• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Web Hosting Resource Kit

Web Hosting, Web Hosting Reviews & Virtualization

  • Contact
  • About Us
  • Privacy Policy

This post may contain affiliate links. If you use these links to buy something we may earn a commission. Thanks.

Archives for July 2007

  • Business Management
  • Editors Column
  • Hosting Customers
  • Interviews & PR
  • Marketing/Advertising
  • Online Marketing/SEO
  • VMWare
  • Web Host Startup
  • Web Hosting
  • Web Hosting Reviews
  • All

How to install CSF and LFD?

July 27, 2007 By Christoph Puetz Leave a Comment

How to install CSF and LFD?

Securing a web server is critical if it is Internet facing. A steady flood of random and targeted attacks is going to happen as soon as the server is available over the Internet. Installing a firewall and a brute force attack detection tool should be one of the very first steps for a web master. In the past we recommended APF and BFD of R-fx Networks as the software to use, but both tools have not kept up with the pace and are very much outdated. A competing product developer stepped up to the plate and grabbed the opportunity to position his own software solution in the market. Best of all – the solution is freely available at Configserver.com.

CSF and LFD are very easy to install and to configure – especially if you are using a cpanel & WHM server. Here are the instructions on how to install CSF and LFD.

1) Log into your server and switch to the root user
2) Switch directories to your download directory
3) Download the latest version of the software: # wget http://www.configserver.com/free/csf.tgz
4) Untar the package: # tar -xzf csf.tgz
5) Switch into the new extracted folder: # cd csf
6) Run the installer: # sh install.sh
7) If you are still running APF and BFD on your server it is necessary to disable those applications: # sh disable_apf_bfd.sh

If you are running WHM you can now configure CSF and LFD from WHM. CSF/LFD comes pre-configured for a cpanel/WHM server and so there is not that much to do after the installation. Log into WHM and inspect the new configuration utility. As an example you can uninstall APF and BFD from here with the click of the button. If you want to manually edit the CSF/LFD configuration you can do so at / etc/csf/*. Make sure to make backups before you make changes as well as using the debug mode to avoid being locked out.

If for whatever reason you need to uninstall CSF and LFD you can do this easily yourself as well. Login to your server via SSH and switch to the root user.

1) Switch to the folder holding the uninstaller: # cd /etc/csf
2) Run the uninstaller: # sh uninstall.sh

All done. We highly recommend to make yourself familar with the product and how it works. CSF / LFD comes with a readme.txt file that you really should read. The readme file will give a great insight into how both apps work and what you need to configure to have your server properly configured.

APF and BFD – Products to avoid

July 26, 2007 By Christoph Puetz Leave a Comment

APF and BFD – Products to avoid

 

When securing a web hosting server a Firewall and Brute Force Detection protection are critical pieces a server admin needs to look at. Two products were recommended by us in the past, but we have several reasons to step away from these recommendations. Security is an evolving topic and what is secure today might be at risk tomorrow if security does not grow with the risks out there on the Internet. APF (Firewall) and BFD (Brute Force Detection) are no longer maintained and updated in a way that a business can rely on these products. There are newer threats out on the Internet that require that a firewall and brute force detection tool need to grow with in regards to recognizing the signatures of these threats and to protect a server. That is no longer given with APF and BFD of RFXNetworks.

 

 

A second reason is that the owner of RFXNetworks seems to have a financial problem. Several cases have appeared on different web hosting related websites on the Internet where server owners paid for services to be provided by Ryan MacDonald of RFXNetworks. The problem is that Ryan MacDonald (Montreal, Canada) happily accepted the money (paid via PayPal), but never contacted the customers to provide the work. From our understanding several people filed appeals with PayPal, just to lose out due to PayPal’s policies in regards to intangible products which makes it easy for thieves like Ryan MacDonald of RFXNetworks.

 

 

We did order services as well (before knowing about the criminal activity of Ryan MacDonald) and are at the edge of losing our money. You might think that this posting is made to make Ryan look bad, but we provide information for web hosting businesses. We consider it important for web hosts or web hosts to be, to be aware of what is going on and eventually to avoid losing good money to a provider gone bad.

