Security Expectations For Managed VPS
Oct 17, 2007
I'm experienced with various flavors of Unix but haven't taken the VPS plunge yet. My main fear is that I'm going to end up spending a lot of time managing the server, especially security. I'm leaning heavily towards a hoster that's well regarded on this forum but was surprised when I learned the default managed VPS they deliver is fully open. It also sounded like it was mostly up to me to do the hardening. I've seen the really helpful "HOW TO: Secure and Optimize your VPS" article and I'm okay carrying out these steps initially but all of this makes me wonder:
1) Shouldn't a brand-new managed VPS come completely closed and leave it up to the user to open the few services they need?
2) How much security work should I expect a managed hoster to provide up front and on an ongoing basis?
3) How much security work should I expect to put in initially and ongoing to keep this site running smoothly and securely?
Don't get me wrong, I'm not expecting this to be "fire and forget" but I don't want running this server to become my day job. And after all, with my current shared hosting package I don't have to do *anything* - other than the occasional outage, it just runs.
View 12 Replies
ADVERTISEMENT
Jun 25, 2007
The term Managed Services concerns me with the way it is tossed around in the industry and I am curious to see what other hosts refer to as managed services, how they implement them and also what the consumer expects to receive on a managed server.
In going over one websites description earlier today they had more than five pages devoted to managed services and in my opinion said nothing. In fact at one point they mentioned their backup power, which while I will agree with that it is very important, that is infrastructure and IMHO has nothing to do with backup services.
Anyway I am interested in your view and definition of what you expect to receive on a managed server.
View 4 Replies
View Related
May 9, 2009
how the hosting provider would back me up in setting up my vps, support in additional issues etc. with regards each of the above topics.
View 2 Replies
View Related
Jun 25, 2007
I would like to know as to what amount of expectations should one have when opting for a VPS.
i.e. what's the ideal kind of website that will work fine with a VPS ideal site in the sense that ... the bandwidth and resources (or other criteria) the site consumes.
View 5 Replies
View Related
Jun 9, 2008
moving my colocation (just a single 1U server) to another provider. Is it reasonable to expect to be able to pay the original provider a fee to ship the server to the new location for me instead of requiring me to fly to the DC to pick up the server and do it myself?
View 2 Replies
View Related
Jun 17, 2008
This is my review of my initial setup with Pacific Rack.
After the issues with the fire at TP, I decided to pickup another server at a different data center as an additional server.
I ordered a Supermicro, which is a quad core processor. The price was well within the range, the extras were all within range as well, except cpanel, which was $35.00. I'd rather see that at $25.00, but overall that was fine. Total price as $266, right around what I expected to pay.
Setup took a few days, right at around what I expected.
When it was delivered, I asked why I couldn't log into WHM. They told me everything was fine. After some communication and about an hour and a half they said that they forgot to install cpanel... That wasn't a good start.
They failed to meet expectations because of the following:
1. RDNS was not setup at all. I shouldn't have to request it be setup. This is small, but if I didn't know to check/ask, it would be a major issue in the future.
2. The box always fails to reboot and requires manual intervention. Why can't they fix that? or even address the issue?
3. cPanel was not installed properly and when I asked for help, they told me that the box was unmanaged and I choose the configuration. If it didn't work right out of the box, the fault was my own for choosing that configuration.
Alex said, "You have received a standard Fedora 64 bit install, that we downloaded just for you. What you need must not be included in the standard install, or the cPanel install.
If you want us to manage your server, then you will have to subscribe to our server management service which is $29/month with a 6 month commitment. Otherwise you can just google for the command to install an RPM, as I don't know if off hand, but I know its really simple."
Just to comment, if it turned out to be as simple as installing an RPM, then I would have just killed myself due to the shame of it.
Turns out after working with cPanel support, it was an install error, cPanel was not installed correctly. (Don't know if that is PacificRack's fault or cPanel's, but I know it's NOT my fault and I would expect the data center to get my server up and running properly so I could manage it)
My expectation was that I would be delivered a box that worked properly and if it didn't, PacificRack would help me get it working so that I could use it. It appears that PacificRack's expectation was they just install the crap, it's up to me to make it work. If the install is bad, I can just Google it.
I'm fine with managing a server, I have four years experience running serveral servers, but I am not able to debug install issues where the box NEVER worked properly in the first place.
So, in this area, they fail to meet expectations.
I also found their technical staff to be arrogant and unfriendly, though I'm personally arrogant and unfriendly, but I always am very nice to support people, no need to cut my own throat.
