Category Archives: Dedicated Servers

What is SSAE-16: 2 Report Types & Critics


Logo of the United States Government Accountab...
Logo of the United States Government Accountability Office. (Photo credit: Wikipedia)

Hosting Company Auditing and Certification — Part 2 of 3

Along with Superb Internet’s staff certification for ITIL (covered in Part 1 of this series) and our ISO 9001:2008 certification and registration (Part 3), we are also SSAE-16 Audited.

“Oh, fiddlesticks, that’s a government-infiltration agenda if I ever saw one.”

Man – you again? OK, well, let me explain it. Just, give me a chance here. SSAE-16 (Statement on Standards of Attestation Engagements, #16) was created by the American Institute of Certified Public Accountants (AICPA) as a system of cut-and-dry standards which a business must follow with its finances.

“Must follow. Must follow the lemmings down to Mongoose Hollow.”

Mongoose Hollow … huh, that must be your euphemism for the IRS? Anywho, attestation engagements are worth a quick look. Let’s turn to the U.S. Government Accountability Office (GAO), a governmental agency run by the Comptroller General that “works for congress” (though with its own independent sets of controls) and “investigates how the federal government spends taxpayer dollars.”  According to its Auditing Standard 2.07, attestation engagements “concern examining, reviewing, or performing agreed-upon procedures on a subject matter or an assertion about a subject matter and reporting on the results.”

“Yeah boy!”

Um … I’ll move on. SSAE is extraordinarily difficult to understand – not because its parameters are difficult but because the only explanation of SSAE-16 on the website for the AICPA is at this URL: http://www.aicpa.org/Research/Standards/AuditAttest/Pages/SSAE.aspx.

“You and your capital letters and your big ideas, typing it all in, like the Central Insanity Agency ain’t watching ya.”

Sir, I’m just explaining an accounting method. So … the information from the organization that created the document itself has all information about it BURIED within its website. Additionally, the extent of the information is a massive PDF which includes the language for the standard itself and this explanation describing it: “Reporting on Controls at a Service Organization / This section addresses examination engagements undertaken by a service auditor to report on controls at organizations that provide services to user entities when those controls are likely to be relevant to user entities’ internal control over financial reporting.”

“Read that fourteen times, and it will finally make sense. Once it makes sense, that’s when you know they’ve got ya.”

Well, all right they have me. You win, buddy. Actually it’s much simpler than it sounds. Let’s look below on how to understand SSAE-16 so you know why it means we’re credible alongside our other certifications. We will look at the two types of certifications/reports you can receive. Finally, we will look at critiques to get a broader perspective on the topic – and how it differs from other financial audits.

SSAE-16 in Action

When you get SSAE-16 audited, a third party accounting company makes an assessment of the financial controls your business has in place. It then creates a report and opinion stating the findings of its investigation. The results of the audit make it clear whether or not the business has appropriate, baseline checks and balances in place within its service model so that users can breathe easy.

“I will never allow any man to investigate my machines. It’s unwholesome. Bunch of fellas looking at each other’s numbers.”

All right, that’s uncalled for. And who said it was a man, anyway? Please stop making assumptions. There are two kinds of audit reports. One, also referred to as a Type I audit, is entitled “Report on Controls Placed in Operation.” The other, the Type II version, is called “Report on Controls Placed in Operation and Tests of Operating Effectiveness.” Essentially the first report focuses on the types of controls that are likely operating during a certain window, aka “period of review” – but it does not completely verify that the controls were in placement at that time. The second provides that additional verification that the controls were in place.

“No one will ever either view or review me. That’s why I stay in my cellar with the squirrel artillery, waiting for everyone to leave town.”

Hm. Thanks for the input.

Do You Need SSAE-16 or Not?

The good news: this type of auditing is not legally required for any company that distributes a service. However, it’s possible it will be requested by an outside party – or may even be demanded by their own requirements – or by someone auditing a company that is using your service. Plus, it means it’s less likely that an outside auditor will need to audit your system in order to gauge risk because they will have a standardized assessment of your controls based on the SSAE Type II report.

“Type I, Type II – sounds like they’ve found yet another way to get diabetes into us: through our accountants.”

I don’t think this has anything to do with diabetes, sir. Like many organizations, the reason we choose to have this type of auditing performed is threefold:

  1. It gives us a chance to prove that, alongside our other certifications, we meet standards of legitimacy established by independent third parties.
  2. It gives us access to clients who require this type of auditing and otherwise may not be able to work with us.
  3. It provides another professional perspective on the accounting principles we have established internally.

“That sounds wonderful. Give the government all your business’s numbers, the keys to your house, and your eldest daughter.”\

Sir, that’s out of line. I’m just trying to go over some standards here. Please. A data center that is only used for internal business purposes will not necessarily need to have this type of auditing performed. However, those such as ours that provide a service can benefit from SSAE certification.

As Jeff Clark points out, SSAE-16, rather than being about your core business of the service itself – delivery of services to users –is centrally concerned with the financial needs of your clients. Keep that in mind. It’s why something such as ITIL, which has to do with the quality of service, is so important.

SSAE-16 Case Study: Acquia

Josette Rigsby looked specifically at one company, Acquia, a provider of products and services for use with Drupal (the open-source CMS), to get a sense of whether SSAE auditing can be helpful. She asked how the certification might be useful to vendors seeking to establish credibility.

“I sold cotton candy once at the state fair: no certification, no problem. Cash only. No receipts.”

