what happened not sure really, but asked volumedrive to reboot the machine like an hour ago and it has still not come online, anyone know or has experience with VD and how long it usually takes them to reboot machine? Or is there any outages anyone is aware that VD is facing right now ?
Damn i got some upset users already ready to shoot the bunny, baah this proxy hosting is kinda harder than one would imagine
We had many backups stored on our Plesk 12 server about 51 GB in total.
After reducing the backups back to 10 GB by removing old backups through the Backup Manager.
The issue is that Health Monitor still reported that there was low diskspace displayed by color yellow. And it look Health Monitor over 16 minutes to change the alarm level from Yellow to Green
However the statistics at the specific subscription still present the Backup usage of 51 GB's whilest they are no longer there.
What can i do about this in order to speed up the synchronization?
the title says it all per month. just curious since this is something in europe that gets a price bump when it comes to power and space. yes i got two colo servers in different locations but never have i asked.
My company ordered server on 23/10/2009 from LimeStone, and they asked for verification hence i given them all the ID that they need. After that, they told me they couldn't accept AMEX and have to pay through PayPal, i have paid since and NOW again they asked for ID again.
Why i have to verify for second time since i have posted all my ID and utility bill for first time? I don't think i need to give so much verification since PayPal has already verified my account as i owned PayPal Verified Business Account, this kind of "repeating" or double verification never happen when i order from ThePlanet/EV1 where i am looking to migrate to Limestone Networks.
This is very unpleasant experience and I don't want to wait for more than a week to get a server.
my previous experience has been shared, all operations are done by panels and ftp.
as some budget unmanaged vps is in my budget range (sub $10), i would really like to give it a go. but as i have no experience at all, i m not sure if i can manage it well. so i m here to ask, what do i need to know, what is the skill set to be an unmanage linux vps admin.
i am not a linux expert, but i've been using suse at work for java development, and trying out ubuntu at home. i know some basic skills like getting packages and install them. use pico to edit configurations files.
what i don't know is: what packages to get, and what config files to edit and how.
but as long as there's some tutorial for me to follow, i think i should be able to do it.
I've seen many posts in the past few months about people under attack who were not able to handle things themselves, and who made statements along the lines of DDoS mitigation services that one has to pay for are too expensive.
First, I will state that my company does offer those services, and they are not cheap. We offer DDoS mitigation services for hosting/colocation/internet providers who can then resell it to their customers. I state this so that you know that I do have a bias here, though everything I state below is fact.
1. There are free open source tools that can help. Apache modules, IPTables scripts that extract info from netstat or syslog, and I know one guy who is puting together a kernel module. Most of these can stop small scale attacks, and are quite interesting to set up - if you like the technical end of things.
2. Most botnets have more than enough zombies to overpower #1 above.
3. If you have a 100 MBPS pipe to the internet, it doesn't take 100 MBPS of traffic to saturate the pipe and take it down. Enough small packets can overload a router's ability to process, and 10-20 MBPS of traffic can take out the router.
4. There may be a few ways to deal with this, though the best in my experience has been to place an intrusion prevention system (IPS) in front of the router. I have a number of friends in the industry who work at companies where malware is analyzed, and where they work with law enforcement to try and identify the attacking parties. This can be a lengthy process and will not often get a site / router back up quickly, though can be very nice in the long term.
5. Not all IPS are equal. I'm not going to name brands, but I've seen one $50,000 box that had gigabit links die after about 80 MBPS of DDoS traffic. If you're looking into IPS, make sure you compare what they actually do, and talk to people who have implemented them.
6. The majority of the IPS that we manage for our customers and that we implement when we have a new customer under attack are from TopLayer. There are three reasons for this; Their IPS actually works the way you would expect it to (the gigabit model can handle a gigabit of DDoS traffic); If there is something that the IPS can't block, we call their dev team who will work with us to figure out a way to block it; And they give us the best deals.
7. Implementing an IPS is not cheap. The suggested retail price for a gigabit level IPS is about $80,000 USD. Consider that a hosting/colo/service provider who has a two gigabit pipe will need two of these.
8. Managing an IPS takes a special skill set. The people with this skill set are usually expensive to hire as employees, and while I've known a few service providers where the chief technical guy (often a partner in the company) has been the one to manage the IPS, this guy has a lot of other important things to do, and doesn't usually want to be woken up at 2am every few days when there's a significant alert from the IPS.
