Rockmyweb Experience

Aug 25, 2007

not a full review here. I have only had the account a few days, but I had to make a few comments about them. There seems to be a lack of feedback, which is a shame. I guess WHT attracts the complaints more so than the compliments!!

Initially I have been looking for a vps in the Michigan/Illinois area. After going through many companies, sending emails back and forth. I came across Rockmyweb.

Right off the bat, something attracted me to their service. Maybe it`s the fact they offer considerable resources on quality hardware, plus an ideal datacentre location for me.

I fired in a few pre-sales inquries which were promptly answered by Devon in a very friendly manner.

Eventually I opted for a Direct Admin machine with them. Something I have never used, however it was cheaper than a cpanel license through them. Considering this is an unmanaged service, they have been extremely helpful.

I spent some time working with Direct Admin, but after using cPanel for a good four years one finds it hard to adjust. After bugging Devon most of the night with various questions, I felt guilty about asking to switch to Cpanel but did so.

I figured as this was unmaged, he might not be too impressed. But no, he was happy to switch me over. He wiped the VPS as requested and installed cPanel for me. I paid the extra for the license costs but there was no charge for all the work involved.

I want to stress, the service is unmanaged however Devon has really gone above and beyond in helping me out. I`m no system admin guru, but he has helped more than perhaps he should!

cPanel has been installed, they have hardened the vps and I have made a few changes myself, updated apached etc.

Hard to say how well it runs. I have no domains hosted, but I can say that cPanel loads up extremely quickly. Quicker than any other cPanel vps I have had. When I recompiled apache it was done very quickly.

The plan I have is:

SM-Value 512MB Base System
350GB Bandwidth & 2 IP Included
30Gb Disk Space
cPanel/WHM

For a steal at $40.99

There is a $7.99 first time setup fee which covers their initial server hardening. Upon request they installed apf and bfd, which is just great considering these are unmanaged.

In a few more days I will likely transfer a few domains to the plan, then I`ll get a better feel for how things are running. Give me a few weeks, perhaps a month and I will come back and update this review.

If the service is as good as I think it will be, I expect to remain with them for the long term. Perhaps with many more vps purchases down the road.

Mods, I have no domain to submit yet. Nothing is on the server.

View 1 Replies


ADVERTISEMENT

Rockmyweb - Still Down

Dec 8, 2008

I have been with Rockmyweb for about 1 year now. I find the value for the package great and the service has been very good too.

My question is that I have experienced at least 3 to 4 times this year where the server has gone down due to their upline (FDCServers). The Internap network that they claim to be great seems to cause the problem all the time. Faulty switch, bad gateway, etc.

This is my first VPS so I have nothing to compare it to. Is this normal for VPS's?

As mentioned, the support has been great when I can submit a ticket. However their support system seems to be provided by the same supplier and when their network goes down, I have no way of connecting to the control panel or help desk to submit a ticket.

View 11 Replies View Related

Does Anyone Know What Happened To RockmyWeb

Jun 1, 2008

I've been with RockmyWeb since the beginning of the year. Does anyone know what is wrong with their servers? Today my server went down and I can't connect to Rockmyweb to submit a ticket.

View 3 Replies View Related

RockMyWeb Comments

Jul 18, 2007

I've been with RockMyWeb.net for exactly one month now, and I want to share my experiences. This is a one-month experience, so it will be mainly about new purchase and initial support. This is a quite long post, I wasn't really considering to write that long.

I'm a shared hosting provider in local language. One of the websites I host has grown too much to be on a shared server. It didn't even fit on a standart VPS with 256 MB guaranteed, 1 GB burst ram. So we decided to go with VirtuallyDedicated,
[url]

with the plan 1.5 GHP, since it was better than a dedicated server with pentium-4 processor and 1 Gb ram, and was cheaper. The website being hosted is www.trforumcu.com, along with a dozen of small websites.

Purchase:
I requested a custom quote, with cPanel and management, less diskspace. They prepared the quote within 3 hours, I paid within 24 hours, they set up the VPS within 12 hours, including initial management. The process was painless.

Initial support:
We had some requests about the VPS within the first 3 days, before moving the websites. The tickets was being responded within 2 minutes, some being even within the same minute. That is the fastest response time I've ever got from a provider (I've been with 6 different VPS providers, as far as I remember.) It looks like someone is always waiting for tickets at any time. My tickets were usually being opened in their nights, due to the time zone difference between us. I'm very satisfied with their knowledgeable support.

One point about their support is that they act as if the customer is their friend. I mean, They don't send this reply:

Quote:

Hello,

The issue is being worked on.

Best Regards,
Blah Blah
Customer Service Represantative
RockMyWeb.net

Instead, they send this within the minute:

Quote:

Hi, I'm having a look at it right away.

I, myself, actually use the former type of reply to my own customers. But the latter was quite nice, considering they are sending it right away, and start working on the actual problem within the minute. And they are solving the problem, too.

Support within the month:
After initial configurations, we had some problems. Our website was using too much resources, and the server needed to be optimized a little bit. I opened a ticket. They replied 4 times, without my reply. They informed me about the process well. After 4 replies, they said the server should be fine now.

After 2 days, they sent me an email, asking if I'm satisfied with the optimization. This is the first time I'm getting an email from a provider after some time, asking about my satisfaction.

We also had a cPanel licence issue (cPanel suddenly forgot about its licence, and started saying "cannot read licence file"). This was solved within 36 hours. They said the problem needs to be fixed by cPanel support staff itself, and their support over weekend is not the best. They kept updating me every 12 hours, saying they are waiting the cPanel staff. After 36 hours, the issue was fixed.

About their system:
Their VPS technology is different from my other VPSs with other providers. They don't use Virtuozzo, they use some kind of custom system (it doesn't seem to be VMware or like). This is the only thing I can complain, I was used to VZ and their custom panel is quite different. They provide VPS restart utility, and this is actually the only thing I need from a VPS remote panel.

They don't provide equal-share CPU, they allocate guaranteed CPU. This was very important for us, because the website we were hosting was being kicked off the VPS providers due to high CPU usage. With rockmyweb's allocated CPU, we are not interfering with other VPSs on the system, and we feel quite more comfortable. Also, we have 1.5 processor cores guaranteed, much higher than any other VPS providers will provide for this cost.

Their backup system is also satisfying. They charge 0.25 per GB backup used, not allocated. So I don't pay for unused backup space.

Overall, I'm satisfied with their service, and very happy with their support over the first month. I'll update this topic with additional information and comments (both positive and negative) over the time.

View 2 Replies View Related

JaguarPC Or RockMyWeb

Jul 24, 2007

I'm a webdesigner currently on a shared Reseller Package hosting 10 business php-based websites and a couple of low volume joomla websites. I'll be concentrating to market joomla webdesign customization bundled with hosting packages and will be expecting an increase on client base.

I'm seriously considering on a high-end VPS plan and have shortlisted 2 providers. My budget will be around $80.

Would appreciate if you could give me some inputs, suggestions and reviews on these 2 providers and your expertise if these packages could perform well for my needs.

JAGUAPC - ENTERPRISE PLAN
Quad Core Intel Processors
45GB Diskspace + 100% FREE = 90GB
512MB RAM Guaranteed + 50% FREE = 768MB
700GB Bandwidth + 50% FREE = 1050GB
+ FREE Control Panel (Plesk, cPanel/WHM, DirectAdmin, Interworx)
+ 2 FREE MONTHS*
$89.97/month - 15% Discount = $76.47/month

ROCKMYWEB - HP1024MB PLAN
Dedicated CPU on a Multi Core Woodcrest
1GB Dedicated RAM
1.5GB Extra RRM RAM
60GB Hard Disk
700GB Bandwidth
Cpanel Add $15
Gold management
Free Website Monitoring
$74.99 - Less 33% - %50.24

View 14 Replies View Related

RockMyWeb Review

Jul 27, 2007

first of all, I must say that this is my first experience with VPS and I always had a shared hosting in the past. I have a communication and marketing company in Montreal and we're growing fast so I wanted to have more control.

I spent a lot of time on this forum searching for DEALS in the VPS Hosting Offers section. I wanted to start with a small plan but with a good company.

I wrote an e-mail describing all my actual and future needs and saying that it's my first time experience with VPS and send it to many VPS provider I found. I received a few answers but the most complete and satisfying one was from Devon Bessemer at RockMyWeb which made a plan specificly for me and that was exactly in my actual budget.

I'm testing it for 5 days now and I'm really enjoying my experience. At first I took the free Virtualmin Control Panel but I didn't really like it because I used the work with the very visual-oriented CPanel. Because I wanted to keep my monthly fees very low, Devon suggested me Directadmin for 5$ a month. It is great, easy to use, pretty for resellers and has a lot of nice features such as the 3 levels CP admin/reseller/user.

The speed is also very impressive. I chose the metered 100mbits instead of unmetered 10mbits and it rocks ! File transfer is at least as twice as fast as the shared hosting I had (Wirenine) which was already a fast one.

The support team is rocket fast, never got an answer in more than 30minutes and they solve all my problems easily.

So here's my review, I'm not a geek, don't know as much as many professionnal on this forum but found out a company who cares about people and who's offering a good service.