Sir, we are talking about business services here, not cotton candy. A company such as Acquia, which has a cloud-based model, is able to quell fears among clients related to “security, lack of open standards to prevent platform/vendor lock-in and loosely defined service level agreements.” SSAE-16, however, does not cover all the bases to ensure business legitimacy. Additionally to SSAE, Acquia and other cloud service providers (CSPs) adopt the standards of organization such as OpenStack or CloudStack so that their system has been reviewed by external independent parties coming from numerous angles. Our business, similarly, has the ITIL and ISO certifications as well.

“My show pig Julie once won a certification at the Clarksburg Leaf & Stick Festival. She keeps it on her end table. She’s very proud of it.”

Excellent, tell her I’m rooting for her, and I hope she’ll root for me too.

Beyond SSAE: Why Multiple Certifications Matter

The controls reviewed by SSAE relate to a broad spectrum of business practices, including data backup and security, network maintenance and security, and customer support. However, it is not enough. Let’s see what two critics of the auditing procedure have to say about why the certification is only one piece of establishing legitimacy.

  1. Baseline Standards – As Jeff Clark notes, SSAE-16 auditing does not grade on a scale. It’s a “yes or no” set of parameters. Passing the auditing inspection simply means that a company has a reasonable set of baseline standards as established by the AICPA.
  2. Fuzzy Terminology – Josette Rigsby points out that a business can state during a review that its controls are fine regardless of the auditing process’s findings. If this occurs, the business can state that it has been SSAE audited even though it did not actually pass.

“I just passed gas, does that count? Where’s my certificate, buckaroo?”

Ah come on. We’re in a small room – have some respect. A loophole like that described by Ms. Rigsby means that additional certifications are essential to give clients and partners a better sense of your professional legitimacy. As far as Superb goes, our staff is ITIL Certified (a certification established initially by the United Kingdom government to provide IT standards so that they weren’t only developing independently, in some cases haphazardly, within businesses) as well as ISO 9001:2008 certified and registered.

“Wow, that last one has eight numbers. It must be important. Seven numbers, I would have said, ‘How about one more? Then you’ll have me impressed.’”

I think we’ve covered the fact that you don’t like or appreciate our certifications, sir. Here, have some chamomile tea.

How SSAE-16 Differs from Other Financial Auditing

If you get an audit, you’re typically just looking at your financial figures. SSAE focuses explicitly on how those figures relate to your services – how the services themselves are controlled and guided, and how the services interact with your financial system. An audit can give a sense that your financial system and finances themselves are efficient and sound, but that’s not your clients’ concern. The client cares that you have assurance specifically to your services, so they know that their information and processes are safe within your set of controls.

“I feel very safe. Hm. This tea is delicious. Do you have any honey? I don’t want to have to shake it out of the beehive again, that’s painful.”

Here you go. Drink up.

Summary & Conclusion

Though there are of course critics of SSAE-16, and though some of their concerns are valid, these types of certifications are incredibly important to letting our users know we are transparent about our internal policies. The standards we have adopted, and the analyses and examinations we undergo, allow us to simply and concisely express to our customers that

  1. we meet major industry standards; and
  2. we have undergone the scrutiny of multiple outside organizations to prove it.

by Kent Roberts and Richard Norwood

How an IP Address Works

Often hear the Acronym IP address thrown around? SEO people seem to use it (Search Engine Optimization) as though it’s a numeric stealth ID number to track you down. Well, it’s kinda like that. Here’s a few very recent, and very good takeaways on what an IP address is, and more importantly, how it affects you, or how you can use it to your advantage.

How Public WAN IP works

 
How Public WAN IP works | How to Grow Your Business Online | Scoop.it

From wirelessvictory.wordpress.com – 1 week ago

When you are connected to the Internet, you actually have two different IP addresses, a private LAN IP and a public WAN IP. In most home network applications the router connects your local group of devices…

Juliana Payson‘s insight:

The router usually assigns unique local IP addresses to all of the devices connected to it via a service known as DHCP. The addresses assigned by your router are private addresses and are not routable across the Internet. Whilst you may be confused or sick of reading yet more acronyms, this article by Wireless Victory is an important foundation of definitions in today’s consumption of all things wireless. Most people probably don’t even realize they have a LAN (Local area network) at home connected by their Wireless Router.  It’s likely that all your family phones are connected as devices, including your iPad, your Digital television, your Wireless Printer, and your Blu-Ray, or Set-top-box digital receiver…

Here’s how to take control of your privacy:

How to Change Your Router’s IP Address | Wireless Home Networking

 
How to Change Your Router’s IP Address | Wireless Home Networking | How to Grow Your Business Online | Scoop.it

From blog.laptopmag.com – 1 week ago

By changing your router’s IP address you can give your home network an added layer of Wi-Fi security.

Juliana Payson‘s insight:

You’ll want to change one or both of the last two numbers of the IP address in the LAN IP Address field. You can use any integer between 1 and 254, giving you 64,516 possible IP combinations and making it much more difficult for someone to guess your router’s IP address. Why is this important? Well you’ve often heard people hijacking your bandwidth from your ISP, or grabbing cookies that store your login information. By changing your router’s IP address from something that was allocated or generated, you’ve increased the hassle for someone to break through.

 

SafeIP Hides Your IP Address for Private Browsing, Blocked Media

 
SafeIP Hides Your IP Address for Private Browsing, Blocked Media | How to Grow Your Business Online | Scoop.it

From lifehacker.com – 7 hours ago

Windows: If you want access to streaming media restricted by your location, web sites that display differently depending on where you are, or just a little privacy, SafeIP can help.

