Can anyone recommend hosting provider (dedicated or VPS) that has a strong and clear policy with respect to data on the the server?
We currently have accounts with Liquidweb and ThePlanet. Their policies are fine as far as they go, but they seem focused on things credit card info used to purchase service, and tracking of activity on their web sites.
That's all very nice, but I am worried about data stored on our servers, etc. I need to be sure that they won't turn over information to 3rd parties without our consent or being compelled by a subpoena, warrant or court order, and I want to be sure that any data center they rent space in won't do the same.
We are developing a new web site that will be collecting private information (no credit cards - only names, phones, email addresses and potentialy addresses etc).
Our company will be based in the EU and the target audience will largely be located in the EU.
We were thinking of using some of the very respected US companies like theplanet or softlayer that have very good prices for a quality service instead of the more expensive and less flexible EU based solutions.
But I was wondering whether this would violate the EU privaxy regulations (not sure if softlayer or theplanet are part of the US Safe Harbor) or whether there would be a way to cover ourselves (e.g. special contractual binds with the provider (which i am hoping would be part of their standard SLA/T&C) or by mentioning in the Terms & conditions of our site that data will be stored in the US.
I will purchase web hosting and domain name services. What am I to do for protecting private details ? Are there any special points to pay attention to?
I own a domain, and made sure it was private. Should I count on my contact information remaining private? How easy would it be for someone to get at it (can an angry person call my registrar and get the info?)
How do I keep users from spying on each others files? If I chmod -x /home/ all kinds of crap breaks. Would setting 660 along with setfacl u:apache:rwx work?
I suspect that the internet service provider I'm using is compromising my privacy. If someone who works in the ISP company decides to check up on their customers...
1) Is it possible for them to track which websites the customer has been to?
2) If they wanted to, can they gain access to the things that the customer types, like email passwords, or even email content?
--------------
Reason why I posted this is below:
I live in a country where personal privacy isn't all that respected. Recently, I've encountered a problem. It seems that some people are aware of some info that I post in the web. Now, I posted those info under an anonymous ID, and didn't tell anyone about it at all, and no one else uses my computer. So, how did it get leaked? It's most likely not malware (keyloggers, trojans etc.) because I'm very careful in that aspect.
A friend and I ordered a dedicated AlphaRed server, drawn in by the excellent pricing.
We were problem-free for a few days, until I noticed my irssi (IRC chat client) screen detach. I assumed I accidentally pressed something, and continued chatting. Then it happened again, and a few more times. I looked at the last people to login to my shell, and it showed that an AlphaRed employee had logged into both 'root' and my personal shell. The employee was reading my chat logs in real-time.
The AlphaRed employ did not only read my chats, but participated as well. You may find logs that here: pastebin.ca/raw/1057127
Some excerpts:
05:05:40 <@infid3l[eMo]> hm.. 05:05:48 <@infid3l[eMo]> =D i love finding hacked shells 05:05:52 <@infid3l[eMo]> especially when they're on my network 05:06:01 <@infid3l[eMo]> and then snatching control of them =D =D 05:06:44 <@lifelike> = d 05:06:53 <@infid3l[eMo]> so whats up ppl 05:06:58 <@infid3l[eMo]> sorry to break into your conversation =D
and:
05:08:00 <@infid3l[eMo]> lol=D 05:08:30 <@infid3l[eMo]> I guess infid3l wants the screen back 05:08:35 <@infid3l[eMo]> eh, i'll give it back. 05:08:41 <@lifelike> lol who u 05:08:42 <@infid3l[eMo]> I'm watching you =D 05:08:55 <@infid3l[eMo]> I'm Alpha Red's network admin 05:08:59 <@lifelike> looool 05:09:01 <@infid3l[eMo]> I run the network this box is on
I then realized that this AlphaRed employee thought that I had somehow hacked the machine and gained root access. This box was unmanaged, yet the employee did not consult the owner to verify that I was a legitimate user. When the employee discovered I had not hacked the box, he claimed that IRC daemons were against the AUP. Below is the only mention of IRC in the AUP:
``11. Clients running IRC daemon are required to take immediate action on notification of any botnet or suspected
DMCA activity on the server. Such action shall include immediately closing any channels related to such activity.
Clients refusing to take such action or provide access to Alpha Red to take such action will have all access to the IRC daemon ports blocked and may be terminated without further notice.'
When I made the employee aware of this, he claimed there were complaints made about the IRC server. When I asked what the nature of the complaints were, he said he was not at liberty to discuss it. I personally doubt there were any complaints, as the IRCd was completely legitimate and exclusive.
I talked to the employee via ``wall'' messages via the root shell for a while. When I mentioned how unprofessional his way of dealing with the situation was, he told me he had control over the network and he didn't have to be professional.
While talking on the phone the employee told me I should have notified AlphaRed about running an IRCd. Nowhere in the AUP did it say anything about notifying AlphaRed. The employee acted like it was common sense -- which to me, it wasnt.
With no evidence of illegitimate activity, AlphaRed still refuses to allow an IRCd to run on our box. Even though it was their mistake, we are the ones paying for it.
AlphaRed offered no apology, and only left us inconvenienced.
I found EuroVPS before I found this forum but when I went to their website I couldn't find anything on their Terms of Service. Do they allow adult content and what are their privacy terms?
