I am planning to host my personal website which will be a bunch of static pages for the time being with the possibility of moving to PHP/Pearl CMS later.
For this, I think that a basic hosting plan of about .5-1GB space and 5-10GB bandwidth would be well enough.
Can you please suggest me a host which would cost around 2-3$/month and has a moderately good service? I came across companies like Umbrahosting and HostPC which are cheap. Do you have anything to say about them?
Moreover, some hosts give combo offers of webspace+domain registration. Is it wise to register the domain through the host or to register it separately through godaddy etc?
Currently configuring my VPS, have been for a while now, and am relooking at the security I'll need on it. The VPS will be running something similar to a CMS/Forum site and won't be offering webhosting. Alot of the security measures around here are webhosting orientated. What security procedures does everyone suggest for my situation?
I've got APF, BFD and restricted root SSH access. Is there anything else?
Just have some questions regarding server settings and security
1) What will happen if Open_basedir in php.ini is changed to Open_basedir = /home:/tmp ?
2) What will happen if all hosted users in passwd file are set to /sbin/nologin ??? Dose it effect running the web site?
What are the effects if Sync if set to /sbin/nologin default is /bin/sync shutdown if set to /sbin/nologin default is /sbin/shutdown halt if set to /sbin/nologin default is /sbin/halt news if set to /sbin/nologin default is empty netdump if set to /sbin/nologin default is /bin/bash Mysql if set to /sbin/nologin default is /bin/bash mailman if set to /sbin/nologin default is /bin/bash cpanel if set to /sbin/nologin default is /bin/bash
3) How to make /bin/bash in passwd file is the default path for each new user added (automatically) in cpanel/whm server
4) What is the effect if base64_encode and base64_decode if been added in disable functions?
5) How to secure host.conf and nsswitch.conf to prevent DNS lookup poisoning and also provide protection against spoofs?
6) How to secure the system configuration file sysctl.conf to prevent the TCP/IP stack from syn-flood attacks?
ServerLimit 1000 KeepAlive On MaxKeepAliveRequests 64 KeepAliveTimeout 1 MinSpareServers 5 MaxSpareServers 15 StartServers 30 MaxClients 850 MaxRequestsPerChild 64 HostnameLookups Off UseCanonicalName Off
my.cnf
Quote:
[mysqld] local-infile=0 datadir=/var/lib/mysql skip-locking skip-networking safe-show-database query_cache_limit=2M query_cache_size=128M ## 32MB for every 1GB of RAM query_cache_type=1 max_user_connections=350 max_connections=600 interactive_timeout=10 wait_timeout=28800 connect_timeout=20 thread_cache_size=128 key_buffer=512M ## 128MB for every 1GB of RAM join_buffer=8M max_connect_errors=20 max_allowed_packet=32M table_cache=1024 record_buffer=8M sort_buffer_size=4M ## 1MB for every 1GB of RAM read_buffer_size=4M ## 1MB for every 1GB of RAM read_rnd_buffer_size=4M ## 1MB for every 1GB of RAM thread_concurrency=8 ## Number of CPUs x 2 myisam_sort_buffer_size=64M server-id=1 collation-server=latin1_swedish_ci
I tried installing Apache and, later on, Wampserver. I also tried looking up this topic in Build Your Own Database Driven Web Site, Using PHP and MySQL.
My goal is to see, on my home computer, how my new Web pages would look as I work on them, and that includes things like includes, which can't be seen on a regular home computer (mine is Vista). Later on, I also expect to play around a lot with PHP.
OK, how am I supposed to do this? Is there a folder on my home computer where these files should be? Do I need to install them on another computer on my home LAN?
I just don't get these first basic steps; I don't know what to look for.
so ive had powervps and they i thought they were good well i just got cirtex for my moms small business and we had some issues. the guys at cirtex were very helpful and fixed my mail issues and even offered to give me a free dedicated IP.
I want to be able to do some testing on a Windows Server. Instead of finding a domain and finding web space I figured I could just use one of my own PCs as a web server.
However, I've never done that before and have no idea what I would need.
Does anyone have a tutorial of what needs to be installed (OS, software, etc) in order to setup a Windows web server? Doesn't have to have any features other than supporting ASP. And I'd need to be able to access it from the internet via my ISP and a port.
I am setting up a web server (2-3 websites, colo) but am wondering if setting up a mail server (IMAP/SMTP/Webmail for 4-5 mailboxes) alongside is a good practice?