Juliana Payson‘s insight:

SafeIP has IP addresses in ten locations, including multiple servers in the US and the UK, and a handful of locations in places like Hong Kong, the Netherlands, Canada, Austria, Poland, Italy, Germany, and France. Conversely where your IP address identifies your location, you may want to piggyback on a proxy server to cloak your location. Now this is not as nefarious as it sounds. Quite often if you are travelling and this will alert your banking logins to multiple locations, you might want to reduce chances of lockout by setting up expected default proxy locations for you to check in from.

Now, every device has an IP address, it so that we can have end points for sending data when we trigger requests. Your website has an IP address, because it’s located on one server. Your phones, and laptops will have a different class of IP address also.

I hope this collection of recent articles helped you tackle your understanding of IP addresses, let me know if you have more questions you want followed up on in the comments below. – Juliana

 

 

Linux & SSH Tunneling: What It Is, How to Do It

 

Chrome's Secure Shell is a winner.. days of st...

Secure Shell (SSH) access is granted for our GridPRO and GridMAX hosting packages. Let’s look at what it is and why it might be useful. It really is a nifty tool – for port forwarding to get around firewall restrictions and send email remotely via your own server.

We will focus specifically on using SSH methods within a Linux hosting environment – however, I’ll briefly note below how to access Windows clients for similar purposes. Be aware that the latest version of SSH is SSH-2, but SSH protocol is typically referred to simply as SSH regardless of version.

For this article, I looked at several pieces around the web for multiple perspectives on the topic: “What is SSH?” from the University of Pennsylvania, “Secure Shell” from Wikipedia, “X11 definition” from The Linux Information Project (LINFO), “Secure Shell (SSH)” from Tech Target, “Quick-Tip: SSH Tunneling Made Easy” from Revolution Systems, “Accessing the Linux Terminals Remotely with SSH” from the University of Illinois, and “5 Basic Linux SSH Client Commands” from The Geek Stuff.

Below we will get a sense of what SSH is, how to use it, why to use it, and a few basic SSH commands. In other words, this article is all about usability and helping you understand the basics of implementing SSH tunneling for your network. Additionally, we will explore how SSH tunneling can be used to dig your way out of federal prison.

How to dig your way out of prison using SSH #1: A prison break isn’t easy these days, but soon we will all be sent there for tax evasion, provided everyone else is as loosey-goosey with federal forms as I am. That’s why SSH has become so critically important for lifer federal inmates if they ever again want to see the light of day. The prison version of SSH or Secure Shell tunneling is not an IT term. Rather, it refers to wall-digging with a smuggled conch shell that you have hidden away securely in your cell.

SSH – What it Be?

SSH (aka Secure Shell or Secure Socket Shell) is a protocol that encrypts information, similarly to an SSL certificate, allowing data to transfer securely. This data could be shell commands, other network administration, file transfer, etc. The connection is typically between two devices, a server and a client, on an unsecured network. The server runs a program specific to SSH server application, and the client runs one applicable to an SSH client.

Typically SSH is used to access shell accounts on UNIX-like OSs. It is also sometimes used for Windows accounts. It is the successor to Telnet, rsh, and rexec – none of which are cryptographic. Whereas similar methods are susceptible to packet analysis, SSH both protects the data and keeps it from unwanted manipulation.

SSH tunneling also sets itself apart from other ways to remotely log in to a network by encrypting your login credentials so that malicious parties can’t see them as they’re typed. Additionally, SSH establishes X11 connections. Because SSH establishes X11 connections, DISPLAY does not have to refer to remote devices. A few words on X11:

What is X11? X11 is the newest version of the X Window System, also known simply as X. X is the most commonly used management system for GUIs on UNIX and similar OSs. The first version of X by the Massachusetts Institute of Technology (MIT) was the original OS that was completely free of any crucial ties to either hardware or vendor specifications.

By version X10, X had become increasingly popular, but its lack of hardware neutrality effectively hindered its growth – hence the development of X11, which required outside assistance from MIT via the tech firm DEC. DEC provided X11 as free open-source software. According to the Linux Information Project (LINFO), “X … represents one of the first large scale open source software projects, and it set a precedent for the development of Linux, which began just a few years later.”

SSH is just one type of program to login remotely and securely transfer files. SCP is an example of an alternate protocol for conducting the same task.

How to dig your way out of prison using SSH #2: All right, it’s 2 a.m. Grab your shell, and let’s get to work. See that weak point in the wall right behind Roscoe’s bunk? That’s the place. You saw Shawshank Redemption, right? Good, because I didn’t. Apparently digging a tunnel can get you out of prison … makes sense I guess. It’s a little uncomfortable, not for the claustrophobic. As far as that goes, if you want to protect your mind, err on the side of wider and taller. Really make that tunnel spacious. With prison-break SSH tunneling, it’s all about process, not end result. Make it beautiful. Put some pictures of your family on the walls. Get inspired.

Basics on SSH Use: 3 Commands

Per The Geek Stuff, here are 3 basic commands for SSH tunneling.

1.)    Identify the client

You may need to identify the version of SSH client you are using. (Note that Linux standardly includes OpenSSH.) Here’s how you can achieve that:

$ ssh –V

OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003

2.)    Login to your remote host

Use the following command to log in to the remote device:

localhost$ ssh -l jsmith remotehost.example.com

When you initially log in, you may get an error message stating that the host key is not found. Click Yes to proceed. You can add the host key within the directory .ssh2/hostkeys.

To get a public key’s fingerprint, use this command:

% ssh-keygen -F publickey.pub

Log in again. Now it will only ask for your password. The host key is recognized.

