Secure Dedicated Server For Disaster Recovery
Oct 7, 2008
I'm trying to find a good hosting provider to host our company's website as our fallback option in case of disaster. One or two dedicated servers should do it, but it'll need the space/bandwidth to host a database of around 60-80 gigs, with the ability to rsync newer copies of the database on a regular basis. We also need to store a Tomcat website, which will take up much less space, but also need to be rsynced to be kept up to date on a regular basis, though less often than
Also, we probably need Red Hat Linux specifically, as opposed to other flavors of Linux.
Of course we need root access to install the other apps we'll need. My paramount concern is the security of our companies data, much of which not only has to be protected for our companies sake, but also for laws such as HIPAA, etc. Cost is a consideration, but security, dependability, and flexibility (root access to our machine, ability to rsync between sites) is more important.
I was wondering if anyone's got suggestions for me, hosting providers they've liked for these purposes? I'm looking at Media Temple's dpv Nitro option right now ...
View 6 Replies
ADVERTISEMENT
May 13, 2008
There is so much information on disaster recovery and backing up one's server, that I'm getting glassy-eyed trying to take it in. Maybe if I became an actual case study, and get some "group think" help, this thread could benefit many others in a similar situation.
Current Situation:
1. I'm a small hosting company, 5 years in existence, with about 350 clients. www.mlhi.net
2. Dedicated Linux server, PLESK CP w/unlimited domains license, fully managed at HostNexus (great guys). It does not have a RAID array (used to have that at Rackspace) but it does have a backup drive that everything is backed up to with a cron job every night.
3) In addition I have a Linux Sys Admin on retainer, www.linuxbox.co.uk (he is better than excellent). Two years of excellent server maintenance and security on top of the managed service I get at HostNexus.
4) I just bought a VPS plan at JauguarPC.com after much research (a lot of it here at WHT) and as they say "so far so good" with the ease of dealing with them. I have not setup anything there yet- just got the VPS provisioned a few days ago.
Fears and Concerns:
1. Data center destroyed/ my server burns up (including backup drive) etc etc.
2. DDOS attack (which did hit this data center a few months ago and I was down for hours)
3. If I had to FTP everything back to another server from my local, at 18 GB, it's not too cool.
Want to do this:
1. I want my Sys Admin to run a backup copy (and incrementals every night) to an identically configured VPS server at JaguarPC. Both servers are now running identical PLESK 8.4.
2. I want the fastest recovery possible without spending a ton of money. I know this means I don't get an "instant" recovery, but recovery within 24 hours is more than OK. None of my customers are ecommerce... just brochureware sites.
My "I'm not an expert" plan:
1. If primary server goes bye-bye forever, I can login to my BulkRegister/Enom account and change the child nameserver IPs to the IP's of the VPS. In 24 hours or less, every request for the nameservers would then be routed to the new server.
2. I can create an A record on every domain like www2.johndoeinsurance.com that would point to the IP at the VPS, so I can ease my mind anytime I want to make sure everything is safe and sound on the second server, and ready to go in an emergency.
How do I configure the DNS?
I control dns at Enom for about two-thirds of my customers. I have ALL domains pointed to ns.mlhi.net and ns2.mlhi.net. Here are my options??
1. I create two more child nameservers... ns3 and ns4 and have then pointed to the IPs at the new server, then update all the domains I control. The rest of the customers I can email and ask them to add the additional nameservers. I know... good luck on them doing it.
2. I change the ns2 IP to go to the new server. And I make sure when I make edits on a website during the day that I FTP to both servers.
3. I don't have any nameservers assigned to the new server. I just change the IP on the existing nameservers in the event of an emergency.
View 5 Replies
View Related
Apr 20, 2007
I am not familiar with quick backup methods, but let me give you an example which might help you provide me with the best possible information.
1. I currently run a hosting business.
2. cPanel accounts are backedup nightly.
Question: I am worried something may happen to the server (DoS Attack) or just an internal error - what would be the quickest way to have your entire webserver back online?
I was thinking another HD with the same installation/configuration.
What procedures have other hosting organizations taken to prevent there web server from loosing downtime.
