Any Provider With Price Match Policy
May 14, 2008I wonder any provider still offering Price Match policy?
I saw some before but not anymore.
ADVERTISEMENT
Rackspace Offers To Match Price
Jul 10, 2008There is a new page on Rackspace's website where they are offering to match the price of any hosting company that sells the same package of specifications. It sounds like there will be no compromise on the standards of service included in the deal.
View 6 Replies View RelatedCan You Recommend A High Performance Price JSP Hosting Provider
Aug 12, 2008It should support jsp/jdk6.0/tomcat6.0/mysql5.0 or higher, and SSH is prefered.
Your advice will be highly appreciated.
Pattern Match
Jun 20, 2007mod_security: Access denied with code 406. Pattern match "<[[pace:]]*(script|about|applet|activex|chrome)*>.*(script|about|applet|activex|chrome)[[pace:]]*>" at POST_PAYLOAD [hostname "domain.us"] [uri "/_vti_bin/_vti_aut/author.exe"]
This is my mod security rules.conf file
Code:
#Enforce proper HTTP requests
SecFilterSelective SERVER_PROTOCOL "!^HTTP/(0.9|1.0|1.1)$" "id:340000,rev:1,severity:1,msg:'Bad HTTP Protocol'"
# Only accept request encodings we know how to handle
# we exclude GET requests from this because some (automated)
# clients supply "text/html" as Content-Type
SecFilterSelective REQUEST_METHOD "!^(GET|HEAD|POST|PUT|PROPFIND|OPTIONS)$" "chain,id:340001,rev:1,severity:2,msg:'Restricted HTTP function'"
SecFilterSelective HTTP_Content-Type "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"
#Generic rule for allowed characters, very broken at the moment, dont use it unless you can fix it
#Then post your fix eh!
#SecFilterSelective REQUEST_URI "!^[-a-zA-z0-9.+_/-?=]+$" "chain,id:340002,rev:1,severity:2,msg:'Restricted HTTP character set'"
# Require Content-Length to be provided with
# every POST request
SecFilterSelective REQUEST_METHOD "^POST$" "chain,id:340003,rev:1,severity:2,msg:'Content Length not provided with POST'"
SecFilterSelective HTTP_Content-Length "^$"
# Don't accept transfer encodings we know we don't handle
# (and you don't need it anyway)
SecFilterSelective HTTP_Transfer-Encoding "!^$" "id:340004,rev:1,severity:2,msg:'Dis-allowed Transfer Encoding'"
#HTTP response spilting generic sigs
SecFilter "Content-Length:.*Content-Type:.*Content-Type:" "id:340005,rev:1,severity:2,msg:'HTTP response splitting'"
#HTTP response spilting generic sigs
SecFilter "Content-Length:" "chain,id:340006,rev:1,severity:2,msg:'HTTP response splitting'"
SecFilter "Content-Type:" chain
SecFilter "Content-Type:"
#deny TRACE method
SecFilterSelective REQUEST_METHOD "TRACE" "id:340007,rev:1,severity:2,msg:'TRACE method denied'"
#XSS insertion into Content-Type
SecFilterSelective THE_REQUEST "Content-Type:.*(<[[:space:]]*(script|about|applet|activex|chrome)*>.*(script|about|applet|activex|chrome)[[:space:]]*>|onmouseover=|javascript:)" "id:300002,rev:1,severity:2,msg:'XSS attack in Content-type header'"
#Don't accept chunked encodings
#modsecurity can not look at these, so this is a hole
#that can bypass your rules, the rule before this one
#should cover this, but hey paranoia is cheap
SecFilterSelective HTTP_Transfer-Encoding "chunked" "id:300003,rev:1,severity:2,msg:'Chunked Transfer Encoding denied'"
#Code injection via content length
SecFilterSelective HTTP_Content-Length ";(system|passthru|exec)(" "id:330003,rev:1,severity:2,msg:'Code Injection in Content-Length header'"
#broad cross site scripting rule
#False alarms are a problem with this, use with caution
#SecFilterSelective THE_REQUEST "<(.|
)+>"
#generic recursion signatures
SecFilterSelective REQUEST_URI "!(alt_mod_frameset.php)" "chain,id:300004,rev:1,severity:2,msg:'Generic Path Recursion denied'"
SecFilterSelective THE_REQUEST "../../"
#generic path recurision sig
#generic recursion signatures
SecFilterSelective THE_REQUEST ".|./.|./.|" "id:300005,rev:1,severity:2,msg:'Generic Path Recursion denied'"
#generic bogus path sigs