Note that occasionally the host key will not be recognized, and you will receive another error message. This message could be due to malware or just because the software or remote host credentials have been updated. The wisest thing to do is contact the sysadmin to determine why the host key doesn’t work.

3.)    Transfer files between local and remote devices

This process is conducted with a simple one-line command. To copy a file from the remote host over to the local one, use this script:

localhost$scp nancypants@remotehost.mamasbakery.com:/home/nancypants/remotehostcupcakerecipe.txt remotehostcupcakerecipe.txt

To copy from the local one to the remote one, use this:

localhost$scp localhostcupcakerecipe.txt nancypants@remotehost.mamasbakery.com:/home/nancypants/localhostcupcakerecipe.txt

How to dig your way out of prison using SSH #3: Hey what’s Roscoe doing back there? Roscoe, get out of here. No, Roscoe, make your own tunnel. Two people in one tunnel is too many. Am I trying to escape? Sort of. I also just like digging. I’m a digger by nature. The entire family on my father’s side was badgers. Yeah, my mom’s weird. Yep, badgers dig. You didn’t know that? They love digging. Anyway, so do I. If I do eventually burrow through to open air outside of the prison, it’s going to be a bittersweet moment.

Example: Use of SSH – Port Forwarding When Travelling

The author of the Revolution Systems piece uses SSH tunneling on his Linux/Unix PC to transfer data between his local account and a remote account – specifically for port forwarding to allow email to send through his own server and allow capabilities otherwise not possible in firewalled, excessively tight environments. Let’s look at these two scenarios.

Emailing from Restaurant or Hotel WiFi:

Any e-mails he sends go from his computer to his server, where they are then transmitted to external parties. This route allows not having to change Simple Mail Transfer Protocol (SMTP) servers or use specialized software when operating within firewalled public environments such as WiFi hotspots. Here is how you can use SSH tunneling for that.

1.)    First, you need to use an SSH client such as OpenSSH. Here is the portable version. (Note that for Windows and Mac, you can check out this page for the former and this one for the latter.)

2.)    Within OpenSSH or another similar program, type the following into the command prompt:

ssh -f user@personal-server.com -L 2000:personal-server.com:25 -N

What does all this mean?

  • ssh – Instructs your PC and the server that you’re using secure shell protocol
  • -f – Instructs SSH to retreat to the background
  • user@personal-server.com – Designates your username and server, specifying the appropriate account/location
  • -L 2000:personal-server.com:25 – This designates the local port, host, and remote port, specifying the channel for transmission of data
  • -N – Tells the SSH client not to execute any commands on the server.
  • Bottom Line @ This Point: Your local port 2000 (PC) is now sending everything over to remote port 25 (server). Plus, it is completely encrypted.

3.)    Go into your email settings, and use localhost:2000 as your SMTP server.

4.)    Celebrate. Send a spam email to all your relatives letting them know you’re living in an encrypted wonderland they may never know.

Accessing Restricted Functionalities:

You can also use port forwarding as a workaround when a firewall won’t allow you to communicate in certain ways on the web. The example used on Revolution Systems is inability to use Jabber to interact with Google Talk. The following technique can be used to get around that particular scenario.

1.)    Again, enter OpenSSH or similar.

2.)    Enter the following command:

ssh -f -L 3000:talk.google.com:5222 home –N

What does all this mean?

  • talk.google.com – the Google Talk server.
  • home – SSH alias for his personal server

3.)    Go into Jabber client settings and configure it to use localhost and port 3000. (The traffic doesn’t send from those, though, but forwarded via the server.)

4.)    Call your mistress and tell her you can do the thing on the thing now.

How to dig your way out of prison using SSH #4: Roscoe, are you with the warden? There are three of us in here now? This is nuts! Why have I created a hookah café within the walls of the prison? Well, that’s a reasonable question, warden. Would you like to use the hookah? I’m not hogging it. It just keeps me calm when Roscoe and the warden find me in my SSH tunnel, and similar situations. Have a seat, warden. You’re making me nervous.

Summary & Conclusion

Those are a few basic techniques for SSH tunneling. You should now know how to log in securely and transfer files between two devices on an unsecured network. Additionally, you should be able to get around some of the firewall restrictions you experience while travelling – via an enhanced ability to use your server’s parameters rather than those of a WiFi network.

Finally, you will be able to enjoy a cup of Turkish coffee and berry-flavored hookah inside the walls of a minimum-security prison. Put that conch shell down, Federal Inmate #38475-99873. It’s time to party.

by Kent Roberts and Richard Norwood

cPanel vs. Plesk: The Value of Flipping a Coin 199 Times

 

CPanel

cPanel Control Panel and Parallels Plesk Panel are the two most popular control panels for the management of a network or website. Each platform of course has its own layout and set of features, so each has different appeal. How to choose, then? This article is an assessment of how cPanel compares to Plesk so you can decide which one might be the right choice for you.

I looked at a number of different opinions to assist with this piece. I referenced an article by Matt Hartley for Locker Gnome, an uncredited piece for Worth of Web, and one by Taniya Vincent for Bobcares. The piece is set up as a literature review – looking at the different points made by each source independently (as opposed to going step-by-step according to topic).

As 948 of 1000 of the world’s top IT professionals will tell you (source: Better Homes & Gardens), the best way to decide between cPanel and Plesk is simple:

  • Look at a few different opinions – as with any binary, people are often one-sided.
  • Get a sense of the strengths and weaknesses of each CP.
  • Flip a coin. Best out of 199 flips. Carefully chart your flips.

Perspective 1: Locker Gnome

This article looks at the initial establishment of a website using each of the two control panels. This helps give a sense of how intuitive each system is.