9. Contracting out IPS management and monitoring can run anywhere between $1,000 and $2,000 per month depending on service options, response times, and contract length. This will usually include remote monitoring of the IPS from a security operations center (SOC), and a lot of escalation options on how to deal with attacks.
10. If an attack is using mechanisms that can get past IPS protections (I will not list them here to give people ideas on how to get around IPS protections, though if anyone is in the field and would like to talk about this I'd be more than happy to do so), then there will need to be escalation options at additional fees from other companies who specialize in that particular area. If subscribing to managed services such as #9 above, then these options should be listed with pricing knowledge available to the customer beforehand. In fact, the company offering the managed IPS service should manage the interface between their customer and the escalation company (we certainly do, and that's one of the things that our customers have been very happy about).
11. Considering #7 through #10 above; the cost of buying/leasing an IPS, managing the IPS and/or paying service fees, and escalating technical work in the event that there is something outside the scope of what can be mitigated using the standard tools, it is more than reasonable for a service provider to charge a significant amount of money to their customers for protection readiness, attack mitigation, and emergency setup fees in the event that there is a situation where a customer is being attacked, needs the service immediately, and has not been paying for protection.
12. A service provider will turn off (null route) their customer when the impact of an attack affects the rest of their customer base. If an attack takes out a full 2 GBPS pipe that they have for all their customers, and null routing one customer is the way to keep the other 1,000 customers up, then that one customer will be null routed. It is a sound business decision. In cases like this, there are options for how to deal with that customer, and that customer will have to decide if they are willing / able to pay for said options.
Each one takes up like 4% of the available ram - and when the ram is gone, the server dies (it doesn't have a swap file - half the time you can't even log in to it), and you have to reboot Apache.
I thought of limiting maxchilds, but would that break something else?
Should I just make a swap file? Will that defeat the point of creating child processes?
I changed my sites IP address via cpanel, but now it doesn't show up in a web broswer, I check out cpanel's website for information about this issue, and they posted this:
"It may take up to 48 hours for DNS servers to register the change and the site may not be associated with the new IP address during that time period."
is that true? change the sites IP address will take 48 hours to show up? I figured since it was all local IP stuff, it'll be a instant change and working instantly. since the name servers are all the same, ect.
anyone shed some light. I just wanted to know if I should give it a day to start working? or as of right now, I feel like I need to fix a cpanel error... but if its true, then everything is ok
I am running CentOS 5.10 (Final) with Plesk 11.5.30 Update #44 and since a few days have the strangest problem with incoming emails from certain hosts.
The email from known senders produces a relaylock message like:
/var/qmail/bin/relaylock [12345]: mail from 80.80.80.80:59595 (mail.hostname.com)
From what I was able to gather this is regular behaviour with plesk and qmail, indicating that the senders' mailserver has made contact.
Then nothing happens. For hours. 7-10 to be exact. Then the mail is being processed and delivered.
This morning apache stopped to serve pages. I have tried to restart it with no success: ------- init.d/httpd restart ---------- init.d/httpd stop killall httpd init.d/httpd start ------ killall httpd init.d/httpd restart ---------
such like several times every time failed with the address already in use message
Was 4 oclock in the morning su I stopped investigating and restarted the machine
Is there a way to really shut down such a completely non-responsive process withou restarting the machine?
just a notice - there were not a heavy server load at the time
------------------
Server Version: Apache/2.2.6 (Mandriva Linux/PREFORK-8.2mdv2008.0) mod_ssl/2.2.6 OpenSSL/0.9.8e PHP/5.2.4 with Suhosin-Patch Server Built: Sep 12 2008 14:54:18
Code: ssh -fNg -L 8888:127.0.0.1:3306 user@123.456.789.0 How can sort of "undo" that? I ask because I need to re-tunnel in to a different IP address but right now the only way I can figure to do it is to restart my computer (which is lame).
One of my sites, hosts mp3s for music I've written for video games etc.
I uploaded a track in December, and this month my bandwith has rocketed from 18g to 25g.
