA, but openly advocate for positive changes to existing laws, or even call for new ones. Aaron’s law (also known as CFAA reform), introduced by Zoe Lofgren, is needed to prevent overzealous prosecutors from using a provision of the Computer Fraud and Abuse Act, which they have interpreted as making it a federal crime to breech the "terms of service" for a web site you access.
The i2Coalition's current priority is supporting proposed changes to ECPA, which should be updated it to more accurately reflect the realities of data we store as web hosts, and to require warrants when that data is requested by law enforcement agencies. We call this "digital due process".
The CFAA reform legislation proposed by Lofgren is good, and is badly needed in order to clarify what is and is not a "computer crime". Gandi would like to see what we see as draconian interpretations taken off the table. This law should be applied to true criminals who cause real harm, not used to bully advocates for greater freedom of information, as was clearly the case with Aaron Swartz. Let's catch the real criminals here: identity thieves, corrupt officials or executives, to name a few. Let's not use the law to bully activists. Whether you agree with their actions or not, we need to make sure the power of this law is not abused again.

It is with a spirit of seeking to foster a greater understanding of how companies like Gandi bring innovation and new ways of doing business to the information economy that we are doing this advocacy. We want you, our customers, to be protected, your private data to remain private and safe from malicious hackers. We also want you to benefit as you have been, by having access to a free and open Internet, without censorship or unjust restrictions.

UPDATE Feb 28th, 2013:
After two days of meetings with member offices, and a well-attended lunch session on Wednesday February 27th, we can say that the i2Coalition has gotten off to a good start in our efforts on Capitol Hill.
While the issues we raised about privacy, open access, and censorship are important, it's clear that to make headway in the current Congress we will need the help of interested US citizens. Please, call your congresspeople, tell them that you support laws that help the Internet to stay free, open, and secure, without taking away the right to privacy online. We heard from many people how difficult that job will be, but we also saw that it is possible, if (and ONLY if) we all keep the pressure on.
Senator Wyden in particular echoed this sentiment when he spoke at our lunch event, where we honored him, Senator Moran and Congressman Issa with awards for their support of a free and open Internet. They deserve your emails and letters of thanks. We had a live stream that included inspiring speeches by i2C founder Christian Dawson, and reddit co-founder Alexis Ohanian.
Other representatives such as Senator Franken, who is generally supportive of these goals, also deserve your support. If you care about keeping your private data both private and safe from malicious hackers, as we do, please, tell your Congressperson, and ask them to help us offer you these services.
Gandi is happy to have contributed to this first event on Captol hill for the i2Coalition, and we look forward many more, and to your involvement.

Come to CloudConf 2013!

Thomas — Mon, 25 Feb 2013 10:28:00 -0800

Here's a conference we can wholeheartedly recommend. It's so completely without the usual hype and BS, we are even presenting!

We can wholeheartedly recommend attending this conference. It's completely without marketing fluff or hype, and so is entirely our style. Plus, Gandi is giving a talk!

CloudConf 2013 is one of this years great tech events (we will tell you about the other one a little later), dedicated to Cloud Computing in Paris. We have enthusiastic and exciting speakers talking about what's really happening in the market. These people know what they are talking about, and they aren't trying to sell you anything: they talk tech, and are masters in their field.
We will have some of the biggest names in the industry, and imagine... we will be there too! Gandi will be represented by Thomas , responsible for our U.S. operations. We have been bust coming up with ideas we want to expose and share, with the aim of helping the whole industry advance.

So if you are a confirmed geek interested in cloud computing, storage methods, issues related to tomorrow's Internet, or any of the many other exciting topics to be presented, and especially if you like big Parisian venues (CloudConf will take place at the French Comedy), we recommend you visit the the official site of the event and book your place soon.
Places are limited, of course, and priced at € 79.00 - but if you book your place in the next 15 days (until March 12) and you enter the code GANDI , you will receive a 15% discount!