Plesk Setup & Overview

According to Hartley, Plesk is extraordinarily easy to use. As soon as Plesk loads its first screen, you add a domain and start following prompts, which are essentially a series of “Next” buttons to different screens allowing you to turn on/off different features, activate your FTP client (for loading files to the server), etc. As Hartley writes, “I cannot overstate how ‘droolingly’ simple Plesk makes this – it’s almost frightening.”

So the system is highly intuitive. Also, though, it’s not just simple/intuitive but extremely efficient. Rather than having to enter into different screens by navigating or searching, support for different languages of code (Perl, Python, PHP) is a toggle-option on one of the setup screens, as is your domain’s policy – just a step-by-step series of decisions.

Following the setup of one domain, the Plesk system moves on to establishment of e-mail accounts, creation of subdomains, etc.. It is a simplified system that Hartley does not see as oversimplified. He sees it as an easy, painless way to establish, organize, and manage websites.

How is your coin flipping going? Are you to 50 yet? Or have you just been reading? Just reading, huh? Wow, you really love to read – or you just aren’t into flipping coins. Huh. I’m going to jot this down in your psychological profile. Please continue.

cPanel/WHM Setup & Overview

Simply the name of this control panel makes it problematic to Hartley. It’s not in fact one control panel but two. To him this is excessively complex for anyone using the system for the first time. So that is a strike against it regarding ease-of-use.

Perhaps part of the problem with cPanel, based on Hartley’s observations, is its strong popularity – which has meant that the company has wanted to be careful about changing any of its functionality because people get used to the system being organized in a certain way, even if it’s not entirely intuitive.

Choosing between cPanel and WHM when you first enter the system is confusing. If you’re trying to set up a website, you might think that WHM seems right, since that is the web hosting management portal. Here was the intuitive flow that Hartley followed, which ended up being frustrating:

  1. Click into Basic cPanel/WHM Setup
  2. Enter default nameservers
  3. No place immediately here to add a domain or proceed through a step-by-step series
  4. Click home
  5. Enter into account details
  6. Enter into configure the server
  7. Enter into multi account functions
  8. Click cPanel link
  9. Scroll down screen – click on create new account
  10. This works.

Hartley views navigation of this system as dreadful. He does point out that for a user who is highly experienced, and especially one who is already familiar with cPanel, the control over the server may be preferable – all in all, though, his thumb is up for Plesk.

I’m going to go out and start flipping a coin for you. Just a second – I need to find a coin. Could I flip a credit card? No, that doesn’t seem right. Maybe I can flip my shoe. No, the weight isn’t unevenly distributed – classic rookie flipper mistake, trying to substitute tiny metal cylinders with footwear. Gosh. It’s time to get laundry quarters anyway.

Perspective 2: Worth of Web

This article looks at the two platforms in terms of five major characteristics: OS support, interface, cost, setup/UX, and migration.

OS Support

Generally speaking, Plesk is favored by Windows users, and cPanel is favored by Linux users. Plesk is gradually catching up regarding its breadth of OS support.

Interface

Everyone likes a GUI that is easy-to-use. Like Hartley, this article argues Plesk is the obvious choice. However, the familiarity of cPanel by itself is compelling – things are “where you expect them to be” if you are a veteran of that control panel.

Cost

This is somewhat of a tossup. cPanel has only one option, which is unlimited and annual. Plesk allows monthly subscribing but is slightly more expensive for small numbers of domains, significantly more expensive for unlimited use (almost double the price).

Setup/UX

This piece again follows some of the same logic regarding setup and intuitive use of the system as did the Locker Gnome piece. It points out two distinct ways in which cPanel is a little tougher to use:

  1. Separation of roles – two different applications for two different types of users. Plesk, on the other hand, allows login from a single position, with administrative entry giving access to a more robust set of features.
  2. Setup – initial setup that is not all in one place, no handholding. Plesk, in contrast, offers a step-by-step process similar to initial download of a new Windows application.

Migration

According to this article, migration is the main difference between the two systems (although it seems that UX and OS friendliness/compatibility are other key ingredients). Migrating to a different server is free with both platforms. Transitioning to a different control panel involves buying advanced migration features for either of the two control panels.

Okay, I’m back from the bank. Yeah, I got a roll of quarters. Sorry it took me so long. I went ahead and started a load of whites too. I use generic detergent because I don’t care if my clothing gets clean. It just makes me feel good to wash it. Anyway, clear off the table for the 199 flips. Move all your interior decoration magazines please.

Perspective 3: Bobcares

This piece, similar to the Worth of Web one, looks at a number of different features for the control panels. However, it divides them up to discuss them one at a time per platform.

cPanel attributes

  • Exceptionally fast load times – Very quick and efficient on the majority of servers. cPanel does not rely on an external database, which greatly improves its performance.
  • Better functionality – cPanel packages that you get through a hosting service will typically contain a stronger set of features. cPanel is better integrated with a wide swath of applications. This integration means that you have more options for easy and efficient operation on it than you do with Plesk.
  • Stronger reseller hosting – Both systems offer reseller hosting, though cPanel’s system is more long-standing and refined. You can create hosting packages, manage accounts, and monitor the usage of resources through the reseller system – simple model and easy access.
  • Linux specificity – Well, this is not entirely true. Enkompass is available for Windows users, but it has not gotten very good reviews.
  • Annoying maintenance – Configuration and security is time-consuming, with regular updating and patching to keep the system free from intrusion.

Okay, let’s see. So, we are at 48 heads and 46 tails, right? Wait a minute, I think we forgot something. Which side stands for which control panel? Otherwise we’re just flipping this thing for no reason. Let’s flip the coin 199 times to determine which side stands for which.