 

 

If you have become victim of RFXNetworks criminal activities you can try to recover your money by using the small claims court system in Quebec, Canada. The problem is that you have to do this in person or send a friend. If you are a business you have to send the officer of a company or the employee who worked the issue. And that seems to be a reason that makes Ryan MacDonald believe he can run with the money, because it will be difficult for any person or company to justify the additional expense for a trip to Montreal to fight for small amounts like $90.00 or so. So, unless somebody in Montreal either steps up to present the case in court or orders the services and gets scammed, Ryan is kinda safe. We highly recommend to do a Google search for RFXNetworks or to visit websites like Webhostingtalk.com to find out more about RFXNetworks and Ryan MacDonald. The praise was valid in the past, but a vendor who scams customers loses his reputation and does no longer deserve any trust.

The good thing is that there are other tools available that a) easily replace APF and BFD and b) that are supported as well. The Web Hosting Resource Kit recommends CSF and LFD of Configserver.com

How to rotate your Apache Log Files?

July 24, 2007 By Christoph Puetz Leave a Comment

How to rotate your Apache Log Files?

 

 

Cpanel does a good job with rotating Apache log files for the different domains on a cpanel/WHM server, but they are still not doing anything good to rotate the main Apache log files. To prevent problems on your server you need to setup log file rotation yourself. This should be done on every Apache web server and not just on a Cpanel server. Here is an easy way to do it.

 

 

 

Log into your server via SSH and switch to the root user. Now create a file for Apache log file rotation:

 

 

 

# vi /etc/logrotate.d/httpd

 

 

 

VI comes up with the new file open. Now add the following content to the new file:

 

 

 

/var/log/httpd/*log {
    missingok
    notifempty
    sharedscripts
    postrotate
        /bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true
    endscript
}

 

 

 

Save the file and you are all done. But hold on. What if you wanted to go a little more sophisticated? Consider the following to extend your logging and to keep log files around for a while.

 

 

 

/var/log/httpd/*log {

 

    weekly

 

    rotate 52

 

    compress
    missingok
    notifempty
    sharedscripts
    postrotate
        /bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true
    endscript
}

 

 

 

Save it and you are done. What does this actually do? Here are all options explained for you:

 

 

 

The log files are now rotated on a weekly base. The "52" is equal to 52 weeks before log files are overwritten. To save on disk space the log files are compressed accordingly. "missingok" tells the rotation job to continue to the next file if a log file is missing and not to trigger an error. If a log file is empty it will not be rotated (notifempty). The last two options are not really critical to know for now. All we really care about are the options specified.

 

Comparing RAID 1 and RAID 5

July 6, 2007 By Christoph Puetz Leave a Comment

Comparing RAID 1 and RAID 5

 

Using RAID 1 or 5 has become much more affordable over the years when it comes to redundancy on servers. Both hardware RAID 1 (mirroring or duplexing) or RAID 5 (striping with parity) offer good data redundancy should a single hard drive in a RAID array fail. The major difference however can be found in the system performance between RAID 1 and RAID 5. RAID 5 experiences more heavy write overhead because of the additional parity data that has to be created and is then written to the disk array. RAID 1 does not experience this overhead.

Read performance, on the other hand, is usually better with a RAID 5 setup. This gets even better if your RAID 5 array has more than 3 disk. RAID 5 read performance increases with more disks in an array because the more disks there are, the more read/write heads there are, and RAID 5 arrays have the awesome ability to read simultaneously from all the drives at the same time. RAID 1 only has two disk drives by nature and is therefore limited in the number of read/write heads.

Drilling further down into this subject a server setup should be thoroughly investigated to decide which option to choose. If your server supports enough drives, a popular setup is a RAID 1 setup for the OS (Operating System) and a RAID 5 setup for the data. There are certain applications like SQL databases that eventually work better in a different setup, but for most standard setups the described option works fine.

In the web hosting world a good approach would be a setup with RAID 1 and a standalone hard drive for the backups. This gives the web host protection from a single drive failure while it is less an issue if the hard drive for backups fails. In my case I use an external backup service and rsync my backups from the backup standalone hard drives to the external location. If the stand-alone hard drive fails I just re-populate it from the external source and all is good. Another advantage for putting the backups on a different is system performance. While the web server is hosting customer websites and is busy serving pages the stand-alone disk is used for writing the backups to it while the read process is on the RAID-1 array.