An Accelerator for your Web servers

Thomas — Mon, 11 Feb 2013 23:43:00 -0800

Our technical team has once again proven that they are resourceful, innovative, and dedicated, by coming up with yet another new product to enhance your experience at Gandi. Check out this new Web Accelerator cache engine and load balancer! After months of careful study, we are releasing (as Beta) a new way to speed up visitors access to your HTTP and HTTPS web sites running on Gandi Cloud VLS servers. The Web Accelerator provides a significant boost to the serving of content, allowing your sites to handle a far greater number of users without sacrificing performance.
And if that's not enough to impress you, through manipulating the Varnish cache, we have added load balancing functionality for up to 16 servers! When multiple servers are attached, the dispatcher works as a load balancer, using either a RoundRobin distribution algorithm to randomly assign queries to available servers, or a ClientIP scheme, where each session stays on the same server until it expires.

This new product, called simply "Web Accelerator", is now available in Beta test . If you are not a beta tester, and and you want to become one, just ask us

During this phase, the Web Accelerator will be available free , with a limit of two servers attached. For documentation on how to use it, please see our wiki pages . If you prefer video, heres one from our friends at VarnishSoftware that gives a nice explanation.

We look forward to your feedback! Submit your thoughts, your problems, experiences, and yes, praise too, via this email address. Thanks!

Is 16 Million VLANs enough for you?

Thomas — Tue, 05 Feb 2013 22:18:00 -0800

Gandi is launching a revolutionary new product set this week. For the first time, a cloud service provider will offer a private VLAN using truly scalable, standards-compliant technology that will rock the cloud-computing world.

Gandi is launching a revolutionary new product set this week. For the first time, a cloud service provider will offer a private VLAN using truly scalable, standards-compliant technology that will rock the cloud-computing world.

For our customers, it’s going to be yet another cool new feature that we make available in our web interface, letting advanced users of our Gandi VPS Cloud systems network using private VLANs. For the world of cloud computing, however, the impact will be far larger, since once it's proven and reviewed, we plan to eventually offer the technology to everyone, as open source software.

It’s been a growing problem with cloud computing: as the virtual servers multiply, the ability of network infrastructures to keep up with the load has been stressed to the breaking point. The main issues appear first at the edge of the envelope, as cloud server providers like Gandi scale up and up to serve more customers.

We have been able to increase compute power and flexibility over the past year, but the network’s ability to offer VLANs to link user instances over private segments ran up against the issues of VLAN exhaustion, lack of redundant paths, and the overloading of even top-of-the-line switching infrastructures with too many MAC addresses.

Now the barriers have fallen.

The limit of 4096 VLANs on a given switching fabric is blown away: it’s the square of 4096 now, over 16 million VLANs.

Redundancy of links is assured, and our MAC-in-MAC implementation of the TRILL RFC relieves the stress on switch table space.

What does all this mean? It means that Gandi once again is showing the world that when networking vendors fail to address a market need with reasonably priced solutions, innovative companies and people come together to develop open source solutions. Sorry, network vendors, we won’t be buying that SDN solution. We can innovate and make our existing network infrastructures really sing, replacing nothing, just implementing innovative open technology.

For our customers, we are releasing a beta version of the Gandi Private VLAN and Web Accelerator proxy later this week, free. We are limiting the trial to one VLAN, and two VPS servers on one Web Accelerator until we have your feedback on the awesome speed and functionality of this truly (r)evolutionary product.

To be included in the beta test, email us at beta-hosting@gandi.net.

Read on for an in-depth description of the TRILL as implemented at Gandi.

Simple Hosting Turns One Year Old

Thomas — Wed, 16 Jan 2013 16:05:00 -0800

On January 19, 2012, after three months of beta testing, we launched the first European Cloud PaaS: Gandi Simple Hosting. It's now a year later, and Gandi now hosts over 16000 sites. In the USA, we have a strong presence, and while there are many choices for hosting, Gandi's unique, targeted PaaS products are catching on here too.

Simple Hosting offers an easier way to get your web applications deployed and running, hiding a lot of the complexity of self-managed instances, yet giving you the flexibility to load what you want, when you want, on a known, supported, and stable platform. It's perfect for a blog, an e-commerce site, or CMS for a company or association.

