Free Ecommerce/Web Dev Security Training

ecommerce secuirty course
ecommerce secuirty course

This training program is conducted in partnership with Isaac Sabas and Jonathan Mantua of Pandora Security Labs. (offers advance IT security training and provider of WebRanger – an online security monitoring and attack blocking service)

Training objectives:

  • Learn about web application security threats and how to mitigate them.
  • Learn and apply secure programming best practices.
  • Learn and perform web application testing.

Target audience:

  1. Entrepreneurs who would like to under how e-commerce security works and become tech-savvy when dealing with web developers and Internet security specialists.
  2. E-Commerce developers who would like to level-up their capabilities by building and maintaining secure websites.

More Details:

Philippines Network Operators Group (PHNOG)


Philippines Network Operators Group (PHNOG) is a non-profit organization established to promote coordination among Network Operators in Philippines. Focus is given to knowledge development of all members as well as the Philippines IT community as a whole through discussions on technical issues/concerns regarding the Internet and network management.

This coming January, PhNOG will hold a conference themed \\\’All over IP\\\’ (AoIP) -touching the different facets of Internet, entwined to our daily lives. Maybe unknown to many, almost everything is over IP. Local and foreign experts will share their knowledge and experiences that will enable the continuous development of the Philippine Internet.

PHNOG Conference 2016


The Department of Science and Technology – Advanced Science and Technology Institute (DOST-ASTI), in partnership with the Philippine Network Operators’ Group (PhNOG), and Trans-Eurasia Information Network (TEIN) Network Cooperation Center (TEIN*CC) will be conducting a one (1)-day Conference with the theme ‘”All over IP’ (AoIP) – touching the different facets of Internet, entwined to our daily lives” on 25 January 2016 at the Marriott Grand Ballroom, Marriott Hotel Manila, Pasay City, Metro Manila.


1100 Big Data Analytics Applied in Network Operations Wilson Chua/Bitstop
1130 IXP Next steps (advantages and disadvantages) Daishi Shima/BBIX
1200 Lunch break  
130 Management and Sustainability of the IXP – taking it to the next level – Global Examples / DNSSEC Jane Coffin/ISOC, Kevin Meynell/ISOC
200 Internet enabled businesses (challenges/milestones) Rhett Jones/Rise
230 CDNs and Internet traffic Analystics Kam-Sze Yeung/Akamai
300 Role of a Peering Manager Jake Chin/Google
330 Break time  
400 Network Security Mon Nunez
430 Internet BCPs Amante Alvaran/Brocade
500 Evolution of the Network Engineer Job Role Ceejay Dideles
530 IOT Benjie Tan
600 Closing  


Said activity aims to gather participants from the R&D and IT/ICT communities together with the current PhNOG members to discuss the opportunities that can be derived from joining and using the TEIN Network. TEIN is a high speed international research network which provides access to researchers and research institutions within participating countries in Asia and Europe. Through TEIN, international joint research projects pertaining to climate change, remote medical service, remote cultural performances, agriculture, and information technology have been conducted. Local and foreign experts will also share their knowledge and experiences that will enable the continuous development of the Philippine Internet.

On the other hand, Philippines Network Operators Group (PHNOG) is a nonprofit organization established to promote coordination among Network Operators in Philippines. Focus is given to knowledge development of all members as well as the Philippines IT community as a whole through discussions on technical issues/concerns regarding the Internet and network management.

In line with this, we would like to invite you as one of the participants in this one (1)-day activity. Registration for this activity is free. Please take note that the activity only offers limited slots, which will be granted on a first come, first served basis. Deadline for registration is on 15 January 2016. To reserve your seat, kindly register at this link:

Should you have any clarifications, please feel free to contact Mitz Ann N. Montañez at or Marie Antoinette F. Bangabang at You may also call +63 2 4269760 loc. 1603 / loc.1408.

Joomla GoogleMap Proxy Vulnerability

Google Map proxy

If you are using Joomla and have the Googlemaps plugin, your webserver may be under attack and being used to attack others via cross site scripting.