Overall, I'd say that my experience doesn't seem to be typical, but the fact that they were unwilling to resolve the issues really bothers me. I detest companies who hide behind "unmanaged" as a shield against providing the services that they should be providing as a data center. I also refuse to pay a $29.00 a monthly fee to get a managed server (basically a $180.00 commitment) to get them to deliver a working server, when that should be a "Free" service provided when I purchase.
The DNS servers are pacficrack work well and the connections are fast and reliable.
The server still is not working up to expectations and their support people seem to be unwilling to get it to meet expectations with out going "managed". Now, honestly, $180 would be far cheaper than any other options, but its the principle of it.
Overall, I'd rate pacificrack about average. The server is a good server and at a reasonable price. The support people where knowledgeable. The turn around on tickets was very good, no ticket sat for more than a few hours. It really seems like pacificrack is a very small operation. I think that is a big plus.
At this point, I'm not sure if I should just move on or continue to try and get this server to work properly. I'll make a decision in a week when the server is close to renewal.
View 14 Replies
View Related
Oct 13, 2009
I had three VMs with Fsck VPS, dating back to before they got hacked in June. I've been paying the bill since then, I imagined as a kind of insurance, so that I had the VMs handy if I needed to use them in a big hurry. Last week, I tried to log in, and found that my three VMs didn't exist, anymore. As far as I can tell, the VMs haven't existed since the June break-in.
SETUP / PROVISIONING
My first reaction was "They've been billing me for three months, and providing nothing?!??!" I'll be honest, I was pretty tweaked, but after I'd calmed down I decided to see how they handled the situation. So I submitted a ticket asking for an explanation: How long had the machines been down for, and what would it take to get them back up and running?
It took about a day, but we eventually established that VAServ could build three new OpenVZ VMs, and that they would give me three months' credit for those three machines. Since I actually do need the VMs, and I didn't really want to fight about the billing, I decided to go for it. It took another day, but I did get three new machines up and running.
Unfortunately, I do have some complaints about the process, specifically:
- VAServ's technical support is very inconsistent, and different techs seem to have vastly different levels of communications skill and professionality.
- Many of the techs don't seem to bother reading your ticket, beyond the subject. They tend to only be capable of answering the first question in each ticket/email, and they ignore anything else you've asked.
- After the FSCKVPS/VAServ buyout, following the break-in, the HyperVM control panel was disabled. If you need a reboot, or a root password reset, or anything that you can't accomplish yourself by SSHing into the VM, you have to open a ticket. (Seems like a chancy proposition, now, to me.)
REBOOT-AND-PRAY
Today, I started seeing memory allocation errors in running programs. The machine mostly worked, but certain operations (shell scripts, in particular) would error out. I opened a ticket asking for some guidance, and within less than 10 minutes, the VM started rebooting. I got an update about the ticket a few minutes later, and was told that the VM had been reconfigured (increased memory allocation limit) and rebooted.
I was pretty mad about the no-notice reboot. I'd been in the middle of editing a bunch of configuration files, and I lost an hour of work. It just seems so unprofessional and inconsiderate for VAServ's technician to bounce the VM without confirming it with me, first.
I did get an explanation/apology from the tech who rebooted the machine. I asked him to have his supervisor contact me, which took a few hours, but I did hear back. The supervisor wrote:
"...we reboot the vps if we found any VPS out of memory. Normally most of the service stop working or access got killed when VPS is out of memory..."
To me, it sounds like the reboot is a standard procedure for a common problem. Given that kind of environment, it's only natural that the tech's first impulse would be to reboot, given a ticket about memory errors.
At the same time, it's also indicative of a bottom-of-the-barrel service, isn't it?
- Memory problems seem to be common--is that because they're over-subscribed? Does your 512MB allocation mean anything, or is it just talk?
- The staff can't / won't bother to read through a ticket and give it some consideration.
- The staff has an itchy reboot finger. Their first impulse is to power-cycle, rather than to try to understand and fix the issue directly.
FOR THE FUTURE
I do intend to continue using VAServ / FSCKVPS, at least for now. They're really cheap, about $10/month for a 512MB VM, and I can mostly get done with what I need to do. But this is a qualified opinion. I am solely using these VMs for simple R&D projects: Quasi-professional work, stuff that nobody is currently paying me to do.
Given my experiences so far, I would never trust these guys with a real, money-making business project. VAServ / FSCKVPS is suitable for toying around with, or if you're flat broke, but I wouldn't bet my job on them if I could possibly help it.
I'm setting a calendar reminder for myself, right now, to check back in another month or so with an update to this post. Assuming I'm still chugging along with these VMs, I'm going to make a point of posting my impressions on a regular basis.
View 14 Replies
View Related
Jul 10, 2008
While dedicated server providers are quick to promote that they support the server hardware how proactive do you expect them to be in terms of identifying hardware problems?