 

For a dedicated server hosting large databases a different approach can make more sense. Let’s assume you would be hosting a large SQL Server database. A server setup could look like this.

 

System/OS = RAID 1

 

Database = RAID 5

 

Database Logs = RAID 1

 

Not every server can hold that many drives, but it really depends on your budget anyway. The listed configuration is made for best performance. First of all we separate the operating system from the application. The database itself has a lot of read processes to take care of and RAID 5 provides best performance. The database logs are written to before they get truncated. So, using RAID 1 here provides better peformance.

 

Conclusion: When building your next web server do some research on what the server will do. With the knowledge from this article you might be able to gain some better performance from the system. And if you go with a standard volume/RAID 0 setup that is fine, too. As long as you are aware that there is no redundancy and you have a proper Disaster Recovery plan in place that suits your needs … go for it.

Press Release: The Planet Debuts Network Video Tour

July 2, 2007 By Christoph Puetz Leave a Comment

Press Release: The Planet Debuts Network Video Tour

 Provides Insider’s View into the Company’s World-Class Data Centers in Houston and Dallas

 HOUSTON, July 2, 2007 – The Planet, the world’s largest privately held dedicated hosting company, today launched an online video that features a virtual tour of its sophisticated network.  Supporting 22,000 customers and more than 45,000 servers, the network video follows its previous virtual tour of the company’s six world-class data centers in Houston and Dallas.

The Planet’s network delivers unsurpassed network capacity and speed with instant scalability; a parallel, redundant, multi-tiered network routing and switching architecture; along with multi-layer security that guards against evolving Internet threats.  Operating at 100 gigabits per second, the network eliminates traffic jams and roadblocks, providing customers with high-volume, instantaneous responses for their Web hosting services. 

“Small and medium-sized companies juggle managing their businesses with the requisite demands of building IT systems to support their operations,” Steve Kahan, vice president of marketing and product management for The Planet.  “Rather than debate which hardware, software, bandwidth or applications they need, The Planet offers an entire range of solutions, expressly tailored to meet each customer’s specific requirements.  Whether it’s e-commerce, streaming media or a robust, content-rich site, we eliminate the expensive, time-consuming requirements of building an IT infrastructure.  The Planet is the competitive equalizer that allows SMBs to go head-to-head on an even playing field with their bigger, better-funded competition.”

The Planet’s network is designed without single points of failure, which means the network operates with full redundancy for its core routers and distribution switches.  The company also offers carrier diversity, with connections to seven Tier-1 telecommunications providers.  As a result, customers never face obstacles or suffer from poor peering connections, sub-optimal routing paths, or congested or oversold networks that limit the power, speed and availability of their sites.

 

The Planet Network – A Competitive Business Advantage

Ultimately, The Planet provides distinct benefits for companies looking for world-class quality and reliability:

·        Unsurpassed network capacity and speed to deliver peak performance

·        Instant scalability to handle even the largest spikes in network traffic

·        Parallel, redundant, multi-tiered network routing and switching architecture to assure reliability and stability

·        Multiple layer network security that prevents Delayed Denial of Service (DDOS) attacks from harming businesses

·        Knowledgeable experts with a passion for excellence and a commitment to operate the best networks in the business

 

To view the complete video, please click on the “Take the Tour” button at http://www.theplanet.com/.

 

About The Planet

The Planet is the leading provider of On Demand IT Infrastructure solutions, hosting more than 22,000 small- and medium-size businesses and 2.8 million Web sites worldwide.  By offering the best choice of servers, software tools and world-class support, backed by state-of-the-art facilities and unmatched network connectivity, The Planet helps turn information technology into a powerful competitive advantage that enables customers to successfully grow their businesses.  For additional information, visit www.theplanet.com.

Primary Sidebar

Categories

  • Business Management
  • Editors Column
  • Hosting Customers
  • Interviews & PR
  • Marketing/Advertising
  • Online Marketing/SEO
  • VMWare
  • Web Host Startup
  • Web Hosting
  • Web Hosting Reviews

Pages

  • About Us
  • Contact
  • Disclosure Policy
  • Privacy Policy
  • Sitemap
  • Terms of Service
  • Welcome to Web Hosting Resource Kit

Copyright Webhostingresourcekit.com© 2021 · Log in