When I look at the awstats I see this...
a.a.a.a11811181146.82 MB26 Jan 2007 - 17:47 a.a.a.a+11161116198.40 MB26 Jan 2007 - 17:49 b.b.b.b1151115119.61 KB26 Jan 2007 - 08:00 c.c.c.c62062023.71 MB26 Jan 2007 - 15:18 d.d.d.d543543025 Jan 2007 - 20:52 e.e.e.e537537025 Jan 2007 - 20:18 f.f.f.f 3103104.18 MB26 Jan 2007 - 17:00
Now I'm not sure about the MB values, they don't look true at all, but why suddenly would the two top places have the same IP address bar a value of 1
If I scroll down to file usage, I see
/blah/blah/blah.mp3 7533305.76 KB52685276 - so it's been viewed 7533 times
and the next most popular page or file is, / 10099.69 KB830412
Then looking at the search engine stats the most popular search engine phrase is this [url][summer dance]45041.2 %
450 times? and yes, - np2sp6qjpj2jkzevo5mcl2fjmw$$.mp3 [summer dance] - this is the filename coming up even though it doesn't exist on the server
It's twice as popular as "game sounds" which is the site, and is on google... something fishy going on here.
The most popular site to come from is [url] times in fact, and that's a japanese/chinese/eastern site which I don't understand.
The IP address appears to be chinese too.
Can anyone explain to me what might be going on here please? It appears that someone is continuously downloading this specific file, just to use up my bandwidth?
Just got alerted that my server is being used to send spam. Here is the information the datacenter gave me:
[information .....]
NOTE: I changed the real domain name and IP only.
Is there an expert who can help me decipher this? How do I find the culprit? My provider is threatening to shut me down and sink all my clients with the ship!
I am running the latest WHM and cpanel server, fyi.
Host will only update DNS in batches, takes several hours for a DNS change, is that normal? Well today my mail stopped working and it turns out the A record for mail was deleted. How it got deleted I don't know.
I called my host and after speaking to 2 techs, they said that have added my request to a batch, and that would update in a few hours.
I said to him, batch? What can't you do it instantly?
He said thats not the way their DNS works and any DNS change would affect thousands of other sites they are hosting.
Does anyone know what kind of dns system these people could possibly have where they can not reload a single zone?
And by affected, I think he means the sites will go down for a minute or so, while it relaods every zone. Is this really the case, or are these people just idiots?
Our website is based around a customer based chat system. Customers are only on the system during a particular day and time range. So for parts of the week the server gets almost no traffic. When then time for a chat comes up we get hundreds of people on the site all doing page requests every few seconds.
So as you might imagine we are bringing the server to it's knees with heavy CPU and memory loads. Plus bandwidth usage is really high. We are currently on the biggest box that Rackspace has to offer. The site runs ok on it during these times. It's a little slow but not unbearable.
But we have not hit our max customer base. In fact if all goes well we will double our customer base next month. So I know when we do we will bring that box down totally.
I was thinking about possibly trying a cloud/cluster based approach but after some research on this site I have found that is probably not the best option.
So I am looking for advice on what to do? Is there a better host? Different technology?
Servers are not my thing really so I could really use some help.
No we can't change the way customers access the site or when they access. There is nothing that can be done in that regard so don't suggest it.
I have seen posts that some hosts suspend a user after they so many seconds of high server resource usage... I was wondering how this is done so that I can do this on my dedicated server.
user1 is running some things on the server. I need user2 to be able to kill these processes (just kill, not start up again on the other user or any other extra priveledges). How can I do this?
I have a question related DDOS attack. My hosting provider told me that my Server was DDos attacked few days ago. But in those days my server worked fine only apache server was down. The strange fact is that in the same day with this "DDOS attack" one of theyr admins worked something on SSL section of my server and during this operation the SSL hosts were down and httpd worked slow.
Inthe passed 3 months httpd worked very slow and after 2-3 restarts of httpd service the load droped down below 3.00 . I believe theyr httpd service was already with problems and that SSL configuration cause that apache failure in that day with "ddos attack"
I repeat in that day ONLY ssl hosts worked fine and non SSL hosts were down.
It's possibile on DDOS attack that load to be unde 0.5 , SSL hosts to work fine, FTP, Mail and other stuf to work like there is nobody on server (VERY FAST)?