Plesk attributes

  • Allows clustering – This system is easier to use with a number of different servers. You can manage all of them from one GUI. Web servers, database servers, FTP servers, and all other types of servers can all be managed from one central location.
  • Windows friendly – Both major operating systems are supported. Web hosts have access to a fuller spectrum of clientele. The clients themselves can choose between whichever operating system they prefer.
  • Full Windows compatibility – The integration between Plesk and Windows is strong – it’s fully integrated, for instance, with Microsoft SQL Server.
  • Bad third-party compatibility – Plesk is not integrated with many independent apps designed for Linux. Plesk can be used with Linux of course, but it is not nearly as versatile as cPanel is for that OS.
  • Slower loading – Plesk, to put it simply, was not built for speed. It can become particularly slow on Linux servers. Even on very strong servers, Plesk can sometimes require a lot of patience.

Hm, I think we made the same mistake. I’ve flipped the coin 126 times now, and it’s dead even at 63 apiece. However, I can’t remember exactly why we’re flipping the coin – to determine which side is which control panel, but how exactly does that work? I think our logic is a little fuzzy.

Summary & Conclusion

There are certainly pluses and minuses of each system. The basic gist is this:

  • cPanel better for Linux, Plesk better for Windows.
  • Plesk generally easier to use.
  • cPanel generally faster at loading.

Good luck. Let’s stop flipping the coin. I don’t feel like we are getting anywhere. I’m kind of embarrassed for having suggested it. Go back to reading your magazines. As soon as you get your degree, I want 1940s Algerian decor in here. It can be your thesis project or something.

by Kent Roberts and Richard Norwood

Using Your Server as a Proxy Browser

 

English: Illustrated concept of a proxy server...
English: Illustrated concept of a proxy server. A client ("Charles") asks a computer running a service ("Jonas") for the current time, using a proxy server as an intermediary. (Photo credit: Wikipedia)

Your IP address is stored by almost every online service you might visit. Is this always a good thing? Certainly not! Why would you think that? Big Brother is bad enough, but once Big Sister gets ahold of your information, she will share it with the whole family (she’s well-intentioned but, sadly, does not always prioritize your privacy).

You may want to use proxy browsing for such tasks as online banking, consultancy, or sales. We’ll get into other reasons it might be a valuable idea for you to consider. Surfing the Web undetected is something every superhero desires and some can implement without even trying (those whose superpower includes online invisibility). Even if you can’t be immediately invisible when you roll out of bed – which is incredibly frightening to your pets if you can anyway – you can become kinda-sorta invisible by using your server as a proxy to browse the Web.

Essentially what this allows is your IP to be concealed, making it look like your IP is located somewhere across the globe, such as the Kremlin or an Internet café at a Buddhist monastery in the Himalayas.

The below information details how proxy browsing via a server can be achieved. My sources were a piece on Wired by Jack Donovan,  instructions from Yale University IT, one by Benny Taylor for Salon, and a James Bruce piece for Make Use Of . I will discuss proxy access generally, why it might make sense, ways to use proxies and configurations, directions for the major browsers, and the SSH tunneling method.

Proxies – You Have Access

Note that you can use a proxy browser regardless if you have a hosting company, as per instructions from Jack’s Wired article. Obviously your own server via your hosting service, or your own in-house server, is preferable because you understand the company’s security credentials and you’re keeping everything contained within your current networking environment.

However, options are available for access to all. The servers you can use are publicly available, posted to Google freshly each day, just like soup (note that unlike soup-of-the-day, the proxies are unavailable in chowder form except at an additional cost). Wherever you are getting the server information, either from your own system, the hosting company, or online, what you need is this configuration of numbers to input into your browser of choice: XXX.XX.XX.XXX:XXXX.

You can either look up a proxy list through a search engine or go straight to this site. Do not opt for transparent options, and you don’t need to enter additional details the browser requests if you don’t have them: the IP address is sufficient. Also note that the proxy can be anywhere, though most people choose to operate directly out of the Pentagon so they can send some international peacekeeping tweets (how wars are won in the digital age).

Why Use a Proxy

Benny’s article for Salon mentioned several additional benefits of operating via a proxy. You can block employee access to specific websites (hurray!), log schedules of employee Internet usage (“What’s your obsession with the WWW, Horowitz?”), and get a better sense of where employees are going on the Web (“Monster.com? C’mon, Horowitz”).

Depending on the service and where it is installed, you can achieve a degree of online anonymity and look at websites that are typically inaccessible to outsiders. Benny specifically references the fact that people all over the world are able to use proxies based in the US to reach websites and materials censored in their home countries. Individuals using a proxy server for these reasons should check their nation’s laws to be aware of any they might be breaking (for example, in Guatemala, looking at a picture of a naked lady is considered third-degree manslaughter).

Also, note that SSH tunneling (described a few sections down) can be useful if you are unable to access common proxy sites due to restrictions in place in your country. Again, be aware that you are probably going beyond the bounds of laws in these cases. Also, put down the joint.

Ways to Use Proxies & Configuration

Benny also discusses the use of proxy browsing through one’s own server via software or a separate piece of hardware with the software pre-installed for use. Also note that hardware firewall solutions sometimes are configured to allow proxy server usage by default. Finally, you can subscribe to software as a service (SaaS) proxy capability. This last option allows you to externalize the operations to a third party, like we do with our garments (around these parts, mama no longer knits in the evenings … stop proving me wrong, mama!).

