I have mod_security setup in WHM and am seeing a lot of these entries for various IP's.
Access denied with code 406 (phase 1). Match of "rx ^((?:(?:POS|GE)T|OPTIONS|HEAD))$" against "REQUEST_METHOD" required. [id "960032"] [msg "Method is not allowed by policy"] [severity "CRITICAL"]
I have problem on my server that is when I try to download backup or when I try to upload vb froums producet I recive this message:
Method Not Allowed
The requested method GET is not allowed for the URL /backup-11.4.2008_18-10-25_ashaq.tar.gz.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
so what should I do to solve this problem?
I have started this thread in March 2009, now I want to come with new questions and couldn't find the old thread, maybe it was lost when WHT was hacked
[url]
The problem is that I can't turn Off mod_Security for a certain domain (just the /admin folder)
first I have tried this:
SecFilterEngine Off
SecFilterScanPOST Off
and got the error :
Invalid command 'SecFilterEngine', perhaps misspelled or defined by a module not included in the server configuration
than tried this:
SecRuleEngine ctl:ruleEngine=Off
and
SecRuleEngine Off
one, at a time and got the same error for bouth:
SecRuleEngine not allowed here
Which method do you prefer for centralizing your logs: file monitoring or Pipe to Logger?
View 4 Replies View RelatedI just discovered this completely by accident on my new vps
visits (via apache) from 10.16.x.x and 10.28.x.x
These aren't backups but actual website visits.
What on earth is going on? Is my host browsing my website though their network?
Their behavior seems harmless but I just want to make sure this is not a security issue with a neighbor somehow doing something.
I've just taken a look at the raw apache logs on my cpanel machine here:-
/usr/local/cpanel/logs/access_log
And there are many hundreds of these:-
127.0.0.1 - - [06/03/2008:21:55:22 -0000] "GET / HTTP/1." 401 0 "" ""
127.0.0.1 - - [06/03/2008:21:55:22 -0000] "GET / HTTP/1." 401 0 "" ""
127.0.0.1 - - [06/03/2008:22:03:42 -0000] "GET / HTTP/1." 401 0 "" ""
127.0.0.1 - - [06/03/2008:22:03:42 -0000] "GET / HTTP/1." 401 0 "" ""
127.0.0.1 - - [06/03/2008:22:12:02 -0000] "GET / HTTP/1." 401 0 "" ""
127.0.0.1 - - [06/03/2008:22:12:02 -0000] "GET / HTTP/1." 401 0 "" ""
127.0.0.1 - - [06/03/2008:22:20:22 -0000] "GET / HTTP/1." 401 0 "" ""
127.0.0.1 - - [06/03/2008:22:20:22 -0000] "GET / HTTP/1." 401 0 "" ""
what is happening to my server to generate these log entries?
is it possiable to delete these files in the server access_logs and errors_logs
View 1 Replies View Relatedin a domain environment, how do I enable users to be able to access the Desktop properties and allow them to change their wallpapers. I know it should be a simple one but I'm still looking through policies but can't find what can be. By default/ after some group policy changes, all users are denied from accesing this properties window.
View 4 Replies View Relatedabout policy of softlayer reseller
I am reseller with softlyaer. (not direct client).
in above url, have this item
"Preferential cancellation policy—cancel any time up to billing day"
my billing date is the 14 each month.
04/14 this days, I submitted 2 cancel request,but Softlayer "can't accept"
haha.
I lossed > 300USD because I am the reseller.
have any body same as me?
I dont bash hosts often, because i realize some problems will come up that are out of the host's hands. Network downtime, hardware failure, etc.
Most ive been with, have been very understanding, and willing and ready to remedy the situation by compromise on both the customer, and hosts sides.
I decided to switch my forum to a VPS and decided to go with ZONE.net. They seemed reasonably priced, and ive seen some good reviews here on WHT.
So, this past Saturday evening, I signed up and get the first few payment confirmation emails.
