Author Archives: SF_Hana

Happy Diwali 2018: Festival of Lights

May the Divine Light of Diwali spread into your life Peace, Prosperity, Happiness, and Good Health. Wishes you a very Happy Diwali!

In conjunction with Deepavali Celebration, Serverfreak Management Office will be closed on 6th November 2018, (Tuesday)  Our office will reopen on February 7th November 2018 (Wednesday). Enjoy your Holiday.

Happy 61st Independence Day Malaysiaku!

Happy 61st Independence Day Malaysiaku! 🎉🇲🇾

It is truly a blessing to be born in Malaysia because we have a rich culture and amazing exposure to different facets of life.

Celebrating another Independence day of Malaysia with high spirits. Wishing you Happy Merdeka Day from us #ServerFreakteam.

May we all continue to prosper and continue to love our nation.

#SayangiMalaysiaku #tanahairku #iniKITAPUNYA #61stcelebration

During this National Day, our technical support team is available to assist you 24/7 through our helpdesk. Please submit your ticket to or submit a ticket directly from our website helpdesk!

Web Application Firewall ServerFreak Hosting

Hi Readers,

You may be heard about SSL (HTTPs) and the website security enforcement recently. Its no doubt that website security will be the most talked topics in the digital world. Today, the total number of websites is reaching about 1billion and the number increasing from time to time.
Online security expert estimate that there is still more than 80% of online website that contains at least one serious vulnerability.This shows that 15% of online website has at least one critical vulnerability

Even Google states in its State of website security report for 2016 that the number of hacked sites rose by a third in 2016 and that this trend is not going anywhere soon. Website security tools usually aim to discover backdoor files hacks, Trojan viruses, redirect hacks and more.

That’s is the main reason why we at ServerFreak choose to apply Web Application Firewall (WAF) to our servers for all our clients.


What Web Application Firewall (WAF) and what does this firewall do?

A web application firewall (WAF) is an online security solution that filters out bad HTTP traffic between a client and web application. The WAF monitors, filters, and blocks unwanted HTTP traffic that is going to and from the web application. Web application firewalls are common security control to protect web application against zero-day exploits, and unknown vulnerabilities and attackers.

Through customized inspections, a WAF is also able to prevent cross-site scripting attacks, SQL injection attack, session hijacking, and buffer overflows, which traditional network firewalls may not be capable of doing.  In other words, a WAF is a layer of protection that sits between your website and the traffic it receives.

This is is how  Web Application Firewall (WAF) works

The WAF is deployed as a hardware appliance on the online web server or server plugin that runs directly on web servers. It intercepts all HTTP request and analyzes each of them before they reach the web server for processing.

The WAF will block to prevent any illegitimate traffic from reaching web server. We hope with this new Web Application Firewall it can help improve website securities. We hope with this implementation it can help improve website securities and reduce the number of compromised website.

Subscribe to our package to enjoy this Free Web Application Firewall TODAY!

contact us to learn more

Happy Chinese New Year 2018 : Year of the Dog

Have an enriching and pleasant Chinese New Year. May this new year helps you fulfill all your dreams!

In conjunction with Chinese New Year, Serverfreak Management Office will be closed from 15th February 2018, (Friday) to 18th February 2018(Sunday). Our office will reopen on February 19th (Monday).

Gong Xi Fa Cai from All Of Us At ServerFreak !

Meltdown & Spectre Security Vulnerabilities

Hello Readers!
Here we are in 2018, as we are just about to enter 2018, our newsfeed is filled with this alarming issue. By now, you have probably heard about securities issues called Meltdown & Spectre,  that have wreaked digital havoc and mass of confusion in their wake. Earlier this week, security researchers release official documentation – complete nicknames and logos-of two major flaws found in nearly in all modern central processing units, or CPUs.

The flaw name Meltdown & Spectre were discovered by Security Researchers at Project Google’s Project Zero in conjunction with academic and industry researchers from several countries.

Meltdown and Spectre are the name of two (2) serious security flaws that have been found in within computer processors. This Meltdown & Spectre allows cybercriminals to steal sensitive information from almost any computer, mobile device or even from the cloud. Not just that, this affects all current Intel, ARM and AMD processors, regardless of the devices.

Sounds Scary right?

The great news is patched have been created, to protect many affected systems and products and efforts are underway to update others.  While the bad news is these fixes might slow down computer performance.

In order to understand where did, these threats come from, you first will need to understand the behind the scene process called speculative execution.

These speculative execution lets devise do some work ahead of time to speed up the routine task. But, it also creates a security vulnerability nobody expected.