I highly recomment this VPS Hosting company to people of this forum.

View 4 Replies View Related

10 Month Review -Rockmyweb.net

May 22, 2009

since Rock My Web is now offering services again, it's probably time to give them a review!

I have 2 VPSs with Rockmyweb. I got the first in September of 2008, and my large one where I host my client websites at the end of October 2008.

First and foremost, I will say that this is the longest I have been with a provider in a few years. I have been burned by companies that disappear, with others that keep changing datacenters and the like. Rock My Web has been nothing short of fantastic from a performance standpoint.

Network:
I am in their Chicago DC. Speed from there to Toronto is fantastic. The servers themselves are also quick, and not overloaded. I realize that their new offerings in other DCs are less expensive, but I am happy to pay a bit of a premium to be in Chicago.

Price:
Not bottom of the barrel pricing, but very competitive. I have VPSs with other providers that are a bit cheaper, but none of them offer anything in Chicago. Good value for the money, IMO.

Support:
Haven't really need to speak to support much, so really can't comment. That's the ideal situation, right? Since the fall, there was only one major (i.e. a few hours) downtime, and that was related to the datacenter. I would like to see them get an offsite node to report downtime on, but since there has been very little, it hasn't been a major issue.

Billing:
If there has been anything that has caused me a problem, it has been with the billing system. Part of the problem was my own doing - I cancelled an add-on package without realizing it was on a paypal subscription. Getting the credit sorted out was a 3 month process.

Their VPS Control Panel:
They do not use HyperVM, but rather a control panel of their own. The earlier version was funky/buggy, but the later version is a lot better. There are some neat functions in it, but there are still a couple of little quirks to work with.

All in all, I am very happy to be a customer. The service is solid and quick, and great value for the money. I wish them the best with their new offerings. There is a reason that I host my clients on their servers and have for a good number of months.

View 3 Replies View Related

Our 48hrs Review Of RockmyWeb/VDNet

Oct 25, 2007

After a few managed dedicated server purchase, I decide to purchase a small VPS for development needs. I browsed around WHT. Many provider offers were appealing, but ressource wise, none really compared to RockmyWeb / Virtuallydedicated [url].

I contacted their pre-sales team and ask various questions. Very responsive. Even follow up with me after a few hours to see if I had any more questions. They alos offered me an extra 10% OFF.

So I ordered and even took the fully managed service for an extra 10$ a month. An invoice with 10% OFF was sent to me. I paid. Next day and 9hrs later I got my root access and an IP. I also found out that their service was only guaranteed with a 99.7% uptime on the node I was on. This is when I started to get surprise.

First, the VPS control panel was under construction and not accessible for another day or so.

The welcome email said, cPanel is currently being installed.

1h30 later cPanel was installed.

I then ask to install CSF Firewall. I was responded that they do not install CSF firewall nor support it. If I wanted to install it on my own I could. So much for fully managed.

I logged in WHM, and the setup wizard had not been done. I emailed to ask why WHM had not been setup and all they did was a plain install. To which I was responded:

Quote:

Of course it is a plain install. We install CPanel/WHM and if you need help, you open a support ticket to have us configure it for you. What were you expecting us to do?

So I ask, what was the features announced on the website about fully securing the VPS:

Quote:

At rockmyweb, we dont just set you up with a default install and leave you
hanging. We fully install an updated control panel, custom configure your
firewall, secure your services, and use BFD to lock out hackers. Prepaying
gets you our secure secure setup for free!.

I ask to at least do the initial WHM, since I didnt know what were all the ip's associated with my vps.

They told me how can they configured cpanel when they dont even know what I want and what hostname I want. I reminded them that I had provided an hostname in the signup process, to which they said:

That the hostname is not referring to the one hosted on the server and that I should provide all the informations because they cannot read minds.

Not being confident anymore in their services and what fully managed VPS was, I ask for a refund, even propose a partial refund, to compensate for their work. But was responded that they not refund for such a ridiculous thing.

They then told me to have installed BFD and some initial hardening.

I then requested a few install from their support team. I must say, that their support team have been very good and responsive. They always responded very quick and done what ask to. No problem here.

Still being not sure of what had been done on the server, I registered my new VPS with Platinum server management and ask them to do a security assesment on the server. Their report indicated that a firewall had been installed but nothing else had been done to secure the server. They propose to do their initial security package. They reported once done with a 2 pages long report of what had been done on the server.

Even if I received some great service from their support team, I dont understand their meaning of fully managed. With my previous experience, fully managed means that the server is delivered ready to roll for hosting and that the provider is a bit more proactive when it comes to setup and prepare the server. It should be, just create an account and upload your files. Voila. But instead, fully managed means they will do all I ask, if I ask.

Im still not sure about their services, and decided to further test the response of the VPs before transferring some of my files on this VPS.

View 14 Replies View Related

[REVIEW] 1-month @ RockMyWeb And Counting...

Aug 27, 2007

After my BuyAVPS and PrimaryVPS VPS' fell through, I decided to get a new
unmanaged (I manage it myself of course ) VPS from RockMyWeb.net

The specs are:
640MB guaranteed RAM, with 1.5GB RAM burstable
40GB HD space, with the 500GB monthly bandwidth on the faster 100MBPS port.

I think this plan has a dedicated amount of CPU that I can use, which seems to
be 100mHz per core (8).

My VPS was set up within 15 minutes of placing an order.

It performs great, I haven't had any issues with the performance. There were
some issues with downtime 9 days ago, but it was sorted out quickly.

As far as support goes, I have had a couple of questions here and there and
they have all been answered very quickly.

Over all I'm very happy with their services My VPS is used to provide small
hosting to about 20 or so people, and I have about 25 domains hosted on it
at present. Currently only using about 50GB bandwidth per month, but it's
steadily increasing.

One of my domains hosted with them: [url]

View 2 Replies View Related

VPS.net Experience

Apr 8, 2009

I thought I would try the new "cloud" VPS service that WestHost is using to handle all their VPS customers now.

First, if you have a billing issue, expect at least a two day response time. I have had two questions for the billing department. The first was handled in two days with great apologies from the responder on the length of time it took to get back to me. I sent a followup ticket to the same billing department -- that was two days ago and still no response. So obviously, the apology was not genuine or they wouldn't have let it happen again.

Just wanted to make sure everyone understands that:

1) VPS.net has no refund policy in place. No refunds. I asked for one only one day after signing up, and the response is no refunds period.

2) My other hosting experiences allowed me to keep the same base price I signed up for as long as I maintained the hosting account with them. Not VPS.net. Pricing will change at their whim. If you sign up in April, you will receive a huge increase in May. Yeah, they say they "may" have some coupons or something in the future, but hey -- how can you budget your hosting expenses if you don't know what they will be exactly?

I have had accounts with a lot of hosting companies in my many years in this industry, but none as uncustomer friendly as VPS.net -- and its such a shame since their shared hosting sister company -- WestHost -- is famous for their customer service and friendliness.

View 8 Replies View Related

My Experience With M6.net

May 7, 2008

This is a lesson for everyone, regardless of the type of hosting you're looking for, ALWAYS do your homework first!

I'm a bit embarrassed to admit it, but in March I signed up with a hosting company based solely on the claims on their website, and their wonderful presales responses to my questions. The company is M6.net.

It started off well enough, sales responded to my list of about 20 questions, and I received my reply during the weekend, which impressed me because I thought I was going to wait until the following Monday to hear back from them. I signed up for their Designer plan, which offers 200gb storage, and 1.2tb of bandwidth, with a max of 17 websites.

I signed up for the account and waited. No account setup confirmation email, nothing. So I submitted a support ticket, and it was resolved quickly. So I'm on my way now. I'm a .Net developer, so the first thing I notice is that .Net is disabled on my account. So I submit a support ticket, it was resolved within an hour.

So now I go about checking on all the other things that are supposed to be included with the account, one of which was smartermail. It was setup using hoarde. So I submit a support ticket. Along the way, there were 3 or 4 other things that I noticed that weren't setup right and needed to be corrected, so I submitted support tickets. This was all on day 1.
Unlike the first 2 issues, rather than hearing that it's resolved, for all my subsequent tickets I get a response telling me that my issue has been escalated to level3. I don't know what that means because there's no explanation included, but I figure it must mean that my tickets are important.

I don't hear anything back the first day, which is acceptable, because my requests obviously require more attention than my first tickets. So the next day (day 2), I submit another ticket inquiring about the status of all my outstanding tickets. I get a reply telling me that they are working on them.

All of day 2 passes with no resolution on what should be fairly simple fixes. Day 3 rolls around, and that's when I started getting annoyed. I submitted, you guessed it, a support ticket asking for a status, and I get the same reply, "they are working on them". At this point I'm getting really irritated so I decided to call them to see what was going on.

This was where I started to see the light. A man answered the phone, I could barely understand him because he had a heavy accent (which is no problem in and of itself) but there was also a lot of background noise that sounded like a tv. He answered and mumbled a company name that I could not understand, but it was not "M6", when I replied to him "Oh, I'm sorry, I was trying to reach M6 tech support", he stammered a bit and said something to the effect of "Oh, yes, right, this is M6, can I help you?". To which I replied "No, I really don't think you can", and I hung up.