What's been done the first year?

Gandi's approach has always been to listen to what it's customers say (you are our product team!) and make it reality as quickly as we can. We listened, and over the course of the year we have added feature after feature. Here's some of what we added:

Snapshot backups

Multi-site management

SSL Certificates

SSH Console Access

PosgreSQL instance

What's next for Simple Hosting?

Gandi knows that the choices you have in hosting providers are many, and that there are advantages some of our competitors have that you are asking for. We think we have the edge on them in terms of value for the price, but we are still planning on more and more features and instance types over the next year. Really, we are just getting started here, and all of us are very excited to be working on this product. We never cease to be inspired by the sites you, our customers, put up each day. We want to keep enabling your success.

You will see more instance types, support for more configuration options, software versions, and management features. We are also increasing the availability of support with our online chat service. Yes, we are hiring in the USA!

It has been a good year, and like all good things, it's time to celebrate the anniversary. For this weekend, we are offering a promotion in honor of Simple Hosting's birthday. You can get deep discounts on new instances of all sizes until midnight CET Monday, the 21st. If you were thinking of putting up a site on Simple Hosting, now is the time! You can also get a 20% discount on an upgrade, so if you started with an S size and outgrew it, or wanted to add an SSL cert that needs an M size, get one for less this weekend.

Remember that you are also our marketing team. We rely on our customers (and only our customers) for promotion, and we never buy ads. If you like what we have done, or what you have been able to do with Simple Hosting, leave a comment about your site here. Tell your friends on Facebook, Tweet about it, and let everyone know how Gandi made your site fast, easy, and flexible.

SSL Certificates for your instance

Ryan — Mon, 07 Jan 2013 11:34:00 +0100

It is now possible to add a SSL certificate to your websites hosted on our Simple Hosting platform.

But first of all, HAPPY NEW YEAR! And may your wishes come true, and your instances be filled with joy and your database mutate (or not, haha)

We are pleased to announce that we are starting 2013 with the ability to add SSL certificates to your websites hosted on Gandi's Simple Hosting platform. And not just those issued by Gandi, but ANY valid SSL certificate!

For this, you just need a valid certificate that corresponds to the name of the domain that will be used with the website and of course an M-size or greater Simple Hosting instance. The installation is childishly simple: just paste the domain's certificate and its associated private key into the form, and there you are!

If you need more instructions, check out our page in the Wiki on the topic.

And as we are still in the Christmas spirit, and some of you may want to test this without spending too much, we're giving you a special promo code that will let you purchase a M-size instance for one month at half off the usual price ($5 instead of $10).

The promo code is the following: PAASM4SSL and it must be added, then validated (as usual) in the 'Promo Code' field during checkout. This code is only valid until February 1st, 2013.
I'll also note that if you have a domain name at Gandi, and you have not yet used your promo code for 50% off an annual instance subscription, you can benefit from an M-size instance at half off, for the next 13 months

The future of the Internet is Mobile: Is it also meshed?

Thomas — Wed, 26 Dec 2012 11:56:00 -0800

The ascendancy of mobile devices like smartphones is clearly a market trend. We always like to talk to innovators, so here's how one innovator sees a way to provide more reliable connectivity with a meshed approach.

More and more Internet-connected devices have been showing up, many running wifi-capable operating systems, leading analysts to start discussions on the "Internet of Things". Some insightful technologists are embracing these trends. They like getting ahead of the curve and challenging big established monopolistic companies with innovative approaches, that help us scale and extend the usefulness of these connected devices, often for purposes that are not directly related to making a profit, but still benefit our global society. Gandi does things like that all the time, so when we meet like-minded people, we want to hear what they think. Josh (m0nk) Thomas is one such innovator.

The self-described "breaker of things", Josh has created a kernel module for Android that implements a wifi mesh network with smartphones. I caught up to him at a mobile security conference recently, and we got to talking. Here's what he has to say about his work.