Furthermore to my question, I only need SSL cert for email server and not for websites. Can this be done? Yes or no would be enough for now.
I'm looking for a dedicated server for webhosting business. The server should have atleast 1Tb HD space and it should be in EU region. The best prices I've found so far are from hetzner.de. Can you recommed other ones?
I've been trying to set up blogs on Company "A" for the past month and have had nothing but problems.
While waiting to hear back - one more time - from tech support on Company "A" I set up a blog on Company "B". Everything set up perfectly, smoothly and in about 1 hour I had the blog up and running.
I'm using 2.5.1 WPB and plugins that are NOT known to have "issues".
I've used the same themes and plugins on "A" and "B".
I changed permissions on a couple of the plugins (company A) and the plugins just disappeared.
I tried setting up widgets and none work.
if there are specific settings server side that make setting up blogs work/not work?
I have a problem with my csf setting dunno why now when i start csf i block my server, i come from backup before with same config and working very well dunno why not working in this time.
Code: ############################################################################### # Copyright 2006, Way to the Web Limited # URL: http://www.waytotheweb.com # Email: sales@waytotheweb.com ############################################################################### # This configuration is for use with generic Linux servers, do not change the # following setting: GENERIC = "1"
# Testing flag - enables a CRON job that clears iptables incase of # configuration problems when you start csf. This should be enabled until you # are sure that the firewall works - i.e. incase you get locked out of your # server! Then do remember to set it to 0 and restart csf when you're sure # everything is OK. Stopping csf will remove the line from /etc/crontab TESTING = "0"
# The interval for the crontab in minutes. Since this uses the system clock the # CRON job will run at the interval past the hour and not from when you issue # the start command. Therefore an interval of 5 minutes means the firewall # will be cleared in 0-5 minutes from the firewall start TESTING_INTERVAL = "5"
# Enabling auto updates creates a cron job called /etc/cron.d/csf_update which # runs once per day to see if there is an update to csf+lfd and upgrades if # available and restarts csf and lfd. Updates do not overwrite configuration # files or email templates. An email will be sent to the root account if an # update is performed AUTO_UPDATES = "1"
# By default, csf will auto-configure iptables to filter all traffic except on # the local (lo:) device. If you only want iptables rules applied to a specific # NIC, then list it here (e.g. eth1, or eth+) ETH_DEVICE = "venet0"
# If you don't want iptables rules applied to specific NICs, then list them in # a comma separated list (e.g "eth1,eth2") ETH_DEVICE_SKIP = ""
# Lists of ports in the following comma separated lists can be added using a # colon (e.g. 30000:35000).
# Allow outgoing UDP ports # To allow outgoing traceroute add 33434:33523 to this list UDP_OUT = "20,21,53,113,123,953,1000:3800,6100,6881"
# Allow incoming PING ICMP_IN = "1"
# Set the per IP address incoming ICMP packet rate # To disable rate limiting set to "0" ICMP_IN_RATE = "1/s"
# Allow outgoing PING ICMP_OUT = "1"
# Set the per IP address outgoing ICMP packet rate # To disable rate limiting set to "0" ICMP_OUT_RATE = "1/s"
# If this is a MONOLITHIC kernel (i.e. it has no LKM support, e.g. a VPS) then # set this to 1. Because of the nature of monolithic kernels, it's not easy to # determine which modules have been built-in, so some functionality may not be # available and this firewall script may not work. # # One example is if the ip_conntrack and ip_conntrack_ftp iptables kernel # modules are not available. If this happens, FTP passive mode (PASV) won't # work. In such circumstances you will have to open a hole in your firewall and # configure the FTP daemon to use that same hole. For example, with pure-ftpd # you could add the port range 30000:35000 to TCP_IN and add the following line # to /etc/pure-ftpd.conf (without the leading #): # PassivePortRange30000 35000 # Then restart pure-ftpd and csf and passive FTP should then work MONOLITHIC_KERNEL = "1"
# Drop target for iptables rules. This can be set to either DROP ot REJECT. # REJECT will send back an error packet, DROP will not respond at all. REJECT # is more polite, however it does provide extra information to a hacker and # lets them know that a firewall is blocking their attempts. DROP hangs their # connection, thereby frustrating attempts to port scan the server. DROP = "DROP"