Anyone know a good registrar who accepts Paypal payments with a .com domain price of around $10 or less and privacy option for about $2 or less? I also need to be able to set nameservers in a control panel.
Registerfly and GoDaddy didnt work... both ask credit cards and I only have Paypal.
I'm trying to see what the most cost effective way of doing this is.
I basically want to separate our business IP and our mail IP's.
So if I'm browsing the internet I have the regular IP that Comcast sets us up with.
If I am doing any emails, basically having one computer that runs off a different IP address. So when we send emails from that computer it would have the different IP address.
I want to do it in the most safe and legal way possible.
SameerHosting has been the biggest mistake I have ever made as far as purchasing a service online is concerned. This fake company and more importantly their Owner/Employee/[Insert Job Title Here] Jordan has been the most nasty, hard to work with, and distasteful person I have ever dealt with in my life. I recommend anyone to stay as far away from this company and child as possible. Below are parts of an initial post of mine at DP Forums. There are so many posts, threads, reviews and this kid and his fake company out there that you shouldn't have any trouble finding out everything that has occurred in the past 1-2 months. Thanks for your time:
I had purchased a dedicated server with this guy not realizing he was a 14 year old kid with a bad temper and poor spelling. I paid for the server and he managed to get into an argument with my tech about something (its in that thread). He then got mad at me and took out his anger on me even though I had no idea anything had happened until after the fact. He involved me in something I had no part in.
I have discussed this guy so many times that I am tired of talking about it but will give you a summary of what recently happened. Jordan pmed me through this forum through one of his other (now banned) accounts. This kid knows he will be banned from most forums and makes a handful of accounts to fall back on. He offered to give me a refund if I tell my tech to stop posting about him. Of course I did what he had asked me to do.
I have been honest and given him far to many chances to make right. Well, he ended up telling me I am no longer getting a refund from him because my tech keeps messing with his servers (which I doubt is actually happening). I am being punished again for something that does not have anything to do with my actions. He has now block me from yahoo messenger,msn messenger, his live chat.
Since I posted this on DP I have been in contact with his legal guardians and they have been no help. Jordan has messaged my Personal Billing details to many of his customers and others along with edited defamatory pictures of someone that is supposed to be myself. That is totally illegal and childish. He did this because I spoke against his scam company and illegal wrongdoings.
If anyone has had bad dealings with this company please post everything that has happened in this thread and also PM me and I can give you the e-mail of the people who take care of him and you can tell them what he has done. He needs to be stopped.
Again, it is very important to post in this thread with information about what he has done to you, the more info the better as these people will possibly listen to me and others.
I have 100+ sites on this hard drive, and one site in particular that meant the world to me.
My host sent the drive to Gillware first, but they failed saying that the file system was so severely damaged that they could not recover anything.
Then shortly after, my host sent it to DriveSavers, a very well-known company, but they also FAILED.
I'm extremely depressed because of this. Please don't post if you're going to say "make sure you do backups next time" because I've heard it 504329504395 times now, and while I do realize my mistake, saying that does NOT help me.
I am willing to spend ALOT to get my sites back. I still have hope. Are there any other companies out there BETTER than DriveSavers? Assuming that you'd still have hope even after two companies failed, where you would you go or what would you do?
How can I find the data transfer rate on the server. I have done ifconfig -a , it display the amout of data has been received and transfered. I want to see the live data transfer date. Can I able to check it?
My host just recently sent the hard drive with my sites to a data recovery company called Gillware. Website is [url]- but they failed and gave the following reason:
Quote:
Originally Posted by Gillware
Unfortunately, your file system was so severely damaged that no data can be recovered. We will make arrangements to return your drive via UPS. Sorry we could not help you further.
Gillware Inc.
Do you guys think there's still hope?
The hard drive is now being shipped to a more well known company, Drive Savers - [url]and I'm guessing that this is the last hope, because the more the drive gets tampered with, the more chance of permanent data loss.
So yeah.. I was just wondering what you think? If the file system is so severely damaged, do you think it STILL can be recovered?
I need more space so i requested another hdd but they said that the server can only have 2 hdd's.They told me that i can upgrade to a 250gb hdd.(1x160gb,1x250gb).
BUT HOW will the data from the one hdd will be transfered to the other 250gb hdd?
What is the best way to handle prevent data loss in the event a hard drive goes bad in a server. We have never had one go yet but I can only imagine what a server load of domains suddenly losing their databases or sites. (giving that they didn't back their stuff up).
I know one was is a RAID setup. I just wanted to hear more.
What about if you need to move everyone from one server to another due to major upgrades? Like adding more hdd space.
I have a dedicated linux server that is using plesk, I need to make a complete copy of all the files (4GB) to my local pc, if I use FTP it will take days to download, if I use the plesk backup tool it will backup to a file that my pc cant read/open. Is there an easy way (I have no experience in systems admin) that I could compress all the files on the server to a .tar,.rar or .zip file and then just download that one complete file to my pc?
who you have used in the past to recover damanged hard drives that have been dropped. I got a client that damanged his HD, and it needs to be sent out to someone who is reliable is not gonna cheat and steal the data.
I'm trying to move data from my old server to new server, using WHM, now thing is while moving it just uses all IP on the system and when there are 0 IP's free, it says copying failed, How to make all accounts goon just 1 IP?