You will typically be able to pre-fetch (a.k.a. cache) Web data for easy access. There is also generally functionality to filter the data and monitor on a broad or case-by-case basis. Each individual device throughout your network will need to be configured to connect to the Web through the proxy. All interactivity with the Web will then flow through that server, on which you can place whatever parameters you like (lack of access to certain websites, mandatory corn chowder specials, etc.).

You also need to prevent all of the networked devices to disallow individual users from bypassing the server at any point. For legal purposes and also so that everyone understands the guidelines in place, issue a detailed description of what the proxy is doing – what data is gathering and in what ways you’re analyzing it (while stroking your beard, for instance).

Directions for the Major Browsers

Here are the directions from Yale IT on how to configure individual browsers to operate as proxies. These directions may be unnecessary if you have attained proxy software (as discussed above), and the software is integrated with your primary browser. The below is the standard manual solution – all you will need is the IP address, and desirably the port and SSL information, related to the server you’re using. Additionally you will need one large can of tomato paste, six dozen popsicle sticks, a Bunsen burner, and unwieldy scientific passion.

Mozilla Firefox:

  1. Open Firefox.
  2. On a Windows PC, go to Tools > Options. On a Mac, go to Firefox > Preferences.
  3. Enter the Advanced section and Network subsection.
  4. Go to Settings (which is positioned adjacent to “Connection: Configure …”)
  5. Choose Manual Proxy Configuration.
  6. Enter your Proxy credentials you have obtained next to HTTP Proxy. This is the IP address in the format XXX.XX.XX.XXX:XXXX.
  7. If you have port and/or SSL information, enter it. If not, per Wired, don’t worry about it.
  8. Enter OK on Windows, or Apply on Mac. Do this until all windows you have entered are closed, and you’re back to the original browser screen.
  9. You’ve done it. You can now get right to infiltrating NASA and redesigning the International Space Station’s spacious, open-air arboretum.

Internet Explorer:

  1. Open IE. Go to Tools > Options.
  2. Enter the Connections section.
  3. If you are using dial-up or standalone DSL (as is typical when accessing through a home connection), enter Dialup Settings.
  4. Click on the profile through which you connect to the Internet. Go to Settings.
  5. If you are using a Local Area Network (LAN), DSL router, or cable modem, enter LAN settings. Mark the checkbox under Proxy Server entitled “Use a Proxy Server.”
  6. Go to the Advanced window.
  7. In the text box adjacent to HTTP, enter the IP address specific to your server (or the public server IP you attained online) under Proxy Address to Use.
  8. If you have port and/or SSL information, enter it. If not, per Wired, don’t worry about it.
  9. Enter OK. Do this until all windows you have entered are closed, and you’re back to the original browser screen.
  10. You’ve done it. You can now send out your tweets to the Taliban from the Department of Defense (“@Taliban, please tone down the anger in your hate mail. #DODepression”).

Safari:

  1. Open Safari. Go to Safari > Preferences.
  2. Click on Advanced.
  3. Next to Proxies, enter Change Settings.
  4. Look under Show, and you should see the parameters with which you’re connecting.
  5. Click the checkbox adjacent to Web Proxy (HTTP). Enter the IP address specific to your server (or the public server IP you attained online) in the first text box.
  6. If you have port and/or SSL information, enter it. If not, per Wired, don’t worry about it.
  7. Enter Apply. Do this until all windows you have entered are closed, and you’re back to the original browser screen.
  8. You’ve done it. You can now surreptitiously sell your overpriced religious holiday baubles to the people of North Korea.

The SSH Tunneling Method

James Bruce’s article in Make Use Of focuses specifically on the SSH tunneling method to use a dedicated or virtual private server (VPS) as a proxy. This method, because it uses SSH, is typically inaccessible to those in shared hosting environments. However, if you search the support pages for your shared account, you may find it is possible.

** Word of warning: Remember at all times that this traffic still funnels directly through your hosting account (ie, it’s not fully anonymous); plus, it uses bandwidth, so if you have limitations, you don’t want to go overboard using it as a proxy.

Windows

  1. Download software to allow you to communicate via SSH. James suggests Putty and uses it for demonstration, so I will too. Note that Silly Putty can also be used for this purpose – much less effectively, but nonetheless, hilariously.
  2. When Putty asks for a domain, do not use your root account. Use any domain that is SSH-enabled.
  3. Click on SSH in the sidebar at left and ensure that “Enable compression” is checked.
  4. Expand SSH, and you will see “Tunnels.” Source Port should be 9090 and destination should be Dynamic.
  5. Return to the Sessions screen (at top on sidebar).
  6. Give a name to your settings and save it so that you can use them in the future.
  7. Click Open. Username and password cannot be saved, and you may find it difficult to enter your password. You also may need to ignore windows that pop up re: authentication (per James).
  8. Move onto your browser configuration as described below.
  9. Give a high-five to each of your six unpaid college interns.

Linux / OsX

  1. Enter the following command into a terminal: ssh -C2qTnN -D 9090 username@yourdomain.com.
  2. Supply your password.
  3. Move onto your browser configuration as described below.
  4. Give one low-five, to your Intern of the Week.

Change the Connection > Proxy to SOCK S5. The URL should be localhost, and the port should be 9090. If you need further instructions, you can visit James’ article here and search for “configuring the browser.” It gives instructions specific to FF and IE, as well as how to implement system-wide on Linux or OsX.

Summary

I’ve explained proxies generally, why to use them and ways to use and configure them, directions for the major browsers, and the alternate SSH tunneling method. Be careful, guys and gals. It’s a scary world out there. WWJD (“What Would Julian Assange Do?”) may not always be the best policy.

by Kent Roberts and Richard Norwood

Is A Dedicated Server Right For You?

