SoftLayer Major Packet Loss Issues -- Advice Needed
Mar 8, 2008
I recently switched over to SoftLayer for dedicated hosting and the servers are great. However we've been getting hit on and off with massive (50-80%) packet loss, which has been crippling our performance and causing all sorts of problems
I put in a support ticket and they linked me to the Internet Health Report website and said it was due to one of their bandwidth providers (I think Global CrossinG) and not on their internal network and to be patient as it could take time to resolve
Are any other SoftLayer customers going through this? Is this an unusual occurrence? I feel like if it was really one of their partners that it would be affecting a lot of their customers and it would be a high priority issue right?
I'm kind of stuck on what to do; I just invested a lot of energy into moving content onto these new servers and am concerned about whether to wait it out or whether to start finding a new company. This kind of packet loss is really unacceptable...
View 14 Replies
ADVERTISEMENT
Mar 15, 2007
I am noticing some packet loss on one of my boxes, most notably when i'm accessing the webmail (however i'm pretty sure it's not that)
Can anyone offer some tips as to how to nail this down?
View 3 Replies
View Related
Dec 23, 2007
I have a dedicated windows 2003 server at a colocation facility that i use for game server hosting. Over the past 7 months, packet loss has become horrible with random periods of massive lag. My host says it's something on my end. I use a firewall with SPI enabled. Could that be causing it?
Strange thing is, the first few months my server was at that colo, they only had around 40 other servers on a single OC-192 pipe and i never had packet loss despite having the same SPI firewall. But now they have over 300 servers on the same OC-192 pipe. Could the packet loss be caused by my SPI firewall or them overloading the network with servers?
View 0 Replies
View Related
Jun 10, 2009
Basically I registered with a new host. They sent me the details with obviously includes the IP address. I tested the IP address on just-ping.com and it came back with all of them having between 80% to 100% packet loss. Surely this is not normal is it? I havent moved my domain yet but it doesnt look good does it? Should I cancel?
View 14 Replies
View Related
Jul 11, 2008
Anyone else experiencing packet loss with a GoDaddy VDS?
I'm in the 208.109.93 subnet.
--- google.com ping statistics ---
200 packets transmitted, 53 received, 73% packet loss, time 199086ms
rtt min/avg/max/mdev = 41.970/42.813/46.022/0.994 ms
View 1 Replies
View Related
Dec 11, 2007
with two 3com 3870 switches.
Our setup looks like this
Computer A (GigE) Switch 1 (gigE) Media Converter (Fiber Run) Media Converter (gigE) Switch 2 (gigE) Computer B
We have a cross connect in our data center that uses media converters (fiber) to regular 1000FD on each end.
Each end of the 1000FD handoff is plugged into port 1 of the 3870's (switch 1 and switch 2).
Pinging from Computer A to Computer B we receive a 50% packet loss.
Pinging from Computer B to Switch 1, no packet loss.
Pinging from Computer A to Switch 2, 50% packet loss.
Looking in the interface, the port 1's on each switch auto negotiate to 1000FD, however flow control shows as off.
We asked our data center to run tests on the media converts and fiber runs and everything comes back 100% fine. Has anyone seen a weird issue like this before with 3com switches not playing nicely with media converters?
I have no clue whats going on and our data center said the fiber run/media converter is fine... [url]
View 5 Replies
View Related
Jul 9, 2007
I have smokeping monitoring my game servers and so far in the little time that it has been running all my game servers have been encountering an average of 4 to 10% packet loss. Are there are tweaks i can run on the server computer to reduce packet loss? (registry modifications, etc.)
I downloaded a TCP tweak program called "TCP Optimizer" is it safe to run on a Windows 2003 Server OS?
The colo connection is an OC 192 and i have a 100Mbit ethernet card.