When hardware goes bad a customer might see performance problems and report it, or perhaps notice hardware errors in the logs.
Or is it the host's job to be monitoring hardware components status? Would you consider such monitoring to be part of the basic service or an optional management extra?
I'm interested in your expectations with a typical dedicated server.
View 8 Replies
View Related
Mar 29, 2009
I am considering moving to dedicated server, what are risks with self managed server compared to managed?
Managed servers are very expensive for my needs.
View 2 Replies
View Related
Jul 16, 2008
When a colo vendor can consider themselves as a managed colocation provider? What make them different than *normal* colo service?
If you need a managed colo, why not go with managed server? With managed server, your vendor will take care about the server health, including software and hardware too
(I am mentioning to fully managed server vendors like Rackspace, don't tell me cheap managed servers)
View 4 Replies
View Related
Mar 7, 2007
I've always had hosting where everything is pretty much already setup. I am now considering getting my own dedicated server. I see most good packages are Self Managed Servers.
I'm not a system admin and never had any experience managing and setting up my own server. Is this a lot of work? Is this something that is also pretty easily learned or does this really take a lot of knowledge?
View 4 Replies
View Related
Apr 4, 2008
I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.
When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.
However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.
Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.
View 10 Replies
View Related
May 2, 2009
How can I make a domain and a subdomain points to different hosting accounts. For example
[url]-->host1
[url]-->host2
I want to make this through my resellerclub managed DNS service
View 2 Replies
View Related
May 12, 2009
We're starting a new video sharing project much like YouTube, so there will be lots of video conversation taking place, as well as high volume traffic on a website driven primarily by PHP and MySQL. It is very important that the company be able to host adult content.
We are looking for a managed VPS under $40. This is not a hard cap. We've been looking at EarthVPS but would like to check out more companies before making a decision. The price point that EarthVPS offers is relatively in the right spot. We are looking for comparable resources as well.
EarthVPS offers 50GB of space, 1000GB bandwidth for $35 a month. Keeping in mind cPanel is $12 more per month.
What is EarthVPS' reputation? Are there any other companies out there that offer a managed VPS service at around the same price point with roughly the same resources?
View 14 Replies
View Related
Nov 14, 2007
One of my sites needs a vps of its own... the hosts ive tried so far have not been very satisfying (uptime wise) but i will not list them because they had a 30day refund policy and that alone is enough to say thanks and a friendly goodbye.
What im looking for in a vps... (atleast)
-10gb filespace
-200gb bandwidth
-Managed
-Cpanel
-Unlimited domains/sqls (would be nice to add on some domains)
-Reasonable setup time
-Money back garuntee (not a must but id lean more towards hosts that offer)
-Reasonable uptime (i know 100% isnt possible.. least 80%?)
-Located near southern california is a plus
I think i nailed pretty much everything im looking for unless i forgot something.
Thanks for the recommends in advance!
My budgets about $50 by the way.. (can pay more depending on the host)
View 4 Replies
View Related
Jun 19, 2007
I'm having a little trouble with setting up DNS. I'm not sure if it's setup right, and it's acting slow the *first time* you connect (but normal until you reconnect again, wait 3 minutes).
3 domains at 000domains.com. 5 DNS each domain at dnsmadeeasy.com. Reseller plan with dedicated IP at polurnet.com.
- At dnsmadeeasy I enter the domain daemn.com and IP.
- At 000domains I register n1-ns5.daemn.com with my 5 DNS IPs.
- At 000domains I update daemn.com's DNS to n1-n5.daemn.com
- At 000domains I add A record with daemn.com's IP.
- At WHM I edit daemn.com's DNS to ns1-ns5.daemn.com
- At WHM I change daemn.com's A records ns1-ns5 to the 5 DNS IPs.
I repeated the same for the other 2 domains. Looks like they gave me the same DNS IP's for all 3 domains though.
On top of all that, I added subdomains in cPanel (which added A records for them) and they still haven't resolved (5ish hours). Didn't take this long before. I wonder if I need to add A records at 000domains too, or I did this all wrong.
View 14 Replies
View Related
Feb 7, 2009
I'm looking for Managed VPS in Europe (for example UK, can be DE but with english website and support) or ultimately in USA (DC in east coast) with DirectAdmin panel.
I need about 10-20 GB hdd, 60-80GB transfer/month. The company should be already several years on the market...
View 7 Replies
View Related
May 11, 2009
would like to move to a VPS plan, many has already mentioned that managing VPS is not easy in which it is kinda scary for me! but may I ask what are the main things that I need to know to manage a VPS host.
from my experience on a shared host with cpanel I know how to manage domains, subdomains, backups, traffic-analyze, mysql-databases, myphpadmin, ... etc.