Gandi: The SPAN project links wifi capable smart phones in a mesh network. Why did you create it?

m0nk: Before the project, I always felt slightly skeptical about our societal reliance on the cellular infrastructure. The service providers do a wonderful job, but in the end they are for-profit corporations, focused on ROI and the like. I honestly commend them on the reliability they have attained, but it's far from 100%.
Then Fukushima happened. I was taking paternal leave from work as my son had just been born, and the Internet just exploded with news and heartbreak. The one story that really got me was a YouTube video of a family trying to call each other to say "Hey, I'm alive". The cell phones just said "no service". I remember thinking, why are we so reliant on a technology that doesn't support us when we need it most?
I started doing research. I learned that the worldwide cellular infrastructure is designed to handle only 80-90% capacity. In almost every major catastrophe, the network dies. I also learned that most emergency management personal rely on the cell infrastructure, so it isn't just families not being in communication, it's the people trying to help and manage the crisis as well. I decided it was time to fix this problem, or at least attempt to show the world it was fixable.

Gandi: So who does the SPAN project benefit?

m0nk: I'd like to think it has the potential to benefit everyone with a cell phone. It's my belief that meshed cellular communication should be ubiquitous across the globe, and anything I can do to promote that cause will get us one step closer to never losing communications again.

Gandi: What’s the biggest barrier to adoption of the SPAN project?

m0nk: In America, we like to think positively. We don't really ever consider disaster striking so we never really think about being prepared. Those that do think about it are sometimes labeled as "crazy". Though some are, the entire mentality is usually dismissed from the public consciousness. That's a barrier.
In the end, all people need to do to adopt SPAN is download and install an application on their phones that they will hopefully never use. To be realistic, I just don't see that happening en masse.
Therefore, I am hoping to one day catch the eyes of Google and Apple, and let them adopt the technology into the backbones of the actual production phones. I can show them it's simple software running on their phones (so the cost is low), but I cannot provide them with an impetus beyond "it's for the greater good".

Gandi: Does the proliferation of Internet-connected devices make mesh networks more or less important?

m0nk: Probably more. The more reliant we as a global society are on the Internet, the more important it becomes for daily life. If connectivity is removed, the effect increases with the number of devices that rely on it.

Gandi: What do the carriers (ATT, Sprint, etc) think of your project?

m0nk: I've heard the full gamut from "Hey, that's really cool" to "It does VoIP and free internet tethering, we DO NOT approve". They might fight the project, since it shows there is a potential problem, and the technology allows for bypassing the network for VoIP calls. As someone who pays the bills, I wouldn't really fault them for protecting their public image and revenue stream. I just think it's short sighted.

Gandi: Do you have any allies in the Internet industry?

m0nk: Not really, I'm just a guy with a loud mouth who got a little bit of FFRDC funding to explore this concept. I spend most of my mesh time these days evangelizing the technology and trying to raise awareness.

Gandi: Is security of mesh networks a problem?

m0nk: It depends on the deployment. For situations like the Arab spring, very much so. If the government shuts the Internet down to keep people from organizing, you have to expect they will also monitor and track the mesh network if they can. Oddly enough, emergency response personnel also need security, to avoid terrorist snooping, for example. For a general deployment across the landscape, I'd expect security would actually come second to bandwidth.
In the end, we have spent a ton of time working the security angle of the project. We have some code and a lot of ideas. What we lack is time and sponsors to solve it.
I am trying to prove a point with the SPAN project, namely "Mesh networking is a viable alternative / backup plan for emergencies and we as a global culture should adopt it." I'm not trying to say that SPAN itself is the answer, it is solely my implementation. Maybe someone will be as riled up as me, and solve the security problem before we do. That would be awesome. If not, we will solve it in due time.

We at Gandi love to hear what the leading edge people like Josh are up to, and to help out when we can. As the technology evolves to make innovations like mesh networks possible, Gandi will do it's part to promote them for the common good.

Here is some more information on Josh's work:
Presentations by Josh
SPAN Project Code
Amphion Forum Powerpoint

WCIT ends, the Internet goes on

Thomas — Mon, 17 Dec 2012 16:33:00 -0800

In an interesting twist to the World Conference on International Communications in Dubai last week, the US and it's allies walked out and refused to sign the treaty proposed, since it amounted to regulation of the Internet by the ITU. What does this mean for the future of the Internet?