Here are my current TCP settings:
Quote:
[SYSTEMCurrentControlSetServicesTcpipParameters]
TcpWindowSize=-1
GlobalMaxTcpWindowSize=-1
EnablePMTUDiscovery=-1
EnablePMTUBHDetect=-1
SackOpts=-1
DefaultTTL=-1
TcpMaxDupAcks=-1
Tcp1323Opts=-1
DisableUserTOSSetting=-1
DefaultTOSValue=-1
[SYSTEMCurrentControlSetServicesAfdParameters]
DefaultReceiveWindow=-1
[SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
MaxConnectionsPerServer=-1
MaxConnectionsPer1_0Server=-1
[SYSTEMCurrentControlSetServicesICSharingSettingsGeneral]
InternetMTU=-1
[SOFTWAREMicrosoftWindowsCurrentVersionExplorerRemoteComputerNameSpace{D6277990-4C6A-11CF-8D87-00AA0060F5BF}]
{D6277990-4C6A-11CF-8D87-00AA0060F5BF}=-1
[SYSTEMCurrentControlSetServicesDnscacheParameters]
MaxNegativeCacheTtl=-1
NegativeCacheTime=-1
NetFailureCacheTime=-1
NegativeSOACacheTime=-1
[SOFTWAREPoliciesMicrosoftWindowsPsched]
NonBestEffortLimit=-5
[SYSTEMCurrentControlSetServicesTcpipServiceProvider]
LocalPriority=499
HostsPriority=500
DnsPriority=2000
NetbtPriority=2001
[SystemCurrentControlSetServicesLanmanServerParameters]
SizReqBuf=-1
[SYSTEMCurrentControlSetServicesNdisWanParametersProtocols]
ProtocolMTU=-2
[SYSTEMCurrentControlSetServicesTcpipParametersInterfaces{D63AC0FA-D2C9-4D83-B057-31A353516AB3}]
MTU=-1
TcpWindowSize=-1
[SYSTEMCurrentControlSetServicesPschedParametersAdapters{D63AC0FA-D2C9-4D83-B057-31A353516AB3}]
NonBestEffortLimit=-2
[SYSTEMCurrentControlSetServicesTcpipParametersInterfaces{8190D94A-3B2D-45C4-998D-312E99D6061D}]
MTU=-1
TcpWindowSize=-1
[SYSTEMCurrentControlSetServicesPschedParametersAdapters{8190D94A-3B2D-45C4-998D-312E99D6061D}]
NonBestEffortLimit=-2
View 11 Replies
View Related
May 17, 2009
I have a home CentOS server and here is my issue
When I try to connect to it via SSH its laggy and often times out. I also notice packet loss.
My home network is 100 Mbps and the router is a crappy netgear WPN824 V3
View 8 Replies
View Related
Nov 3, 2007
Recently I have been having this problem with two high traffic servers on two different network.
Both servers are Quad-Core Xeons with CentOS 4.5 x86_64 and they are on 100mbps full duplex network. Software configuration is Nginx+Apache+MYSQL control panel is Directadmin.
The servers are serving lots static files and some php scripts.
When the servers start push near or over 30mbps, there will be packet loss when I ping them. around 5% loss, push more bandwidth the more packet loss. I have checked all the log files, I don't see any unusual errors.
Server Load is fine. The NICs were on 100mbps full-duplex mode.
The datacenters claim the networks were fine and all the other servers running on the same switches were fine with no packet loss.
View 8 Replies
View Related
Mar 19, 2007
I'm trying to find out why a single interface is causing packet loss on my entire network.
The network consists of four 2924's trunked to a 3550. I have about 20 vlans and a single default route for all traffic my uplink.
The network is perfect until I enable a single server. After I issue a 'no shut' on the interface packet loss is anywhere from 5% to 20% for anything going through the 3550 or even pings from the 3550 to other switches or the uplink.
Here's the statistics/settings of the interface after 1 minute of activity:
Code:
interface FastEthernet0/1
description 228
switchport access vlan 58
switchport mode dynamic desirable
speed 100
duplex full
spanning-tree portfast
FastEthernet0/1 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 0014.f2e6.df01 (bia 0014.f2e6.df01)
Description: 228
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 6/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is 10/100BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:00, output hang never
Last clearing of "show interface" counters 00:01:01
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2536000 bits/sec, 924 packets/sec
5 minute output rate 341000 bits/sec, 469 packets/sec
60922 packets input, 21630544 bytes, 0 no buffer
Received 0 broadcasts (0 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 2 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
31585 packets output, 2859788 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
Transmit FastEthernet0/1 Receive
3583183 Bytes 27018085 Bytes
39516 Unicast frames 76403 Unicast frames
46 Multicast frames 0 Multicast frames
0 Broadcast frames 0 Broadcast frames
0 Discarded frames 0 No dest, unicast
0 Too old frames 0 No dest, multicast
0 Deferred frames 0 No dest, broadcast
0 1 collision frames
0 2 collision frames 0 FCS errors
0 3 collision frames 0 Oversize frames
0 4 collision frames 0 Undersize frames
0 5 collision frames 0 Collision fragments
0 6 collision frames
0 7 collision frames 4355 Minimum size frames
0 8 collision frames 56237 65 to 127 byte frames
0 9 collision frames 1205 128 to 255 byte frames
0 10 collision frames 14 256 to 511 byte frames
0 11 collision frames 67 512 to 1023 byte frames
0 12 collision frames 14528 1024 to 1518 byte frames
0 13 collision frames
0 14 collision frames 0 Flooded frames
0 15 collision frames 3 Overrun frames
0 Excessive collisions 0 VLAN filtered frames
0 Late collisions 0 Source routed frames
0 Good (1 coll) frames 0 Valid oversize frames
0 Good(>1 coll) frames 0 Pause frames
0 Pause frames 0 Symbol error frames
0 VLAN discard frames 0 Invalid frames, too large
0 Excess defer frames 0 Valid frames, too large
0 Too large frames 0 Invalid frames, too small
3672 64 byte frames 0 Valid frames, too small
34066 127 byte frames
2152 255 byte frames
110 511 byte frames
38 1023 byte frames
28 1518 byte frames
CPU utilization for five seconds: 13%/3%; one minute: 12%; five minutes: 9%
77 1317620 3220725 409 9.27% 8.35% 6.20% 0 IP Input
How does 1400 packets/second (4mbits) cause my 3550 to drop packets?