SecFilterSelective THE_REQUEST ".../" "id:300006,rev:1,severity:2,msg:'Bogus Path denied'"
SecFilterSelective POST_PAYLOAD "[[:space:]]+...+;" "id:300007,rev:1,severity:2,msg:'Bogus Path denied'"
#Generic PHP exploit signatures
SecFilterSelective THE_REQUEST "(chr|fwrite|fopen|system|e?chr|passthru|popen|proc_open|shell_exec|exec|proc_nice|proc_terminate|proc_get_status|proc_close|pfsockopen|leak|apache_child_terminate|posix_kill|posix_mkfifo|posix_setpgid|posix_setsid|posix_setuid|phpinfo)(.*);" "id:330001,rev:1,severity:2,msg:'Generic PHP exploit pattern denied'"
#Generic PHP exploit signatures
SecFilterSelective POST_PAYLOAD|REQUEST_URI "<?php (chr|fwrite|fopen|system|echr|passthru|popen|proc_open|shell_exec|exec|proc_nice|proc_terminate|proc_get_status|proc_close|pfsockopen|leak|apache_child_terminate|posix_kill|posix_mkfifo|posix_setpgid|posix_setsid|posix_setuid|phpinfo)(.*);" "id:330002,rev:1,severity:2,msg:'Generic PHP exploit pattern denied'"
RackSpace: Can Anyone Match Their Service & Support...
Jan 12, 2006We need a MANAGED dedicated server for a client we are developing a website for. They will do most of their sales online.
Here is what we have found: As far as a managed dedicated server, the BEST company we have found that offers 24/7/365 phone support and has their own in-house hardware tech staff is RackSpace.
However, RackSpace is a little pricey (starts at around $400/month).
Is there any other REPUTABLE company available that offers MANAGED DEDICATED SERVERS WITH 24/7/365 phone support and in-house hardware tech support at a better price? Everytime I call RackSpace, I get a human being on the phone...NEVER an answering machine.
We want to put our client's website in the best hands possible.
With that said, are their any suggestions at a better price that match the support of RackSpace?
Thank you VERY MUCH for your helpful insight. We need to launch the site in a couple of weeks.
Apache :: Match Query String With URL As Value
Dec 30, 2014I want to match a query string with modrewrite , the problem is that my query_string has a url as value:
%{QUERY_STRING} next=https://play.google.com/store/apps/details?pepe=1
and it doesn't work for me.
input='next=https://play.google.com/store/apps/details?pepe=1'
patttern='next=https://play.google.com/store/apps/details?pepe=1' => not-matched
but if I had to match only the uri , it works , the problem is when I try to add parameters to the query_string url:
http://someurl.com?next=https://play.google.com/store/apps/details?pepe=1
Is there any way to match that kind of query_string?
APF Firewall :: Iptables: No Chain/target/match By That Name
Jun 6, 2007Hello,
I have two similar VPS plans with identical software setups.
I installed APF Firewall on VPS A, modified the conf.apf file to
change the interfaces to venet0 and set monokern to 1 and
then opened all the ingress ports required. Started the firewall
with 'service apf start' and everything went fine, and everything
is working fine with no errors.
I did the same on VPS B but when I start apf I get the following
error that reoccurs during the startup sequence:
iptables: No chain/target/match by that name
While the firewall does seem to be running (by checking iptables -L)
I am unable to download files on the VPS, via wget or yum ...
Apache :: Unable To Match Checksums For 2.2.29 Download
Oct 28, 2014After downloading httpd-2.2.29-win32.zip and generating SHA1 and SHA256 checksums from the file, they do not match the checksums posted on the download page.
View 4 Replies View RelatedSSL Certificates :: Modulus Mismatch, Key File Does Not Match Certificate
May 3, 2008I'm having a bit of a problem with my SSL certificate and can't seem to work out how to get around it.
Trying to install a RapidSSL certificate to one of my websites but for some reason when i enter the certificate into cPanel it says:
modulus mismatch, key file does not match certificate. Please use the correct key file ..