The problem with the Joomla! Googlemaps plugin lies in the fact anyone can request the/plugins/system/plugin_googlemap2_proxy.php in their browser or script, to execute cURL HTTP requests to remote websites. The url parameter is vulnerable for Cross Site Scripting (XSS) attacks, and allows the retrieval of remote website content. When this happens a lot, a website becomes overloaded and unresponsive, making a Denial-of-Service attack succesfully executed. This is not only a problem for the website owner on the remote end, or its hosting company. Your web servers transmit a lot of HTTP traffic to remote ends, increasing server load, usage and network bandwidth (for which you pay). Therefor it’s important to stop this abuse.

To remedy this, you can remove the plugin or restrict access to the file via your .htaccess.

More info here:

Google Map proxy

Plesk 12 Editions

The four new Plesk 12 editions are designed to help infrastructure providers create targeted solutions for web administrators, application developers, web professionals, and hosting service providers.

Each edition simplifies core web management activities to align with the way infrastructure is being used for hosting websites and web applications today.

Plesk 12 also includes a tightly integrated set of mass-management and security tools that can be used to profit from the growing demand for WordPress hosting.

All editions have added built-in server-to-site security, leading to more reliable infrastructure and reduced support costs.

Use the table below to compare what’s included in each Plesk 12 edition.


Bitstop Network Services now Supports IPv6

The Bitstop Network Services now supports the latest version of Internet Protocol(IP) – IPv6.

Internet Protocol version 6 (IPv6) is the latest version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion. – wikipedia

With IPv6, everything from appliances to automobiles can be interconnected. But an increased number of IT addresses isn’t the only advantage of IPv6 over IPv4. In honor of World IPv6 Day, here are six more good reasons to make sure your hardware, software, and services support IPv6.

  1. More Efficient Routing
    IPv6 reduces the size of routing tables and makes routing more efficient and hierarchical. IPv6 allows ISPs to aggregate the prefixes of their customers’ networks into a single prefix and announce this one prefix to the IPv6 Internet. In addition, in IPv6 networks, fragmentation is handled by the source device, rather than the router, using a protocol for discovery of the path’s maximum transmission unit (MTU).
  2. More Efficient Packet Processing
    IPv6’s simplified packet header makes packet processing more efficient. Compared with IPv4, IPv6 contains no IP-level checksum, so the checksum does not need to be recalculated at every router hop. Getting rid of the IP-level checksum was possible because most link-layer technologies already contain checksum and error-control capabilities. In addition, most transport layers, which handle end-to-end connectivity, have a checksum that enables error detection.
  3. Directed Data Flows
    IPv6 supports multicast rather than broadcast. Multicast allows bandwidth-intensive packet flows (like multimedia streams) to be sent to multiple destinations simultaneously, saving network bandwidth. Disinterested hosts no longer must process broadcast packets. In addition, the IPv6 header has a new field, named Flow Label, that can identify packets belonging to the same flow.
  4. Simplified Network Configuration
    Address auto-configuration (address assignment) is built in to IPv6. A router will send the prefix of the local link in its router advertisements. A host can generate its own IP address by appending its link-layer (MAC) address, converted into Extended Universal Identifier (EUI) 64-bit format, to the 64 bits of the local link prefix.
  5. Support For New Services
    By eliminating Network Address Translation (NAT), true end-to-end connectivity at the IP layer is restored, enabling new and valuable services. Peer-to-peer networks are easier to create and maintain, and services such as VoIP and Quality of Service (QoS) become more robust.
  6. Security
    IPSec, which provides confidentiality, authentication and data integrity, is baked into in IPv6. Because of their potential to carry malware, IPv4 ICMP packets are often blocked by corporate firewalls, but ICMPv6, the implementation of the Internet Control Message Protocol for IPv6, may be permitted because IPSec can be applied to the ICMPv6 packets.

Network Computing



Sign Up Now to Unleash the Power of IPv6

Email us at

or Call us (075) 515-8750-54

see our Contact Page for more details.

BNS Founder interviewed by Telecoms Asia

“To Peer or Not to Peer”

Last month, the Philippine Senate conducted a hearing to investigate the reason behind the country’s slow and expensive internet connection. What prompted the probe was an infographic posted by ASEAN DNA on Facebook showing the Philippines in the bottom three Southeast Asian countries with the slowest average internet speed, based on an Ookla speed test. That post has since gone viral, especially among disgruntled Filipino netizens.

