Accessing & Editing Your Files

Introduction

Smooth Stone Services is dedicated to providing you with exceptional services without compromising on security. Often times, web hosting providers will provide users with easy access to edit their files without taking the time to implement important security measures. This is both dangerous and irresponsible.

Regular FTP connections are dangerous because they allow clients to make an unencrypted connection to the server, making it easy for anyone in the middle of the connection (a hacker, or a "bad" network administrator at your home Internet Service Provider, for example) to "sniff" it and to steal your files or worse, hack into the web server. Smooth Stone Services provides two mechanisms for its clients to upload and edit their files:

1. SFTP
2. SCP

Both of these mechanisms use the same login credentials and create a secure connection between our server and the client, whenever the client connects, using a protocol known as SSH. SSH stands for Secure Shell. You can think of this as being similar to a HTTPS connection when you make a purchase online. You wouldn't submit your credit card information to a website that doesn't have HTTPS enabled, would you? We feel that your website data (and passwords) is important too!

 

Accessing your files

In order to gain access to their files, we ask our clients to do a couple of things:

1. Use a program that has SFTP or SCP support built in. Most regular FTP programs also come with SFTP support. If you are unsure, we recommend any of the following open source SFTP / SCP clients for Microsoft Windows users: WinSCP FileZilla
2. Generate a "public / private key pair" and send us your "public key."

Please note that we do not provide access to our server with a username and password. A username & password based authentication method is typically safe, but it has one major downfall: It's possible that someone could brute-force into a server by guessing a user's password. While Smooth Stone Services has brute-force detection in place, we have also decided to take our server's security a step further and completely disallow password-based authentication. This is where "key-based authentication" comes in handy. Assuming that your "private key" is safe on your own computer, it is impossible for anyone else to gain unauthorized access to the server. Without the private / public key, it is impossible to log in to our server!

Generating a public/private key

1. To create a public/private key pair in Microsoft Windows, we recommend using "PuTTYgen." You can download it by visiting http://www.smoothstoneservices.com/helpful-utilities. After you download PuTTYgen, please open it and follow the instructions.
2. When the key has been generated, you should see a long random string of letters, numbers & symbols under "Public key for pasting into OpenSSH authorized_keys files." Please copy this Public Key and paste it into a Support Ticket, or send it to us in an email, EXACTLY as it appears. Please save the "private key" into a safe location on your compute, and do not share it with anyone - even us. After we have added your public key to our server's configuration, you will be able to reference your private key when you use an SFTP program (like the ones listed above) to access your files!

Accessing your Email

Smooth Stone Services provides two ways for your to send and receive email.

 

Webmail

To check your email using our webmail system, please login securely at https://www.smoothstoneservices.com/webmail, and enter your full email address as your username, and your password. If you are unsure what your password is, please contact us by submitting a Support Ticket at https://www.smoothstoneservices.com/support.

 

Mail Client (e.g. Microsoft Outlook, Outlook Express, etc...)

When using a Mail Client, we recommend that you use IMAP. Here are those details:

 

• Server: mail.smoothstoneservices.com
• The encryption should be set to STARTTLS on port 993
• Your username is your full email address (example@your-domain.com)

 

Smooth Stone Services hosts an encrypted POP3 / SMTP server as well. Below are the details, if you would prefer to use POP3 over IMAP.

• Incoming mail server: mail.smoothstoneservices.com
  • This must be set to require authentication on an encrypted (SSL/TLS) connection.
  • The Incoming server (POP3) listens on port 995
  • Your username is your full email address (example@your-domain.com)
• Outgoing mail server: mail.smoothstoneservices.com
  • You should use the same settings as your incoming mail server.
  • Our Outgoing server (SMTP) listens on port 587, and requires an encrypted (SSL) connection.
  • Again, make sure that your username is set to be your full email address.

Please note that the default is usually port 25, so you will need to make sure you change this in the Advanced section when you create / edit your email address.

Database Access

As a web hosting provider, we provide all of our clients the option to use MySQL databases. While we do not provide MySQL Command Line access, we do offer access to phpMyAdmin behind a secured (SSL) connection. You can also use PHP scripts to populate your tables.

 

In phpMyAdmin, your username and password are the same as your database username & password. Please contact us for the URL if you do not already have it.

 

If you need further assistance, please open a support ticket.