Sales:  800-573-7846 or Live Chat

The ServInt Source

Patching the Heartbleed Bug in OpenSSL

tech bench server securityRecently, a vulnerability was announced with OpenSSL based on a bug called Heartbleed:

“This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).”

 - heartbleed.com

This vulnerability impacts openssl versions 1.0.1 and 1.0.2-beta. ServInt customers may have this vulnerability if they are running CentOS 6. CentOS 4 and 5 do not have versions impacted by the Heartbleed vulnerability. Read more

My Son’s First Linux Command

3038629479_cdf1017a4e_bMy son is five years old and a digital native. For the last year or so he’s been saying that he wants to develop video games when he grows up. I’ve acknowledged his desire, telling him that he can develop video games, but that he’d need to learn how to write code and work hard. When he recently brought up his plan again I finally said, “Okay, lets do it.”

We sat down and talked about what he wanted his game to do. His first idea was a Minecraft type game with dinosaurs, I told him that was a good end goal, but that we needed to start smaller, something simple. I asked him what he wanted the goal of his game to be about, he said slaying a dragon. Then I asked him how he wanted the game to start, and he chose waking up in a cave. We then began designing our text-based adventure.

I used this opportunity to teach him the echo command. Echo is the simplest of commands, returning whatever string of text or variables is typed into the command. It’s also a great command to use to learn your first script. Read more

Install Minecraft Overviewer on cPanel

tech bench game techEditor’s note: this tutorial assumes you are familiar with working on the command line on your server via SSH. If you’re not, you might want to check out this article first to get your feet wet.

In previous Tech Bench posts, we discussed how to install vanilla Minecraft and how to install Bukkit Minecraft, but how can you look at your beautiful server maps and buildings and show them off to your friends? Minecraft Overviewer is one solution.

As I’ve mentioned before, Minecraft is memory intensive. Minecraft Overviewer is also memory intensive. I would recommend at least a Signature VPS for hosting a Minecraft server, but an Ultimate would be better.

mcmap2

Here is how to install Minecraft Overviewer on a cPanel VPS. Read more

PHP Mail Issues and DNS

tech bench 2 Here’s a question: What do these two very common email support request have in common?

1. A VPS user believes that the PHP mail function is not working or that there is something wrong with the mail sending script (Contact Us form, registration form, or an order form which sends an email).

2. A user is having trouble sending email to other email accounts that are hosted on the same server.

In both cases, the client’s site is usually hosted on the server while email is hosted elsewhere. The site is also usually using third party nameservers (e.g. nameservers at a third-party domain registrar). The server is trying to send email locally instead of remotely where it actually exists (Google Apps, GoDaddy mail, Office365 etc).

If you think your PHP mail function is not working because you are having trouble sending email to an account on your server, you should check your DNS configuration:

  1. Run a DNS report of the domain on a site such as intoDNS.
  2. Use the output to determine if the domain is using third-party nameservers.

Third-party nameservers are nameservers whose IPs do not resolve to your server’s IP addresses. Running a DNS report will help you determine if this is the case. If it is, you likely set up an A record to have the site resolve to your server while keeping the mail exchange (MX) records set to resolve to another server.

The Fix:

  1. Move the domain for the off-server email address from /etc/localdomains to /etc/remotedomains. On cPanel servers, this can be done in WHM:
    1. Navigate to DNS Functions >> Edit DNS Zone, choose the domain in question and scroll to the bottom and switch to ‘Remote Mail Exchanger’. This change in WHM updates the above two files. (In certain instances even though a domain may be in /etc/remotedomains, it may still be in /etc/localdomains as well. Check to see if it is properly removed if you decide to add the file manually.)
    2. If you are using your own private nameservers for the domain in question, this is all that needs to be done to resolve the issue. If you are NOT using your own private nameservers, proceed to step 2.
  2. Delete the DNS zone file from the server because it is using third party nameservers and is not needed on the server. This local zone file is actually what is directing the server to send email locally instead of looking for it off your server. The zone file can be deleted from the following location: DNS Functions >> Delete a DNS Zone

Please note that this DNS zone file can be generated again if you ever decide to move away from third party nameservers and start using your own (e.g. ns1.yourdomain.com and ns2.yourdomain.com).

That’s it, you should now be able to send email at your domains that are hosted with third parties.