Monday morning, I get an email from my current shared host, that I would not qualify for a refund for that month since it was past the 30 day money back guarantee. I had been with them for 3 months. I had 2 weeks to go so I said ok, it seemed fair.
I email zone.net on Monday to cancel the VPS since it hadn't even been provisioned yet.
Tuesday morning, I wake up to account info from zone.net
I shoot back in email asking why it hadn't been canceled since i would be staying with my host a little longer. I asked them to cancel, and issue a refund.
They quickly point me to their TOS and state they dont issue refunds for any reason. I would be inclined to agree, but certainly these are special circumstances. I asked to cancel my VPS BEFORE it was even created.
I shoot back an email saying that I would be willing to settle a refund, minus the costs of the control panel license, which is the only thing they are out anyway. I have not even logged in to the account. This was all Tuesday morning. I have not heard back from them yet. They are probably ignoring me.
I will not email them anymore, I will not even ask for the refund back anymore.
So, be warned. If you decide to get a VPS with zone.net, MAKE SURE THERE ARE NO HICCUPS, and BE SURE YOU WILL NOT CHANGE YOUR MIND AFTER HITTING THE SUBMIT BUTTON. Oh and expect 48hrs+ of setup time on something other hosts do in 3hrs or less.
If they need to hold on to a customer's money like this, they obviously need it more than me to keep their so called business afloat.
Virpus don't respect own policy..
14 days moneyback is not true. virpus don't refund at all.
servers are overloaded. very slowly and if you ask for moneyback he. just don't answer you
i have buy signature vps with them and on 10 days.
servers have 1 downtime every day. and sometime (2 days) you cannot log into servers or view page because is overloaded.
when your servers back online. its take aproximatly 30 seconde before " website or panel " load.
just think before purshase. virpus network scam her client and don't respect own moneyback policy.
now i wait paypal issue.
I'm trying to establish a policy for hosting requirements.
I keep running into this recurring problem where a company hosts their own site or they want to host with a business associate or friend that has some kind of side business.
This often results in:
• Drastic responsiveness issues
• Half @ss server setup
• No back up mechanisms
• Non-standard setups
I'm thinking of bumping the price on all my quotes by 20% and offering a 20% discount if recommended hosts are used. Another alternative which I would prefer is just to refuse to work on any other, but I don't think I could get away with that.
I try to rent a vps from cheapvps.co.uk today and get this message:
In order to keep security and high quality of our service, all new orders needs to pass our fraud checking screen. In order to pass it, we ask you to email us scanned version of your Photo ID, Passport, Driver's license or your credit card.
Once we receive necessary document(s) we will happily proceed with processing your order.
I wonder any provider still offering Price Match policy?
I saw some before but not anymore.
I don't know anything about CPU. According to BlueHost, they offer 40 seconds of CPU processing within a 60 second period. Our sites are mainly forums and blogs. For the next year, at most, we'll have 200 unique users a day, we're guessing. Do you think running something like WordPress or forum software would be too much with BlueHost's restrictions? We will focus on 10 sites during this time, so it'll be about 2,000 unique visitors a day across our entire account.
View 3 Replies View RelatedI recently got a Windows VPS from 1and1 internet. I tried to run Windows update and Baseline Analyzer (SOP for me)..but neither would work. I learned that it seems to be Sw-Soft that have taken it upon themselves to test and push Windows updates to the hosts. Is this just for the big boys like 1and1? Or is this something Sw-soft does for all hosts?
Just wondering..say what you want about 1and1..I must say my experiences have improved over the last few weeks..and it does seem like they are really trying harder.
I've been trying to set an active desktop of a group of users that log into XP machines to an html webpage. So far I haven't had any luck getting the webpage to appear.
What exactly needs to be done in order for this to work correctly? The primary domain controller is running on windows 200 server.
Seems like my IP is blocked by comcast and clear channel. Comcast sucks and do not respond. They have the worst customer service ever. Clear channel is just another monster corporation as well with no concern.