I had a sinking feeling in my gut, because I realized at that point what a mistake I had made. It was then that I started researching them and found one blistering negative review after another. So on day 3 I submitted a ticket (my last one I might add) and requested that they cancel my account and issue my refund per their 30-day money back guarantee.

I've yet to see the refund.

The fact that you're reading this shows that you're already doing the right thing. Read reviews, weigh the good against the bad, especially watch for hosts who care enough to log on and rebut negative reviews, and ask lots of questions here on WHT.

View 2 Replies View Related

Xio.net - Your Experience

May 28, 2008

I've been using Xilo.net for just over a year now using a reseller account but the time has come to expand to a dedicated server. The level of support I've received from Xilo hasn't been 100% fantastic and my account is sometimes offline for one reason or another - impacting my sites.

I was just wondering if anyone else has any experience with Xilo and if so what your thoughts are on them? I read the other post from last year about Xilo being useless in setting up a VPN but just wondered if anyone else has dealt with them since?

I'm really not sure whether or not to stay with Xilo for a dedicated server or to move on.

View 0 Replies View Related

Bad Experience With 3fn.net

Apr 16, 2007

I have recently ordered webhosting on not so well known 3fn webhosting company. The reason why I decided for them is because I had some money on my webmoney account, and I needed new webhosting (they accept webmoney payment).

I decided to go for starter plan to test their quality of service, because they didnt want to give me test account, although their site says they offer them. When my account was set up, it all seemed good - I got Plesk which I prefer over cPanel, etc. But when I connected to ftp server I noticed the server isnt that fast as its supposed to be.

After a few days server speed started to annoy me. My website went offline so frequently so that I couldnt belive. I told the admin im unsatisfied with hosting speed, any their uptime - he said they're going to fix it (or something like that).

Website worked fine after a few minutes, but then it went offline again. Today I wanted to access some files I host on my webserver from school, but I noticed the site was offline again.

I sent complaint to them by email and told them my website uptime is only like 60%, and got no response.

I havent been so dissapointed for a long time..

View 3 Replies View Related

MochaHost Experience

Sep 30, 2009

I was looking for a windows reseller plan. I researched lots and found mochahost. They seemed to have a good deal and had all the features I wanted. Anyway, I signed up and immediately requested that they add ClientExec to my account. (Extra $4/month).

After a few hours I received a welcome email and all was good, but no info on ClientExec. I contacted tech support through their chat program (which appears to always be a guy named "Tod"). He told me I needed to open a separate ticket for it. So I did that.

After 24 HOURS, I received a response telling me they generated an invoice that I need to pay. Which I did right away. The response also told me that I needed to re-open the support ticket after I paid for it so they would know to turn on ClientExec for me. The only problem is the ticket was already open.??

I waited about 6 hours and then I contacted "Tod" in tech support again via chat. He told me to open another ticket letting them know I paid, which I did, now 48 HOURS AGO.
No response at all. I contacted "Tod" again right now and he can't help at all. In fact he told me to open another ticket. lol.

I did read some bad stuff about Mochahost, and now Im pretty worried. If I ever need support for my customers I can't wait 48 hours for a response.

View 14 Replies View Related

Experience With Lunarpages?

Sep 24, 2006

Do you have some experiences with Lunarpages.com ?

I purchased win host and I have some negative experiences with them at this time.

View 9 Replies View Related

How Was The Experience With Lunarpages

Aug 10, 2008

I bought their hosting 8 months ago and they are simply jerk for hosting a big site on their shared hosting plans. Now I have transfered my domains to one.com which is very good for huge traffic sites.

View 4 Replies View Related

3 Day Experience With Lunarpages

Oct 2, 2009

I want to tell you guys about my lunarpages experience. First, I found them through a top 10 website review. BIG mistake I understand now. Not really that big of a deal if I can rely on them which is reall all I want. But I don't think I can.

First thing I did after creating my account was go to setup my email. I was very excited, this is my first domain ever. I set it up and then find out I can't receive email! After reporting this to their staff and setting up a ticket, I find out the next day that I wasn't receiving email because I had set my mailbox quota limit to 5000mb. Apparently that was too high they said! Why would they give you the option of doing that if it's just going to screw things up? That's just stupid. I knew I didn't need that much but I figured I'd set it and forget it and it would be no problem.

Then the next thing was just yesterday when I went to check my website and it was down. And so was their LPCP (control panel). I don't know how long it was down for but I noticed it for about half an hour.

I'm still within their 30 day refund policy since I only started the account on tuesday. What do you guys think I should do? Is it commomplace for websites to go down from time to time?

I would really appreciate any suggestions you guys might have as a reliable host. Also, how do I go about tranfering my domain name? Do i tell lunarpages I want to cancel first and then tranfer the domain or do I setup an account where I want to domain to go, then cancel?

View 14 Replies View Related

VPSLand Bad Experience

Oct 29, 2008

writing this post to share with the community my "experience" with VPSLand.I've read a mix of good and bad experiences with this company, and this is just another... I'll let the dialog speak for itself......

View 5 Replies View Related

Anyone Here With CSF Firewall Experience

Apr 3, 2009

CSF firewall official forum is pretty dull.. no answer there in last 3-4 days, so I turned to our good old WHT community.

1. In CSF, how do I block range of IP ?
Say I want to block IPs starting 164.44.x.x

2.
Btw, I found that my CSF is not able to catch DOS attack at all !!
below is my csf config file

Code:
###############################################################################
# Copyright 2006-2009, Way to the Web Limited
# URL: http://www.waytotheweb.com
# Email: sales@waytotheweb.com
###############################################################################
# Testing flag - enables a CRON job that clears iptables incase of
# configuration problems when you start csf. This should be enabled until you
# are sure that the firewall works - i.e. incase you get locked out of your
# server! Then do remember to set it to 0 and restart csf when you're sure
# everything is OK. Stopping csf will remove the line from /etc/crontab
TESTING = "0"

# The interval for the crontab in minutes. Since this uses the system clock the
# CRON job will run at the interval past the hour and not from when you issue
# the start command. Therefore an interval of 5 minutes means the firewall
# will be cleared in 0-5 minutes from the firewall start
TESTING_INTERVAL = "5"

# Enabling auto updates creates a cron job called /etc/cron.d/csf_update which
# runs once per day to see if there is an update to csf+lfd and upgrades if
# available and restarts csf and lfd. Updates do not overwrite configuration
# files or email templates. An email will be sent to the root account if an
# update is performed
AUTO_UPDATES = "0"

# By default, csf will auto-configure iptables to filter all traffic except on
# the local (lo:) device. If you only want iptables rules applied to a specific
# NIC, then list it here (e.g. eth1, or eth+)
ETH_DEVICE = ""

# If you don't want iptables rules applied to specific NICs, then list them in
# a comma separated list (e.g "eth1,eth2")
ETH_DEVICE_SKIP = ""

# Lists of ports in the following comma separated lists can be added using a
# colon (e.g. 30000:35000).

# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2222,2221"

# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,53,80,110,113,443,2222"

# Allow incoming UDP ports
UDP_IN = "20,21,53"

# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = "20,21,53,113,123"

# Allow incoming PING
ICMP_IN = "1"

# Set the per IP address incoming ICMP packet rate
# To disable rate limiting set to "0"
ICMP_IN_RATE = "1/s"

# Allow outgoing PING
ICMP_OUT = "1"

# Set the per IP address outgoing ICMP packet rate
# To disable rate limiting set to "0"
ICMP_OUT_RATE = "1/s"

# Block outgoing SMTP except for root, exim and mailman (forces scripts/users
# to use the exim/sendmail binary instead of sockets access). This replaces the
# protection as WHM > Tweak Settings > SMTP Tweaks
#
# This option uses the iptables ipt_owner module and must be loaded for it to
# work. It may not be available on some VPS platforms
#
# Note: Run /etc/csf/csftest.pl to check whether this option will function on
# this server
SMTP_BLOCK = "0"

# If SMTP_BLOCK is enabled but you want to allow local connections to port 25
# on the server (e.g. for webmail or web scripts) then enable this option to
# allow outgoing SMTP connections to 127.0.0.1
SMTP_ALLOWLOCAL = "1"

# This is a comma separated list of the ports to block. You should list all
# ports that exim is configured to listen on
SMTP_PORTS = "25"

# Drop target for iptables rules. This can be set to either DROP ot REJECT.
# REJECT will send back an error packet, DROP will not respond at all. REJECT
# is more polite, however it does provide extra information to a hacker and
# lets them know that a firewall is blocking their attempts. DROP hangs their
# connection, thereby frustrating attempts to port scan the server.
DROP = "DROP"

# Enable logging of dropped connections to blocked ports to syslog, usually
# /var/log/messages. This option needs to be enabled to use Port Scan Tracking
DROP_LOGGING = "1"

# Enable logging of dropped connections to blocked IP addresses in csf.deny or
# by lfd with temporary connection tracking blocks. Do not enable this option
# if you use Port Scan Tracking
DROP_IP_LOGGING = "0"

# Only log reserved port dropped connections (0:1023). Useful since you're not
# usually bothered about ephemeral port drops
DROP_ONLYRES = "0"