Installing Virtualmin: Free Server Control Panel

tech bench advanced topicsEditor’s Note: This Tech Bench: Advanced Topics post assumes knowledge and comfort with working on the command line of your server. If you would like to learn more about working on the command line, you can begin here.

After the choices of hosting provider and server package, one of the most important considerations a VPS customer can make when purchasing service is his or her choice of control panel. Control Panel software allows a user to configure and administer a server without the need to log in on the command line, greatly simplifying both routine and complex server administration tasks.

ServInt offers and fully supports the cPanel control panel, but there are other choices. Some of our customers wish to install their own control panel. One of the more popular choices is Virtualmin. There are two version of Virtualmin, a paid version and a free version. In this article, we’ll discuss how to install the free version of the Virtualmin software on a VPS server. Read more

Domain Collision in a World of .guru and .ninja

tech bench 2Since 2004 there have been only 22 common generic top-level domains (gTLDs) for use on the Internet. One of the side effects of this is the proliferation of startups with weird mishmashes of letters for names. In the coming months, there will be over 1000 new gTLDs made available to the public. Over 100 are already out there, including .wiki, .support and even .ninja.

gTLDs are issued by ICANN after an application process, and once approved they are added to what’s called the global DNS. In 2012, ICANN closed the application process on new gTLDs to add to that pool. You can see the list of what’s been issued and how many domains have been bought here.

As a responsible web hosting provider, we need to prepare for anything that might break or change as a result of the new gTLD process. And indeed, there’s an issue that might cause things to break as a result of new gTLDs being issued. It’s called “domain collision.” Read more

Why is My VPS Slow?

277945267_23c08b55b9Does your website load slowly?

Have you upgraded into a “professional” hosting package only to find that your new VPS lacks the performance you were promised?

Lackluster server performance has been a thorn in the side of VPS hosting customers for some time. Many buyers have learned to pay attention to server specs — getting as much RAM, as many CPU cores and as much disk space as possible for their money. But others have realized that spec shopping alone won’t guarantee performance.

But why not? Why can’t VPS customers simply buy a server with more RAM, CPU and disk and trust that they will get the boost in server performance they require?

The problem most often comes down to something called the “noisy neighbor.” Read more

Even SSD is No Longer Enough to Ensure Quality of Service in Hosting

SSD imageEnsuring application Quality of Service (QoS) is an essential part of hosting in the cloud. Legacy spinning disk storage is not designed to handle the performance variability of multi-tenant cloud workloads. Many cloud hosting providers have made the switch from mechanical spinning disks to a full flash-based solid-state drive (SSD) architecture.

SSD offers much faster read/writes (IO per second, or IOPS) than legacy spinning disks, but those speeds can only take cloud server hardware to a certain level of performance. Guaranteeing a predictable cloud hosting experience requires a storage architecture built for it from the beginning, starting with three key components: Read more

Rewrite Rule Conflicts when Protecting Subdirectories Using .htaccess

tech bench advanced topicsEditor’s note: Tech Bench Advanced Topics posts assume a level of knowledge that some readers may not yet have attained. If you have any questions, don’t hesitate to open a ticket in your customer portal.

Protecting directories using .htaccess is typically a straight-forward and painless process. Create a .htpasswd file, set up some authentication rules in .htaccess and you’re good to go!

But what happens when you want to password protect sub-directories on a site that uses a CMS such as WordPress, and all of a sudden, every time you try to access your password protected sub-directories, you get a 404 Error? Don’t worry, the solution to this problem is much easier than you may think. Read more

One Simple Step Will Make Your WordPress Experience Easier

tech bench in brief 2Frankly, as some of you read this you might be wondering why we didn’t post this article last October. Well, last October the blog was chock full of great content on how to speed up your website, how to install Minecraft on a VPS, how to troubleshoot RAM usage, our free RAM upgrade and much more.

A simple message on updating your WordPress software didn’t seem to warrant a blog post. But it turns out that a lot of WordPress users still have not updated their software to 3.7 (and now to 3.8). Here’s why you should.

We’ve talked before about the importance of keeping your server software up to date as an essential part of server/software security. Software updates frequently deal with vulnerabilities and bugs that let those with less than honorable intentions break into your server. This is true of all software, but with WordPress being one of the most popular CMSes out there, keeping your software up to date is extra important. The more widespread the software, the larger the incentive for bad actors to find an exploit. Read more

Next Page »

The ServInt Source | Web Hosting Blog