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
someone@clearchannel.com
SMTP error from remote mail server after initial connection:
host external.clearchannel.com [207.230.136.65]:
554-smtp11.lob-hosting.com
554 Connection denied server.host.com
(xxx.xxx.xxx.xxx). This connection falls under the SBRS policy.
[url]
dnsstuff.com shows for spam database, only one listed (attached). I went there and the search says:
IP address xxx.xxx.xxx.xxx is listed here as fecheadorar.com misc.
I have no idea WHO fecheadorar.com is, but it is not/nor ever was hoste on my box.
How would I resolve this? There is absolutely no contact info on their site.
[url]
What is best method to secure the tmp?
1. /tmp mounted as noexec,nosuid?
2. creating /usr/tmp directory?
I was wondering what is the best backup method for 2 servers with over 3TB of data? Need the best backup solutions so if something happens sites are easy to get back online.
View 14 Replies View RelatedWith a Linux/cPanel VPS, what is the best backup method?
Cpanel FTP overnight of every account to a remote backup service?
Is their a more efficient and less bandwidth consuming method for VPS's?
I spent 6 months trying to get DotNetNuke up and running. Servergrid web hosting puts way too many sites on the same server. My site would sometimes take over 5 minutes to load. Often it would not load at all. I cancelled my subscription with them and two months later I have still not received my refund.
View 14 Replies View Relatedwhich is the best reliable method for backups?
i own dedicated server along with cpanel and i want to make weekly backups of about 20 domains in the server.
I have NAS but all files got corrupted (with theplanet) and so i cant rely on it. Please suggest me a inexpensive solution.
I run special software that is similar to a gaming server. It operates mostly in SWAP memory because 99% of the time its idling. Each instance uses about 5MB of physical memory and 50MB of SWAP memory. So I am using about 2000MB (2GB) of SWAP memory and 250MB of Physical memory. To my understanding, most Virtuozzo VPSes count SWAP memory as apart of the burstable memory , so finding 2GB of burstable is not likey or cheap.
Virtuozzo with the SLM method of handling RAM seems to be my only option because it allows for no set limit of burstable RAM. I am wondering if there is any other method or technology that could allow me to actually use high amounts of SWAP memory, as it should run from the hard-drive, not taking up the faster physical memory.
I am currently consider XEN servers, but I was unsure if they could handle the SWAP I need, I emailed Ray at BigVPS.com and he stated his XEN servers can handle my requirements, but would need an extra $5 for the extraneous SWAP usage. Is it true XEN can handle what I need?
Anyone have any tips as to the best way of transferring a website from one server to our server?
I have a successful way right now, but it's extremely tedious and time consuming.
I just got hit with a whopping bill by my provider, and noticed they charged almost twice the bandwidth I was showing in my Cacti graphs.
I looked at the graphs they provided, and it seems that rather than averaging in/out bandwidth on the swich port, as the default Cacti installation does, they were treating in and out as separate switchports and totalling the bandwidth (at least I think that's what's going on).
Just wondering if this is a standard practice among providers. Attached are my and my provider's graphs.
I've been with these guys for years and never had this problem, until I had a big spike in incoming bandwidth which apparently skewed the usage. Prior to this, overrage charges have always matched bw shown in my Cacti graphs.
We brought a RootServer with Hetzner after being recommended them. We did research on the service and they seemed to get positive review and the fact we are ordering from New Zealand we do not have to pay VAT.
We ordered our EQ 4 Server on 16/09/2009 and it was provisioned on the same day.
We were billed on the 2nd week of October which was fine. In the 3rd week of October the server exceeded 2TB and therefore it was reduced to 10Mbit/s which is fine.
It's now November and we expected the server to return to 100Mbit/s as per the definition on their website stating the following:
Quote:
Traffic Usage is for free. We will restrict the connection speed to 10 MBit/s if more than 2000 GB/month are exceeded. Optional, a permanent 100 MBit/s-bandwidth will be charged 14,90 € (incl. VAT) per additional TB.