Let’s imagine that your computer as a restaurant and you are the Cook. Every day you will see a pattern of your customers ordering the same menu for breakfast. Eventually, you will make order ahead of time to ensure the breakfast is ready when a customer comes starts to come. But how about if that regular customer decided to order different menu one day? Now, you as the cook will have to throw away the prepared breakfast and start over.Speculative execution works in a similar way.

Whenever computers perform calculations that aren’t actually needed, the results are thrown away.  This data ends up in an unsecured part of the computer’s cache memory, where unauthorized users can access it through a side channel.

What are Meltdown and Spectre?

Meltdown is a security flaw that could allow hackers to bypass the hardware barrier between applications run by users and the computer’s core memory, which is normally highly protected. Meanwhile, Spectre is slightly different. It potentially allows hackers to trick otherwise error-free applications into giving up secret information.

Why Data Left Unsecured?

Previously, back in 60’s computers were very self-contained and there is no way to see data being thrown away. Nobody thought it was a risk, and it was never secured. But, nowadays, computers and mobile devices share system resources with many applications and environments. Sharing is good, but when unprotected data from speculative execution ends in shared memory, it can become a serious issue.

Like robbers trying to rob your house, these cybercriminals will try hard to look for a loophole and use a side channel to sneak in and hijack data.

Even, worse, they can trick computers into loading any data like passwords and account information into the shared memory so they can steal it.


So what’s being done about Meltdown and Spectre?

When researchers identified them, they brought them to the attention of major technology companies. Hundreds of engineers came together to create patches that block Meltdown and Spectre attacks. It’s critical to install these patches right away and stay up to date with the latest releases of operating systems.

“Intel has begun providing software and firmware updates to mitigate these exploits,” Intel said in a statement, denying that fixes would slow down computers based on the company’s chips. “Any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.”

In the future, system designs will change to eliminate these kinds of vulnerabilities for good. The reality is, computers will always have some securities issues. That’s why it’s so important to have as many engineers and developers looking for them as possible, and for companies to come together and solve problems that affect us all.

What can I do about it?

Update your computer with latest security fixes as soon as possible and as mobile users, you should receive updates from your manufacturer.

Apple has advised customers in a blog post to update their devices’ operating system and only download software from “trusted sources such as the App Store”.

ServerFreak Servers

Majority of our servers are patched now, where some older OSes are waiting for our vendor to patch it to the latest stable version. A kernel update required a server reboot. Please expect a 5-20 mins downtime on each server reboot.

We will also help our managed server clients to update the kernel and windows updates, which we will schedule in waves, and out of hours.

Following the reboot, it would also be advisable for unmanaged customers to update their virtual machine’s to secure them too if you are unsure how please contact our support team who will be happy to assist!

Read more here on our Meltdown and Spectre patching announcements

Related topics  How to avoid Chrome Browser’s ‘Not Secure’ Warning

CloudFlare Railgun – Accelerate your website


As the world is reaching towards digital era, this requires mass data of information to be transferred every day, there is a need for technology boost so that information and dynamic content able reach user faster than before. In addition to uptime, website loading speed is crucial to the success of your online business. Hence why CloudFlare is widely use around the world. CloudFlare can be used by anyone with a website and their own domain, regardless of your choice in platform.

Read more here What is CloudFlare

Now that we don’t have to worry anymore.

Railgun is the CloudFlare’s latest performance optimization technology that gives you significant improvements in site load times. The great news is, this special technology is offered free of charge to Cloudflare enabled domains.


Here, how this works.

Railgun improves the performance of the domain by caching content on your website that has usually been uncacheable. 

It does this by tracking changes to website’s content on the byte level and improving the connection between ServerFreak’s servers, Cloudflare’s servers and the visitor to your website.  Many can enjoy benefits from this technology, especially, a site with slowly- changing content would benefit the most from Railgun.  


Technically, Railgun uses a different compression technique to speed up the website performance. It authorizes traffic through a special protocol that would normally travel between Cloudflare and your web server over HTTP, which speeds up and secures the connection.

According to Cloudflare, this has resulted in a 730% performance increase where it successfully achieves 99.6% compression ratio on average.  As a result, an average website can expect a 1.43x performance increase.


In short, Railgun transfers only the changes in markup from one request to the next instead of transferring the entire request between Cloudflare and your environment.  Thus, this cuts down on bandwidth, transfer time and overall page load times. Railgun caches these difference in memory to make page processing as fast as possible.


What does this mean for ServerFreak’s Clients?