When we wrote about Gandi lobbying the US Congress for better laws to safeguard the Internet, we anticipated that some countries would attempt to assert control over the free flow of information for their own purposes. Well, it's happening, and the debate is complex, with billions of dollars at stake. The governance model that is emerging, though, is "multistakeholder", where lots of interested parties have to cooperate to get anything done. This model is what has allowed the Internet to grow up till now, and governments and standards bodies are struggling to fit this concept into their world views.

The past couple of months have seen Syria slice the connection to the Internet for the whole country, officials in Egypt banning some content as obscene, and most recently, the International Telecommunications Union attempt to gain power as a regulatory agency over the Internet at the WCIT.

All of these attempts to centralize control and police the global communications network underscore of the importance of the Internet as a social force. As governments worry that their populations can access information without restriction, and agencies like the ITU come to grips with the fact that technology has outstripped their abilities to adapt their regulatory frameworks out of the telephone age, the Internet itself has defied (in most cases) these attempts at regulation, and grown, using the multistakeholder model, thanks to the efforts and committed advocacy of many disparate organizations.

The Internet Infrastructure Coalition, of which Gandi is a founding member, actively disagrees with the ITU approach. In the last hours of the WCIT a new treaty was put up for vote that gives the ITU a greater role in governing the Internet, and some 70 countries signed up. The ITU declared victory and moved on, but the fact remains that without consensus there will not be a change in the governance of the internet. That's a good thing, since the multistakeholder system is working, and allows the contribution of many parties. The ITU has the opportunity to prove it's worth in that model as does the i2Coalition, the EFF, and every other body of officials, technologists, and members of civil society that wants to advocate for Internet development along a given path.

Gandi looks forward to the next opportunity to contribute to the development of an Internet that is accessible to everyone, and where information from everyone to everyone flows freely. We all have a role to play.

Gandi's New SSL Certificate Features

Thomas — Tue, 04 Dec 2012 20:35:00 -0800

Are you familiar with Gandi's SSL Certificates? We offer them for a single address, or wildcard (multiple addresses) in three types, and they can be used on domains at Gandi, or our hosted systems. Now, though, we offer them for anyone who has a domain, with Gandi or not!

Gandi has been a Certification Authority (CA) since 2008 and, as such, we can create X.509 SSL certificates, which should satisfy the pickiest of users. Our first priority in becoming a CA was to offer our customers a way to secure the domains they registered with us. That's not changing: we will still give you a standard certificate for your domain, free for the first year.

We next added more types of certificates, at a very competitive price, let you get even better security and validation for your customers. Now we are doing it again, adding Multi-Domain certificates and opening our SSL offering to protect domains registered anywhere, not just at Gandi.

We've also upgraded our SSL ordering systems, making easier than ever to use and track the validation process. With the new process, you must provide the CSR at the first step. This serves to validate, before payment, that you can get a certificate, and that the domain you want to protect is valid.

You can also choose the DCV method that suits you. As a reminder, DCV (Domain Control Validation) is a way to prove that you have the rights to the domains to be protected.

There are 3 DCV methods:
DCV by DNS, (where you add a particular record to the DNS zone of the domain in question), DCV by email (when replying to a particular address we send you in the subject field) and DCV by file (where you copy a file onto the server hosting the address to protect). These three methods are easy to implement and quick to confirm. In cases where the domain concerned is registered at Gandi, and you have the rights to modify the DNS zone for it, then by DCV by DNS will be configured automatically, without your having to lift a finger

Also, if you choose a Standard type certificate, the validation it will be done immediately following the DCV. For Pro and Business certificates, validation will be completed with paper.

As I mentioned earlier, we have also expanded our offer by adding a new type of certificate . These Multi-domain certificates allow you to protect multiple addresses, like the wildcard certificate, but they can also protect addresses in different domains. Our Multi-domain certificates are available in 3, 5, 10 and 20 address versions, and are of types Standard and Business (not Pro).

