DNSstuff.com
Aug
18th

Choosing A Dedicated Host

Filed under Server Tips | 1 Comment

As is the case with most services, the quality of hosting providers varies greatly. I have used several hosting services, both shared and dedicated, and also operate my own small server ‘farm’. These recommendations are based purely on my own experience as well as experience I’ve had working on servers at other providers.

The first and most important advice I can give you is to beware of resellers. I’m not going to say that all resellers are bad. After all, many resellers are, like myself, people who have been active in the IT industry since before the Internet became a commercial ‘space’. Still, I often find that I am providing server management services simply because the hosting provider is a small business person who knows little about IT and just doesn’t have the knowledge or skills to provide any meaningful advice or support.

By way of recommendations I am going to provide a short list of hosting companies that I know, from my own experience, are professional hosts with qualified technical staff that are able to provide you a satisfactory level of service.

Rackspace – These guys are probably the ‘Rolls Royce’ of hosting companies. If you have the money to spend then you will enjoy their ‘fanatical service’. Rackspace have their own data centers and can provide advanced configurations such as load balanced server clusters. An expensive option but the support is unequaled.

Layered Technologies – I have three of my own dedicated servers with Layered Technologies and I can say that the support has always been excellent. Turnaround time on support tickets has never been more than around 8 hours (quite often less than an hour). Layered Tech also offer many configurations from basic dedicated servers to load balanced clusters and even your own ‘virtual data center’. They also accept PayPal as a payment method for monthly fees. LT also have specials from time to time. I needed a low end server some months ago and was able to get a reasonably fast server for $75/mth.

HostGator
– Like most large hosts, HostGator seem to have a ‘love ’em or hate ’em’ reputation with some people. I’d venture to say that the people who like HostGator far outnumber the small percentage who don’t. I have some shared hosting on their service and I also manage several HG dedicated servers. Their service has been as responsive as LT, with a very fast response to tickets and they’re more than happy to do some diagnostics for you if you feel that your server is slowing or misbehaving.

Lunarpages – I had a shared hosting account with Lunarpages for around 12 months (until I realised I had waay too many shared server accounts)! Lunarpages are one of the most professional hosts I’ve dealed with. Prompt support, excellent uptime and very affordable. Their servers are fast and they provide a great range of features for various scripts and applications that you may want to have hosted on your site. I have no hesitation at all in recommending them as I didn’t have a single issue during the time I had sites hosted on their servers.

GMD Hosting – I manage several servers that are hosted at GMD. This is a hosting company operated by Pat Lovell and Jon Atwood, a couple of guys who are well known in Internet marketing circles. Both had been providing their own hosting services, which they amalgamated this year. The result is a reasonably priced range of hosting plans for a company with a competent technical staff and a very successful marketing background.

Technorati Tags:

Aug
17th

Migrating To A Dedicated Server

Over the years I’ve often had to move websites from one server to another. It’s not rocket science, but if you don’t have a plan and a very clear picture in your mind of exactly what you need to achieve then it can go pear shaped fairly quickly. So, here’s my ‘standard plan’ for moving a server that runs some sort of script (i.e. directory site, traffic exchange etc) and a MySQL database. Let’s assume the old domain is domain.com and the new IP number is 1.2.3.4.

Step 1: Send an email to your member list 48 hours before the move.

Step 2: Create the domain.com account (CPanel etc) on the new server.

Step 3: Take a full backup of all data on the server and all data in the MySQL database(s) and restore them on the new server. Restore the MySQL database(s).

Step 4: Edit your windows hosts file (C:\WINDOWS\system32\drivers\etc\hosts) and add an entry for domain.com with the new IP address.

Step 5: Flush your windows DNS cache (open a CMD window and enter the command ‘ipconfig /flushdns’).

Step 6: Open your browser to domain.com. It should now be opening on

the new server due to the hosts file entry. Just to be sure, place a comment in the home page file (index.html/index.php) like <!– NEW SERVER –>. That way, you can just view the source of the homepage to verify that you really are on the new server.

Step 7: Test EVERYTHING. Test the script. If it has an admin area, test the admin functions. Follow all the hyperlinks and make sure that everything is working correctly.

Step 8: Once you are sure the new site is working correctly, place an alternate homepage on the old server that says something like ‘We are moving to a new, faster server. We apologize for any inconvenience this may cause’. Now reboot the (old) server. This will kick anyone out that is currently logged in.

Step 9: The files should all be okay (unless you have some sort of funky file-based database). Now it’s time to take the ‘real’ database backup. You don’t want anyone losing anything, so you need to take a backup of the database again at the point where you prevented people from logging in.

Step 10: Delete the database on the new server and do a restore of the database backup that you just did from the old server. You now have the most current database data and everyone should be happy when they get to log back in.

Step 11: Update the DNS at your registrar to point at the new DNS servers.