# Commonly blocked ports that you do not want logging as they tend to just fill
# up the log file. These ports are specifically blocked (applied to TCP and UDP
# protocols) for incoming connections
DROP_NOLOG = "67,68,111,113,135:139,445,513,520"

# Enable packet filtering for unwanted or illegal packets
PACKET_FILTER = "1"

# Log packets dropped by the packet filtering option PACKET_FILTER. This will
# show packet drops that iptables has deemed INVALID (i.e. there is no
# established TCP connection in the state table), or if the TCP flags in the
# packet are out of sequence or illegal in the protocol exchange.
#
# If you see packets being dropped that you would rather allow then disable the
# PACKET_FILTER option above by setting it to "0"
DROP_PF_LOGGING = "0"

# Enable SYN flood protection. This option configures iptables to offer some
# protection from tcp SYN packet DOS attempts. You should set the RATE so that
# false-positives are kept to a minimum otherwise visitors may see connection
# issues (check /var/log/messages for *SYNFLOOD Blocked*). See the iptables
# man page for the correct --limit rate syntax
SYNFLOOD = "1"
SYNFLOOD_RATE = "80/s"
SYNFLOOD_BURST = "150"

# Port Flood Protection. This option configures iptables to offer protection
# from DOS attacks against specific ports. This option limits the number of
# connections per time interval that new connections can be made to specific
# ports
#
# This feature does not work on servers that do not have the iptables module
# ipt_recent loaded. Typically, this will be with MONOLITHIC kernels. VPS
# server admins should check with their VPS host provider that the iptables
# module is included
#
# For further information and syntax refer to the Port Flood section of the csf
# readme.txt
#
# Note: Run /etc/csf/csftest.pl to check whether this option will function on
# this server
PORTFLOOD = ""

# Enable verbose output of iptables commands
VERBOSE = "1"

# Log lfd messages to SYSLOG in addition to /var/log/lfd.log. You must have the
# perl module Sys::Syslog installed to use this feature
SYSLOG = "0"

# Enable this option if you want lfd to ignore (i.e. don't block) IP addresses
# listed in csf.allow in addition to csf.ignore (the default). This option
# should be used with caution as it would mean that IP's allowed through the
# firewall from infected PC's could launch attacks on the server that lfd
# would ignore
IGNORE_ALLOW = "0"

# Enable the following option if you want to apply strict iptables rules to DNS
# traffic (i.e. relying on iptables connection tracking). Enabling this option
# could cause DNS resolution issues both to and from the server but could help
# prevent abuse of the local DNS server
DNS_STRICT = "0"

# Limit the number of IP's kept in the /etc/csf/csf.deny file. This can be
# important as a large number of IP addresses create a large number of iptables
# rules (4 times the number of IP's) which can cause problems on some systems
# where either the the number of iptables entries has been limited (esp VPS's)
# or where resources are limited. This can result in slow network performance,
# or, in the case of iptables entry limits, can prevent your server from
# booting as not all the required iptables chain settings will be correctly
# configured. The value set here is the maximum number of IPs/CIDRs allowed
# if the limit is reached, the entries will be rotated so that the oldest
# entries (i.e. the ones at the top) will be removed and the latest is added.
# The limit is only checked when using csf -d (which is what lfd also uses)
# Set to 0 to disable limiting
DENY_IP_LIMIT = "100"

# Limit the number of IP's kept in the temprary IP ban list. If the limit is
# reached the oldest IP's in the ban list will be removed and allowed
# regardless of the amount of time remaining for the block
# Set to 0 to disable limiting
DENY_TEMP_IP_LIMIT = "100"

# Enable login failure detection daemon (lfd). If set to 0 none of the
# following settings will have any effect as the daemon won't start.
LF_DAEMON = "1"

# By default, lfd will send alert emails using the relevant alert template to
# the To: address configured within that template. Setting the following
# option will override the configured To: field in all lfd alert emails
#
# Leave this option empty to use the To: field setting in each alert template
LF_ALERT_TO = "rickyjaffery@gmail.com"

# Block Reporting. lfd can run an external script when it performs and IP
# address block following for example a login failure. The following setting
# is to the full path of the external script which must be executable. See
# readme.txt for format details
#
# Leave this setting blank to disable
BLOCK_REPORT = ""

# Send an alert if log file flooding is detected which causes lfd to skip log
# lines to prevent lfd from looping. If this alert is sent you should check the
# reported log file for the reason for the flooding
LOGFLOOD_ALERT = "0"

# Temporary to Permanent IP blocking. The following enables this feature to
# permanently block IP addresses that have been temporarily blocked more than
# LF_PERMBLOCK_COUNT times in the last LF_PERMBLOCK_INTERVAL seconds. Set
# LF_PERMBLOCK to "1" to enable this feature
#
# Care needs to be taken when setting LF_PERMBLOCK_INTERVAL as it needs to be
# at least LF_PERMBLOCK_COUNT multiplied by the longest temporary time setting
# (TTL) for blocked IPs, to be effective
#
# Set LF_PERMBLOCK to "0" to disable this feature
LF_PERMBLOCK = "1"
LF_PERMBLOCK_INTERVAL = "86400"
LF_PERMBLOCK_COUNT = "4"

# Permanently block IPs by network class. The following enables this feature
# to permanently block classes of IP address where individual IP addresses
# within the same class LF_NETBLOCK_CLASS have already been blocked more than
# LF_NETBLOCK_COUNT times in the last LF_NETBLOCK_INTERVAL seconds. Set
# LF_NETBLOCK to "1" to enable this feature
#
# This can be an affective way of blocking DDOS attacks launched from within
# the same networ class
#
# Valid settings for LF_NETBLOCK_CLASS are "A", "B" and "C", care and
# consideration is required when blocking network classes A or B
#
# Set LF_NETBLOCK to "0" to disable this feature
LF_NETBLOCK = "0"
LF_NETBLOCK_INTERVAL = "86400"
LF_NETBLOCK_COUNT = "4"
LF_NETBLOCK_CLASS = "C"

# Safe Chain Update. If enabled, all dynamic update chains (GALLOW*, GDENY*,
# SPAMHAUS, DSHIELD, BOGON, CC_ALLOW, CC_DENY, ALLOWDYN*) will create a new
# chain when updating, and insert it into the relevant LOCALINPUT/LOCALOUTPUT
# chain, then flush and delete the old dynamic chain and rename the new chain.
#
# This prevents a small window of opportunity opening when an update occurs and
# the dynamic chain is flushed for the new rules.
#
# This option should not be enabled on servers with long dynamic chains (e.g.
# CC_DENY/CC_ALLOW lists) and low memory. It should also not be enabled on
# Virtuozzo VPS servers with a restricted numiptent value. This is because each
# chain will effectively be duplicated while the update occurs, doubling the
# number of iptables rules
SAFECHAINUPDATE = "0"

# If you wish to allow access from dynamic DNS records (for example if your IP
# address changes whenever you connect to the internet but you have a dedicated
# dynamic DNS record from the likes of dyndns.org) then you can list the FQDN
# records in csf.dyndns and then set the following to the number of seconds to
# poll for a change in the IP address. If the IP address has changed iptables
# will be updated.
#
# A setting of 600 would check for IP updates every 10 minutes. Set the value
# to 0 to disable the feature
DYNDNS = "0"

# To always ignore DYNDNS IP addresses in lfd blocking, set the following
# option to 1
DYNDNS_IGNORE = "0"

# The follow Global options allow you to specify a URL where csf can grab a
# centralised copy of an IP allow or deny block list of your own. You need to
# specify the full URL in the following options, i.e.:
# http://www.somelocation.com/allow.txt
#
# The actual retrieval of these IP's is controlled by lfd, so you need to set
# LF_GLOBAL to the interval (in seconds) when you want lfd to retrieve. lfd
# will perform the retrieval when it runs and then again at the specified
# interval. A sensible interval would probably be every 3600 seconds (1 hour)
#
# You do not have to specify both an allow and a deny file
#
# You can also configure a global ignore file for IP's that lfd should ignore
GLOBAL_ALLOW = ""
GLOBAL_DENY = ""
GLOBAL_IGNORE = ""
LF_GLOBAL = ""

# Country Code to CIDR allow/deny. In the following two options you can allow
# or deny whole country CIDR ranges. The CIDR blocks are downloaded from
# http://www.ipdeny.com/ipblocks/ and entirely rely on that service being
# available. The two-letter Country Code specified on that site should be used
# in the following settings. The iptables rules are for incoming connections
# only
#
# Warning: These lists are never 100% accurate and some ISP's (e.g. AOL) use
# non-geographic IP address designations for their clients
#
# Warning: Some of the CIDR lists are huge and each one requires a rule within
# the incoming iptables chain. This can result in significant performance
# overheads and could render the server inaccessible in some circumstances. For
# this reason (amongst others) we do not recommend using these options
#
# Warning: Due to the resource constraints on VPS servers this feature should
# not be used on such systems unless you choose very small CC zones
#
# Warning: CC_ALLOW allows access through all ports in the firewall. For this
# reason CC_ALLOW probably has very limited use
#
# Note: Use of this feature is bound by the TOS and Copyright agreements at
# http://www.ipdeny.com/usagelimits.php
#
# Each option is a comma separated list of CC's, e.g. "US,GB,DE"
CC_DENY = ""
CC_ALLOW = ""