# Enable logging of dropped connections to blocked ports to syslog, usually # /var/log/messages. This option needs to be enabled to use Port Scan Tracking DROP_LOGGING = "1"
# Enable logging of dropped connections to blocked IP addresses in csf.deny or # by lfd with temporary connection tracking blocks. Do not enable this option # if you use Port Scan Tracking DROP_IP_LOGGING = "0"
# Only log reserved port dropped connections (0:1023). Useful since you're not # usually bothered about ephemeral port drops DROP_ONLYRES = "0"
# Commonly blocked ports that you do not want logging as they tend to just fill # up the log file. These ports are specifically blocked (applied to TCP and UDP # protocols) for incoming connections DROP_NOLOG = "67,68,111,113,135:139,445,513,520"
# Enable packet filtering for unwanted or illegal packets PACKET_FILTER = "1"
# Log packets dropped by the packet filtering option PACKET_FILTER. This will # show packet drops that iptables has deemed INVALID (i.e. there is no # established TCP connection in the state table), or if the TCP flags in the # packet are out of sequence or illegal in the protocol exchange. # # If you see packets being dropped that you would rather allow then disable the # PACKET_FILTER option above by setting it to "0" DROP_PF_LOGGING = "0"
# Enable SYN flood protection. This option configures iptables to offer some # protection from tcp SYN packet DOS attempts. You should set the RATE so that # false-positives are kept to a minimum otherwise visitors may see connection # issues (check /var/log/messages for *SYNFLOOD Blocked*). See the iptables # man page for the correct --limit rate syntax SYNFLOOD = "0" SYNFLOOD_RATE = "4/s"
# Enable verbose output of iptables commands VERBOSE = "1"
# Log lfd messages to SYSLOG in addition to /var/log/lfd.log. You must have the # perl module Sys::Syslog installed to use this feature SYSLOG = "1"
# If you wish to allow access from dynamic DNS records (for example if your IP # address changes whenever you connect to the internet but you have a dedicated # dynamic DNS record from the likes of dyndns.org) then you can list the FQDN # records in csf.dyndns and then set the following to the number of seconds to # poll for a change in the IP address. If the IP address has changed iptables # will be updated. # # A setting of 600 would check for IP updates every 10 minutes. Set the value # to 0 to disable the feature DYNDNS = "0"
# Limit the number of IP's kept in the /etc/csf/csf.deny file. This can be # important as a large number of IP addresses create a large number of iptables # rules (4 times the number of IP's) which can cause problems on some systems # where either the the number of iptables entries has been limited (esp VPS's) # or where resources are limited. This can result in slow network performance, # or, in the case of iptables entry limits, can prevent your server from # booting as not all the required iptables chain settings will be correctly # configured. The value set here is the maximum number of IPs/CIDRs allowed # if the limit is reached, the entries will be rotated so that the oldest # entries (i.e. the ones at the top) will be removed and the latest is added. # The limit is only checked when using csf -d (which is what lfd also uses) # Set to 0 to disable limiting DENY_IP_LIMIT = "100"
# Limit the number of IP's kept in the temprary IP ban list. If the limit is # reached the oldest IP's in the ban list will be removed and allowed # regardless of the amount of time remaining for the block # Set to 0 to disable limiting DENY_TEMP_IP_LIMIT = "100"
# Temporary to Permanent IP blocking. The following enables this feature to # permanently block IP addresses that have been temporarily blocked # LF_PERMBLOCK_COUNT times in the last LF_PERMBLOCK_INTERVAL seconds. Set # LF_PERMBLOCK to "1" to enable this feature # # Care needs to be taken when setting LF_PERMBLOCK_INTERVAL as it needs to be # at least LF_PERMBLOCK_COUNT multiplied by the longest temporary time setting # (TTL) for blocked IPs, to be effective # # Set LF_PERMBLOCK to "0" to disable this feature LF_PERMBLOCK = "0" LF_PERMBLOCK_INTERVAL = "86400" LF_PERMBLOCK_COUNT = "4"
# Permanently block IPs by network class. The following enables this feature # to permanently block classes of IP address where individual IP addresses # within the same class LF_NETBLOCK_CLASS have already been blocked # LF_NETBLOCK_COUNT times in the last LF_NETBLOCK_INTERVAL seconds. Set # LF_NETBLOCK to "1" to enable this feature # # This can be an affective way of blocking DDOS attacks launched from within # the same networ class # # Valid settings for LF_NETBLOCK_CLASS are "A", "B" and "C", care and # consideration is required when blocking network classes A or B # # Set