Mod_security: Access Denied With Code 406. Pattern Match
Feb 22, 2008Taken from apache error logs, are these below legit or false alarms per se? This same customer is having issues with php sendmail (server uses php 5 w/ phpsuexec enabled)
[Thu Feb 21 17:02:02 2008] [error] [client 216.9.250.112] mod_security: Access denied with code 406. Pattern match "!^[0-9a-z]*$" at COOKIE("PHPSESSID") [hostname "www.clientdomain.com"] [uri "/%23URL.ImagURL%23"]
[Fri Feb 22 10:13:18 2008] [error] [client 189.24.155.203] mod_security: Access denied with code 406. Pattern match "',''));" at POST_PAYLOAD [hostname "clientdomain.com"] [uri "/xmlrpc.php"] ....
Plesk 12.x / Linux :: Warning - Reverse DNS Does Not Match SMTP Banner
Jul 17, 2014OS = CentOS 6.5 (Final)
Plesk version = 12.0.18 Update #7, last updated at July 11, 2014 12:46 PM
I have been trying to make my sites better suited to anti spam measures. The only warning I have left to work out is:
Warning - Reverse DNS does not match SMTP Banner
In the Plesk settings i do have the outgoing mail setting set to Send from domain IP addresses and use domain names in SMTP greeting - still I get the warning.
I am using Post fix. This is a 1and1 dedicated server and I am using custom name servers for this domain. I believe the smtp banner is matching the main ip and not the domain.
Group Policy Win 2k3
Aug 3, 2007in a domain environment, how do I enable users to be able to access the Desktop properties and allow them to change their wallpapers. I know it should be a simple one but I'm still looking through policies but can't find what can be. By default/ after some group policy changes, all users are denied from accesing this properties window.
View 4 Replies View RelatedAbout Policy Of Softlayer Reseller
May 14, 2009about policy of softlayer reseller
I am reseller with softlyaer. (not direct client).
in above url, have this item
"Preferential cancellation policy—cancel any time up to billing day"
my billing date is the 14 each month.
04/14 this days, I submitted 2 cancel request,but Softlayer "can't accept"
haha.
I lossed > 300USD because I am the reseller.
have any body same as me?
ZONE.NET : Cancellation Policy
Jun 5, 2008I dont bash hosts often, because i realize some problems will come up that are out of the host's hands. Network downtime, hardware failure, etc.
Most ive been with, have been very understanding, and willing and ready to remedy the situation by compromise on both the customer, and hosts sides.
I decided to switch my forum to a VPS and decided to go with ZONE.net. They seemed reasonably priced, and ive seen some good reviews here on WHT.
So, this past Saturday evening, I signed up and get the first few payment confirmation emails.
Monday morning, I get an email from my current shared host, that I would not qualify for a refund for that month since it was past the 30 day money back guarantee. I had been with them for 3 months. I had 2 weeks to go so I said ok, it seemed fair.
I email zone.net on Monday to cancel the VPS since it hadn't even been provisioned yet.
Tuesday morning, I wake up to account info from zone.net
I shoot back in email asking why it hadn't been canceled since i would be staying with my host a little longer. I asked them to cancel, and issue a refund.
They quickly point me to their TOS and state they dont issue refunds for any reason. I would be inclined to agree, but certainly these are special circumstances. I asked to cancel my VPS BEFORE it was even created.
I shoot back an email saying that I would be willing to settle a refund, minus the costs of the control panel license, which is the only thing they are out anyway. I have not even logged in to the account. This was all Tuesday morning. I have not heard back from them yet. They are probably ignoring me.
I will not email them anymore, I will not even ask for the refund back anymore.
So, be warned. If you decide to get a VPS with zone.net, MAKE SURE THERE ARE NO HICCUPS, and BE SURE YOU WILL NOT CHANGE YOUR MIND AFTER HITTING THE SUBMIT BUTTON. Oh and expect 48hrs+ of setup time on something other hosts do in 3hrs or less.
If they need to hold on to a customer's money like this, they obviously need it more than me to keep their so called business afloat.
Virpus Don't Respect Own Policy
Jun 13, 2008Virpus don't respect own policy..