View 4 Replies
View Related
Oct 21, 2009
I'm putting together a disaster recovery plan and I'm trying to come up with a quick way to get new machines in place in case of catastrophic hardware failure, e.g. two servers go down at the same time (this is an HA setup and must always remain fault tolerant). At this point I'm trying to find someone who would rent a server to me, allowing me to take physical possession of it.
Why do I need physical possession of it? The problem is that I use IP-based storage on a private network and therefore can't rely on a rented server in another cabinet, even across the aisle in the same datacenter, without adding significant complexity to my setup.
So my question, in summary, is this: What would be the fastest, cheapest and simplest way to get a new server in my cabinet in a few short hours?
My servers are going to be in Colo4Dallas, so if there's a provider there who specializes in this or has made an arrangement with you or someone you know in the past, please let me know about them. If you can think of a better way to do things (the obvious solution of investing in more servers excluded),
View 5 Replies
View Related
Jun 8, 2009
I'm used to operating dedicated servers. This year I want to venture into getting a reseller account and / or media temple account.
With my dedicated servers, I do automated mysql dumps and I do nightly rsyncs of all my /home /etc and other important data so disaster recovery is possible.
My question is, how do you do the same thing? Sleep well at night? with these regular web hosting accounts?
I see most newbie people who pay for web hosting do not bother to backup their data. Ignorance is bliss until disaster strikes.
How do you automatically backup your data (mysql and directories) in your multiple web hosting accounts like reseller or grid service media temple?
View 5 Replies
View Related
Apr 9, 2015
I'm working on a plan for restoring my whole Plesk server fast in a worst case scenario. Which will never happen hopefully.
The backup is a full backup done by the Backup Manager in Plesk. It lies on a remote FTP server.
Right now I'm fetching the whole backup directory with wget while in the background the Plesk Installation is running. These actions take about 1h to complete.
Afterwards I would restore with /usr/local/psa/bin/pleskrestore.
Is there a better way? For example installing Plesk directly out of a full backup?
View 7 Replies
View Related
Mar 18, 2008
I am seeking a little input from others who use multi-CPU machines with large memory as web servers and mysql servers.
I will be more than happy to give additional information I might have overlooked if you need it. Just ask.
We are starting to run more and more dedicated hosts running joomla applications. I've been trying to find the very best settings for both performance and security that I can for the servers to function well specifically with their joomla applications.
Serves are not used for *anything* else at all.
The servers are strictly used to serve up web pages. No need for anything other than what apache/php, joomla requires and a few other things such as ffmpeg, etc.
I would like to remove all tools which aren't needed for such a server, leaving a bare minimum server which is less susceptible to hacking.
I've never messed with the root account so wonder if I can simply not allow any access as root other than terminal, perhaps not even su by giving another account full root access and of course, while allowing the system to continue to function properly with the many things which must run as root.
I would like to do this on all of my public machines which are of course behind firewalls. I also have load balancers and cache devices in front of the web servers but at this time, they are not activated so aren't in the realm of this question.
Development is done in a separate environment and the data is pushed to the web server via private network to the web servers. This means no need for shared tools, FTP, or anything else which users would need in a shared environment.
The servers are 8-way IBM, running linux and apache, php/APC.
Servers have 32GB of memory and I can install up to 64GB.
Databases are run on separate machines which are also dedicated only to running mysql databases. Same machines as above.
Machines all run multiple network cards bonded as a single IP.
So, my questions are;
How can I best utilize my hardware to take advantage of their memory capacities.
For example, on the web servers, I'd like to find the best settings for httpd.conf which takes advantage of the machines resources.
On MySQL servers, I'd like to do the same as the above, taking the best advantage of the hardware/memory.
For web serving and for joomla, I seek the very best security settings I can possibly get. I say best because since they aren't used by users, there is no need to have a lot of tools and access to these machines so it should not be a problem to tighten these machines up a great deal.
Any input from those who have such experiences would be very welcome as I've been finding no one place for help on this.
