I have moderate experience in administrating. I recently got a quarter cabinet, and I have 2 servers in there.
I have registered a company name, as a domain which is currently hosted at GoDaddy (www/mail) (mydomain.com)
But I have installed centos5 on one server, and called it web1.mydomain.com, added the web1 CNAME in GoDaddy's DNS control. Even did an rDNS to it through my provider.
I have installed Webmin on it to help me add virtual servers (who will be my customers)
And web1.mydomain.com has a mail server on it (Postfix).
Might even put DNS on it. These virtual servers will send emails as well (as I'll be hosting them)
But for now, what will be my next steps in getting my mail server (or the main server) accepted in the web world, for example, I've done SPF records, and rDNS. But what else do I need to do so my email is accepted everywhere?
The virtual domains will be sending mail using the postfix, and ofcourse it'll mean they're piggybacking on web1.mydomain.com, so I guess I need to do stuff so email from web1.mydomain.com will be accepted worldwide.
7. Enter the IP you found at "Server Status" and enter it at ws.arin.net to get the proper CIDR which you can easily add to your CSF deny hosts file (which is open in another window)
I just signed up for a shared hosting plan that uses cpanel and got a simple page up and running with no problems. I need to know if there are any steps I need to take as far as security. I have read info about password protecting directories but I'm not sure if that needs to be done on directories that are already there like /etc /mail /accesslogs or just ones that I create like /myimages for example.
I don't have visitors yet and don't think I will for awhile but would still like to take all precautions early and get them out of the way.
When I take delivery of a dedicated server setup with CentOS and cpanel; what is the first I need to do? Is there somewhere any tutorial how help beginners on the right way?
I've been with midphase/autica on a $10 reseller plan for several years, but I think it's time for a change. I have a personal site, and 2 small business websites.
I think I'm just going to sign up for a shared hosting plan, as I really don't need the separate cpanel access for each domain.
These are the migration steps as I understand them. Am I missing anything?
1. Sign up with hostgator
2. Set up main domain and 2 other domains.
3. FTP over all files and folders, including mail folders.
4. Set up email addresses with new host
5. Go to my registrar (namecheap) and change the name server from old to new (that hostgator gave me).
Is that about it? Am I missing any critical steps? Mainly, I just don't want to miss any emails. According to the chat at hostgator, once I switch the name servers, the change should be instantaneous. True?
I resell hosting and for the first time in 10 years, the hosting company's servers have gone down and my clients sites are currently down, including email (ouch!).
Any experience with this or suggestions on how to communicate and rectify the situation with my customers? None of them are doing major ecommerce so I don't think there is a significant loss of sales, but regardless, their site is down. I take pride in providing great service and want to be straight up with them and more than fair.
I was thinking of extending their current hosting and acquiring a backup host in the rare event that this happens again so at least their site will be live, even if email is not.
one of the worst things (in hosting) has happened. I received a notice this morning from lfd (configserver) that someone had logged into my server as root and it wasn’t me.
Unfortunately I didn’t notice it until eight hours later so I have no idea (yet) what happened during that period. Thankfully I don’t have any really critical data on the system that could have been stolen.
I’m in the process of restoring from a full system backup right now. After that’s done I’m going to look to see what the differences are between the files from the backup and that on the comprised drive. I’m not sure if I’ll get anything useful from the diff but hopefully I’ll find a clue as to how they got root access.
Then of course I need to get my server back up. However, I don’t want to do this until I’ve taken some steps to identify how the individual got in and take some additional preventative steps.
Here’s what I am planning on doing:
1) Check to make sure all exposed services are patched and look at some security sites to see if there are any known vulnerabilities for these services. Anyone know which sites are good to look at?
2) Change firewall to only allow ssh access from a couple specific IP addresses.
3) Disable root ssh access so I have to login via a different account and perform sudos, etc.
4)?
I’ll also look for a good server-hardening guide to see if there are some obvious things I forgot to secure.
Do any of you find folks have any other suggestions or resources that I should check out?
1) How many client accounts is it safe to run under a VPS with 256MB RAM, provided that the clients will be using Virtualmin (safe?) and max a forum each (say phpBB) with regular expectations/traffic.
2) Why do people limit the number of MySQL client databases living in a server. Is it reliable service (won't crash) to provide 5 mysql dbs per client in the above VPS specs?
3) How do I limit the quota on a MySQL db? For example 50MB of space per db.
Warning: I do not want to re-open discussion on some previous threads about the legality of inode limitations. If it gets to that, please feel free to close this thread.