LF_NETBLOCK to "0" to disable this feature LF_NETBLOCK = "0" LF_NETBLOCK_INTERVAL = "86400" LF_NETBLOCK_COUNT = "4" LF_NETBLOCK_CLASS = "C"
# The follow Global options allow you to specify a URL where csf can grab a # centralised copy of an IP allow or deny block list of your own. You need to # specify the full URL in the following options, i.e.: # http://www.somelocation.com/allow.txt # # The actual retrieval of these IP's is controlled by lfd, so you need to set # LF_GLOBAL to the interval (in seconds) when you want lfd to retrieve. lfd # will perform the retrieval when it runs and then again at the specified # interval. A sensible interval would probably be every 3600 seconds (1 hour) # # You do not have to specify both an allow and a deny file # # You can also configure a global ignore file for IP's that lfd should ignore GLOBAL_ALLOW = "" GLOBAL_DENY = "" GLOBAL_IGNORE = "" LF_GLOBAL = ""
# Enable login failure detection daemon (lfd). If set to 0 none of the other LF # settings have any effect as the daemon won't start. # When the trigger level of failures is reached lfd will use csf to add the IP # to the /etc/csf/csf.deny file and block it LF_DAEMON = "1"
# The following[*] triggers are application specific. If you set LF_TRIGGER to # "0" the value of each trigger is the number of failures against that # application that will trigger lfd to block the IP address # # If you set LF_TRIGGER to a value greater than "0" then the following[*] # application triggers are simply on or off ("0" or "1") and the value of # LF_TRIGGER is the total cumulative number of failures that will trigger lfd # to block the IP address # # Setting the application trigger to "0" disables it LF_TRIGGER = "0"
# If LF_TRIGGER is > 1 then the following can be set to "1" to permanently # block the IP address, or if set to a value greater than "1" then the IP # address will be blocked temporarily for the value in seconds. For example: # LF_TRIGGER = "1" => the IP is blocked permanently # LF_TRIGGER = "3600" => the IP is blocked temporarily for 1 hour # # If LF_TRIGGER is 0, then the application LF_[application]_PERM value works in # the same way as above LF_TRIGGER_PERM = "1"
# To only block access to the failed application instead of a complete block # for an ip address, you can set the following to "1", but LF_TRIGGER must be # set to "0" with specific application[*] trigger levels also set LF_SELECT = "0"
#[*]Enable login failure detection of courier pop3 connections. This will not # trap the older cppop daemon LF_POP3D = "10" LF_POP3D_PERM = "1"
#[*]Enable login failure detection of courier imap connections. This will not # trap the older cpimap (uwimap) daemon LF_IMAPD = "10" LF_IMAPD_PERM = "1"
#[*]Enable login failure detection of Apache .htpasswd connections # Due to the often high logging rate in the Apache error log, you might want to # enable this option only if you know you are suffering from attacks against # password protected directories LF_HTACCESS = "5" LF_HTACCESS_PERM = "1"
#[*]Enable failure detection of Apache mod_security connections # Due to the often high logging rate in the Apache error log, you might want to # enable this option only if you know you are suffering from attacks against # web scripts LF_MODSEC = "5" LF_MODSEC_PERM = "1"
#[*]Enable detection of suhosin triggers and blocking of attackers # Example: LF_SUHOSIN = "5" LF_SUHOSIN = "0" LF_SUHOSIN_PERM = "1"
# Check that csf appears to have been stopped. This checks the status of the # iptables INPUT chain. If it's not set to DROP, LF will run csf. This will not # happen if TESTING is enabled above. The check is done every 300 seconds LF_CSF = "1"
# Send an email alert if anyone logs in successfully using SSH LF_SSH_EMAIL_ALERT = "1"
# Send an email alert if anyone uses su to access another account. This will # send an email alert whether the attempt to use su was successful or not LF_SU_EMAIL_ALERT = "1"
# Enable Directory Watching. This enables lfd to check /tmp and /dev/shm # directories for suspicious files, i.e. script exploits. If a suspicious # file is found an email alert is sent. Only one alert per file is sent until # lfd is restarted, so if you remove a suspicious file, remember to restart lfd # # To enable this feature set the following to the checking interval in seconds. # Set to disable set to "0" LF_DIRWATCH = "60"
# To remove any suspicious files found during directory watching, enable the # following. These files will be appended to a tarball in # /etc/csf/suspicious.tar LF_DIRWATCH_DISABLE = "0"
# This option allows you to have lfd watch a particular file or directory for # changes and should they change and email alert using watchalert.txt is sent # # To enable this feature set the following to the checking