View 14 Replies
View Related
Jul 6, 2008
a tool that can measure how much packet loss we are having on a given server by looking at the packets being sent from it. I.e, something than looks at all TCP/80 connections and measures how many packets and bytes are being retransmitted vs actual packets and bytes sent.
This documents explains it:
[url]
We need this to measure network performance of different hosts where we have dedicated servers. This would be a good way of measuring performance with the actual data of our users.
Does anyone know of such tool? I.e, something that can say
2532 packets/second - 132 retransmits/second (4.8%)
25.43Mbps/sec total traffic - 24.84 Mbps/sec actual data sent - 0.59Mbps retransmits
Even better if it can then break it out on IP prefixes. like
192.0/16: 0.2% retransmits
192.1/16: 3.2% retransmits
192.2.16: 0.3% retransmits
192.3/16: 22.5% retransmits
192.4/16: 0.3% retransmits
This would be a good indicator of connectivity between the host where the tests are ran and other specific hosts.
View 2 Replies
View Related
Aug 1, 2009
I am facing high ping and packet loss issues with a server hosted at hetzner.de (CentOS + WHM)
For some unknown reason pings go high and stay like this (average 1500ms) until I reboot the server.
Here is a screenshot of tracert from server to me: [url]
View 15 Replies
View Related
Jun 10, 2008
root@server [~]# tail -f /var/log/messages
Jun 10 14:14:49 server kernel: printk: 56 messages suppressed.
Jun 10 14:14:49 server kernel: ip_conntrack: table full, dropping packet.
Jun 10 14:14:54 server kernel: printk: 59 messages suppressed.
Jun 10 14:14:54 server kernel: ip_conntrack: table full, dropping packet.
Jun 10 14:14:59 server kernel: printk: 85 messages suppressed.
Jun 10 14:14:59 server kernel: ip_conntrack: table full, dropping packet.
Jun 10 14:15:04 server kernel: printk: 90 messages suppressed.
Jun 10 14:15:04 server kernel: ip_conntrack: table full, dropping packet.
Jun 10 14:15:09 server kernel: printk: 58 messages suppressed.
Jun 10 14:15:09 server kernel: ip_conntrack: table full, dropping packet.
Jun 10 14:15:14 server kernel: printk: 70 messages suppressed.
Jun 10 14:15:14 server kernel: ip_conntrack: table full, dropping packet.
Jun 10 14:15:19 server kernel: printk: 193 messages suppressed.
Jun 10 14:15:19 server kernel: ip_conntrack: table full, dropping packet.
Anyone know what this is about?
Using Centos / Cpanel
Linux server.domain.com 2.6.9-67.0.15.ELsmp #1 SMP Thu May 8 10:52:19 EDT 2008 i686 i686 i386 GNU/Linux
root@server [~]# sysctl net.ipv4.netfilter.ip_conntrack_max
net.ipv4.netfilter.ip_conntrack_max = 65536
I ran this in the meantime.
sysctl -w net.ipv4.netfilter.ip_conntrack_max=72000
View 7 Replies
View Related
Jan 16, 2009
I'd like to go with 1and1, using ASP.net and MS SQL Server, and the ability to setup lots of databases, websites and URLs, but I'm not keen on maintaining the server, updates, backups etc.
I'd also like to access the web space and upload files, from any computer.
View 11 Replies
View Related
Apr 4, 2007
I am planning on launching an mp3 site for a music studio. the problem now is, i dont know what type of bandwidth usage to expect from users and i dont want my client to think its my fault. (some of them dont really want to know the technical basics)
To give a hint of the advice i am looking for,: say i have 300 different mp3 files at 3.0 mb per size what size of hosting and bandwidth should i look for that can cater for upwards of 100,000 users who will listen to up to 6 hrs of music on the site.
View 5 Replies
View Related
Jan 22, 2009
I'm looking to host my own website(s), money isnt really an issue, but I'd like some advice on which package would be most suitable. I can't upgrade to different platforms, so I need to get the right package from the start.
I like the sound of the dedicated server, but my experience of supporting servers isn't great, so I'm wary of getting this option.
The VPS looks good, could anyone please tell me how this works? What the difference between thi sand a dedicated server? Do you need alot of server support experience to use this?
Would the normal MS hosting package be suitable? I take it its not very flexible.
View 9 Replies
View Related
Sep 4, 2008
After 7 years with Rackspace I have decided to leave for better and cheaper service elsewhere. The final straw (after a couple of years of tolerating increasing prices and decreasing support) was a ridiculous quote from them for adding 1Gb of RAM.
I have read in the Forums about people having similar feelings, and there is advice here about where to go to instead. But I am a *total layman*, needing as many support services as possible (rebooting, backing up, etc.) so that I don't have to worry about anything really. So a lot of the advice here is over my head! Can anyone suggest where I should take my business?