 

    Picture it. You build a web site, you host it at a web hosting company (preferably Superb) and before you know it, you have a successful web presence. Suddenly you need more memory, more web space, more bandwidth and more features. You know you need a more comprehensive web hosting solution but do you upgrade your virtual account or do you go to a dedicated server – a server dedicated to your needs alone.While Virtual or shared hosting may have been or may be enough for your web site, you should keep in mind that you are sharing resources with others, much like living in an apartment building. 

    On the other hand, dedicated hosting is like owning the house. Your web site will have complete usage of the server’s resources therefore likely to be served faster versus sharing with a 100 plus sites on the shared server. This option could very well cost hundreds of dollars more per month over the virtual hosting but if your web site and traffic, not to mention your business requires it, then skimping on money should be your last concern. Would you rather split the electric bill with your friends or pay for it yourself. When I was in college I would have said split it. Once I lived through my roommates’ friends’ friends eating my food, I decided shared living space, (shared hosting) wasn’t for me.

    Unlike shared hosting, a Dedicated Server is where you lease the entire server from your web hosting company, in this case, Superb, including the hardware and the operating system. The hardware, operating system, connectivity, redundancy, and monitoring costs are usually spread out over the duration of the service agreement. Typically, this includes connectivity to the Internet, redundancy measures, and monitoring.

    Dedicated servers are for larger, professional web sites which may require a great deal of traffic, use secure E-commerce applications, have sensitive content, application hosting, resellers offering shared hosting services to their customers and so forth. The Dedicated Server is provided by the web hosting company and “leased” to the customer (at Superb we offer a “lease to own” program which is unique to Superb alone).

    If your Internet business or application falls into one of the categories above, leasing a dedicated server from a web host can save you time and money in the long term, as well as reduce the risk involved with owning and maintaining the hardware yourself. You don’t have to bear the upfront costs of purchasing the hardware yourself, plus the installation and Internet connectivity costs, plus the costs of continuous monitoring and hardware maintenance.

    Resellers and developers can benefit from a dedicated solution since the cost of adding new accounts/customers on a dedicated server is zero.

    Another important reason to choose a dedicated hosting solution is the need for large amounts of bandwidth or data transfer capacity. If you have a heavy traffic site, you will certainly require a large amount of bandwidth each month.

    Finally, and best of all, only your data is on the server. You are not sharing the memory, processor, or bandwidth with anyone else. Your server has it’s own port to the Internet. It is there to serve you.

    Once you have decided that a Dedicated Server is the right choice, here are a few other considerations:

    1. Operating Systems: The two most popular are Unix and Windows 2000/NT. There are others such as BSD and Solaris, however these are the two most prevalent choices. For more on this read “Deciding Between Unix and Windows 2000/NT”. Usually the decision comes down to the scalability of Unix versus the standardization of Windows 2000/NT.
    2. Web Servers: Here the most popular are Apache for Unix and IIS (Microsoft Internet Information Server) for Windows 2000/NT
    3. Programming and Databases: For Unix, the two most popular are Perl and PHP. PHP is growing in popularity because it allows you to connect to a database, usually MySQL very easily. For Windows ASP is the language of choice, which can be used with MS Access or MS SQL database software.
    4. Hardware: The choice is what speed, single or dual processors, RAM, how much hard drive, SCSI or IDE and most importantly, who pays for hardware maintenance. With Superb you can get 2 hours of hardware support per month for $25. With most web hosting companies, hardware support ranges from $90-180 per hour and up.
    5. Data Backup and Security: Without going into great detail, the choices are RAID (short for Redundant Array of Inexpensive Disks) using such methods as disk striping and disk mirroring (RAID level 1) to achieve redundancy, lower latency, higher bandwidth for reading and/or writing and most importantly recoverability from HD failures.On the other hand if you are looking for off-site storage, tape backups may be the right choice for you. For more on this checkout the additional services under our Dedicated Server options.No matter what type of back-up option, it is important as anyone who has ever had a HD fail and has lost all his or her data, can attest to.
    6. Bandwidth/Traffic: How much is included and how much is additional traffic?
    7. Network Utilization: It is very important to ask the web host about how much of their network is currently being utilized (at Superb currently about 30%). Remember, a web hosting company may have a number of DS3s but if they are 95% utilized, there isn’t much room for growth on those lines. The speed of the network will suffer because of congestion.
    8. Custom Configurations and other considerations: A more technical question, but also very important, is whether your server is on a dedicated port, or on a shared port. A related question is whether the network you are connected into is based on a switch or a hub. Switched networks like that of Superb’s are higher performance, and offer more security.Then of course, there is the custom configurations, additional software, etc. You need to know how extra per hour much it costs and what is included or excluded. Whether or not the web host is even capable or willing to do the custom work (at times the web host will have to say that they cannot or will not support certain custom configurations).

     

     

     

    While there is a lot to keep in mind when deciding on whether or not, a Dedicated Server is right for you, if you take the time to research the options and you have discussed them with our Dedicated Service Coordinator as required, you will find that it is all in what you know — and need. I have another post dedicated to showing the difference between Shared Web Hosting, VPS and Dedicated Hosting if you still need help.

    One final note. If you feel that you have outgrown shared hosting but are not quite ready for dedicated service, then why not check out our servers. It is the perfect stepping stone between virtual hosting and a dedicated server. You get increased flexibility, resources and power, with an easy to use web-based interface, at a fraction of the cost.

by Kent Roberts and Richard Norwood



Follow Rich Norwoodon
Google+