Well of course my monthly bandwidth was reset to 0MB on November 1st and therefore we have not exceeded our usage for the month.
We emailed Hetzner Technicial Support with the following:
Quote:
Our server EQ 4 #XXXXX exceeded 2TB by roughly 650GB last month and was restricted to 10mbit/s as per Hetzner's policy.
It is now November 2nd and our server still remains restricted to 10mbit/s.
Can Hetzner please have a look into why this is the case and resolve the issue?
We received the following reply from Hetzner
Quote:
Your network connection has been throttled. Please contact our product advice.
This will tell you everything about your options.
This was not the response I expected, therefore I emailed their Technical Product Advice team with the following:
Quote:
Our server EQ 4 #XXXXX should not be throttled as it is November now.
Your website states "Traffic Usage is for free. We will restrict the connection speed to 10 MBit/s if more than 2000 GB/month are exceeded."
The Hetzner Robot states our usage is 10GB for the current month. Therefore it should not be throttled as we have not exceeded 2000 GB for the current month.
In turn I received the following response which was very unexpected response by Hetzner
Quote:
if a server is reduced once it stays "for ever" on 10 mbps or you agree paying overusage over 2 TB for the future with 14.90 Euro/TB or you remove traffic intensive application from server.
I have read and screenshot all their terms and conditions and also system policies which does not state any where that I agreed to stay on 10mbps once going over the 2TB/month.
Since Hetzner Online AG operates out of Germany, And since Germany is a member state of the European Union. It is bound by the Consumer Protection Directives of the European Union.
My question is have I interprated what Hetzner are offering/selling incorrectly or they have mislead me?
If they have mislead me then some of following rights and responsibilities apply, these apply everywhere in the EU.
Quote:
If the item you bought does not look or function as it was advertised, or if it is not satisfactory, you have the right to have the item replaced at no extra cost or to get your money back if the replacement was not completed in a reasonable time.
If you buy goods that turn out to be faulty, manufacturers must compensate you for any personal injury or damage caused to property.
When you buy goods or services by post, telephone, fax or through the Internet from a professional trader, you have the same rights in relation to guarantees as if you had bought them in a shop.
If they have mislead me I will be asking for a full refund of my last invoice which included setup costs and have no additional charges added to my account as I will be terminating my service with them asap and start searching for a new provider.
What's BurstNET's policy on the clients of a reseller incase a resller goes out of business?
do they then directly take over or something? how does it work? how do i get support for the server? when i buy from a reseller do i need to approach him for support or directly burstnet?
also if i buy from a reseller can i still get direct support from burstNet irrespective of the reseller being or not being in b business?
I was hesitant to even post this because I've been on the net for so long, that and I know just about every method out there. However, large corporations obviously can't live with loosing data so I figured I'd see what everybody else is doing out and figure out my next battle plan for archiving data.
Here's what happened. I had triple backups of some data. I burned them twice on DVD (yes, two DVD's of each archive) as well as had them on a WD hard drive. ALL are dead or unreadable. I had the discs in a DVD binder and they were never touched for a good 5 years. I put them in a player (multiple players) and only certain parts were read.
Other parts came up with errors. (Yes, I'm aware there are companies that offer recovery for both CD/DVD and Hard drives, but they always charge a fortune and in some cases, aren't worth it). This was Memorex media btw which might of had something to do with it, but at the time I thought it was the best. Next I went to the hard drive. This was stored in a room temp house over a good 5 years and when I plugged it in to a computer's IDE port, nothing. Not sure exactly what's wrong with the drive and I'm sure it could be fixed and recovered, but once again, that's not my question.
My Question: What methods are you using to store your archives over long periods of time? Any recommendations on hardware? I'm thinking of DLT Tape backups and of course doing RAID next but don't want to run into the same problem in 5 years. How can I sleep at night (which is already impossible) knowing that in 5 or 10 years when I'm ready to get into my backups that they will be there?
What are you doing and what do you recommend? Better yet, what the hell is Hollywood doing to keep all their music and movies safe?