14 days moneyback is not true. virpus don't refund at all.
servers are overloaded. very slowly and if you ask for moneyback he. just don't answer you
i have buy signature vps with them and on 10 days.
servers have 1 downtime every day. and sometime (2 days) you cannot log into servers or view page because is overloaded.
when your servers back online. its take aproximatly 30 seconde before " website or panel " load.
just think before purshase. virpus network scam her client and don't respect own moneyback policy.
now i wait paypal issue.
Establish A Hosting Policy
Oct 29, 2008I'm trying to establish a policy for hosting requirements.
I keep running into this recurring problem where a company hosts their own site or they want to host with a business associate or friend that has some kind of side business.
This often results in:
• Drastic responsiveness issues
• Half @ss server setup
• No back up mechanisms
• Non-standard setups
I'm thinking of bumping the price on all my quotes by 20% and offering a 20% discount if recommended hosts are used. Another alternative which I would prefer is just to refuse to work on any other, but I don't think I could get away with that.
Cheapvps.co.uk New Security Policy
May 12, 2008I try to rent a vps from cheapvps.co.uk today and get this message:
In order to keep security and high quality of our service, all new orders needs to pass our fraud checking screen. In order to pass it, we ask you to email us scanned version of your Photo ID, Passport, Driver's license or your credit card.
Once we receive necessary document(s) we will happily proceed with processing your order.
Apache :: Create Rewrite Match 301 Rule To Push Long URL To Shortened URL Permanently?
Jan 30, 2013I am using the following mod_rewrite rule for shortened SEO friendly links: RewriteRule ^blog/([^/]*).html$ /blog/blog.php?pid=$1 [R=301,L]
For Google SEO reasons, will the shortened rewritten link created from above be the permanent link, from the R=301? Even though the longer link is still functional? Or, do I need to create a rewrite match 301 rule to push the long URL to the shortened URL permanently?
Understanding These Hosts' CPU Policy And Our Sites
May 9, 2008I don't know anything about CPU. According to BlueHost, they offer 40 seconds of CPU processing within a 60 second period. Our sites are mainly forums and blogs. For the next year, at most, we'll have 200 unique users a day, we're guessing. Do you think running something like WordPress or forum software would be too much with BlueHost's restrictions? We will focus on 10 sites during this time, so it'll be about 2,000 unique visitors a day across our entire account.
View 3 Replies View RelatedSwsoft's Windows Update Policy..
Jul 8, 2007I recently got a Windows VPS from 1and1 internet. I tried to run Windows update and Baseline Analyzer (SOP for me)..but neither would work. I learned that it seems to be Sw-Soft that have taken it upon themselves to test and push Windows updates to the hosts. Is this just for the big boys like 1and1? Or is this something Sw-soft does for all hosts?
Just wondering..say what you want about 1and1..I must say my experiences have improved over the last few weeks..and it does seem like they are really trying harder.
Group Policy For Active Desktop
Nov 14, 2007I've been trying to set an active desktop of a group of users that log into XP machines to an html webpage. So far I haven't had any luck getting the webpage to appear.
What exactly needs to be done in order for this to work correctly? The primary domain controller is running on windows 200 server.
This Connection Falls Under The SBRS Policy.
May 30, 2007Seems like my IP is blocked by comcast and clear channel. Comcast sucks and do not respond. They have the worst customer service ever. Clear channel is just another monster corporation as well with no concern.
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
someone@clearchannel.com
SMTP error from remote mail server after initial connection:
host external.clearchannel.com [207.230.136.65]:
554-smtp11.lob-hosting.com
554 Connection denied server.host.com
(xxx.xxx.xxx.xxx). This connection falls under the SBRS policy.
[url]
dnsstuff.com shows for spam database, only one listed (attached). I went there and the search says:
IP address xxx.xxx.xxx.xxx is listed here as fecheadorar.com misc.
I have no idea WHO fecheadorar.com is, but it is not/nor ever was hoste on my box.
How would I resolve this? There is absolutely no contact info on their site.
[url]
Servergrid Hosting - Service And Refund Policy
Aug 8, 2007I spent 6 months trying to get DotNetNuke up and running. Servergrid web hosting puts way too many sites on the same server. My site would sometimes take over 5 minutes to load. Often it would not load at all. I cancelled my subscription with them and two months later I have still not received my refund.