Reading through some other posts about inodes made me look at my own VPS setups. I use XenSource 3.1 on a CentOS 5 Dom0, using LVM for VM storage. When I create a new virtual machine (CentOS5 or Ubuntu, etc) I format the root filesystem with ext3. I use all the defaults, including number of inodes. So for a 20 gigabyte filesystem, I get:
Code: Filesystem Size Used Avail Use% Mounted on /dev/sda1 20G 453M 19G 3% /
Filesystem Inodes IUsed IFree IUse% Mounted on /dev/sda1 2621440 13861 2607579 1% / Would there be any advantage to limiting the number of inodes a VPS has? Sure, if you had 200,000 inodes instead of 2.6 million inodes, you would have more available space. But there doesn't seem to be a hard limitation on the disk drives I'm using (WD 250GB SATA using linux software raid 1). I assume I could set any amount of inodes to a filesystem?
I am running Windows Webserver for more than 2 years.
I wanted to ask that, does anyone ever has bad experience with Windows Server ? Like ASP problems, like ASP connections limit FULL, or server Halt or Restart due to huge requests of ASP or ASP connections limit on server. Please let me know if you experienced any such issue.
I am thinking to use ASP pages fully with huge traffic on Windows Server (but i doubt that maybe there could be some ASP limitations when large amount of ASP pages open, it creates some problem). Or do you recommend Linux servers over Windows for High Traffic website ?
I have been in internet business since 1996 and I never have such a bad hosting provider as BurstNet, I am really amazed of the quality of the technical support. Since friday 19:00 till today I have no web services because an error causing high CPU load averages of almost 270%.
The restarted my server twice that day (see it on my logs), I really dont know why, and they dont want to tell me, and since then the server has this problems.
Looking to my logs I found errors provoking high I/O waits, I explain all this and send this and other logs:
----- Nov 8 09:53:16 ***** kernel: [47129.296313] sd 2:0:0:0: SCSI error: return code = 0x08000002 Nov 8 09:53:40 ***** smartd[6316]: Device: /dev/sda, 1 Currently unreadable (pending) sectors Nov 8 10:03:54 ***** kernel: [47129.296316] sda: Current [descriptor]: sense key: Medium Error Nov 8 10:07:27 ***** kernel: [47129.296319] Additional sense: Unrecovered read error - auto reallocate failed Nov 8 10:11:47 ***** kernel: [47129.296326] Descriptor sense data with sense descriptors (in hex): Nov 8 10:15:22 ***** kernel: [47129.296329] 72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00 Nov 8 10:18:09 ***** kernel: [47129.296340] 00 33 1a b2 Nov 8 10:18:21 ***** kernel: [47129.296345] end_request: I/O error, dev sda, sector 3349170 Nov 8 10:18:21 ***** kernel: [47129.296373] ata3: EH complete ---- Right now the load averages are 0 because I stopped Mysql that seems that is causing the high cpu load (because of the hard drive error). After 14 hours waiting for the URGENT TICKET they say: ----------- Brian S.11-09-2008 - 12:04AM I am seeing no unusual load on your server at this time: --------------------------------- login as: root root@66.197.157.149's password: Last login: Sat Nov 8 13:00:44 2008 from 189.143.246.156 [root@**** ~]# uptime 22:54:03 up 1 day, 2:34, 2 users, load average: 0.00, 0.00, 0.00 [root@**** ~]# --------------------------------- Again, I explain it again, now I receive this answer: ---------- Kevin B.11-09-2008 - 11:28AM Hello, This server seems fine. [root@***** ~]# w 10:18:50 up 1 day, 13:59, 2 users, load average: 0.07, 0.02, 0.00 ------------ Why If I explain there is an error, with log files proving it, they don't read my messages! the simply don't read the messages or what is going on? I really don't get,
I explain the problem! Maybe the only way they can put attention is driving the server again to that high load averages right?
if anybody is looking into hosting their own TLD with the new ICANN decision? I'm wondering what the requirements would be? And has anybody seen/heard any mention of what the registration fees are likely to be, I know there will be bidding on names in dispute...maybe this will be the case for every worth-while TLD.
I know there are many threads covering similar topics but their answers often do not contain technical arguments but rather subjective reasons and I'd like to know whether there are also some technical reasons to favor one of these two forums over the other.
Does one handle a higher load particularly well or does one have the cleaner code or is there any other reason to choose one over the other?
I work for Microsoft. Used to be a regular participant on Web Hosting Talk a few years ago (then moved over to Europe at that time). I've been doing some work recently that has led me back to the community here to ask for some input on where administrators of Windows-based hosting services go to find technical information.
How often might you use the following two Web sites?
1) [Hosting Solutions on TechNet]
2) [Windows Hosting Discussions]
I've just re-registered a new account so I have to do the five post thing before I can insert links, otherwise I'd to a direct link to the two above. If you're not familar with them, just do a Web search for those phrases and the sites will be at the top of the list.
Are there other Web sites that you use regularly for technical information on operating Windows hosting services? Or do you mostly just enter a phrase in Google and temporarily use the Web site/s that come up in the search results?
After peeking around at this board for some years, I decided to create an account.