interval in seconds # (a value of 60 would seem sensible) and add your entries to csf.dirwatch # # Set to disable set to "0" LF_DIRWATCH_FILE = "0"
# This is the interval that is used to flush reports of usernames, files and # pids so that persistent problems continue to be reported, in seconds. # A value of 3600 seems sensible LF_FLUSH = "3600"
# System Integrity Checking. This enables lfd to compare md5sums of the # servers OS binary application files from the time when lfd starts. If the # md5sum of a monitored file changes an alert is sent. This option is intended # as an IDS (Intrusion Detection System) and is the last line of detection for # a possible root compromise. # # There will be constant false-positives as the servers OS is updated or # monitored application binaries are updated. However, unexpected changes # should be carefully inspected. # # Modified files will only be reported via email once. # # To enable this feature set the following to the checking interval in seconds # (a value of 3600 would seem sensible). This option may pur an increased I/O # load onto the server as it checks system binaries. # # To disable set to "0" LF_INTEGRITY = "3600"
# System Exploit Checking. This enables lfd to check for the Random JS Toolkit # and may check for others in the future: # http://www.cpanel.net/security/notes/random_js_toolkit.html # It compares md5sums of the binaries listed in the exploit above for changes # and also attempts to create and remove a number directory # # Modified files will only be reported via email once, though will be reset # after an hour # # To enable this feature set the following to the checking interval in seconds # (a value of 300 would seem sensible). # # To disable set to "0" LF_EXPLOIT = "300"
# This comma separated list allows you to (de)select which tests LF_EXPLOIT # performs # # For the SUPERUSER check, you can list usernames in csf.suignore to have them # ignored for that test # # Valid tests are: # JS,SUPERUSER LF_EXPLOIT_CHECK = "JS,SUPERUSER"
# Set the time interval to track login failures within (seconds), i.e. # LF_TRIGGER failures within the last LF_INTERVAL seconds LF_INTERVAL = "300"
# Set the log file parsing interval (seconds). This is how long the daemon # sleeps before processing the log file entries since the last scan finished LF_PARSE = "5"
# Send an email alert if an IP address is blocked LF_EMAIL_ALERT = "1"
# Send an email alert if an account exceeds LT_POP3D/LT_IMAPD logins per hour # per IP LT_EMAIL_ALERT = "1"
# Block POP3 logins if greater than LT_POP3D times per hour per account per IP # address (0=disabled) LT_POP3D = "15"
# Block IMAP logins if greater than LT_IMAPD times per hour per account per IP # address (0=disabled) - not recommended for IMAP logins due to the ethos # within which IMAP works. If you want to use this, setting it quite high is # probably a good idea LT_IMAPD = "0"
# Enable IP range blocking using the DShield Block List at # http://www.dshield.org/block_list_info.php # To enable this feature, set the following to the interval in seconds that you # want the block list updated. The list is reasonably static during the length # of a day, so it would be appropriate to only update once every 24 hours, so # a value of "86400" is recommended LF_DSHIELD = "86400"
# The DShield block list URL. If you change this to something else be sure it # is in the same format as the block list LF_DSHIELD_URL = "http://feeds.dshield.org/block.txt"
# Enable IP range blocking using the Spamhaus DROP List at # http://www.spamhaus.org/drop/index.lasso # To enable this feature, set the following to the interval in seconds that you # want the block list updated. The list is reasonably static during the length # of a day, so it would be appropriate to only update once every 24 hours, so # a value of "86400" is recommended LF_SPAMHAUS = "86400"
# The Spamhaus DROP List URL. If you change this to something else be sure it # is in the same format as the drop list LF_SPAMHAUS_URL = "http://www.spamhaus.org/drop/drop.lasso"
# Enable IP range blocking using the BOGON List at # http://www.cymru.com/Bogons/ # To enable this feature, set the following to the interval in seconds that you # want the block list updated. The list is reasonably static during the length # of a day, so it would be appropriate to only update once every 24 hours, so # a value of "86400" is recommended # # Do NOT use this option if your server uses IP's on the bogon list (e.g. this # is often the case with servers behind a NAT firewall using ip routing) LF_BOGON = "0"
# The BOGON List URL. If you change this to something else be sure it # is in the same format as the drop list LF_BOGON_URL = "http://www.cymru.com/Documents/bogon-bn-agg.txt"
# Connection Tracking. This