View 14 Replies
View Related
May 14, 2007
I have been having a very hard time tracking down the source/cause of this surge in email. My server has been sending out thousands of spam emails under the nobody account. So far I have done the following:
Created a spam_log to monitor php/cgi mail scripts
Secured firewall and setup monitoring & automatic ip ban of dictionary attacks in exim
Secured the /tmp folder
Updated server to latest STABLE version of cpanel
Scanned server with rootcheck kit
Here is a sample email that is getting bounced back. I have nearly 60,000 bounced emails in the queue with similar messages.
Quote:
Headers spool file 1Hndfh-0001A4-0G-H
mailnull 47 12
<>
1179161117 0
-ident mailnull
-received_protocol local
-body_linecount 72
-allow_unqualified_recipient
-allow_unqualified_sender
-localerror
XX
1
nobody@whm.mav-hosting.com
156P Received: from mailnull by whm.mav-hosting.com with local (Exim 4.63)
id 1Hndfh-0001A4-0G
for nobody@whm.mav-hosting.com; Mon, 14 May 2007 11:45:17 -0500
039 X-Failed-Recipients: beyp@ttnet.net.tr
029 Auto-Submitted: auto-replied
063F From: Mail Delivery System <Mailer-Daemon@whm.mav-hosting.com>
031T To: nobody@whm.mav-hosting.com
059 Subject: Mail delivery failed: returning message to sender
052I Message-Id: <E1Hndfh-0001A4-0G@whm.mav-hosting.com>
038 Date: Mon, 14 May 2007 11:45:17 -0500
Data spool file 1Hndfh-0001A4-0G-D
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
beyp@ttnet.net.tr
SMTP error from remote mail server after RCPT TO:<beyp@ttnet.net.tr>:
host ttfarm.ttnet.net.tr [212.175.13.134]: 550 Invalid recipient:
<beyp@ttnet.net.tr>
------ This is a copy of the message, including all the headers. ------
Return-path: <nobody@whm.mav-hosting.com>
Received: from nobody by whm.mav-hosting.com with local (Exim 4.63)
(envelope-from <nobody@whm.mav-hosting.com>)
id 1HnaLG-0007Jz-CX
for beyp@ttnet.net.tr; Mon, 14 May 2007 08:11:58 -0500
To: beyp@ttnet.net.tr
Subject: Interaktif Bankacilik Hesabiniz
From: Ak Bank <acc@akbank.com.tr>
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <E1HnaLG-0007Jz-CX@whm.mav-hosting.com>
Sender: Nobody <nobody@whm.mav-hosting.com>
Date: Mon, 14 May 2007 08:11:58 -0500
**CONTENT OF SPAM MESSAGE REMOVED**
I removed the content of spam so it's not posted on the forum
View 6 Replies
View Related
Aug 17, 2008
Hey everyone, I've been a loyal customer of 1and1 for a few years now, however some circumstances have come up that require me to upgrade to something with unmetered bandwidth with some better hardware specs, simmilar in the fashion that 1and1 in Europe does (dedicated 100mbit for 2TB or so, then downgraded to 10mbit that can be reset to 100mbit manually for no extra cost). So I was looking at 1and1.co.uk's Buisiness III server ( order.1and1.co.uk/xml/order/ServerRoot ), and I figured i could cut some corners here and there to snag me an account even though I'm in the US, but I realized that their price plus VAC makes them a bit less competitive in terms of price. I was wondering if anyone would know of some place that can offer the freedoms 1and1 offers (basically, "here's your server, here's our ToS, have a blast"), with simmilar and/or better specs as that specific package, and possibly deals internationally?
I've given the foums a good once-over (I've lurked for several years now), and have gotten a general idea, but I figured I'd ask just to get a better idea.
View 6 Replies
View Related
Feb 28, 2009
I am need a VPS plan which is good enough for handling such CPU intensive programs. I had already read reviews about solarvps,wiredtree and Hostv. I really liked offers from solarvps, but I am a noob when it comes to servers so please advice me hosting talk members. Plus I need full transfer support for my website from hostgator they are ridiculously expensive.
View 10 Replies
View Related
Jan 7, 2008
Paypal started sending me notices that it was unable to connect to my IPN (I'm using modernbill v4) yet I used it without a problem for 3 years.
The sent this message in response to my support inquiry:
I have had the IPN logs checked and show that, on recent transactions, your Web server returned an HTTP 200 OK on some of the transactions. Transactions were pulled from:
Date: Fri, 04 Jan 2008 15:00:09 GMT and Date: Thu, 03 Jan 2008 22:20:48 GMT
The reason that you are receiving the E-mail in question is due to your server not responding with an HTTP 200 OK rsponse. When this happens, the PayPal system attempts to resend the IPN POST for up to four days at which time the E-mail in question is generated to inform the merchant of issues with the IPN script.
This issue is not a PayPal issue, but is rather caused by your server's response to IPN POSTs sent to the IPN Script.
Can someone please help me trace this problem?