I'm the original author of Rootkit Hunter and decided to create a new tool, named Lynis.
Lynis is an auditing tool for Unix (Linux, BSD and other). It scans the system and available software to detect security issues, bad/insecure configuration options and unsafe file(s) permissions. It tries to assist administrators in using and maintaining best practices, but also in the common things which get forgotten (like expired SSL certificates).
Though Lynis has been available for some months now, and many updates/suggestions have been implemented, it still can use a broader user base. So my issue (we are in the technical issues section after all) is that I like more input and want to know what other people audit on their systems. Or what tools they like the most. Of course I have many ideas myself, but with the many different people here (in skills and specialties), every input is most likely improving the tool and increasing security for others as well.
In case you like to try the software (GPL, free to use), the software can be found at www . rootkit .nl (can't use URL's yet, due 5 post policy)
Since I don't only want to announce my tool (but like to have some input), I placed it in this section, hope it doesn't look like a "commercial" sell.
I want to pass on a warning before anyone goes with iWEB. I just ordered a $269 a month dedicated server so I could run vmware on it for my own virtual machines that I need.
With this server I got 7 IPs.
The primary IP they assigned me is say for example: 70.xx.15.171 with a GW of 70.xx.15.161. The secondary ips they issue me are 70.xx.18.249-254. So these are on a completly different subnets.
After talking on the phone to several differnt people including tech support who tells me this will work jsut fine useing thoes secondary ips on my VMs and to not put a gateway address. I talk to my account manager he says to open a ticket that he will forward to their system admins.
This is the ticket I opened.
I just got a new server set up CL-T113-140CL. It was assigned the primary ip of 70.xx.15.171 with a GW of 70.xx.15.161. My secondary ips are 70.xx.18.249-254. The server we got from you is a VMWare host. We need to use the secondary IPs for the Guest VMs. How ever the primary and secondary IPS are on different subnets and so the VMs useing the IPs 70.xx.18.249-254 can not talk to the gateway. I need to have a gateway server IP to use for my VMs.
Please either give me a valid GW address for the 70.38.19.x subnet or assign new secondary IPs on teh 70.xx.15.x subnet with a SM that can talk to the 70.xx.15.161 GW assigned.
this is the reply I get back from their system adminstrator
The gateway to be used for your secondary IP addresses is the same as the one for your primary. You should not have anything to change, gateway-wise. Just leave the current one as default gateway and everything should work just fine.
If there is anything please do not hesitate to contact us.
Regards,
-- ================================================= Jean-Francois Doucet [iWeb] System Administrator / Administrateur Système Support / Client Hub : [url] [url] =================================================
Are they brain dead at iWEB? DO they understand basic TCP-IP networking at all?
Here is my last reply. I tried to make it real simple for them to understand.
This does not address the issues. Do you even know what a virtual machine is? It is a virtual computer running on the host computer. The host computer has a valid ip address of 70.xx.15.171, sm: 255.255.255.224 gw: 70.xx.15.161. The virtual machines (or guest operating systems) if I assign it the IP address of 70.xx.18.249 SM: 255.255.255.248 with no gateway it is physically impossible for it to reach the gateway of the host pc 70.xx.15.161. You have to understand the Virtual Machine operates as a completely separate computer. It requires its own gateway. with no gateway specified it has no way to get out of its local subnet to get to the 70.xx.15.x subnet. What happens if you put two physical computers on one hub. The computer on port 1 of the hub has the IP info 70.xx.15.171 SM: 255.255.255.224 GW 70.xx.15.161. The second computer is on port 2. It has the ip info of: 70.xx.18.249 SM: 255.255.255.248 GW: NONE. How is the pc on port 2 going to communicate with the pc on port 1? This is the exact situation we are in. There has to be a gateway to route the IP traffic from pc2 to pc1 to get onto the internet.
I'm planning to launch an e-commerce website for photo and gift printing. I went on Google and found a few websites having Top 10 web hosting companies information. I am really confuse which one is the best for my website.
I'm not sure how many users and traffic the website will get and don't want to pay extra $$$s for VPS or dedicated servers
I am working on building another hosting companies which I will be hosting VPSs as well.
I am asking this from a customers opion.
with each plan should it be an = shared amount of the processor or should each person have a dedicated amount? For example say you got duel quadcore processors running 3ghz which would = like 24ghz total correct? Say you have 16 VPS on 1 server each getting roughly 1.5Ghz.
Ive done a few whois searches on some of our competitors websites. In the registrar details it has our competitors name as the Registrar and as the nameservers. How can we do this? so for example if someone did a whois on our clients websites, they would see something like this:
Registrar: OurCompany Ltd [Tag = OurCompany]
Name servers: ns1.OurCompany.co.uk ns2.OurCompany.co.uk
Do we need our own nameservers and dedicated server? We've just bought an account with openSRS so we buy our domains through them (if that makes a difference).