option enables tracking of all connections from IP # addresses to the server. If the total number of connections is greater than # this value then the offending IP address is blocked. This can be used to help # prevent some types of DOS attack. # # Care should be taken with this option. It's entirely possible that you will # see false-positives. Some protocols can be connection hungry, e.g. FTP, IMAPD # and HTTP so it could be quite easy to trigger, especially with a lot of # closed connections in TIME_WAIT. However, for a server that is prone to DOS # attacks this may be very useful. A reasonable setting for this option might # be arround 200. # # To disable this feature, set this to 0 CT_LIMIT = "200"
# Connection Tracking interval. Set this to the the number of seconds between # connection tracking scans. Don't set this too low or you will affect server # performance as lfd runs netstat each time to determine the connections CT_INTERVAL = "60"
# Send an email alert if an IP address is blocked due to connection tracking CT_EMAIL_ALERT = "1"
# If you want to make IP blocks permanent then set this to 1, otherwise blocks # will be temporary and will be cleared periodically or whenever the firewall # is restarted CT_PERMANENT = "0"
# If you opt for temporary IP blocks for CT, then the following is the interval # in seconds that the IP will remained blocked for (e.g. 1800 = 30 mins) CT_BLOCK_TIME = "3200"
# If you don't want to count the TIME_WAIT state against the connection count # then set the following to "1" CT_SKIP_TIME_WAIT = "0"
# If you only want to ount specific states (e.g. SYN_RECV) then add the states # to the following as a comma separated list. E.g. "SYN_RECV,TIME_WAIT" # # Leave this option empty to count all states against CT_LIMIT CT_STATES = ""
# Process Tracking. This option enables tracking of user and nobody processes # and examines them for suspicious executables or open network ports. Its # purpose is to identify potential exploit processes that are running on the # server, even if they are obfuscated to appear as system services. If a # suspicious process is found an alert email is sent with relevant information. # It is then the responsibility of the recipient to investigate the process # further as the script takes no further action. Processes (PIDs) are only # reported once unless lfd is restarted. # # The following is the number of seconds a process has to be active before it # is inspected. If you set this time too low, then you will likely trigger # false-positives with CGI or PHP scripts. # Set the value to 0 to disable this feature PT_LIMIT = "60"
# How frequently processes are checked in seconds PT_INTERVAL = "60"
# If you want process tracking to highlight php or perl scripts that are run # through apache for greater than PT_LIMIT seconds then disable the following, # i.e. set it to 0 # # While enabling this setting will reduce false-positives, having it set to 0 # does provide better checking for exploits running on the server PT_SKIP_HTTP = "1"
# User Process Tracking. This option enables the tracking of the number of # process any given linux account is running at one time. If the number of # processes exceeds the value of the following setting an email alert is sent # with details of those processes. A user is only reported once, so lfd must be # restarted to reinstate checking of all users. If you specify a user in # csf.pignore it will be ignored # # Set to 0 to disable this feature PT_USERPROC = "10"
# This User Process Tracking option sends an alert if any linux user process # exceeds the memory usage set (MB). To ignore specific processes or users use # csf.pignore # # Set PT_USERKILL to have lfd kill off the process # # Set to 0 to disable this feature PT_USERMEM = "100"
# This User Process Tracking option sends an alert if any linux user process # exceeds the time usage set (seconds). To ignore specific processes or users # use csf.pignore # # Set PT_USERKILL to have lfd kill off the process # # Set to 0 to disable this feature PT_USERTIME = "3200"
# If this option is set then processes detected by PT_USERMEM or PT_USERTIME # or PT_USERPROC are killed PT_USERKILL = "0"
# Check the PT_LOAD_AVG minute Load Average (can be set to 1 5 or 15 and # defaults to 5 if set otherwise) on the server every PT_LOAD seconds. If the # load average is greater than or equal to PT_LOAD_LEVEL then an email alert is # sent. lfd then does not report subsequent high load until PT_LOAD_SKIP # seconds has passed to prevent email floods. # # Set PT_LOAD to "0" to disable this feature PT_LOAD = "30" PT_LOAD_AVG = "5" PT_LOAD_LEVEL = "6" PT_LOAD_SKIP = "3600"
# If a PT_LOAD event is triggered, then if the following contains the path to # a script, it will be run