 

There you have it. Eleven easy steps to a smooth server move :). You may get the odd person who says that they got to the new server but then it went to the old one again. That will be something to do with the DNS propagation and can be safely responded to with ‘give it a little while longer and all will be well’. If you still see or are alerted to problems after 72 hours then there may be something up with the DNS config on the new server but it would have to be a fairly obvious mistake and easily rectified if that were the case. 

 

 

Aug
17th

Setting Up A Dedicated Server

Ask anyone what they did to set up their dedicated server and the chances are you’ll receive a blank stare or they’ll simply tell you that they didn’t have to do anything. Like any technology though, the default settings aren’t necessarily the optimal settings. In this article I’ll cover the settings that I always change when setting up a newly deployed dedicated server.

 

This discussion will assume that you have Web Host Manager (WHM) installed on your server, though these same changes can be applied to any dedicated server.

 

Server Name

 

The first thing I usually do is give the server a ‘real’ name. This doesn’t affect any of the domains that you will be hosting, but it does give us an address for the default MX record which we will look at next. So, lets take for example a server which has just been set up and deployed by your host. It will most likely have a name that is something like server123.hostingcompany.com or something with the IP number in it like 192-168-50-30.hostingcompany.com. What I do is choose a domain that I will set as the main domain for the server and then set the hostname on that domain.

 

Lets look at a real life example. I have a server that I use for some of my internet marketing domains. I decided, before that server was deployed, that the default domain was going to be optintrust.org.

 

So, when I first logged in to the server I created a new account for the domain optintrust.org. This process creates the DNS zone file and a CPanel account for the domain.

 

Next step is to edit the DNS zone file (in WHM this is under DNS Functions->Edit DNS Zone). In here I created a new ‘A’ record for the first IP on the server and set this to be srv.optintrust.org.

 

whm-set-host
Technorati Tags:

 

 

Now that we have a hostname in the DNS zone file, the next step is to go ahead and change the server name. This is done in Networking Setup->Hostname. I usually reboot the server after changing the hostname, to make sure that there are no errors and to also make sure that the change of hostname has been saved.

 

Default MX Record

 

Now that we have a sensible hostname, the next step is to create a valid MX record. The MX record is the record in your DNS that tells other servers where to deliver mail for a particular domain. This will default to whatever the hosting company has called your server. It will most likely be something like server123.hostingcompany.com or something with the IP number in it like 192-168-50-30.hostingcompany.com.

 

What you need here is a MX record that also has a valid reverse DNS entry. Without going into details, some mail servers will check whether your MX is valid AND will also check the reverse as well. So, it checks that yourmx.yourdomain.com=your_ip_number and also that, when doing a ‘reverse DNS lookup, your_ip_number=yourmx.yourdomain.com. TO make this happen, you will need to request a reverse entry from your hosting provider. Most hosting providers are well aware of why you would want a reverse entry and will do this for you within 24 hours. All you need to tell them is that you would like your IP number to point to an address. Tell them the IP number and the address (in my case it will be srv.optintrust.org).

 

Once this is done you can set your server’s default MX address. This default address will be set for all new accounts you create on the server.

 

So, what we have done here is to give our server a sensible hostname and create a default MX record with a valid reverse lookup.

Aug
15th

Strong Passwords – Your First Line Of Defense

The strength of your password has an enormous effect on the ability for others to ‘crack’ it. To understand why, we need to look at how most password cracking programs work.

The most common method is what is known as ‘brute force’ cracking. This involves continuously trying to log in (using automated software) with combinations of usernames and passwords in the hope of finding the correct combination. You would be surprised how many people don’t update or change default usernames and passwords when installing scripts or setting up servers. With brute force, the potential intruder will usually use a list of ‘well known’ passwords. These are generally common english words that people often use for their admin passwords. Words such as ‘password’, ‘secure’,’admin’ and a whole host of other common words. These lists that a cracker uses often contain thousands of possible passwords.

The best way to combat brute force attacks is to include capital letters as well as small letters, numbers, special characters and punctuation in the password. Your password should be at least 8 characters, but I’m inclined to make most of mine 12 characters long. This doesn’t provide 100% protection but it does change the time it would take to crack the password from hours or days .. to years. A password like wEo3;(Mk5u+ is going to take an awful long time to crack!

It also makes a lot of sense to change the username. Default usernames such as ‘admin’, ‘administrator’ and ‘superuser’ are very common. By changing this to something like ‘mikey201’ you are adding major improvement in the security of your server or application.

Aug
15th

What About MY Security?

Filed under General | Leave a Comment

That’s a very good question. Obviously any business that is providing a security related service should practice what it preaches. When you sign up for any of our services we split the information and send it to two places. You domain and contact details are added to our database. Your password is sent directly to our staff. By doing this, we avoid storing your password online and we don’t store the combination of domain, login and password in the same place. We also use a secure server for our signup forms, so that the information you are sending to us is SSL encrypted over the Internet.