This is what my server is using:
Modernbill v4.4 stable
Centos 4.6
CSF Firewall
Cpanel 11
Apache 2.2 / PHP 5.2.5
View 8 Replies
View Related
Aug 31, 2009
I have been in online business for about 5 years, but only this morning found out what DDoS is. Shame on me.
Our site was attacked this morning and the host (shared hosting) has switched off the dns connection so our site is currently down along with email. We are a small firm and we are absolutely getting killed by this right now.
The tech support in this hosting company (icdsoft com) is absolutely phenomenal based on previous experiences and here is what they said throughout the day:
"Your site gets approximately 60 hits/second. Unfortunately there isn't much that can be done in such situation. We already blocked the most active IP addresses in our firewall, but this does not help, as the attack comes from many sources "
About an hour later they tried again and the following was said:
"Unfortunately we do not know how long this attack will last. At the moment there are more than 1100 requests/second towards your site."
about an hour after that the following was said:
"The attack is still going on. Currently, the incoming rate is 8MBit/sec. We will enable your site, and we will notify you when the attack is over."
My questions are the following and I will appreciate any advise as I am absolutely clueless about this:
1. What should I do at this point? Should I move the site to a dedicated server and if so, will this solve the DDOS problem?
2. Should I purchase anti DDoS package? They are extremely expensive it appears.
3. If I move to a new dedicated host, which one should i choose? we are a small site, with about 10,000 uniques per month and do not have massive budget so cost is a big factor.
4. How long will this current attack likely last? I know it's impossible to answer, but approximately how long do these things last and is it likely to repeat in the future if we leave things alone?
Any knowledgable advice on this matter will be greatly appreciated as we are hurting badly due to this and even 1 day loss of income for us is extremely serious and hurtful.
View 14 Replies
View Related
Aug 5, 2008
Can anyone recommend a well-established VPS provider with facilities at a major EU connection point, preferably TheNetherlands? I need a small account for secondary DNS and MX, plus some caching experimentation. Might turn into an unmetered dedicated mega-server at the same location if things go as planned, so if you only have experience with dedi or colo at a certain host, feel free to chime in.
I'm already a colo-host and a cPanel distributor myself, so I don't need management or a control panel, just a minimal-install CentOS 5 VPS. (I'll be installing cPanel DNSonly) Here's the kicker though, like most USians, I only speak English (and some would say badly), so the host has to speak at least enough to get the account set up. (preferably has a site in English). The real deal-breaker is that they MUST have their own merchant account and accept credit cards for recurring billing. I will not use Paypal, Moneybookers, or any other 3rd-party processor that requires a registration or manual payments. That almost always indicates an amateur operation in someone's basement. Looking for something along the lines of ThePlanet, but in Amsterdam. (AmsterNet? PlanetDam? )
View 8 Replies
View Related
Jun 4, 2007
to move one of my sites from 1-st dedicated server to 2-nd dedicated server.
Of course i have shell access on both servers. As site is huge one (60gb space and 99% of files in one folder) going to tar -czvf this folder and move it.
or may be mput all files.
the only problem that i have ... is, that i need SSH commands advice.
if i type [mput *] i must keep window opened. but as u understand 60gb is can be transferred during ~10-15 hours. that's why need to know, is there any command that i must type (with mput *) and close window. So, don't be online all this time and/or keep shell window opened during this tranfer.
View 2 Replies
View Related
Oct 14, 2007
I'm having a serious problem with Apache 2.0.54. I'm running Debian Sarge (3.1) and I cannot upgrade Apache (easily) so I am stuck using 2.0.54 (2.2+ are not supported on Sarge). I have been trying everything with config changes and different tweaks but Apache is giving me lots of trouble. Whenever I run "apache2ctl restart" Apache will crash and will not start. But when I run "apache2ctl start" Apache will run and in the log, it simply puts "[warn] pid file /var/run/apache2.pid overwritten -- Unclean shutdown of previous Apache run?". I get nothing else before or after I run those commands. Running "apache2ctl graceful" starts messing with it giving me "apache2 <defunct>" errors and "apache2ctl configtest" gives me nothing except "Syntax OK."
Here is my "apache2.conf" file:
Code:
# Based upon the NCSA server configuration files originally by Rob McCool.
# Changed extensively for the Debian package by Daniel Stone <daniel@sfarc.net>
# and also by Thom May <thom@debian.org>.
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation
# (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
# you will save yourself a lot of trouble.
ServerRoot "/etc/apache2"
# The LockFile directive sets the path to the lockfile used when Apache
# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
# its default value. The main reason for changing it is if the logs
# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
# DISK. The PID of the main server process is automatically appended to
# the filename.
LockFile /var/lock/apache2/accept.lock
# PidFile: The file in which the server should record its process
# identification number when it starts.
PidFile /var/run/apache2.pid
# Timeout: The number of seconds before receives and sends time out.
Timeout 300
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
KeepAlive On
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
MaxKeepAliveRequests 100
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
KeepAliveTimeout 15
##
## Server-Pool Size Regulation (MPM specific)
##
# prefork MPM
# StartServers ......... number of server processes to start
# MinSpareServers ...... minimum number of server processes which are kept spare
# MaxSpareServers ...... maximum number of server processes which are kept spare
# MaxClients ........... maximum number of server processes allowed to start
# MaxRequestsPerChild .. maximum number of requests a server process serves
<IfModule prefork.c>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# pthread MPM
# StartServers ......... initial number of server processes to start
# MaxClients ........... maximum number of server processes allowed to start
# MinSpareThreads ...... minimum number of worker threads which are kept spare
# MaxSpareThreads ...... maximum number of worker threads which are kept spare
# ThreadsPerChild ...... constant number of worker threads in each server process
# MaxRequestsPerChild .. maximum number of requests a server process serves
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
# perchild MPM
# NumServers ........... constant number of server processes
# StartThreads ......... initial number of worker threads in each server process
# MinSpareThreads ...... minimum number of worker threads which are kept spare
# MaxSpareThreads ...... maximum number of worker threads which are kept spare
# MaxThreadsPerChild ... maximum number of worker threads in each server process
# MaxRequestsPerChild .. maximum number of connections per server process (then it dies)
<IfModule perchild.c>
NumServers 5
StartThreads 5
MinSpareThreads 5
MaxSpareThreads 10
MaxThreadsPerChild 20
MaxRequestsPerChild 0
AcceptMutex fcntl
</IfModule>
User www-data
Group www-data
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
LogFormat "%h %l %u %t "%r" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Global error log.
ErrorLog /var/log/apache2/error.log
# Include module configuration:
Include /etc/apache2/mods-enabled/*.load
Include /etc/apache2/mods-enabled/*.conf
# Include all the user configurations:
Include /etc/apache2/httpd.conf
# Include ports listing
Include /etc/apache2/ports.conf
# Include generic snippets of statements
Include /etc/apache2/conf.d/[^.#]*
#Let's have some Icons, shall we?
Alias /icons/ "/usr/share/apache2/icons/"
<Directory "/usr/share/apache2/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
# Set up the default error docs.
#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#
#
# Putting this all together, we can Internationalize error responses.
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections. We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line;
#
# Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /usr/local/apache2/error/include/ files and
# copying them to /your/include/path/, even on a per-VirtualHost basis.
#
<IfModule mod_negotiation.c>
<IfModule mod_include.c>
Alias /error/ "/usr/share/apache2/error/"
<Directory "/usr/share/apache2/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
ErrorDocument 410 /error/HTTP_GONE.html.var
ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
ErrorDocument 415 /error/HTTP_SERVICE_UNAVAILABLE.html.var
ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
</IfModule>
</IfModule>
DirectoryIndex index.html index.cgi index.pl index.php index.xhtml
# UserDir is now a module
#UserDir public_html
#UserDir disabled root
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options Indexes SymLinksIfOwnerMatch IncludesNoExec
#</Directory>
AccessFileName .htaccess
<Files ~ "^.ht">
Order allow,deny
Deny from all
</Files>
UseCanonicalName On
TypesConfig /etc/mime.types
DefaultType text/plain
HostnameLookups Off
IndexOptions FancyIndexing VersionSort
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
# This really should be .jpg.
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
# This is from Matty J's patch. Anyone want to make the icons?
#AddIcon /icons/dirsymlink.jpg ^^SYMDIR^^
#AddIcon /icons/symlink.jpg ^^SYMLINK^^
DefaultIcon /icons/unknown.gif
ReadmeName README.html
HeaderName HEADER.html
IndexIgnore .??* *~ *# HEADER* RCS CVS *,t
AddEncoding x-compress Z
AddEncoding x-gzip gz tgz
AddLanguage da .dk
AddLanguage nl .nl
AddLanguage en .en
AddLanguage et .et
AddLanguage fr .fr
AddLanguage de .de
AddLanguage el .el
AddLanguage it .it
AddLanguage ja .ja
AddLanguage pl .po
AddLanguage ko .ko
AddLanguage pt .pt
AddLanguage no .no
AddLanguage pt-br .pt-br
AddLanguage ltz .ltz
AddLanguage ca .ca
AddLanguage es .es
AddLanguage sv .se
AddLanguage cz .cz
AddLanguage ru .ru
AddLanguage tw .tw
AddLanguage zh-tw .tw
LanguagePriority en da nl et fr de el it ja ko no pl pt pt-br ltz ca es sv tw
#AddDefaultCharset ISO-8859-1
AddCharset ISO-8859-1 .iso8859-1 .latin1
AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
AddCharset ISO-8859-3 .iso8859-3 .latin3
AddCharset ISO-8859-4 .iso8859-4 .latin4
AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru
AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb
AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk
AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb
AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
AddCharset Big5 .Big5 .big5
# For russian, more than one charset is used (depends on client, mostly):
AddCharset WINDOWS-1251 .cp-1251 .win-1251
AddCharset CP866 .cp866
AddCharset KOI8-r .koi8-r .koi8-ru
AddCharset KOI8-ru .koi8-uk .ua
AddCharset ISO-10646-UCS-2 .ucs2
AddCharset ISO-10646-UCS-4 .ucs4
AddCharset UTF-8 .utf8
AddCharset GB2312 .gb2312 .gb
AddCharset utf-7 .utf7
AddCharset utf-8 .utf8
AddCharset big5 .big5 .b5
AddCharset EUC-TW .euc-tw
AddCharset EUC-JP .euc-jp
AddCharset EUC-KR .euc-kr
AddCharset shift_jis .sjis
#AddType application/x-httpd-php .php
#AddType application/x-httpd-php-source .phps
AddType application/x-tar .tgz
# To use CGI scripts outside /cgi-bin/:
#
#AddHandler cgi-script .cgi
# To use server-parsed HTML files
#
<FilesMatch ".shtml(..+)?$">
SetOutputFilter INCLUDES
</FilesMatch>
# If you wish to use server-parsed imagemap files, use
#
#AddHandler imap-file map
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4.0" force-response-1.0
BrowserMatch "Java/1.0" force-response-1.0
BrowserMatch "JDK/1.0" force-response-1.0
#
# The following directive disables redirects on non-GET requests for
# a directory that does not include the trailing slash. This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# redirects for folders with DAV methods.
#
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^gnome-vfs" redirect-carefully
BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
# Allow server status reports, with the URL of http://servername/server-status
# Change the ".your_domain.com" to match your domain to enable.
#
#<Location /server-status>
# SetHandler server-status
# Order deny,allow
# Deny from all
# Allow from .your_domain.com
#</Location>
# Allow remote server configuration reports, with the URL of
# http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".your_domain.com" to match your domain to enable.
#
#<Location /server-info>
# SetHandler server-info
# Order deny,allow
# Deny from all
# Allow from .your_domain.com
#</Location>
# Enables SSI
Options +Includes
LoadModule layout_module /usr/lib/apache2/modules/liblayout.so
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^/.* http://%{REMOTE_ADDR}/ [L,E=nolog:1]
</IfModule>
# Include the virtual host configurations:
Include /etc/apache2/sites-available/[^.#]*
And here's my "httpd.conf" file:
Code:
# This is here for backwards compatability reasons and to support
# installing 3rd party modules directly via apxs2, rather than
# through the /etc/apache2/mods-{available,enabled} mechanism.
#
#LoadModule mod_placeholder /usr/lib/apache2/modules/mod_placeholder.so
<VirtualHost 66.150.225.201:80>
#
#User vu2004
#Group vu2004
#
#
#SuexecUserGroup vu2004 vu2004
#
ServerAdmin todd@datacomponents.net
DocumentRoot /var/www
ServerName xetaspace.net
ServerAlias www.xetaspace.net xetaspace.net
ErrorLog /var/log/apache2/users/xetaspace.net-error.log
TransferLog /var/log/apache2/users/xetaspace.net-access.log
# httpd dmn entry cgi support BEGIN.
# httpd dmn entry cgi support END.
# httpd dmn entry PHP2 support BEGIN.
php_admin_value open_basedir "/var/www/:/usr/share/php/:/tmp/"
# httpd dmn entry PHP2 support END.
<Directory /var/www>
# httpd dmn entry PHP support BEGIN.
# httpd dmn entry PHP support END.
Options Indexes Includes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
I am on the end of my rope with Apache and feel like just formatting the server and reinstalling Apache. Which reminds me, I did try using apt-get to remove and install Apache again but nothing worked.
View 6 Replies
View Related
Mar 30, 2008
Here I am thinking about sites that are in top 10K according to Alexa. If yes please list few of them here...
View 10 Replies
View Related
Apr 6, 2008
Can you recommend here some reliable shared host that allow Adult WordPress blog , no movies or images will be hosted at all , it will contain only linking to rapidshare links.
View 10 Replies
View Related
Oct 17, 2009
I have been with IGSoBe for a little over 2 months now, going on 3. And the rates seemed great. I have resold a few servers for them to clients, and everything seemed okay. The server setup times exceeded the 72 hour maximum. I have a C class of IP addresses with them which were supposed to take 7 days MAXIMUM, I was told in the *WORST* case scenario. I think I waited 3 - 5 weeks for the C class which had me at a standstill with VPS sales. Long setup times had a few clients back out. Have had a few comments about slow network in that it isn't blazing fast like some premium providers, although I haven't had a problem myself.
Each month goes by and there's a downtime about this, or a downtime about that. Well this month it has been smooth sailing, I thought all the problems must have been ironed out, and to my dismay come the 15th, the DAY AFTER paying the invoice for the server, BAM the server is offline. IGSoBe main website still up, as well as client servers so I know its not a mass issue. So I open a support ticket on the 15th. It is now the 17th and no reply to the support ticket. Earlier this afternoon I finally emailed the owner John directly and have still not got any response or acknowledgement. John is the only one that can enter the datacenter suite that he colocates in, so contacting him, or him being notified is important.
So going on 72 hours of downtime, no response or support from the provider, I am 100% sure no matter what John could offer me there's just no way I am staying with IGSoBe any longer than I have to. I just paid the invoice, so I am stuck for the rest of the month as all the income went towards the invoices. (One invoice for IP addresses, the other on a different day for the server). Dare I file a paypal dispute? My concern is also my clients data, about 60 VPS' total, and the WHMCS client database which I do not have a recent backup locally (I know better now to keep a backup of the most important of all important data and keep it in a safe place off-site!). If I file a dispute, it is unlikely I will see any of that data again. As if cubichost.org needs any more bad reputation right?
If you do a quick search here on WHT for igsobe you will first notice plenty of complaints.
So this is the deal with IGS:
John, the man with the plan is the sole proprietor (as of earlier this year, I know IGSOBE wasn't a registered LLC in the state of FL as the website might insinuate), he is the only one that physically manages the servers, transiting from his home to the suite he leases in the fibermedia datacenter in the carrier neutral facility in Miami FL. He used to, in the past, transit to and from the datacenter 2 times a day to set up servers, handle reboots, OS reloads, and that sort of thing. Recently, we had a client with a pentium 4 who needed a root password reset, this was on the 7th of this month, it is now the 17th and the password has still not been reset. I am in fear of losing this client because of this which would not help in our hopes to grow and succeed as a provider. I also have admin access in WHMCS at IGSOBE as a sales agent, and have noticed no one else logs in anymore, ESPECIALLY not John. Also, no one is hardly on LiveZilla chat or in IRC anymore.
I hope all goes well for John, I hope he can pull his act together and get IGSoBe back to working order. I would stay loyal but this is not the first time this has happened and I have to go. I have to make a good name for cubichost. I would suggest for the present time though, to stay away from igs!
So by the 7th of next month, hopefully earlier though I plan to make a move to BURST.NET which will hopefully go well I hear great things about them. Only a few bad things, mostly from > 1 year ago.
View 14 Replies
View Related
Mar 25, 2008
I've never purchased a dedicated server before, so I was wondering on what some of the more experienced members here thought.
This server I'm getting needs to be able to run VoIP (all details below), and maybe some E-commerce Software.
Details on what I need :
Two IBM Xeon+ servers having 2 GB RAM 250 GB HDD with fedora core 4 installed and live ip(public Ip) on those two boxes.
2Mbps direct line in one server.
Both boxes Should be in local LAN.
Would you recommend a Core2Duo server over the Xeon+ ?
View 8 Replies
View Related
Mar 8, 2009
Anyone else notice the huge outage at Surpass? My sites went down as I was editing one, and checking the server status returns a very, very long list of downed servers. Since the Surmunity Forums appear to be down as well, I was wondering if anyone here had found out what was up via other means, and whether or not there is any estimate on when it might come back up.
View 6 Replies
View Related
Oct 16, 2009
I'm starting to test out VPS panels and found vePortal 2. I purchased it and installed it. Now I'm checking some security, as we all know about the terrible result of HyperVM as everyone blindly used it because it was "pretty" but it was not secure.
Some serious concerns I'd like to share with vePortal 2.
1) It makes no backups of any of the files it modifies during install, or so I haven't seen any, like httpd.conf.... more of a pain than anything. There is no way to auto uninstall it either..
2) vePortal gives full root access to the Apache user, letting apache run any root commands!
They add this to your /etc/sudoers
apache ALL=(root) NOPASSWD:ALL
[root@nd11108 myadmin]# su -s /bin/sh apache -c "whoami"
apache
[root@nd11108 myadmin]# su -s /bin/sh apache -c "sudo whoami"
root
This is a root exploit waiting to happen. I asked them about this and got the response.
Quote:
It would be a security breach if a) apache was allowed SSHD Access, or b) the server was running scripts that havn't been marked secure, We have a very comprehensive team of beta testers including one of the largest providers around, They and their staff have not been able to break the security or integrity of the panel as of yet.
All panels in one way or another have root control over the system, for example they wouldnt be able to have a SSH Console without it, as only specified commands would work, we do have a list of the commands required by vePortal if you wish to limit it, but the console and the Shell Commander functions would stop working.
Regards,
Gavin H.
Chief Information Officer
That's funny I have been using the panel a few minutes and already found they've ignored the biggest security hole possible..
3) In 5 minutes I've found multiple XSS vulnerabilities in the admin area... Like search customers, I was able to generate JavaScript alerts in multiple fields....
4) It stores the MySQL root password in clear text in a .php file... yeah that's real secure. Why does it even operate under the MySQL root user, its using a single database....
5) I forgot to add, it doesn't recognize ANY OpenVZ Vps's you've created manually. It has no idea they exist and you cannot view them at all.
I'm sure I could dig deeper into the source code and find more but it's not worth it. Judging by what I found without actually trying to spend time on security I completely removed the product.
The panel does look nice but it sure gets a mark of insecure for me, I would advise others seriously look into the security of this new panel if you're considering using it.
View 14 Replies
View Related