Now if I get a VPS host with cpanel, do I need any extra experience to mange it? if so, what are they ...
View 13 Replies
View Related
Jun 16, 2009
Glowhost.com offers Managed Firewall on their dedicated servers.
How effective is this software?
View 4 Replies
View Related
Feb 27, 2009
What additional services do I get with a managed VPS account? Does it depend on the service provider?
View 11 Replies
View Related
Mar 19, 2009
I see some hosts provide fully managed VPS. If that's the case, what does that mean exactly? Does it mean the host manages updates and backups and that kind thing? what other maintenance does full managed VPS can provide besides updates and backups?
View 7 Replies
View Related
Oct 9, 2009
I need a managed vps with these software :
Java: jdk1.5.0_16
Tomcat: apache-tomcat-6.0.18
MySQL-Java Connector: mysql-connector-java-5[1].1.6
Please recommend me a good offer from a good company.
View 10 Replies
View Related
May 24, 2009
I have a java-based instant-messaging server application, which I need to host on a VPS.
This server application comes with its own Java Virtual Machine.
I do not need any other software than that, no web server, no database, no PHP, no multiple domains or whatever, because that stuff is hosted on another server
So I assume, I will just need an unmanaged VPS. Am I right or is there more to it?
Do I have to install and manage firewall and security on unmanaged VPS, or is that done by the provider?
What about monitoring? Any other issues I need to take into consideration?
View 9 Replies
View Related
Nov 4, 2009
Used Wiredtree for many years...excellent service.
Moved to VPSville...omg, much downtime headache.
Looking for another UK-based managed VPS provider using WHM and cPanel.
View 8 Replies
View Related
Aug 18, 2009
I am shopping around for managed colocation right now. My biggest thing is support and network reliability. Right now I have a server that's colocated but unmanaged. As my sites are becoming larger, they are becoming more prone to DDOS attacks and other server-related problems and, as of right now, I have nobody to help me when my server dies.
So, support and DDOS protection is very important. In sum, my criteria are:
24/7 support that will help me resolve all server related issues
Monitoring 24/7
DDOS protection
Good connectivity to: USA, Canada, UK, and (as a curveball) Australia (AU is least important though)
Only 1-2mbps uplink
Based on this, what managed colocation services would match me and my criteria?
View 14 Replies
View Related
Aug 7, 2009
we have several sites, that have www & email hosted in separate locations. we currently have our server redirect mail out. but if the server is slow, down, or other issues, it may not re-route the MX records out.
Would a managed DNS service help? i assume this means i could route services before they hit the server.
View 8 Replies
View Related
Apr 26, 2008
do I want a Managed VPS or unmanaged vps?
View 4 Replies
View Related
Mar 28, 2008
i am currently sharing a VPS with someone.
it is a VPS from ZONE.net
so far i have been very pleased but i am now looking to get my own VPS.
i am only able to afford 40-50$/mo right now so for ZONE.net that would be their cheapest enterprise server
i am also looking at liquidweb's VPS1 package, with the free upgrades and a start up fee i can get the package for 40/mo
so do you guys have any other suggestions or comments?
i have a bunch of php/mysql sites to put on this new VPS
View 14 Replies
View Related
Aug 12, 2008
A friend has asked me to recommend a company for a Managed VPS solution, one that must be in hosted in Europe (I suggested that he might want to look to the USA but he doesn't want to). As I really don't know too much about European VPS solutions as I mainly deal with US datacenters and companies I wanted to ask for a recommendation.
He requires a managed linux VPS solution, with a control panel that can manage files, email, databases etc, so whether its directadmin, cPanel, Plesk or whatever, it doesn't really matter.
He is looking for the following specs:
20-30GB HDD
128 or more RAM
Bandwidth doesn't particularly matter as long as its not too low.
The budget is £20 or under (around $40) per month, so he's obviously looking at quite a low-end solution.
View 3 Replies
View Related
Nov 18, 2008
how to configure C-panel/whm for my sites.
This is all brand new to me. Never had VPS before. The host is very reputable but I'm having a hard time getting them to understand I don't have experience with UNIX, Telnet, or SSH.
The transition is up to me because they don't support migration from my old host's control panel.
View 11 Replies
View Related
Jan 31, 2008
Are there any established providers that offer this? I want an established company who isn't going to run off with my server, and they need to provide high quality bandwidth(Level3, AT&T, Sprint, etc) with 100% Power SLA, etc. in a secure facility.
IE: If I buy my own servers can I ship them out to a datacenter to have them fully managed, basically being a dedicated server? Except i'll own the hardware, and they provide the bandwidth, management, etc.
View 9 Replies
View Related