View 0 Replies
View Related
May 12, 2009
I'm working on a research study at the University of Toronto and we would like to set up a website and dedicated secure server. I would like some recommendations on start packages that would be appropriate with prices. I'm hoping some could over their own experiences.
View 14 Replies
View Related
Jun 1, 2008
In light of whats happened at the Planet in Houston we are moving up our plans to have an external DNS nameserver (with failover) and emergency website to alert customers in the event of our data center (C4D in Dallas) ever goes down.
From all the forum messages reagrds this event its apparent that a lot of hosting companies are suffering the worst from having their support websites at the DC where they host their customers and have no way of notifying their customers of whats going on.
Looking to trade 1U of rack space and 1 ip address anywhere in US (Dallas preferred) with someone else who is looking for the same thing.
While we are extremely happy with C4D and have faith in their DC, you can never be 100% prepared for things beyond your control.
View 2 Replies
View Related
Aug 28, 2007
My host just recently sent the hard drive with my sites to a data recovery company called Gillware. Website is [url]- but they failed and gave the following reason:
Quote:
Originally Posted by Gillware
Unfortunately, your file system was so severely damaged that no data can be
recovered. We will make arrangements to return your drive via UPS. Sorry
we could not help you further.
Gillware Inc.
Do you guys think there's still hope?
The hard drive is now being shipped to a more well known company, Drive Savers - [url]and I'm guessing that this is the last hope, because the more the drive gets tampered with, the more chance of permanent data loss.
So yeah.. I was just wondering what you think? If the file system is so severely damaged, do you think it STILL can be recovered?
View 2 Replies
View Related
Oct 6, 2009
I was looking at staminus dedicated hosting offers, and after I asked them about secure port packages prices. I would like to know, after I purchase a dedicated server, how to install secure port? Does it work like a protected DNS?
View 6 Replies
View Related
Apr 12, 2008
one of the worst things (in hosting) has happened. I received a notice this morning from lfd (configserver) that someone had logged into my server as root and it wasn’t me.
Unfortunately I didn’t notice it until eight hours later so I have no idea (yet) what happened during that period. Thankfully I don’t have any really critical data on the system that could have been stolen.
I’m in the process of restoring from a full system backup right now. After that’s done I’m going to look to see what the differences are between the files from the backup and that on the comprised drive. I’m not sure if I’ll get anything useful from the diff but hopefully I’ll find a clue as to how they got root access.
Then of course I need to get my server back up. However, I don’t want to do this until I’ve taken some steps to identify how the individual got in and take some additional preventative steps.
Here’s what I am planning on doing:
1) Check to make sure all exposed services are patched and look at some security sites to see if there are any known vulnerabilities for these services. Anyone know which sites are good to look at?
2) Change firewall to only allow ssh access from a couple specific IP addresses.
3) Disable root ssh access so I have to login via a different account and perform sudos, etc.
4)?
I’ll also look for a good server-hardening guide to see if there are some obvious things I forgot to secure.
Do any of you find folks have any other suggestions or resources that I should check out?
View 11 Replies
View Related
Jun 20, 2006
I work for a small web design firm with about 100 clients/domains and we are starting the search for a new hosting provider. We need a managed dedicated server with an offsite backup. We are also looking for a company that knows what they are talking about. If we have a Linux or server question they need to be able to give us a quick straight answer. Also, if they could help us transfer all our hosting accounts from our current server over to the new one that would be a BIG plus.
We have been thinking about Rackspace or 1and1.com but were wondering what the community thought. Any recommendations?
View 5 Replies
View Related
Feb 29, 2008
No data at the 2nd hard drive.
I can only see the drive letter [E:].
When double click the drive, it says do you want to format.
View 7 Replies
View Related
Sep 2, 2008
Since they had disaster with their billing system it seems their support is falling apart also. I submitted a support ticket 1 month ago and still no reply!?
View 9 Replies
View Related
Mar 25, 2009
i have question about securety of our DNS Server.
View 8 Replies
View Related
Apr 25, 2008
My server hacked!
my server hacked for tow time in less than one month (both times they were similar to each other), and my previous securing company work on my server in previous hack but the server hack again!
anybody can work on my server? this is very URGENT because my server and all of our sites are down!