An order tracking page has been added, where you can now follow the creation of your certificate step-by-step, see where the process is and, if necessary, perform an actions to move the process forward, such as resending DCV emails. Once the certificate is issued, you will have access to the certificate in the same way as with other product pages at Gandi.

All this is clearly explained in the SSL section of our documentation wiki, which has been fully updated for the occasion

Also note that the public API will soon have the 'certificates' methods added.

Finally, and since it's Christmas, here are 2 bits of good news about the price.

The first is that if you buy a certificate for two years or more, you will automatically receive a 15% discount on the price . And, since for the Pro and Business certs require paper identification procedures that can take time, we advise you to opt for a muti-year certificate if you need one of these types.

The second bit of good news is that a brand spanking new promo code [ CERTSTD50 ] is available to you, dear reader. With it, you will receive a 50% discount for any certificate of type "Standard, one address" for 1-5 years. This code is valid until 31 December 2012.

Setting up your domain with Google Apps Has Just Been Made Easier

Thomas — Tue, 04 Dec 2012 15:27:00 -0800

If you want to join the thousands of users who use Gmail, Google Docs, and all the Google Apps on your personal domain, Gandi just made it really easy. Find out how!

A few years ago, when Gmail was gaining in popularity as a free email platform, Google started releasing complementary applications to go along with it. Google Apps, as the collection is called, has since become an invaluable resource for millions of business users.

The fact that you can economically use Google for company email and collaboration, including Google Docs, as a paid SaaS (Software as a Service) offering has made it a vital competitor to in-house offerings from Microsoft like MS Exchange and MS Sharepoint.

Previously, if you wanted to use Google Apps with your domain, some specific MX records needed to be added to your DNS zone file. If that doesn't scare you, and your domain is at Gandi, then you can easily do it yourself following instructions here. But starting today, things are changing for the better!

In the same way that Google has made the Internet accessible to millions by making it easy, Gandi and Google have partnered to automate the changes to DNS. Now with this new innovation, you can configure the domain for Google Apps with the touch of an authenticated button. No more editing the zone file, copying and pasting records. Thanks, Google!

Phishing and your domains at Gandi

Thomas — Mon, 26 Nov 2012 11:48:00 -0800

The trend in phishing attacks affects your Gandi account, but not in the way you might expect. See what the trends are that drive this malicious activity, and how it affects your online presence at Gandi. First of all, what is "phishing"?

It's basically the theft of your credentials (user name and password, credit card number, bank account numbers, etc.) by people who then sell that information to other parties. It's then used for other more serious crimes like robbing banks, identity theft, international terrorism, and good old fashioned fraud.

While most phishing is aimed at banks and other financial institutions, we have seen some aimed at Gandi customers. This might seem odd, since Gandi has all low-value transactions. We also don't store any credit card data, paypal logins, or anything really intrinsically valuable that would help a hacker access your account at a financial institution. Why then try to steal your Gandi account?

The answer lies in what you have already bought at Gandi that does have intrinsic value: your domain name.
Phishers want to impersonate banks and financial entities, and they don't want to be caught. If they register a domain for this, Gandi generally shuts them down pretty fast, and the contact data and other information they enter can potentially be used to track them down. It's less useful than a legitimate domain with no visible connection to them, that is... your domain.

Recent trends in phishing attacks tend to bear this out. The first half of 2012 saw a large increase in the use of hacked domains for phishing attacks, and a decrease in the overall number of domains registered for phishing purposes. The phishers are smart, and they are after your Gandi account. They want it so that they can use your legitimate domains for no good purpose.
Everyone should use caution: use a strong password. Never share your password with anyone. Use different passwords for your email, Gandi handle, and online bank accounts, etc. Never click on links or attachments in email unless you are sure of where they come from and where they go. Don't be a Phish!

Why choose Simple Hosting for your website?

Ryan — Mon, 26 Nov 2012 10:03:00 +0100

We're glad you asked!

More and more customers want to know how Gandi Simple Hosting differs from shared hosting offered elsewhere. We know our platform can seem a bit alien compared to other webhosts, and we promise to provide the more detailed technical description we think it deserves very soon.