Local IP peering was one of the possible solutions mentioned at the hearing by no less than the regulator, the National Telecommunications Commission (NTC).  Soon after, a number of articles on IP peering began making the rounds on social media. There was even a petition urging PLDT, the incumbent telco and largest ISP, to do local IP peering.

Now what does this tell us? The demand for better internet service has reached such a critical point that even the ordinary customer is becoming interested in something as technical as IP peering.

How and why is peering important to getting faster and more affordable internet connection?

To help answer this, I had a chat with Wilson Chua, managing director and co-founder at Bitstop Network Services, Inc. Starting out in computer distribution, Bitstop next ventured into operating a franchise of paging service EasyCall and promoting Mozcom in the province of Pangasinan before branching out to call centers and data-center operations via Bitstop was the first local ISP to peer via the Philippine Open Internet Exchange (PHOpenIX), the only publicly funded, neutral, and non-profit internet exchange point in the country. Below, Chua responds to my questions on peering and how it is benefiting Philippine internet.

TA: Can you explain what local IP peering is and how it benefits an ISP like Bitstop?

Local peering happens when two or more network operators decide to “meet” each other at a common point (the internet exchange or IX). When peering, an operator agrees to let others use the interconnection link to pass traffic from its own network to another operator’s network, and vice versa. By doing so, both parties benefit from a reduction of bandwidth by using the cheaper direct links instead of the costly international circuits. Operators who peer also agree to not charge the other party for the traffic, so neither party pays for the exchanged traffic.

Local peering has several benefits:

  1. Faster access times. Our hosted clients benefit from having their sites connected directly to the local internet community in the Philippines via the shortest distance possible. This improved network performance is one of the main reasons for connecting to the IXP. In an illustration (below) from a reportby Analysys Mason and Internet Society, you can see that users of ISP1 can get to ISP2 via direct peering links (red line with arrow). Without this peering, ISP1 users will have to go out of the country, use the expensive international links, pass via another carrier, and then on to another ISP3, before getting back to the country to reach ISP2. The same process happens vice versa. This is inefficient and slow, and can burden international bandwidth resources.


  1. Resiliency. As the Philippines is located in the Ring of Fire and the Typhoon belt, we see that most carriers’ links are affected by earthquakes and storms from time to time. When some of these links go down, the IX can provide an alternative path for the traffic of various operators to pass to get to each other’s local network. Going back to the illustration, suppose ISP1’s link to International Carrier 1 (purple line) goes down (like in the case of the Taiwan earthquake). Without the peered links (red line), ISP1 users will not be able to talk to ISP2 users.
  2. Community relationships. Since the exchange puts system admins in regular contact with each other, we find it easier to form communities of interest and help each other out with common issues like security (e.g., hacking and cyber-attacks).
  3. Efficient marketplace for bandwidth. Some of the IXPs have evolved into a universal market place to buy bandwidth from other peered partners. Peered partners can buy from other peers with excess bandwidth capacity, for the former to fill up spikes in their traffic. This effectively provides a market-based mechanism for internet pricing—one that is not subject to “lockdowns” by current providers.        

TA: When did you start peering? How did you find out about the PHOpenIX?

I was influenced by APNIC and Dr. William Norton, both of whom have been highlighting the power and benefits of peering exchanges since the 1990s. So from the early days, we were peered with PLDT’s PHIX. However, they price their local loop (last mile) so high such that all the other peered partners could only put in small links. This wasn’t enough to sustain the local community. Imagine a peering point with 2mbps links only. Later on, the Manila Internet eXchange (MIX) and BayanTel’s NIGX offered us a connection. We connected to these as well, but since they were telcos, I couldn’t see other telcos and ISPs connecting to these exchanges.

When I heard that the government was developing a neutral peering point, the PHOpenIX, I immediately signed up from day one. Since then, we have grown our link from a measly 512kbps to 50mbps today. 

TA: What considerations did you take before deciding to peer via the PHOpenIX?

It had to be sustainable and had to have the potential of getting a critical mass of operators using it. Peering has what we call Network Efforts. As more networks are connected, the value of the peering point increases. As the Metcalf Law states, “The value of the telecommunications network is proportional to the square of the number of connected users of the system.” I think the PHOpenIX is about to reach that critical mass of users with news of more operators coming in and peering.