View 3 Replies
View Related
Mar 14, 2008
so while we all obsess over hardening our servers against sophisticated hacking attempts, how many of us consider the security of our own host's control panel?
Just today i'd forgotten my login for my host's helpdesk. I couldn't find their password recovery form, so i opened their public support chat and asked support for a link to their password recovery form. Apparently they didn't have a password recovery form. Here is the chat transcript:
Support: Hello
Tom: Hi, where is your password recovery form for the helpdesk?
Support: How may i help you?
Tom: Did you see my message?
Support: Yes
Support: Let me know your email address
Tom: [REMOVED]
Support: Okay Let me check
Support: Your new password is [REMOVED]
So, the only think really stopping someone from logging into my helpdesk and posting a server cancellation ticket is a little bit of research to find my email address and a traceroute to find my host.
View 4 Replies
View Related
Nov 11, 2007
I see that one of the most important things nowadays is the security of our servers.
I would like to know from people here that are running big and small servers what they have done to secure their servers. What tips, what softwares they have used, which applications using and are more secure than others.. generally everything that could make good in the protection and security of our servers.
Even if you asked helped from a company doing that work, what changes they have done to your servers? which options they changed?
I am making this thread so as to collect all info we know in one place.. One knows about that tip.. the other one knows another tip.. having all of them somewhere could make a tremendous difference..
Moderators please dont move that thread in any software discussion or other forum as this is one of the most active ones and also has instant relation with the dedicated servers we buy.
View 11 Replies
View Related
Dec 6, 2007
I have a friend that works in the IT. He is about to start his own business, something in the line of network connection or something like that. I was telling him that I'm planning on getting my own dedicated server but that I have no idea how to secure the server. He told me that most linux desitributions come with their own build in firewall and that I don't need to worry about security. He told me to just ask my dedicated server provider to make sure the firewall is enabled and that's it. When he told me that I thought to myself, either this guy has no idea what he's talking about, or those guys at Webhostingtalk have no idea what they are talking about!
View 14 Replies
View Related
May 23, 2008
Which is the best company to secure my web server?
View 8 Replies
View Related
Sep 8, 2007
Is anyone have a ebook or article about secure linux server and apache .
I want to secure own server and my vps customer
my linux system : Centos
also i have cpanel control panel
View 3 Replies
View Related
Dec 4, 2008
i want to secure my server that scanner tools can not scan my site . because of one of my site is very important to do not scan of folder.
my server os : linux Centos 5
View 3 Replies
View Related
Mar 27, 2007
I have a unmanaged server, and i want to have it secure harden.. how do i do it?
View 5 Replies
View Related
Jul 27, 2007
I would like to know if it's possible to secure a server used only for streaming.
Here is what I have on my server :
- Gentoo,
- FlashMedia Server,
- and the following services are enabled : ftp, ssh, named and web ssl
Is it possible for instance to install Mod_security?
View 3 Replies
View Related
Mar 25, 2009
I came across this very detailed step-by-step tutorial on how to secure a Plesk based VPS. It's up-to-date and was just written so the info is accurate.
Here's the link to the full tutorial: ...
View 1 Replies
View Related
Mar 25, 2008
I have a cPanel dedicated server and have a lot of spam attacks on this server. It's getting so bad that our IP is being added to Yahoo & AOL blacklists and my emails are bouncing to these accounts.
Is there anyone on here who can do a thourough check on our server and install anything necessary to stop this kind of activity?
View 5 Replies
View Related
Mar 13, 2007
For hosting irc and shells i heard that the best choice for OS is the FreeBSD..
I would like to know if there are any toturials or if someone can write one.. (or give some tips) of how can i secure a machine running FreeBSD and used for irc + shells!
For example how can i install a firewall, a rootkit etc etc..
Also what about putting users at jail? (not allowing them see other dirs except theirs) how can i do that?
Also what about dont allow users use some commands like dmesg, ping, traceroute, and also how can i make them when they do ps -aux to only see their processes (to not be able see the other processes from other users..)
View 3 Replies
View Related