# This option tells lfd how often to retrieve the CC CIDR's required for
# CC_ALLOW and CC_DENY (in days)
CC_INTERVAL = "7"

# Enable IP range blocking using the DShield Block List at
# http://www.dshield.org/diary.html?storyid=4483
# To enable this feature, set the following to the interval in seconds that you
# want the block list updated. The list is reasonably static during the length
# of a day, so it would be appropriate to only update once every 24 hours, so
# a value of "86400" is recommended
LF_DSHIELD = "0"

# The DShield block list URL. If you change this to something else be sure it
# is in the same format as the block list
LF_DSHIELD_URL = "http://feeds.dshield.org/block.txt"

# Enable IP range blocking using the Spamhaus DROP List at
# http://www.spamhaus.org/drop/index.lasso
# To enable this feature, set the following to the interval in seconds that you
# want the block list updated. The list is reasonably static during the length
# of a day, so it would be appropriate to only update once every 24 hours, so
# a value of "86400" is recommended
LF_SPAMHAUS = "1"

# The Spamhaus DROP List URL. If you change this to something else be sure it
# is in the same format as the drop list
LF_SPAMHAUS_URL = "http://www.spamhaus.org/drop/drop.lasso"

# Enable IP range blocking using the BOGON List at
# http://www.cymru.com/Bogons/
# To enable this feature, set the following to the interval in seconds that you
# want the block list updated. The list is reasonably static during the length
# of a day, so it would be appropriate to only update once every 24 hours, so
# a value of "86400" is recommended
#
# Do NOT use this option if your server uses IP's on the bogon list (e.g. this
# is often the case with servers behind a NAT firewall using ip routing)
LF_BOGON = "0"

# The BOGON List URL. If you change this to something else be sure it
# is in the same format as the drop list
LF_BOGON_URL = "http://www.cymru.com/Documents/bogon-bn-agg.txt"

# The following[*] triggers are application specific. If you set LF_TRIGGER to
# "0" the value of each trigger is the number of failures against that
# application that will trigger lfd to block the IP address
#
# If you set LF_TRIGGER to a value greater than "0" then the following[*]
# application triggers are simply on or off ("0" or "1") and the value of
# LF_TRIGGER is the total cumulative number of failures that will trigger lfd
# to block the IP address
#
# Setting the application trigger to "0" disables it
LF_TRIGGER = "0"

# If LF_TRIGGER is > 1 then the following can be set to "1" to permanently
# block the IP address, or if set to a value greater than "1" then the IP
# address will be blocked temporarily for the value in seconds. For example:
# LF_TRIGGER_PERM = "1" => the IP is blocked permanently
# LF_TRIGGER_PERM = "3600" => the IP is blocked temporarily for 1 hour
#
# If LF_TRIGGER is 0, then the application LF_[application]_PERM value works in
# the same way as above
LF_TRIGGER_PERM = "3600"

# To only block access to the failed application instead of a complete block
# for an ip address, you can set the following to "1", but LF_TRIGGER must be
# set to "0" with specific application[*] trigger levels also set
LF_SELECT = "0"

# Send an email alert if an IP address is blocked by one of the[*] triggers
LF_EMAIL_ALERT = "1"

#[*]Enable login failure detection of sshd connections
LF_SSHD = "5"
LF_SSHD_PERM = "1"

#[*]Enable login failure detection of pure-ftpd connections
LF_FTPD = "10"
LF_FTPD_PERM = "1"

#[*]Enable login failure detection of SMTP AUTH connections
LF_SMTPAUTH = "5"
LF_SMTPAUTH_PERM = "1"

#[*]Enable login failure detection of courier pop3 connections. This will not
# trap the older cppop daemon
LF_POP3D = "10"
LF_POP3D_PERM = "1"

#[*]Enable login failure detection of courier imap connections. This will not
# trap the older cpimap (uwimap) daemon
LF_IMAPD = "10"
LF_IMAPD_PERM = "1"

#[*]Enable login failure detection of Apache .htpasswd connections
# Due to the often high logging rate in the Apache error log, you might want to
# enable this option only if you know you are suffering from attacks against
# password protected directories
LF_HTACCESS = "5"
LF_HTACCESS_PERM = "1"

#[*]Enable failure detection of Apache mod_security connections
# Due to the often high logging rate in the Apache error log, you might want to
# enable this option only if you know you are suffering from attacks against
# web scripts
LF_MODSEC = "5"
LF_MODSEC_PERM = "1"

#[*]Enable detection of suhosin triggers and blocking of attackers
# Example: LF_SUHOSIN = "5"
LF_SUHOSIN = "0"
LF_SUHOSIN_PERM = "1"

# Check that csf appears to have been stopped. This checks the status of the
# iptables INPUT chain. If it's not set to DROP, LF will run csf. This will not
# happen if TESTING is enabled above. The check is done every 300 seconds
LF_CSF = "1"

# Send an email alert if anyone logs in successfully using SSH
LF_SSH_EMAIL_ALERT = "1"

# Send an email alert if anyone uses su to access another account. This will
# send an email alert whether the attempt to use su was successful or not
LF_SU_EMAIL_ALERT = "1"

# Enable Directory Watching. This enables lfd to check /tmp and /dev/shm
# directories for suspicious files, i.e. script exploits. If a suspicious
# file is found an email alert is sent. One alert per file per LF_FLUSH
# interval is sent
#
# To enable this feature set the following to the checking interval in seconds.
# Set to disable set to "0"
LF_DIRWATCH = "60"

# To remove any suspicious files found during directory watching, enable the
# following. These files will be appended to a tarball in
# /etc/csf/suspicious.tar
LF_DIRWATCH_DISABLE = "0"

# This option allows you to have lfd watch a particular file or directory for
# changes and should they change and email alert using watchalert.txt is sent
#
# To enable this feature set the following to the checking interval in seconds
# (a value of 60 would seem sensible) and add your entries to csf.dirwatch
#
# Set to disable set to "0"
LF_DIRWATCH_FILE = "0"

# This is the interval that is used to flush reports of usernames, files and
# pids so that persistent problems continue to be reported, in seconds.
# A value of 3600 seems sensible
LF_FLUSH = "3600"

# System Integrity Checking. This enables lfd to compare md5sums of the
# servers OS binary application files from the time when lfd starts. If the
# md5sum of a monitored file changes an alert is sent. This option is intended
# as an IDS (Intrusion Detection System) and is the last line of detection for
# a possible root compromise.
#
# There will be constant false-positives as the servers OS is updated or
# monitored application binaries are updated. However, unexpected changes
# should be carefully inspected.
#
# Modified files will only be reported via email once.
#
# To enable this feature set the following to the checking interval in seconds
# (a value of 3600 would seem sensible). This option may pur an increased I/O
# load onto the server as it checks system binaries.
#
# To disable set to "0"
LF_INTEGRITY = "10800"

# System Exploit Checking. This enables lfd to check for the Random JS Toolkit
# and may check for others in the future:
# http://www.cpanel.net/security/notes/random_js_toolkit.html
# It compares md5sums of the binaries listed in the exploit above for changes
# and also attempts to create and remove a number directory
#
# Modified files will only be reported via email once, though will be reset
# after an hour
#
# To enable this feature set the following to the checking interval in seconds
# (a value of 300 would seem sensible).
#
# To disable set to "0"
LF_EXPLOIT = "400"

# This comma separated list allows you to (de)select which tests LF_EXPLOIT
# performs
#
# For the SUPERUSER check, you can list usernames in csf.suignore to have them
# ignored for that test
#
# Valid tests are:
# JS,SUPERUSER
LF_EXPLOIT_CHECK = "JS,SUPERUSER"

# Set the time interval to track login failures within (seconds), i.e.
# LF_TRIGGER failures within the last LF_INTERVAL seconds
LF_INTERVAL = "300"

# This is how long the lfd process sleeps (in seconds) before processing the
# log file entries and checking whether other events need to be triggered
LF_PARSE = "5"

# Send an email alert if an account exceeds LT_POP3D/LT_IMAPD logins per hour
# per IP
LT_EMAIL_ALERT = "1"

# Block POP3 logins if greater than LT_POP3D times per hour per account per IP
# address (0=disabled)
LT_POP3D = "0"

# Block IMAP logins if greater than LT_IMAPD times per hour per account per IP
# address (0=disabled) - not recommended for IMAP logins due to the ethos
# within which IMAP works. If you want to use this, setting it quite high is
# probably a good idea
LT_IMAPD = "0"

# Connection Tracking. This option enables tracking of all connections from IP
# addresses to the server. If the total number of connections is greater than
# this value then the offending IP address is blocked. This can be used to help
# prevent some types of DOS attack.
#
# Care should be taken with this option. It's entirely possible that you will
# see false-positives. Some protocols can be connection hungry, e.g. FTP, IMAPD
# and HTTP so it could be quite easy to trigger, especially with a lot of
# closed connections in TIME_WAIT. However, for a server that is prone to DOS
# attacks this may be very useful. A reasonable setting for this option might
# be arround 200.
#
# To disable this feature, set this to 0
CT_LIMIT = "100"

# Connection Tracking interval. Set this to the the number of seconds between
# connection tracking scans
CT_INTERVAL = "5"