View 14 Replies View RelatedHetzner Bandwidth Policy - Misleading Or Interpreted Incorrectly
Nov 2, 2009We brought a RootServer with Hetzner after being recommended them. We did research on the service and they seemed to get positive review and the fact we are ordering from New Zealand we do not have to pay VAT.
We ordered our EQ 4 Server on 16/09/2009 and it was provisioned on the same day.
We were billed on the 2nd week of October which was fine. In the 3rd week of October the server exceeded 2TB and therefore it was reduced to 10Mbit/s which is fine.
It's now November and we expected the server to return to 100Mbit/s as per the definition on their website stating the following:
Quote:
Traffic Usage is for free. We will restrict the connection speed to 10 MBit/s if more than 2000 GB/month are exceeded. Optional, a permanent 100 MBit/s-bandwidth will be charged 14,90 € (incl. VAT) per additional TB.
Well of course my monthly bandwidth was reset to 0MB on November 1st and therefore we have not exceeded our usage for the month.
We emailed Hetzner Technicial Support with the following:
Quote:
Our server EQ 4 #XXXXX exceeded 2TB by roughly 650GB last month and was restricted to 10mbit/s as per Hetzner's policy.
It is now November 2nd and our server still remains restricted to 10mbit/s.
Can Hetzner please have a look into why this is the case and resolve the issue?
We received the following reply from Hetzner
Quote:
Your network connection has been throttled. Please contact our product advice.
This will tell you everything about your options.
This was not the response I expected, therefore I emailed their Technical Product Advice team with the following:
Quote:
Our server EQ 4 #XXXXX should not be throttled as it is November now.
Your website states "Traffic Usage is for free. We will restrict the connection speed to 10 MBit/s if more than 2000 GB/month are exceeded."
The Hetzner Robot states our usage is 10GB for the current month. Therefore it should not be throttled as we have not exceeded 2000 GB for the current month.
In turn I received the following response which was very unexpected response by Hetzner
Quote:
if a server is reduced once it stays "for ever" on 10 mbps or you agree paying overusage over 2 TB for the future with 14.90 Euro/TB or you remove traffic intensive application from server.
I have read and screenshot all their terms and conditions and also system policies which does not state any where that I agreed to stay on 10mbps once going over the 2TB/month.
Since Hetzner Online AG operates out of Germany, And since Germany is a member state of the European Union. It is bound by the Consumer Protection Directives of the European Union.
My question is have I interprated what Hetzner are offering/selling incorrectly or they have mislead me?
If they have mislead me then some of following rights and responsibilities apply, these apply everywhere in the EU.
Quote:
If the item you bought does not look or function as it was advertised, or if it is not satisfactory, you have the right to have the item replaced at no extra cost or to get your money back if the replacement was not completed in a reasonable time.
If you buy goods that turn out to be faulty, manufacturers must compensate you for any personal injury or damage caused to property.
When you buy goods or services by post, telephone, fax or through the Internet from a professional trader, you have the same rights in relation to guarantees as if you had bought them in a shop.
If they have mislead me I will be asking for a full refund of my last invoice which included setup costs and have no additional charges added to my account as I will be terminating my service with them asap and start searching for a new provider.
BursntNet's Policy On Clients Of A Particular Resller If Resllers Goes Belly Up
Jun 15, 2008What's BurstNET's policy on the clients of a reseller incase a resller goes out of business?
do they then directly take over or something? how does it work? how do i get support for the server? when i buy from a reseller do i need to approach him for support or directly burstnet?
also if i buy from a reseller can i still get direct support from burstNet irrespective of the reseller being or not being in b business?
Mod_Security Logs Showing Method Is Not Allowed By Policy
Jan 24, 2008I have mod_security setup in WHM and am seeing a lot of these entries for various IP's.
Access denied with code 406 (phase 1). Match of "rx ^((?:(?:POS|GE)T|OPTIONS|HEAD))$" against "REQUEST_METHOD" required. [id "960032"] [msg "Method is not allowed by policy"] [severity "CRITICAL"]
How Long Until Sender Policy Framework Take Effect (my Email Is Being Spoof)
Jun 4, 2008my email address is being spoof/forge. i have added spf record into the DNS for couple days now but i'm still getting rejected/bounced email. is this correct or is spammer is still able to forge my email and sending out spam?
edit: where can i check if my domain/server is on spam block list? since dnsstuff's tool cost money.