As CloudFlare Optimized Partner, we deliver their simple, yet effective solution to help protect and accelerate your website. ServerFreak’s clients can quickly and easily activate CloudFlare for their website. Simply let us know if you wish to activate Railgun on your website today.

This is Great, How to subscribe this Railgun?

We take performance and security seriously, and this new Partnership with CloudFlare only strengthens our dedication to speed and security for our customers.

Check out our hosting plans with CloudFlare, or contact us today (


Related links :

What is CloudFlare

How does CloudFlare’s technology work?

What types of websites can use CloudFlare?

Is Cloudflare available in cPanel or Directadmin?




Happy Deepavali 2017 : Celebrate The Spark of Diyas

Happy Deepavali to all our Hindu friends and their families! Wishing you a sparkling year of joy ahead!

May your Diwali be a rangoli of lights brightening up your home with happiness & prosperity.

Please be informed that our company will be closed for Deepavali from on 18th October 2017 (Wednesday) and will resume business as usual on 19th October 2017 (Thursday)

How to avoid Chrome Browser’s ‘Not Secure’ Warning

Hi Readers!

2017 brought a number of changes to Google’s online security policy as they are working towards enforcing a secure internet.

Cyber hackers can easily encrypt information from user’s web browser to the web page’s server if not protected. Thus, Secure Socket Layer has been introduced to ensures users can browse and enter their private information without it being compromised.

Related post: Why you need SSL,  Google Chrome to label Sensitive HTTP pages as “Not Secure”

Website owners especially websites that collect credit card information and password have been warned to apply Secure Socket layer to their site since September 2016, starting in January, Google started labeling some HTTP website as non-secure. Website owners may risk a lose search ranking and organic traffic as Google announced in 2014, this HTTP will be part of their ranking signal other than to gain user trust and security. There are steps that need to be taken to avoid losing search traffic and ranking. Here are Google’s recommendation on Site moves with URL changes


Coming this October, Google Chrome will explicitly label any HTTP web page containing a text input field (such as a search bar) as not “Not Secure”. Consumers will see a “Not Secure” warning and icon in the address bar when unsecured (HTTP) web pages that collect data load. Consumers will also see a “Not Secure” warning on any web page they browse to in incognito mode.


How Can You Tell If You Have an SSL Certificate Installed?

Type into your Google Chrome browser

If you see the green lock, this is good and means that you do have an SSL certificate installed.
If you see the red warning, this is bad and means you don’t have an SSL certificate installed.

We highly recommend you take action and obtain an SSL certificate for your website before Chrome 62 roll-out this October.


Here what you can do :
If you have already owned a website, you can purchase SSL from us here:

Pre-Sales FAQ

1) I want to start a website with SSL. Which package should I subscribe?

Semi pro and above. Our hosting package here shared hosting

2) If I have SSL cert, can ServerFreak help us install this cert? How much will you charge?

Yes, do provide us the SSL cert and we will help install for you. RM 95.00 is charged for setup fees.


3) I want to install SSL to my sub- domains too. Which SSL package should I subscribe?

Positive SSL Wildcard Rm550/year exclude GST + RM 95.00 Setup Fees exclude GST

– 1 Domain with Subdomain


4) Should I install SSL with ‘www’ or without ‘www’?

The SSL certificate can be installed in either ‘www’ or without ‘www’. If you install the cert in ‘www’, your site visitors will see invalid cert message when they try to visit because the certificate must match the address they visit.

5) I have a website with ServerFreak, but my website still appears to HTTP, what should I do?

Let us know your domain name and we help check for you. If you are currently on Basic and Value package, we would highly recommend you to upgrade Semi-Pro package and above comes with Free Unlimited SSL.


6) What is the difference between Free SSL in Semi-Pro and Postive SSL ?

The difference is Free SSL in Semi Pro is auto- updated every 3 months and do not have a warranty. Positive SSL comes with $10,000 Warranty and updated every 1 year.

7) I have purchased your SSL and has been install. How to verify this SSL?

You can verify the SSL validity via SSL Shopper
Have more questions? Reach us





Salam Aidilfitri!

Serverfreak wishes all our Muslim clients Selamat Hari Raya Aidilfitri, Maaf Zahir & Batin

May you have lots of a great time during this festive season.

To celebrate this joyous occasion, our office will close on 26 & 27th June 2017 (Monday and Tuesday).  Our business shall resume on 28th June 2017 (Wednesday).  Shall you experience any technical difficulty, don’t fret! Our dedicated support team is reachable at helpdesk 24×7 or you may also submit your ticket to or submit a ticket directly from our website.

Have a safe balik kampung journey … Oh Oh… Balik Kampung ~~…