# Send an email alert if an IP address is blocked due to connection tracking
CT_EMAIL_ALERT = "1"

# If you want to make IP blocks permanent then set this to 1, otherwise blocks
# will be temporary and will be cleared after CT_BLOCK_TIME seconds
CT_PERMANENT = "0"

# If you opt for temporary IP blocks for CT, then the following is the interval
# in seconds that the IP will remained blocked for (e.g. 1800 = 30 mins)
CT_BLOCK_TIME = "1800"

# If you don't want to count the TIME_WAIT state against the connection count
# then set the following to "1"
CT_SKIP_TIME_WAIT = "0"

# If you only want to count specific states (e.g. SYN_RECV) then add the states
# to the following as a comma separated list. E.g. "SYN_RECV,TIME_WAIT"
#
# Leave this option empty to count all states against CT_LIMIT
CT_STATES = ""

# If you only want to count specific ports (e.g. 80,443) then add the ports
# to the following as a comma separated list. E.g. "80,443"
#
# Leave this option empty to count all ports against CT_LIMIT
CT_PORTS = ""

# Process Tracking. This option enables tracking of user and nobody processes
# and examines them for suspicious executables or open network ports. Its
# purpose is to identify potential exploit processes that are running on the
# server, even if they are obfuscated to appear as system services. If a
# suspicious process is found an alert email is sent with relevant information.
# It is then the responsibility of the recipient to investigate the process
# further as the script takes no further action. Processes (PIDs) are only
# reported once unless lfd is restarted.
#
# The following is the number of seconds a process has to be active before it
# is inspected. If you set this time too low, then you will likely trigger
# false-positives with CGI or PHP scripts.
# Set the value to 0 to disable this feature
PT_LIMIT = "60"

# How frequently processes are checked in seconds
PT_INTERVAL = "60"

# If you want process tracking to highlight php or perl scripts that are run
# through apache then disable the following,
# i.e. set it to 0
#
# While enabling this setting will reduce false-positives, having it set to 0
# does provide better checking for exploits running on the server
PT_SKIP_HTTP = "0"

# lfd will report processes, even if they're listed in csf.pignore, if they're
# tagged as (deleted) by Linux. This information is provided in Linux under
# /proc/PID/exe. A (deleted) process is one that is running a binary that has
# the inode for the file removed from the file system directory. This usually
# happens when the binary has been replaced due to an upgrade for it by the OS
# vendor or another third party (e.g. cPanel). You need to investigate whether
# this is indeed the case to be sure that the original binary has not been
# replaced by a rootkit
#
# To stop lfd reporting such process you need to restart the daemon to which it
# belongs and therefore run the process using the replacement binary (presuming
# one exists). This will normally mean running the associated startup script in
# /etc/init.d/
#
# If you don't want lfd to report deleted binary processes, set to 0
PT_DELETED = "1"

# User Process Tracking. This option enables the tracking of the number of
# process any given cPanel account is running at one time. If the number of
# processes exceeds the value of the following setting an email alert is sent
# with details of those processes. If you specify a user in csf.pignore it will
# be ignored
#
# Set to 0 to disable this feature
PT_USERPROC = "10"

# This User Process Tracking option sends an alert if any linux user process
# exceeds the memory usage set (MB). To ignore specific processes or users use
# csf.pignore
#
# Set to 0 to disable this feature
PT_USERMEM = "100"

# This User Process Tracking option sends an alert if any linux user process
# exceeds the time usage set (seconds). To ignore specific processes or users
# use csf.pignore
#
# Set to 0 to disable this feature
PT_USERTIME = "1800"

# If this option is set then processes detected by PT_USERMEM, PT_USERTIME or
# PT_USERPROC are killed
#
# Warning: We don't recommend enabling this option unless absolutely necessary
# as it can cause unexpected problems when processes are suddenly terminated.
# It is much better to leave this option disabled and to investigate each case
# as it is reported when the triggers above are breached
#
# Note: Processes that are running deleted excecutables (see PT_DELETED) will
# not be killed by lfd
PT_USERKILL = "0"

# Check the PT_LOAD_AVG minute Load Average (can be set to 1 5 or 15 and
# defaults to 5 if set otherwise) on the server every PT_LOAD seconds. If the
# load average is greater than or equal to PT_LOAD_LEVEL then an email alert is
# sent. lfd then does not report subsequent high load until PT_LOAD_SKIP
# seconds has passed to prevent email floods.
#
# Set PT_LOAD to "0" to disable this feature
PT_LOAD = "30"
PT_LOAD_AVG = "5"
PT_LOAD_LEVEL = "8"
PT_LOAD_SKIP = "3600"

# If a PT_LOAD event is triggered, then if the following contains the path to
# a script, it will be run in a child process. For example, the script could
# contain commands to terminate and restart httpd, php, exim, etc incase of
# looping processes
PT_LOAD_ACTION = "/sbin/service httpd restart"

# Port Scan Tracking. This feature tracks port blocks logged by iptables to
# syslog. If an IP address generates a port block that is logged more than
# PS_LIMIT within PS_INTERVAL seconds, the IP address will be blocked.
#
# This feature could, for example, be useful for blocking hackers attempting
# to access the standard SSH port if you have moved it to a port other than 22
# and have removed 22 from the TCP_IN list so that connection attempts to the
# old port are being logged
#
# This feature blocks all iptables blocks from the iptables logs, including
# repeated attempts to one port or SYN flood blocks, etc
#
# Note: This feature will only track iptables blocks from the log file set in
# IPTABLES_LOG below and if you have DROP_LOGGING enabled. However, it will
# cause redundant blocking with DROP_IP_LOGGING enabled
#
# Warning: It's possible that an elaborate DDOS (i.e. from multiple IP's)
# could very quickly fill the iptables rule chains and cause a DOS in itself.
# The DENY_IP_LIMIT should help to mitigate such problems with permanent blocks
# and the DENY_TEMP_IP_LIMIT with temporary blocks
#
# Set PS_INTERVAL to "0" to disable this feature. A value of between 60 and 300
# would be sensible to enable this feature
PS_INTERVAL = "300"
PS_LIMIT = "10"

# You can specify the ports and/or port ranges that should be tracked by the
# Port Scan Tracking feature. The following setting is a comma separated list
# of those ports and uses the same format as TCP_IN. The default setting of
# 0:65535 covers all ports
PS_PORTS = "0:65535"

# You can select whether IP blocks for Port Scan Tracking should be temporary
# or permanent. Set PS_PERMANENT to "0" for temporary and "1" for permanent
# blocking. If set to "0" PS_BLOCK_TIME is the amount of time in seconds to
# temporarily block the IP address for
PS_PERMANENT = "0"
PS_BLOCK_TIME = "3600"

# Set the following to "1" to enable Port Scan Tracking email alerts, set to
# "0" to disable them
PS_EMAIL_ALERT = "1"

# Account Tracking. The following options enable the tracking of modifications
# to the accounts on a server. If any of the enabled options are triggered by
# a modifications to an account, an alert email is sent. Only the modification
# is reported. The cause of the modification will have to be investigated
# manually
#
# You can set AT_ALERT to the following:
# 0 = disable this feature
# 1 = enable this feature for all accounts
# 2 = enable this feature only for accounts with uid 0 (e.g. root)
AT_ALERT = "2"

# This options is the interval between checks in seconds
AT_INTERVAL = "60"

# Send alert if a new account is created
AT_NEW = "1"

# Send alert if an existing account is deleted
AT_OLD = "1"

# Send alert if an account password has changed
AT_PASSWD = "1"

# Send alert if an account uid has changed
AT_UID = "1"

# Send alert if an account gid has changed
AT_GID = "1"

# Send alert if an account login directory has changed
AT_DIR = "1"

# Send alert if an account login shell has changed
AT_SHELL = "1"

# Display Country Code and Country for reported IP addresses
CC_LOOKUPS = "1"

# Messenger service. This feature allows the display of a message to a blocked
# connecting IP address to inform the user that they are blocked in the
# firewall. This can help when users get themselves blocked, e.g. due to
# multiple login failures. The service is provided by two daemons running on
# ports providing either an HTML or TEXT message.
#
# This feature does not work on servers that do not have the iptables module
# ipt_REDIRECT loaded. Typically, this will be with MONOLITHIC kernels. VPS
# server admins should check with their VPS host provider that the iptables
# module is included.
#
# For further information on features and limitations refer to the csf
# readme.txt
#
# Note: Run /etc/csf/csftest.pl to check whether this option will function on
# this server
#
# 1 to enable, 0 to disable
MESSENGER = "0"

# Provide this service to temporary IP address blocks
MESSENGER_TEMP = "1"

# Provide this service to permanent IP address blocks
MESSENGER_PERM = "1"

# User account to run the service servers under. We recommend creating a
# specific non-priv, non-shell account for this purpose
MESSENGER_USER = "csf"

# This is the maximum concurrent connections allowed to each service server
MESSENGER_CHILDREN = "10"

# Set this to the port that will receive the HTML message. You should configure
# this port to be >1023 and different from the TEXT port. Do NOT enable access
# to this port in TCP_IN
MESSENGER_HTML = "8888"