In the meantime, here are the basics that make us different.

0) It's not shared hosting

It might feel like shared hosting from a management perspective, but under the hood, Simple Hosting is a completely different platform. Unlike with shared hosting, your neighbor's usage can't degrade the performance of your instance, nor can your getting reddited alter theirs. This is because each instance is isolated from its neighbor. The number and size of your databases, the number of virtual hosts and so on are essentially unlimited; you are only restricted by the power of the pack you choose and the size of your disk (10 GB to 1 TB).
Simple Hosting, driven by the same technology as our VPS cloud hosting platform, comes in the form of a virtual container that is as isolated as it is flexible. Each instance type is made with a specific language and database in mind; it's designed to be sturdy and easy to use in a specific context.

1) Varnish-driven power.

An instance is composed of three primary elements: a webserver, a MySQL server, and a Varnish cache. We get a lot of reactions from people who would scoff at the S pack's limit of two active, simultaneous processes. But here's the thing: the Varnish cache eliminates the need to serve every request with an active process. Indeed, a significant portion of your website's requests are served straight from the cache. The number of active concurrent processes needed will depend on what you're hosting, of course, but most CMS and forum sites are super fast with Varnish behind them.

2) Our cloud can beat up your cloud.

Yes, we know it's a buzzword. All it means is that your instance is not subject to the limitations of a physical machine (which we happen to find quite liberating). In the case of a hardware problem, your instance is automatically moved to another server. It also means more flexibility: you can increase the size of your instance from an S pack to an XL pack for a week, for example, and then switch back down to an S pack if the demand on your content subsides, all without having to worry about migrating your data.

3) It comes with everything we've got.

We've been working on new features for the last few months, chosen based on user feedback. SSH console access and the option to customize PHP.ini are already available, and the ability to host multiple domain names on the same code, snapshots, GIT and SSL support are coming soon. An instance comes with all available features, regardless of pack size or commitment.

4) More instance types are in the works.

As we finalize these major improvements, we'll also soon be able to offer new instance families based on other languages and databases. PHP/PostgreSQL instances should be available soon, as well as node.js instances. We're also working on developing a platform based on the language Gandi itself is coded in, Python.

Still unsure? Try it for yourself! Until 15 December 2012, the promo code PAAS75 will get you a size S pack for one month for $1.25 / 1,00€ (plus VAT if applicable) – that's a 75% discount with no commitment. (One promo per person please.)

How Gandi does marketing without advertising

Thomas — Tue, 13 Nov 2012 09:03:00 -0800

The fact that we don't advertise or every pay for positive mentions makes for an unconventional marketing approach here at Gandi. We thought some of you might appreciate knowing how we go about meeting these challenges, while you are bombarded with ads from other less strictly ethical companies.

Most marketing efforts are a combination of inbound and outbound approaches. Print, media, and Internet Pay-Per-Click (PPC) are combined with SEO, social media and publicity to make a well-rounded campaign, with hooks to build a community of common interest.

What happens when some of these tools are simply removed from the toolbox?

I work for a company who has actually publically stated that we will never pay someone to say nice things about us. That is, we will not pay professional bloggers, buy advertising in print or media, or do any PPC.
That’s actually a challenge for an Internet company, especially one selling in an incredibly competitive market like web hosting and domain name registration. How do people even know you exist? How do you generate awareness if you can’t even buy a banner ad with your name and logo? Is it even possible to build awareness in this context?

The answer is that yes, it is possible. But that does not mean it is easy. There are specific approaches that work, some that don’t, and you definitely need to be patient. The good news is that your marketing budget, while not zero, won’t be broken if you do it right.

At Gandi we have focused historically less on publicity and SEO than on building a community, and around making our products appealing in a context of minimal or even zero promotion. A lot of people know us for our tag line: “No Bullshit”. As a pledge of honesty it means, in effect, that we don’t pester our customers with upsell opportunities, sell their data to marketing partners, or otherwise try to leverage the commercial relationship in any way other than providing service in exchange for a fee.

We really believe in the No BS philosophy, and we think many more people would take to it if they only knew we existed. How then to get the word out?

To make more people aware we exist, in the last year we have focused on generating that awareness. This meant that when we released new products or features, we made press releases. We actually had not done that for a couple of years. We re-vamped the front-end of our web site to be more eye-catching, with subtly improved workflow, without actually changing the overall organization. This both gave the customer a better user experience, and generated a feedback loop with our user community. We re-organized the online product documentation to be more easily searchable and SEO-friendly.

We have had some social media presence, mostly on twitter, for a while. While it was a good, solid base of followers, and an excellent feedback channel, we decided to push the envelope a bit. This past spring we offered to reward followers with free t-shirts. While it’s almost like paying someone to say nice things (are follows nice?), we decided it was actually a kind of giveaway to build the community, and still far enough from actual advertising that we were comfortable with it. That choice did generate some critical questions from users, but a lot of people liked the t-shirts, too, and our follower base increased significantly. The community is now richer for it.
We combined this with a company facebook and Google+ page, opening more channels for user engagement and feedback.

One of the more pleasing consequences of the no BS policy is simply that we need to rely more on actually delivering value. We found that when we actually deliver useful, high-performance products with innovative technological approaches, it helps us generate awareness.
People like talking about things that are cool, that take some intellectual effort to understand and explain, and above all work well and efficiently. Intellectually engaging subjects make for good blog posts, and if the products also work well, and solve a problem, then people enjoy using them more, knowing that they have an advantage driven by innovative technology. That makes for satisfied customers, and that is who spreads the word.

I’m leaving out a lot here. Gandi also builds communities through sponsoring non-profits, for example. And of course you can’t have a good reputation without having great support, making your site search-engine friendly, and adding the features people need in your field, and that your competitors have or will soon have. All that comes with the territory. We are doing all of that as well.

The point here is that not harassing your customer base to buy more, not making claims or slogans in advertising that your real customers know to be misleading, and basically just providing good value for the money without claiming to do more, are all marketing advantages if you can find honest ways to talk about them. You don’t really need outbound advertising in this context, but you do need to use the tools of publicity, SEO, and social media to spread the word.

The i2Coalition is acting for the good of the Internet

Thomas — Mon, 05 Nov 2012 17:18:00 -0800

Working on anti-SOPA legislation, Gandi is helping the i2Coalition to influence public policy on the Internet.

I was encouraged to read Christian Dawson’s latest blog about the i2Coalition attending the ICANN meeting in Toronto last month, and the work that the coalition is doing to internationalize the work done by the coalition. Gandi is a founding member of the i2C, and some of that work has fallen to me. It struck me that the coalition represents a new political shift, and that we all need to be aware of and participate in that shift, if the freedom of information we enjoy on the Internet is to survive.

I’ve been working on the public policy committee, reviewing upcoming legislation from Rep. Loftgren on safeguarding the things about the Internet we value the most: the free flow of information, commerce, of course, and the protection of individual privacy. It’s clear that this legislation is needed, as public policy to date has been largely about restricting information flow. Most of what I have to say about the legislation is that it does not go far enough to ensure its goals are met, though it is a good start.

The public policy of China or Russia with regard to the Internet is mostly about control and restrictions. The USA has not done this (yet), but the actions of RIAA have been about controlling content with legal action. Regardless of how you feel about copyrights, it seems clear that unless we have an informed and insightful body of law to protect the information flow we all enjoy and rely on, the only actors in forming policy will be those that are concerned with denying access to that flow of information.

Or at least making us pay for it, which for a large part of the world means the same thing.

The successful actions against SOPA/PIPA early this year by a few insightful companies and individuals has led to Washington acknowledging a new political reality: the Internet is a critical piece of the economy. Without the free flow of information it enables, much of today’s commerce would stop, and people worldwide would lose access to information that they need to run their lives, make decisions, and stay in touch with family and colleagues.
It is companies like Gandi and the other i2C members who make the Internet work, and we now have a measure of political power in that position. It’s up to us to use that power responsibly, productively, fairly, and for the right causes.

We are doing just that.