in a child process. For example, the script could # contain commands to terminate and restart httpd, php, exim, etc incase of # looping processes PT_LOAD_ACTION = ""
# Port Scan Tracking. This feature tracks port blocks logged by iptables to # syslog. If an IP address generates a port block that is logged more than # PS_LIMIT within PS_INTERVAL seconds, the IP address will be blocked. # # This feature could, for example, be useful for blocking hackers attempting # to access the standard SSH port if you have moved it to a port other than 22 # and have removed 22 from the TCP_IN list so that connection attempts to the # old port are being logged # # This feature blocks all iptables blocks from the iptables logs, including # repeated attempts to one port or SYN flood blocks, etc # # Note: This feature will only track iptables blocks from the log file set in # IPTABLES_LOG below and if you have DROP_LOGGING enabled. However, it will # cause redundant blocking with DROP_IP_LOGGING enabled # # Warning: It's possible that an elaborate DDOS (i.e. from multiple IP's) # could very quickly fill the iptables rule chains and cause a DOS in itself. # The DENY_IP_LIMIT should help to mitigate such problems with permanent blocks # and the DENY_TEMP_IP_LIMIT with temporary blocks # # Set PS_INTERVAL to "0" to disable this feature. A value of between 60 and 300 # would be sensible to enable this feature PS_INTERVAL = "0" PS_LIMIT = "10"
# You can specify the ports and/or port ranges that should be tracked by the # Port Scan Tracking feature. The following setting is a comma separated list # of those ports and uses the same format as TCP_IN. The default setting of # 0:65535 covers all ports PS_PORTS = "0:65535"
# You can select whether IP blocks for Port Scan Tracking should be temporary # or permanent. Set PS_PERMANENT to "0" for temporary and "1" for permanent # blocking. If set to "0" PS_BLOCK_TIME is the amount of time in seconds to # temporarily block the IP address for PS_PERMANENT = "0" PS_BLOCK_TIME = "3600"
# Set the following to "1" to enable Port Scan Tracking email alerts, set to # "0" to disable them PS_EMAIL_ALERT = "1"
I have purchased a proxy website using phproxy script hosted at dedicated server. Its now about 4 months and everything is fine but i want to move my site to another dedicated server provider because current one has some issues.
When i purchased that site seller told me that he has optimized server and installed some scripts {server scripts} to get best out of proxy website. Now seller is out of my contact.
I am very much pleased with current server settings but i need to move. So i want to make sure that i can optimize new server and install same scripts to keep going with current performance.
I only know about http.conf settings and i have noted it ... plz help me about copying every other settings which that guy had done to optimize the server and how can i know which and where those scripts are installed which has made server quite efficient?
I just got a new server, and for some reason it is as though it always sends out codes to your browser to completely reload (like hard refresh) all images... Even if you hit "Refresh" in firefox, it wants to reload ALL Images. I uploaded the same EXACT files/webpage that it is doing this to on another server and it treats it normally, Firefox caches it. But on my server it wants to reload the images each and every time.
Tried on multiple computers, same thing.
Anyone know where this 'setting' might be? I do have full access to the server, though I was not the one to set it all up initially.
I've created loads of sites before, mostly using high end VPS or dedicated servers. I'm somewhat new to shared hosts, having used just 2 before. The 2 being:
1. Hostmonster - brilliant. Yes, it's oversold badly but it's service is second to none and I never had an issue on a medium-traffic site. However, I do know they phone you to verify your account, and I currently do not have possesion of a phone (travelling).
2. iWhic. Had some serious downtime at one point, but else reliable. Customer service OK. Basic plan does not support unlimited domains.
I am looking to make a personal blog, possibly a travel blog or car review site.
I may still use iWhic, but I'd like to be open to suggestions:
[requirements]Unlimited domains 5GB Diskspace Unlimited Email Accounts 20GB+ Bandwidth Reseller would be nice (host my friends) cPanel (this is a must).
[budget] While technically my budget is unlimited, I would like to stick it to the $5-10/month mark. Pay per month is preferable.
I like the idea of just a big oversold host, cause they are generally reliable and I won't be using that much resources and the bonuses (such as Adwords credit) are generally useful.
I've noticed that theres really a shortage of freebsd web hosts which surprised me at first because I've always considered fbsd an os built from the ground up to be a server. That also happens to be the os I have the most experience with. I can only guess its because in comparison to the linux community the freebsd is relatively small and not as well known.
So basically what I'd like to do is rent a dedicated server, run freebsd 64 on it, and hopefully get a small successful business going. I've been looking around a lot for reliable freebsd servers (I really don't have the upfront money to do colocation) and I've found one that offers me 500gb disk space and 10mbps unmetered bandwidth (or 3300 gb/month I guess).
My first question is could someone please clarify unmetered bandwidth. In the past pretty much every host I've looked at offers a set amount of bandwidth (like in gb), and I'm not completely clear on how this whole 10mbps fits in with that.
My second question is more general. Really I'm looking for honest opinions on the ease of breaking into this business. I'm sure theres a lot of people who start up and shut down constantly which contributes to the reputation of a lot of smaller hosts being unreliable, but is this a feasible goal? I can really put in any amount of time necessary but I only have about $500 to start out.
I'm new here and I just want to start my first web site. What I need is just something basic: email, web stat, stability, etc. I do not need lots of space and bandwidth (of course, it is best if it is upgradable). Any suggestion on hosting company with lower budget plans? I hope I can start from a cheap monthly rate, and can upgrade in the future when needed.
And I have some questions when I look into different hosting plans:
1. I found many hosting plans offer free domain, so I can save may be $10 for the domain name registration. Would there be any disadvantage for using the free domain provided, like it may not be portable in the future?
2. After this first web site, I may build a few more web sites in the future. I found many plans offer "unlimited domains" to be hosted. Does it mean I can just build new web sites using the same hosting account without paying extra? Would there be any limitation or disadvantage for this, compared to using a new hosting account to build the new website?
My friend want to design his family site as i have good knowledge designing web.But I don't know about hosting,its rent ,how to host,on which server hosting will be good if you have basic suggestion kindly reply.
I have a pretty powerful Dell machine that I would like to turn into a server that would be available on the Internet. The reason I want to do this is because I need to run 2 programs (1 is a trading platform and the other was custom made for me) and I think a hosting company will say no if I ask them to run programs on their server.
In general, I know very little about servers and I need your help! How can I turn this machine (running my 2 programs) into a server available on the Internet? Someone told me I need to install IIS but I am sure it's more than that
I need to know how to move a directory from one location on the server to another, but it needs to over write an older copy of of the directory in the new location.
* Go to "Web Server Settings" add text to "Additional directives for HTTP" and press button "Ok". * Go to "Document root" folder of your domain and now you have a new folder "/cgi-bin/test" with file "test.cgi":
Code: #!/usr/bin/perl print <<HTML; Content-type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
i have one Question regarding MX-Records, i cant solve myself. Why is an MX-Record not allowed to contain an Ip or a CNAME-Record? As far as i know, the Record has always to point to an A-record which includes the Ip. Anyone here, who can explain why thats the case? Is there any RFC Dokument where this is explained?
I've just got my webhosting setup at LeaseWeb. But the problem is, for a newbie like me, I get confused by all these directories; where do I upload my files (index.html for example)
i would like to change the access control for datebase users via CL: command: /usr/local/psa/bin/database --update-dbuser web1_presta -server localhost:3306 reply: The database user was successfully updated. examination: mysql> select host, user from mysql.user;
Only when using the GUI: home -> Subscriptions -> Website & Domains -> Databases -> Users -> web1_wp -> Access control -> from Allow remote connections from any host -> to Allow local connections only
is also the user adjusted: mysql> select host, user from mysql.user; +-----------+------------------+ | host | user | +-----------+------------------+ | localhost | web1_oxid | | localhost | web1_presta | | localhost | web1_shopware | | localhost | web1_wp | +-----------+------------------+
I'm running Apache 2.4.4 on Windows Server 2008 R2. It's already happened many times that Apache stopped responding to requests. The last entry in the error.log:
[Wed Mar 27 06:22:07.043600 2013] [mpm_winnt:notice] [pid 1736:tid 256] AH00354: Child: Starting 64 worker threads. [Wed Mar 27 06:52:34.521200 2013] [mpm_winnt:error] [pid 1736:tid 1656] AH00326: Server ran out of threads to serve requests. Consider raising the ThreadsPerChild setting