# This comma separated list are the HTML ports that will be redirected for the
# blocked IP address. If you are using per application blocking (LF_TRIGGER)
# then only the relevant block port will be redirected to the messenger port
MESSENGER_HTML_IN = "80,2082,2095"

# Set this to the port that will receive the TEXT message. You should configure
# this port to be >1023 and different from the HTML port. Do NOT enable access
# to this port in TCP_IN
MESSENGER_TEXT = "8889"

# This comma separated list are the TEXT ports that will be redirected for the
# blocked IP address. If you are using per application blocking (LF_TRIGGER)
# then only the relevant block port will be redirected to the messenger port
MESSENGER_TEXT_IN = "21"

# These settings limit the rate at which connections can be made to the
# messenger service servers. Its intention is to provide protection from
# attacks or excessive connections to the servers. If the rate is exceeded then
# iptables will revert for the duration to the normal blocking actiity
#
# See the iptables man page for the correct --limit rate syntax
MESSENGER_RATE = "30/m"
MESSENGER_BURST = "5"

# Statistics
#
# These options will be expanded in the future.
#
# This option enabled statistical data gathering
ST_ENABLE = "1"

# This option determines how many iptables log lines to store for reports
ST_IPTABLES = "100"

# This option indicates whether rDNS and CC lookups are performed at the time
# the log line is recorded (this is not performed when viewing the reports)
#
# Warning: If DROP_IP_LOGGING is enabled and there are frequent iptables hits,
# then enabling this setting could cause serious performance problems
ST_LOOKUP = "0"

# If you find ever increasing numbers of zombie lfd processes you may need to
# revert to the old child reaper code by enabling this option
OLD_REAPER = "0"


# OS settings
IPTABLES = "/sbin/iptables"
MODPROBE = "/sbin/modprobe"
IFCONFIG = "/sbin/ifconfig"
SENDMAIL = "/usr/sbin/sendmail"
PS = "/bin/ps"
FUSER = "/sbin/fuser"
VMSTAT = "/usr/bin/vmstat"
LS = "/bin/ls"
MD5SUM = "/usr/bin/md5sum"
TAR = "/bin/tar"
CHATTR = "/usr/bin/chattr"

# Log files
HTACCESS_LOG = "/var/log/httpd/error_log"
MODSEC_LOG = "/var/log/httpd/error_log"
SSHD_LOG = "/var/log/secure"
SU_LOG = "/var/log/secure"
FTPD_LOG = "/var/log/messages"
SMTPAUTH_LOG = "/var/log/secure"
POP3D_LOG = "/var/log/maillog"
IMAPD_LOG = "/var/log/maillog"
IPTABLES_LOG = "/var/log/messages"
SUHOSIN_LOG = "/var/log/messages"

CUSTOM1_LOG = "/var/log/messages"
CUSTOM2_LOG = "/var/log/messages"
CUSTOM3_LOG = "/var/log/messages"
CUSTOM4_LOG = "/var/log/messages"
CUSTOM5_LOG = "/var/log/messages"
CUSTOM6_LOG = "/var/log/messages"
CUSTOM7_LOG = "/var/log/messages"
CUSTOM8_LOG = "/var/log/messages"
CUSTOM9_LOG = "/var/log/messages"

# This configuration is for use with generic Linux servers, do not change the
# following setting:
GENERIC = "1"
DIRECTADMIN = "1"

# For internal use only. You should not enable this option as it could cause
# instability in csf and lfd
DEBUG = "0"

View 5 Replies View Related

24shells.net Experience!

Oct 20, 2008

I need some experience suggestions, are they good ?

View 5 Replies View Related

FDCservers Experience

Oct 25, 2009

I'm basically just going to copy/paste the message I posted on their forums that will likely never see the light of day... But before I do, I would like to say the following...

We have been clients of FDCservers for over 2 years and have had nothing but good experiences with them up until...

"Ok, I'll try to remain as cool and collect as I possibly can, but I have to air my concerns here since our issues are NOT being resolved via support tickets...

We currently leased a new server 2 months ago in August, replacing our old server. Ever since we've gotten this new server we have had nothing but problems.

The problems are the same each and every time, and yet nothing is getting done to actually resolve them...

In a nuttshell, merely days after leasing this new server, we had an HDD fail. It was replaced a day or so later. Then a few days later, another HDD fails. Replaced 2 days later or so.

Then again, HDD failure. Now not only do we have to wait another 2 days for it to be replaced (seems you guys don't keep an on location stock?), but we also have to reload the OS due to the failure.

Finally get the server back online, losing a small amount of data in the process (so far); and AGAIN we have an HDD failure. And again, and again, and again...

I have been very patient with your support staff up until this point, but the amount of money we have lost over the last 2 months is making me look for a different provider.

The issues we are having point to hardware related issues, more than likely a bad onboard disk controller. But the solution has always been to simply replace the failed HDD with a new one, oh and one time you swapped the sata cable to another port.

Now, I'm fully aware that you do not offer an SLA, which is fine.. but we are still paying for a service and yet we are not getting what we're paying for at this point, which is really saddening because we've had nothing but good things to say about your company for 2 years now. But this latest run of events is quickly changing my opinion, and simply because your tech support doesn't seem to actually want to resolve problems the right way.

And now I'm told my server has been completely replaced, but not after a claim that one of my disks started "smoldering", one of them is corrupt and one is lost (as in physically misplaced). Not only that but this "new" server had a whole 2 hours of uptime before it crashed. I have to ask what the hell happened to you guys? You were the first company I recommended when someone asked about a good dedi server company, yet now I'm sitting here with ALL my data seemingly gone (we're talking several hundred GB's of data btw, not something that can be easily replaced by backups) and a "new" server that is already having stability issues!

I really hate to say this, but you guys do not hesitate to turn off a server if a payment is 3 days or so late, so why do you hesitate so much to give us a server that actually works properly?

Or server is ID# ####. Please address our issues once and for all (You can see the ticket history) so we can go back to being happy customers like we have been for the last 2 years..."

So my question is... what in the hell happened to these guys? I remember the one time we had a hardware issue (dead mobo on our old server), it was replaced and we were back online in under an hour. But now I dunno wtf is going on except that we are constantly losing money thanks to this newfound incompetence...

View 14 Replies View Related

Experience With Dedibox.fr?

Apr 29, 2009

Anyone has any experience with Dedibox.fr?

On the pro side, it's extremely cheap. 30 Euro for a dedicated server. That's about $39.

On the con side:

-it's located in France. Will users in US experience significant slow down if I put my server in France?

-the site is in French, which I don't speak. No sure how this would work if I have to deal with the staff there.

View 14 Replies View Related

Experience With SMC Switch?

Sep 19, 2009

i find the brand of SMC,

do you have experience with SMC switch?

View 0 Replies View Related

Experience With Slicehost?

Jan 12, 2009

What experience do you guys have with slicehost?

It pretty much allows you to do whatever you want with a RAM limit, completely from scratch.

View 1 Replies View Related

Ubiquity Experience

Oct 18, 2009

I currently have a VPS with ubiquityservers .com. It's used for simple web serving as well as a proxy tunnel for playing games like Aion. (Without SSH socks proxying, ingame latency is about 800+ms. With proxy, it's about 280ms.) Since most companies charge about US$6 for the proxying service, it makes more sense for 7 of my friends to just buy a cheap and simple VPS to try.

I must admit that I'm pleasantly surprised with ubiquity. I placed an order for the server on Wed 3:41 AM (according to email) and server was already up and running by Wed 5:16 AM.

I created my first ticket about login issues (it happens, so I don't blame them) at 8:36 AM and got the response in 2 minutes. WTF? I've never seen this kind of ridiculously fast response time, not with LayeredTech, PacificRack or iWeb (they are good hosts nevertheless). Maybe the techs just happen to be looking at my ticket first by chance but it was very pleasing to me.

A week later, they got DDOSed. I emailed to ask about the connectivity at 1.06PM (I'm on GMT+8 so it's probably really late in their DC.). I got the response in 5 mins. O_O. I'm pleased with their response times once again. The whole issue got resolved quickly.

2 days back, I decided to be a little adventurous and out try OpenVPN. I contacted them for support as /dev/net/tun was not writable in the containers. After 2 mails, the request was forwarded to the VPS admins who promptly enabled it for my container.

I did some searching on their wiki and found that my 'baby vps' is being shared with 127 other containers. It's only $18 so there's nothing I can complain about.

I am writing this post because I feel that this host deserves a mention. If anyone wants to try out a VPS, do give them a shot.

View 2 Replies View Related

Serverloft Experience

Oct 2, 2009

it was big a mistake in my life dealing with serverloft.com
in few minutes i loss all my data ...
i lost site that have built for 10 years!

and serverloft doesnt response!

the story start when they block my server and discontinue the contrat! for reason that they say spam!

Quote:

WE hereby discontinue without notice the contract for the server loft3059according to §4 of our Terms and Conditions on the basis of unlawful activities originating from your system.

see also ticket 216786487, 216787953, 216788420

Should data on the server still be filed, please contact Support within the next 5 working days. The server will be deactivated on 08th october2009 and all files will be deleted indefinitely.

i swear i dont use it!

ok i accept that and send to them to give me backup or link to it as they say in previus message ,, the data will be 5 days

but say what they answer!

