Can anyone recommend a well-established VPS provider with facilities at a major EU connection point, preferably TheNetherlands? I need a small account for secondary DNS and MX, plus some caching experimentation. Might turn into an unmetered dedicated mega-server at the same location if things go as planned, so if you only have experience with dedi or colo at a certain host, feel free to chime in.
I'm already a colo-host and a cPanel distributor myself, so I don't need management or a control panel, just a minimal-install CentOS 5 VPS. (I'll be installing cPanel DNSonly) Here's the kicker though, like most USians, I only speak English (and some would say badly), so the host has to speak at least enough to get the account set up. (preferably has a site in English). The real deal-breaker is that they MUST have their own merchant account and accept credit cards for recurring billing. I will not use Paypal, Moneybookers, or any other 3rd-party processor that requires a registration or manual payments. That almost always indicates an amateur operation in someone's basement. Looking for something along the lines of ThePlanet, but in Amsterdam. (AmsterNet? PlanetDam? )
I have been having a very hard time tracking down the source/cause of this surge in email. My server has been sending out thousands of spam emails under the nobody account. So far I have done the following:
Created a spam_log to monitor php/cgi mail scripts Secured firewall and setup monitoring & automatic ip ban of dictionary attacks in exim Secured the /tmp folder Updated server to latest STABLE version of cpanel Scanned server with rootcheck kit
Here is a sample email that is getting bounced back. I have nearly 60,000 bounced emails in the queue with similar messages.
156P Received: from mailnull by whm.mav-hosting.com with local (Exim 4.63) id 1Hndfh-0001A4-0G for nobody@whm.mav-hosting.com; Mon, 14 May 2007 11:45:17 -0500 039 X-Failed-Recipients: beyp@ttnet.net.tr 029 Auto-Submitted: auto-replied 063F From: Mail Delivery System <Mailer-Daemon@whm.mav-hosting.com> 031T To: nobody@whm.mav-hosting.com 059 Subject: Mail delivery failed: returning message to sender 052I Message-Id: <E1Hndfh-0001A4-0G@whm.mav-hosting.com> 038 Date: Mon, 14 May 2007 11:45:17 -0500 Data spool file 1Hndfh-0001A4-0G-D This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
beyp@ttnet.net.tr SMTP error from remote mail server after RCPT TO:<beyp@ttnet.net.tr>: host ttfarm.ttnet.net.tr [212.175.13.134]: 550 Invalid recipient: <beyp@ttnet.net.tr>
------ This is a copy of the message, including all the headers. ------
Return-path: <nobody@whm.mav-hosting.com> Received: from nobody by whm.mav-hosting.com with local (Exim 4.63) (envelope-from <nobody@whm.mav-hosting.com>) id 1HnaLG-0007Jz-CX for beyp@ttnet.net.tr; Mon, 14 May 2007 08:11:58 -0500 To: beyp@ttnet.net.tr Subject: Interaktif Bankacilik Hesabiniz From: Ak Bank <acc@akbank.com.tr> Reply-To: MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: 8bit Message-Id: <E1HnaLG-0007Jz-CX@whm.mav-hosting.com> Sender: Nobody <nobody@whm.mav-hosting.com> Date: Mon, 14 May 2007 08:11:58 -0500
**CONTENT OF SPAM MESSAGE REMOVED**
I removed the content of spam so it's not posted on the forum
Paypal started sending me notices that it was unable to connect to my IPN (I'm using modernbill v4) yet I used it without a problem for 3 years.
The sent this message in response to my support inquiry:
I have had the IPN logs checked and show that, on recent transactions, your Web server returned an HTTP 200 OK on some of the transactions. Transactions were pulled from:
Date: Fri, 04 Jan 2008 15:00:09 GMT and Date: Thu, 03 Jan 2008 22:20:48 GMT
The reason that you are receiving the E-mail in question is due to your server not responding with an HTTP 200 OK rsponse. When this happens, the PayPal system attempts to resend the IPN POST for up to four days at which time the E-mail in question is generated to inform the merchant of issues with the IPN script.
This issue is not a PayPal issue, but is rather caused by your server's response to IPN POSTs sent to the IPN Script.
I'm having a serious problem with Apache 2.0.54. I'm running Debian Sarge (3.1) and I cannot upgrade Apache (easily) so I am stuck using 2.0.54 (2.2+ are not supported on Sarge). I have been trying everything with config changes and different tweaks but Apache is giving me lots of trouble. Whenever I run "apache2ctl restart" Apache will crash and will not start. But when I run "apache2ctl start" Apache will run and in the log, it simply puts "[warn] pid file /var/run/apache2.pid overwritten -- Unclean shutdown of previous Apache run?". I get nothing else before or after I run those commands. Running "apache2ctl graceful" starts messing with it giving me "apache2 <defunct>" errors and "apache2ctl configtest" gives me nothing except "Syntax OK."
Here is my "apache2.conf" file:
Code: # Based upon the NCSA server configuration files originally by Rob McCool. # Changed extensively for the Debian package by Daniel Stone <daniel@sfarc.net> # and also by Thom May <thom@debian.org>.
# ServerRoot: The top of the directory tree under which the server's # configuration, error, and log files are kept. # # NOTE! If you intend to place this on an NFS (or otherwise network) # mounted filesystem then please read the LockFile documentation # (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>); # you will save yourself a lot of trouble.
ServerRoot "/etc/apache2"
# The LockFile directive sets the path to the lockfile used when Apache # is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or # USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at # its default value. The main reason for changing it is if the logs # directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL # DISK. The PID of the main server process is automatically appended to # the filename.
LockFile /var/lock/apache2/accept.lock
# PidFile: The file in which the server should record its process # identification number when it starts.
PidFile /var/run/apache2.pid
# Timeout: The number of seconds before receives and sends time out.
Timeout 300
# KeepAlive: Whether or not to allow persistent connections (more than # one request per connection). Set to "Off" to deactivate.
KeepAlive On
# MaxKeepAliveRequests: The maximum number of requests to allow # during a persistent connection. Set to 0 to allow an unlimited amount. # We recommend you leave this number high, for maximum performance.
MaxKeepAliveRequests 100
# KeepAliveTimeout: Number of seconds to wait for the next request from the # same client on the same connection.
# prefork MPM # StartServers ......... number of server processes to start # MinSpareServers ...... minimum number of server processes which are kept spare # MaxSpareServers ...... maximum number of server processes which are kept spare # MaxClients ........... maximum number of server processes allowed to start # MaxRequestsPerChild .. maximum number of requests a server process serves <IfModule prefork.c> StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 150 MaxRequestsPerChild 0 </IfModule>
# pthread MPM # StartServers ......... initial number of server processes to start # MaxClients ........... maximum number of server processes allowed to start # MinSpareThreads ...... minimum number of worker threads which are kept spare # MaxSpareThreads ...... maximum number of worker threads which are kept spare # ThreadsPerChild ...... constant number of worker threads in each server process # MaxRequestsPerChild .. maximum number of requests a server process serves <IfModule worker.c> StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 MaxRequestsPerChild 0 </IfModule>
# perchild MPM # NumServers ........... constant number of server processes # StartThreads ......... initial number of worker threads in each server process # MinSpareThreads ...... minimum number of worker threads which are kept spare # MaxSpareThreads ...... maximum number of worker threads which are kept spare # MaxThreadsPerChild ... maximum number of worker threads in each server process # MaxRequestsPerChild .. maximum number of connections per server process (then it dies) <IfModule perchild.c> NumServers 5 StartThreads 5 MinSpareThreads 5 MaxSpareThreads 10 MaxThreadsPerChild 20 MaxRequestsPerChild 0 AcceptMutex fcntl </IfModule>
User www-data Group www-data
# The following directives define some format nicknames for use with # a CustomLog directive (see below). LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined LogFormat "%h %l %u %t "%r" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent
# Global error log. ErrorLog /var/log/apache2/error.log
# Include module configuration: Include /etc/apache2/mods-enabled/*.load Include /etc/apache2/mods-enabled/*.conf
# Include all the user configurations: Include /etc/apache2/httpd.conf
# Include ports listing Include /etc/apache2/ports.conf
# Include generic snippets of statements Include /etc/apache2/conf.d/[^.#]*
#Let's have some Icons, shall we? Alias /icons/ "/usr/share/apache2/icons/" <Directory "/usr/share/apache2/icons"> Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all </Directory>
# Set up the default error docs. # # Customizable error responses come in three flavors: # 1) plain text 2) local redirects 3) external redirects # # Some examples: #ErrorDocument 500 "The server made a boo boo." #ErrorDocument 404 /missing.html #ErrorDocument 404 "/cgi-bin/missing_handler.pl" #ErrorDocument 402 http://www.example.com/subscription_info.html #
# # Putting this all together, we can Internationalize error responses. # # We use Alias to redirect any /error/HTTP_<error>.html.var response to # our collection of by-error message multi-language collections. We use # includes to substitute the appropriate text. # # You can modify the messages' appearance without changing any of the # default HTTP_<error>.html.var files by adding the line; # # Alias /error/include/ "/your/include/path/" # # which allows you to create your own set of files by starting with the # /usr/local/apache2/error/include/ files and # copying them to /your/include/path/, even on a per-VirtualHost basis. #
<IfModule mod_negotiation.c> <IfModule mod_include.c> Alias /error/ "/usr/share/apache2/error/"
<Directory "/usr/share/apache2/error"> AllowOverride None Options IncludesNoExec AddOutputFilter Includes html AddHandler type-map var Order allow,deny Allow from all LanguagePriority en es de fr ForceLanguagePriority Prefer Fallback </Directory>
# # The following directive disables redirects on non-GET requests for # a directory that does not include the trailing slash. This fixes a # problem with Microsoft WebFolders which does not appropriately handle # redirects for folders with DAV methods. #
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully BrowserMatch "^WebDrive" redirect-carefully BrowserMatch "^gnome-vfs" redirect-carefully BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
# Allow server status reports, with the URL of http://servername/server-status # Change the ".your_domain.com" to match your domain to enable. # #<Location /server-status> # SetHandler server-status # Order deny,allow # Deny from all # Allow from .your_domain.com #</Location>
# Allow remote server configuration reports, with the URL of # http://servername/server-info (requires that mod_info.c be loaded). # Change the ".your_domain.com" to match your domain to enable. # #<Location /server-info> # SetHandler server-info # Order deny,allow # Deny from all # Allow from .your_domain.com #</Location>
# Include the virtual host configurations: Include /etc/apache2/sites-available/[^.#]* And here's my "httpd.conf" file:
Code: # This is here for backwards compatability reasons and to support # installing 3rd party modules directly via apxs2, rather than # through the /etc/apache2/mods-{available,enabled} mechanism. # #LoadModule mod_placeholder /usr/lib/apache2/modules/mod_placeholder.so <VirtualHost 66.150.225.201:80>
# httpd dmn entry cgi support BEGIN. # httpd dmn entry cgi support END.
# httpd dmn entry PHP2 support BEGIN. php_admin_value open_basedir "/var/www/:/usr/share/php/:/tmp/" # httpd dmn entry PHP2 support END.
<Directory /var/www> # httpd dmn entry PHP support BEGIN. # httpd dmn entry PHP support END. Options Indexes Includes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all </Directory>
</VirtualHost>
I am on the end of my rope with Apache and feel like just formatting the server and reinstalling Apache. Which reminds me, I did try using apt-get to remove and install Apache again but nothing worked.
Anyone else notice the huge outage at Surpass? My sites went down as I was editing one, and checking the server status returns a very, very long list of downed servers. Since the Surmunity Forums appear to be down as well, I was wondering if anyone here had found out what was up via other means, and whether or not there is any estimate on when it might come back up.
I'm starting to test out VPS panels and found vePortal 2. I purchased it and installed it. Now I'm checking some security, as we all know about the terrible result of HyperVM as everyone blindly used it because it was "pretty" but it was not secure.
Some serious concerns I'd like to share with vePortal 2.
1) It makes no backups of any of the files it modifies during install, or so I haven't seen any, like httpd.conf.... more of a pain than anything. There is no way to auto uninstall it either..
2) vePortal gives full root access to the Apache user, letting apache run any root commands! They add this to your /etc/sudoers apache ALL=(root) NOPASSWD:ALL
[root@nd11108 myadmin]# su -s /bin/sh apache -c "whoami" apache [root@nd11108 myadmin]# su -s /bin/sh apache -c "sudo whoami" root
This is a root exploit waiting to happen. I asked them about this and got the response.
Quote:
It would be a security breach if a) apache was allowed SSHD Access, or b) the server was running scripts that havn't been marked secure, We have a very comprehensive team of beta testers including one of the largest providers around, They and their staff have not been able to break the security or integrity of the panel as of yet.
All panels in one way or another have root control over the system, for example they wouldnt be able to have a SSH Console without it, as only specified commands would work, we do have a list of the commands required by vePortal if you wish to limit it, but the console and the Shell Commander functions would stop working.
Regards, Gavin H. Chief Information Officer
That's funny I have been using the panel a few minutes and already found they've ignored the biggest security hole possible..
3) In 5 minutes I've found multiple XSS vulnerabilities in the admin area... Like search customers, I was able to generate JavaScript alerts in multiple fields....
4) It stores the MySQL root password in clear text in a .php file... yeah that's real secure. Why does it even operate under the MySQL root user, its using a single database....
5) I forgot to add, it doesn't recognize ANY OpenVZ Vps's you've created manually. It has no idea they exist and you cannot view them at all.
I'm sure I could dig deeper into the source code and find more but it's not worth it. Judging by what I found without actually trying to spend time on security I completely removed the product.
The panel does look nice but it sure gets a mark of insecure for me, I would advise others seriously look into the security of this new panel if you're considering using it.
I was a webhost from a while ago leasing dedicated servers and eventually went to work for the datacenter where I had my colo. For a while now I've working with a neat group of 5-6 other folks programming a new uptime monitor/geo-dispersed server load testing system/software. We were looking for possible partners to keep hosting costs down during the alpha stage of the project but while we were drawing up the papers, we saw just too much opportunity for a conflict of interest to arise and realized we couldn't realistically associate ourselves with any single company to that degree. So after a little work and fundraising, we're finally in a position to either lease some servers or colo.
Since I've been out of the loop for a while, I just want to know who the major/reliable players are when it comes to leasing or colo machines in multiple areas (ideally East, Middle, West, Canada and Europe/Asia? We would prefer to be with one company for ease of billing and have our network of monitoring stations spread out geographically. But we don't want all of our eggs in one basket so if a provider goes belly-up or decides to hike our rates 30-40% with little notice, we won't have too much to worry about.
We're watching what we spend during the alpha stage very closely, but I've been insisting we can strike the right balance between cost and reliability (connectivity).
I have fairly a large web site that has a forum and a torrent tracker.
Currently MySQL server is handling about 150 queries an avarage per second. Here is the server spec:
Core2Duo 2.66Ghz 4Gb RAM 320GB SATA 7200RPM (Server provider does not have 1.5K RPM nor 1.0k RPM) 100Mbit Connection (servers on the same switch and the switch does not have 1Gbit port) MySQL Version: 5.0.51a
I had Master-Master Replication setup with forum running on one and the tracker running on the other. Although this has been working for about few days, we started seeing lags in the replication process. After a week, there is a major lag and the changes made on one of the servers takes about 5 hours to appear on the another. So, this doesn't work.
What would be the other ways of splitting MySQL queries concerning the same database?
While I was researching, I read about MySQL Cluster with database storage engine being NDB.
But, let's say that there is a power failure on both the nodes at the same time, then I would lose the whole database as the database is stored on the memory correct? I would not like to take that chance either, but if this is faster then replication method then maybe I will concider.
I thought about editing the forum coding to make all queries that concerns the tracker to go in to, say server B (with forum's primary MySQL server being Server A), and make the tracker use server B as MySQL backend, but it seemed like a heavy work so that will be the last choice.
I have just discovered a massive security in the CPANEL 10.9 software. This problem is in the BACKUP FEATURE. If you do remote ftp back onto the same account. It will put the file in the account home directory and it will have this type of stuff accountname:ROOTPASSWORD@serverhostname.com
It seems that all of the emails sent from clientexec to the major carriers (gmail, yahoo, msn etc.,) are being either blocked completely or marked as spam (msn).
When I send an email from outlook from the same domain client exec is on the email goes through fine.
I have added an SPF Record and my domain is not "blacklisted" for spam anywhere.
I recently switched over to SoftLayer for dedicated hosting and the servers are great. However we've been getting hit on and off with massive (50-80%) packet loss, which has been crippling our performance and causing all sorts of problems
I put in a support ticket and they linked me to the Internet Health Report website and said it was due to one of their bandwidth providers (I think Global CrossinG) and not on their internal network and to be patient as it could take time to resolve
Are any other SoftLayer customers going through this? Is this an unusual occurrence? I feel like if it was really one of their partners that it would be affecting a lot of their customers and it would be a high priority issue right?
I'm kind of stuck on what to do; I just invested a lot of energy into moving content onto these new servers and am concerned about whether to wait it out or whether to start finding a new company. This kind of packet loss is really unacceptable...
I am a web designer, and have been doing this for about 5 years now and have never encountered such a problem. I had a problem come up a few days ago where one of my clients got into an argument with the Mavrick Team web hosting and computer services company's owner regarding services. She has reported to me that he went into her email account, and has emailed her clients false information about her services after their heated discussion. She told him that she was going to press charges. He told her that he had harvested all of her clients email addresses and will email them to her competitors if she does not back down. What can she do? I feel awkward as I am in the middle of it now. I was the one who referred her to Mavrick Team (aka as I host them) for web hosting services, and moved her site to their servers. This man has created such a big problem for this women now. Her clients are doubting her services and he is blackmailing her. She does not owe him any monies. She has forwarded two of the emails that her clients forwarded to her, so I know she is not making this thing up. I advised her to move all of her emails to a personal email account, contact all of her clients to let them know that someone has access to their info, and I am helping her move her site. Who can she report them to?
I have my domain name pointed to a VPS 1. I want its subdomain (for example sub.domain.com) to be pointed to another VPS 2.
So that if someone visits www.domain.com the php files are delivered from VPS1 and if some visits sub.domain.com then php files are delivered from VPS2.
I need to keep my VPS1 rock solid and extremely secure by keeping lowest possible php files and on low load too and want another VPS for online demo and testing (high load and cluttered with php files). I cannot use another domain (for second vps) as the sub.domain.com pages are already indexed on google and changing domain means will have to again reindex them and rank them in google.
in VPS 2 : im set DNS in Kloxo => sub.site.com when i click in kloxo, Ipaddress /configur Domain
when i select sub domain ( sub.site.com )
show this error :
Alert: To map an IP to a domain, the domain must ping to the same IP, otherwise, the domain will stop working. The domain you are trying to map this IP to, doesn't resolve back to the IP, and so it cannot be set as the default domain for the IP.
Now,I would like to create an alias/sub-domain for this URL. For example: [url]-> [url]
[url]-> [url]
how this can be done? Do I have to create a subdomain for this? But when I try to create a subdomain throught the OLM control panel, it asks me for the real path i.e. '/var/www/html/subdomain_folder' which I don't have in this case. Secondly, can this be done without modifying any information in the DNS? Changing DNS costs be $5/change from OLM
I've been with serverpoint.com for over a year now and my experience has been overwhelmingly positive. Last year I negotiated an excellent price for a dedicated box with serverpoint via PM. They delivered my server promptly and even upgraded my CPU since they were out of stock on the one I had ordered. The few times I’ve had to call support (due to issues on my end) they’ve been prompt and professional.
My only real complaint is I can’t setup automatic bill pay online. They want my to send a photocopy of my CC and a photo ID, which I’m leery of.
I suppose this is a boring review, but in and ideal world isn’t that the way it should be? Who wants a lot of drama with a host provider?
If I create subdomain to point to a different folder on a different server, can I still keep the original URL?
I'm a new member so cannot post links as example but if subdomain from link A points to link B, can it still keep the URL of the subdomain from link A?
I have my myname.com and I'd like to forward home.myname.com to my home server IP.
I'm running Linux and Apache on both the server I lease (that has myname.com set up on) and on my home server (hopefully home.myname.com).
So far I've tried URL rewriting in .htaccess, which works, but it fowards to my IP in the browser's address bar- Id like to keep the address bar as home.myname.com.
I assume I have to modify the DNS zone for myname.com right?
I wanted to point my MX record from my registrar's dns to a hosted account that is controlled by cPanel, but inside cPanel I don't see a unique MX record, it just lists my domain name. Is this possible with cPanel? I have done this before with H-Sphere.
I am just parking my domain and using my registrar's nameservers and wanted to just add in the MX record for email.