Quote:

he server has been blocked and will be blocked till the deactivation has been finished. For security measures we can't reconnect the server or allow to get access. The backup is provided by the customer. If you do not have a backup external we can not help you.

it's like a dream!
i try to send a ticket again ,,, and say what they answer

Quote:

we are not willing to discuss in this serious issue. You had time
enough to solve the problem but therefore you have not minded. Please
understand that we do not start again a conversation in this case.

is this deal with customer? i lost all my data and they say dont talk

what cost him provide me link to download backup!

and after 12 hours!

Quote:

I have told you yesterday, that we do not give access to the server or backup. At last I have told you that we are not discuss in this case anymore. So you do not have to except any answer in these issue.

I hope that is clearly enough to understand.

to all guys ... warning ..

they are slow in response to support ticket! and very slow
and they dont help customer!

and dont seek cheap thing as i do

View 14 Replies View Related

UK2NET First Experience

Sep 30, 2009

I have a need to move couple of my small-busines web-sites
from US to Europe and I was looking for reliable European shared hosting provider.
After some brief search & study of technical/pricing details I've ended up choosing uk2net.

And I've payed my annual fee just yesterday, attracted by the discount they're offering.

And then fun part began.

I hadn't been able to setup my sites yet, as their instructions are somewhat unclear on how to delegate domains to them, without transfering, but to be clear - 24 hours haven't passed yet since I've raised the ticket in support system - so, possibly these issues will be resolved.

But let me specify other stuff I've been able to study, joined as a client.

First of all - if you'll acquire (register) a domain with them, it really seems that it's going to be a world of pain.

If your new domain is not linked with hosting account (webspace) - then it'll be pointing to a holding page with they advertisement by default.

It may seem that it's not a big deal as you can change the destination URL for a domain.
But it'll be showed "Inside a frame, with a UK2.NET banner"

See the screenshot below of how it looks from user's control panel (as this board allow to use vBcode only when you reach 5 posts, I've used plain text): link_img5.imageshack.us/i/webdiversion.jpg/

In order to get rid of the uk2net banners you'll have to actually
buy a webspace account (hosting plan) or 'Upgrade to Full WebDiversion'.
link_img97.imageshack.us/i/webdiversionupgrade.jpg/
I don't know about you guys, but for me it's like medieval practice.

And more interesting things appear there, in the upgrade panel.

> An upgrade to 'catch' all incoming email (in case it's mispelled for example): link_img8.imageshack.us/i/catchallupgrade.jpg/

> An upgrade to manage your own DNS! link_img268.imageshack.us/i/dnsmanagementupgrade.jpg/
Now, that is something really messed up.
Pay money to manage your own domain name ? What the hell is that ?

I haven't been able to figure out their e-mail policy & multiple websites on one hosting plan policy yet - when (and if) my sites we'll be up & running, I'll report.

As of now, almost 24 hours pasted since I raised my ticket in support system to help me with domain hosting setup procedures - no reply yet.

I'll provide more details during progress and I have a feeling that I would have to know closer how their refund policy works.

As there are no detailed & simple reviews of uk2net, someone might find this one useful.

All of the above are facts only, from hosting client point of view, with no intention to actually harm anyone's business.

It's just that it's a radical change apart from all of the hosting experience I've had previously & my current (still current) hosting provider in US does much much much better job for a much much less.

So far, my recommendation - avoid.

The description of their hosting plans is just a top of the iceberg. You can get three domain names 'for free', but you'll end up paying more for some basic features that were not included.

View 10 Replies View Related

LimeStoneNetworks Experience

Jan 14, 2009

My Review / Experiances of Limestonenetworks
My Advise Avoid like the plauge
01-07-09 01:14 PM
I placed an order for a server
01-08-2009
Server is ready
Orginal Config
DotnetPanel
Windows Web 2008

I had problems from the start
IIS Not starting correctly
Dotnetpanel issues including adding websites.

So I fixed what I could and then employed someone to do the work.
Afterlooking around I found someone who looked proffessional and told me he could do the work.

He got back to me after a few hours and said their were problems with the server OS and DotnetPanel install.

It would take longer to fix but he would try
After A day or so, he sent me and email stating he was unable to get it to work correctly and said the entire OS needed to be reinstalled.
So I contacted LSN and told them about the problems I was having and decided to ditch the Windows 2008 Web server for a more roboust soloution.

I went for the classic Centos and Hypervm soloution.

LSN happy loaded my server with a fresh OS and I proceed to employ my normal guy to install and configure the server
AV went on
firewall went on
Lex went on
Hypervm went on
IP Address Binded to network adapters.

But all the VPS we setup only had the "local lan adapter IP" making them inaccessiable from the outside world.

After somemore looking at the matter I resorted to contact LSN and get them to remove /change the interfaces.

This gave the VPS the external IPS but were still not connectable from the outside world. so far I spent 65$ on the orinal comapny who looked at setting up the web 2008 server additioanl 45$ on a diffrent tech to confirm the fault and been billed for a second money at singlehop.

so I contacted "customer support" and all I wanted was a refund, even if it was parcial. I just wanted a refund. I lost out on to much money and to many hours sitting infront of the computer typing up support contacts.

Please read the transcript below I strongly advise you not to use LSN they are not a helpful company

You are now chatting with ryan
ryan: Hello, thank you for visiting Limestone Networks! How may I assist you today?
ibby@: Hello Ryan, I want to make a complaint.
ryan: Oh no! What appears to be the issue? ....

View 14 Replies View Related

Experience With ServerWOW

Oct 27, 2009

Has anyone used ServerWOW? How I can't find any reviews on the internet, but they seem to have a very affordable selection of VPS offerings.

View 14 Replies View Related

Yubikey - Experience

Aug 3, 2009

A Yubikey is a little USB key that generates a one-time password (or static password) which can be used for single or multiple factor (usually dual) authentication. These keys emulate a keyboard in order to simulate a user typing so that the device can enter the OTP (one time password) or static string into a textfield to authenticate the user.

Has anyone had any experience with these devices? More importantly, is anyone using them in a production environment?

I would be interested to hear the experience of anyone using them, or anyone who isn't using them but has their reasons for doing so. I understand that the keys have certain security flaws, but I'm not entirely sure if some of them have been fixed at the hardware/firmware level yet.

I'd be interested in anyone's experience with said device, or anyone's opinions on them.

See: [url]for information about the keys.

View 1 Replies View Related

My Experience So Far With Sentris

Apr 9, 2009

Sentris has a pretty good deal (IMO) posted over in the advertising forums, free CPanel and good specs for what I am looking for. I started trying to call their toll free number yesterday with some sales questions before buying. I tried about 6 times yesterday with no answer and left 2 messages out of those calls. Today I decided to hell with it and went ahead and ordered the server I was looking at. Also, I decided to prepay 12 months as they only bill you for 9 when you do, a savings of around $450. The ordering process was problematic. I am splitting this server with some friends and I had them both send me 1/3 of the cost the server to my paypal since Sentris accepts this. I do not have a bank account on my paypal but I do have a verified Visa which I intended to use to pay my 1/3. ie, 2/3 from paypal balance and remainder on my Visa. Upon completion of the order and attemping to pay with paypal, I was informed that I could not use either my paypal balance or my credit card for "this transaction" and I needed to add a bank account. This is no good since it takes days and I don't really want to do that anyways. I tried to re-place the order by just paying with a credit card (no paypal) with the intention of paying the entire amount myself and just getting the money from my friends later. I was informed that this was not possible because my "email address was already in their system". I called them, left messages to no avail. Finally I found a welcome email for the first order in my GMail spam box. It including a billing link which I was able to login to and submit a new payment on the invoice using my Visa.

Almost immediately I got a confirmation email that the Visa was processed and authorized. Unfortunately this is where I have stalled. The invoice in their billing portal still shows as unpaid and outstanding. I have received no notice or confirmation that my server is being deployed or an ETA as to when it will be finished. I have called probably a dozen times today and left several messages with their sales and billing departments, neither of which pick up. I have submitted a helpdesk ticket:

I ordered a server this morning and pre-paid 1 year. I charged the payment to my Visa but ModernBill is showing as unpaid even though I received a confirmation email stating the charge was authorized. I need to make sure payment has been received and marked on my account so that deployment of the server can begin and be completed ASAP. Thanks.

It has been 6 hours with no response from this company. They even have an MSM messenger address on their site which I attempted to communicate with to no avail. This user has been away, then active, then idle, then away, then active, and signed on and off several times throughout the day, never responding to my messages.

I understand that 6 hours is a relatively short time for server deployment, but I am not looking for the server to be done. I simply want re-assurance that the invoice is marked paid and things are even moving forward. I fully expected to wait 1-2 days for deployment. My biggest fear is that this is a sampling of the level of service I will be receiving from this "company" over the next 12 months. I have probably called their number 20 times over the last 2 days and left 4-5 messages. No answer and no reply to the message. I have opened 2 tickets and sent 3 lengthy messages to their MSN messenger contact.

Beware, do not trust this company with your money. I am seriously considering calling Visa and issuing a chargeback as this company has made no effort to show me they intend to give me what I paid for.

View 8 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved