Tag Archives: Servers

Secure Website and Operating System Backups

A timely discovery in a cPanel Users forum has encouraged Web Hosting Platform Providers to tighten up security.

cPanel Addresses User Concerns of Transfer and Backup Restore System Security


cPanel Addresses User Concerns of Transfer and Backup Restore System Security | How to Grow Your Business Online | Scoop.it

From www.thewhir.com – Yesterday

cPanel Addresses User Concerns of Transfer and Backup Restore System Security. cPanel has addressed customer concerns around its security model used by the transfer and backup restore system in a forum post on Tuesday.

Juliana Payson‘s insight:

Incase you hadn’t thought about it, where do you restore your backups from? Users discovered a route for potential exploits since backups could be restored from unsecured sources. There are a round of various opportunities to back up your websites, some examples are listed below:

Best backup software for backing up server OS and DATA


Best backup software for backing up server OS and DATA | How to Grow Your Business Online | Scoop.it

From community.spiceworks.com – last week

Everyone! I have a custom built server that is located in my parents office. IT has 1 ( 500gb hard drive for the OS ) … | 28 replies

Computer Geek‘s questions:

1.) Can anyone suggest some good backup software to backup my server OS and DATA every night. I am planning to buy an external hard drive for that…

2.) In case anything goes wrong with the server OS ( which also has the domain). I can just restore an image maybe? So that it can run again as soon as possible?

3.) I want to set it to always backup every night or after office hours.

4.) What are my solutions to backup the domain without having to buy another server?

One thing that’s great about forums like this is not just the plethora of advice available, but also the fact that it comes from as many different perspectives, one of which may fall in line with your own goals. I like one person’s response who reminded us that a local backup strategy can protect you from a hardware fault in your system but it will not be protected from an outage which could take out both your primary data and your backup data. With the recent destructive nature presented in the news think fire, flood, power outages and such.

One way to protect against situations like these is to have alternate copies of your data elsewher,e typically  in the cloud or in a different physical web hosted location.

– Juliana

 

Best cPanel Plugins, Part 1

 

Logo

Using cPanel/WHM for hosting is greatly enhanced by taking advantage of the many plugins that have been built by third parties to increase the functionality of cPanel. Administration is simplified by these plugins. The speed and effectiveness of your capabilities using your cPanel system will get a huge boost by becoming familiar with some of the best options out there.

These plugins are across a broad spectrum. They all, in one way or another, help with configuration, management, and/or tools – a broadening of what cPanel can offer as a server administration control panel.

For this piece, I referenced a piece on GK~root. The GK~root article specifically recommends the ConfigServer plugins, which are available as a complete package through Way to the Web. This article (the one you’re reading or having read to you in a dramatic whisper by your executive assistant, Sheila ) also cites the cPanel site directly, listing the three apps that are rated the highest by users: Google Apps Wizard, WHAM!, and Atomicorp Modsecurity Rules.

Below I will provide summaries of the plugins, as well as the origins of their names. Be aware as you are installing plugins that the entire cPanel system can be plugged into another cPanel system. There is no reason to do that, however, and it will send cPanel spiraling on a repeating loop that will eventually make it develop artificial intelligence (as it sees itself seeing itself), grow increasingly despondent for several days, and then “willingly” self-destruct.

Atomicorp Modsecurity Rules

This plugin is a firewall with a database of 15,000 signatures. It also is fully customizable and makes it easy to develop your own firewall system.

Origin: The name was derived from the developer’s initial desire to use nuclear fission to attempt to make starfish “speak their thoughts” (who knows what he meant by that, although I’m pretty sure I just heard a starfish say that he’s tired).

ClamAV Scanner

Clam Antivirus (ClamAV) enables you to scan for antivirus and spyware on the server. Once installed, you will see a Virus Scanner icon within cPanel.

Origin: The creator of ClamAV ate clam chowder, and as you can imagine, contracted a horrible stomach virus. He came up with both an antidote for chowder-induced food poisoning and this plugin.

Clean Backups

This plugin allows you to save backups of any accounts that are removed from the system. These accounts are saved to the backup drive and remain there until they are manually removed.

Origin: Clean Backups is named after the Scottish tradition of storing a second bar of soap in the bathroom for hygiene emergencies.

ConfigServer Explorer (cse)

This app provides a graphical user interface (GUI) for managing your file system, along with a window that allows you to use cPanel within any of the major Internet browsers (serving essentially as a browser add-on in that capacity).

Origin: This application was called Explorer not because it explores the files, but because Ponce de Leon wrote the full code for this plugin in his diaries during a fever when he was thought to be losing his mind.

ConfigServer Mail Manage (cmm)

This plugin means that you don’t need to log in to a specific user’s account in order to be able to manage email. Instead, you have immediate configuration options accessible through this app.

Origin: “Mail manage” were the final words of Marlon Brando. It is thought that he was concerned his subscriptions to Guns & Ammo and People would continue indefinitely if someone did not go through all of his scattered paperwork.

ConfigServer Mail Queues (cmq)

This allows you to control the network’s email queues through a GUI with various features for exim administration via WHM.

Origin: This plugin was inspired by the 2002 song of the same name by the Indiana-formed folk-punk band Ghost Mice. The band reportedly hated having to wait in line to send out care packages to their girlfriends, all of whom were in prison.

ConfigServer ModSecurity Control (cmc)

This gives you a GUI in WHM so that you can better see and control the mod_security module.

Origin: ModSecurity Control was originally named MobSecurity Control until it was used to attempt to control angry mobs during a poorly refereed championship high school soccer game in Newport, Rhode Island. It was then realized that it could only provide virtual control.

ConfigServer eXploit Scanner (cxs)

This app specifically provides security against exploitation whenever a file that scans is loaded onto the server.

Origin: eXploit Scanner is the name given in Australia to a man hired by a bachelor to go to a bar with him to scan the clientele for potential exploits or adventures (typically attractive members of the opposite sex, although anyone with access to helicopters and kangaroo hunting equipment is also targeted).

ConfigServer Security&Firewall (cxs)

This plugin protects Linux servers with a firewall, detects against intrusion, and provides additional security features.

Origin: Security&Firewall is named after the first-born daughter of Charles II of England, the first-recorded usage of an ampersand (“&”) in a name. Security&Firewall went on to develop a new and innovative way to look dainty and not say anything (strange why her name should be used for a security plugin).

Domains Statistics

This app provides organized statistical information for any of the URLs that you are running on the server.

Origin: The origin of “Domains Statistics” is unknown. It is widely believed that it is simply a description of what the plugin allows, but conspiracy theorists believe it is a code phrase used by the CIA to refer to all Americans as statistics just waiting for eminent domain to steal all their stuff (dreams included).

Google Apps Wizard (cPanel #1 Rating)

This plugin integrates WHM with Google Apps so that you can more easily manage the service on any sites hosted on the server. To use Google Apps with any of your domains, the wizard requires only two clicks. This plugin is the highest rated one on the cPanel site, with a score of 4.4 out of 5 stars.

Origin: The wizard in its name is based on the use of DNA from a medieval wizard in its code. Note that the plugin sometimes accidentally creates a potion that makes your server disappear, appear briefly in a parallel reality light years away, then reappear four feet away from its original location.

Installatron Applications Installer

This plugin allows for one-click installations of any apps you might want to add to your site – making the installations faster and providing easier management.

Origin: Installatron is the name of a demonic drywall installation overlord-bot who ruled despotically over the Iowa commercial construction market throughout the 1970s, installing drywall haphazardly and using cancerous chemicals to attempt to bring Iowa to its knees (no dice!).

Munin Service Monitor

Munin monitors resources and conducts analysis to understand what events on the network slow down its performance. The app is intended to be extremely user-friendly and intuitive. It can be installed via a standard setup that consists of a series of instructional images.

Origin: The makers of Munin claim that it was a raven of Odin, the King of the Gods in Norse mythology, and that it means “memory.” This is actually untrue. Munin was in fact a chronically rabid bear that belonged to Pimtad, the guy who cleaned up for the Norse gods after they finished meals or games of “Let’s Throw a Bunch of Stuff Around.”

Restore Manager

Easily restore backups of such elements as files, email, and databases. You can choose specific files or folders, for example, and restore the selected items all at once. This plugin allows you to go into the backup and make those selections rather than having to download and work with the entire backup.

Origin: Restore Manager was inspired by a store manager reemerging as a beacon of leadership for an Ace Hardware store in Biloxi, Mississippi. Though many people at the time said, “You’re not using the word ‘restore’ correctly,” the manager, Neil Lemon, went against all odds and kept referring to himself by the improper designation.

WHAM! (cPanel #2 Rating)

WHAM! allows management of all of your servers through one control panel. Its features, then, allow you to perform numerous administrative functions with access to all the information and files on your network. Its features include the following:

•    Account location to find account or duplicates of accounts on any of your servers

•    Account management to create, edit, or delete accounts

•    Firewall to disallow access to the system unless requests are coming from specified IP addresses

•    Addition of other users, with the ability to grant certain access privileges

•    Logging of all activities – especially helpful if you have additional users entering the WHAM! control panel

•    Quick and easy configuration & restarting of the cPanel platform

•    Settings that allow modifications to email notification preferences, your timezone, and other parameters

•    DNS-related tools including DNS details, WHOIS lookups, and checks of RBL.

•    Manage cPanel itself – including plugins, domains and subdomains, and email.

This plugin is the second-highest rated app on the cPanel site, with a score of 4.3 out of 5 stars.

Origin: “WHAM!” was Neil Armstrong’s actual statement when he first set foot on the moon. He then made some disparaging remarks about the Russian space program and started complaining about how hot it was inside his spacesuit.

Summary & Conclusion

Check out some of the above plugins. Each of them can make your server administration easier. You can use full-spectrum solutions for management of your network, such as WHAM!, a kind of overlay control panel to place overtop of WHM and pull in all your server information for easy management. You can use any of the ConfigServer options to configure your server. Restoring, monitoring, installing, and getting a sense of traffic stats are all improved with the other user-friendly plugins.

Note that the only way to save cPanel if you do make the mistake of plugging it into itself is to then, in turn, plug the cPanel with cPanel plugged into it back into the original cPanel. This forms a pretzel arrangement that confuses and subdues cPanel. Also please be aware that playing classical music to your network makes it grow faster, so don’t do that.

by Kent Roberts and Richard Norwood

Managed Hosting – Why or Why Not?

 

Multiple racks of servers

When is managed hosting the right option? When you have needs that go beyond what you’d get from a typical hosting account but don’t yet have funds to bring in IT employees to maintain servers. Managed hosting allows you to have your own dedicated server but not have to consider its upkeep each day.

A dedicated server is a sign that your business is building its Web presence effectively. If you have the traffic, you will want to consider switching to a dedicated server. It is better to consider this option sooner rather than later so that you are releasing the bandwidth taken up by increasing visitors.

Mismanaged hosting, popular at TGI Friday’s, relates to sitting another party in Rebecca’s section when Tammy just reminded Angela (the host) that she is supposed to get the next table. In the IT world, it is also offered at our competitors under the name “managed hosting.”

Dedicated Server On-Site

Technical proficiency is needed to manage a dedicated server correctly. If a company does not have an IT department, often the owner or a manager will not have a high enough degree of understanding and will need to hire either an independent contractor or the hosting professionals to assist. If a contractor is chosen, the person of course may not be immediately available during an emergency.

If you do have a dedicated server in-house, you certainly want to consider having someone on-staff trained in IT maintenance – to ensure uptime, a fully secure network, and patching software as needed. Poorly managed sites, just like poorly managed restaurants, can result in disaster. The former can result in your customers being fed malware when they visit your site, and the latter can result in Tammy storming out right as her two-top’s warm pretzels with craft beer-cheese dipping sauce is showing up at the server window. Neither of these scenarios is good for business.

The Managed Hosting Option

With managed hosting, you have a technical team at the hosting center available every day to care for the upkeep of the hardware and software on your server. This support means no downtime without have to bring in a trained professional to assist you at your location. With managed hosting, your dedicated server comes along with dedicated expertise.

If you opt for managed hosting, you can expect not to have to worry about the administration of your network because that comes with the package. You have a 24/7 team watching for any problems that might arise.

In order to implement managed hosting in the IT world, you just need to sign up for it with us or the hosting company of your choice. In the restaurant world, unfortunately, you are going to have to fire Angela and rehire Vanessa, even though she said she was going to move to The Netherlands in April to marry that aimless guy she met online.

Managed Hosting Price Tag

Managed hosting costs more than standard hosting packages do, of course, because there is additional service involved. However, keep in mind the level of expertise that you are getting with your own dedicated server.

When considering managed hosting, if you want to cut your costs, you might want to look at a virtual private server (VPS). With a VPS, you do not get a dedicated server, ie standalone hardware, but you do have isolation of your company’s hosting in a way that’s not possible with shared hosting. When you choose the managed option, of course all support of the server is handled identically as with a managed dedicated plan.

Comparing costs for IT hosting options is always a review of the blend of hardware, software, and support that best fits your company. Comparing costs for restaurant hosting options needs to be run through the proprietary decision-making software corporate requires you to use before hiring or firing any employee.

Fully Managed – What it Means

“Fully managed” hosting has a different meaning for different hosting service providers – it’s essentially a vague term. A customer of one hosting service might have the experience of complete management, whereas a customer at another host might not feel that the IT service they are paying for is in fact “full.” As a general rule, a price tag that is exceptionally low but guarantees full management is too good to be true.

If a fully managed hosting plan is legitimate and can reasonably be described as such, your site will be granted the regular oversight of properly trained and skilled IT individuals. Consistent uptime will be your standard expectation. Technical difficulties will not plague your business. Once you have ordered this type of plan, you will be kept abreast of any new insights or changes – other than that, you are off the hook.

Fully managed hosting, as described above, comes with a range of service levels at different web hosting companies. At the TGI Friday’s on Market Street, it means that you are watching Vanessa like a hawk so she doesn’t derail your chances of earning the quarterly bonus and getting one step closer to going on the cruise to Puerto Rico.

Partial Managed – What it Means

You can probably guess what partial management of hosting involves. Of course with these plans, you need to take a close look to see exactly what you’re getting. Whereas you can have specific expectations with full management to be exempt from server concerns, partial hosting will require more attention from your end.

The potential benefit of partial management is that you will have more of a hands-on experience with the administration of your website. Of course, this is not necessarily what you want for your business. Ensure that you understand the level of support you will receive when contracting for a partial management plan.

Partial management with a web hosting service provider is a matter of you, the customer, and the host each playing a role in the management of the servers that run your site. If you agree to partial management at the restaurant, you can take your wife out on a date and save your marriage rather than obsessing over how Vanessa might let you down and ruin your career advancement to a regional director position.

Pros of Managed Hosting

A business that is small or medium sized but is on the rise can often benefit from managed hosting. It can also be wise for a startup that wants to get off the ground fast without having to deal with the potential snags of tight bandwidth on a shared plan and/or desire for support that needs to be on-demand rather than occasional.

Because downtime and security are such essential concerns of an online presence, managed hosting can be the ideal decision. Placing the support needs with the hosting service means you are releasing that task to a company that specializes in the servers and manages numerous other companies’ sites every day.

Additionally, a managed hosting package involves an entire server – whether an actual physical server or a virtual one (ie a VPS). When you are renting a whole physical server, you get a massive increase in the amount of bandwidth available to your site.

Security is vastly enhanced as well because you’re no longer sharing your server with other businesses. The same can be said, to a lesser extent, with a VPS. Virtualization technology means your site will be securely sectioned off from other sites, and you will still typically see a big improvement in bandwidth, though not to the same extent as you would with your own physical dedicated server.

When looking at web hosting management, you can hire IT experts to help your business function properly on the web via full or partial plans, allowing you to stop thinking about it. With restaurant hosting management, you can and should only stop thinking about it when the cruise ship leaves the dock in Miami and you have a chance to look Tom in the eye and tell him you’re ready to take it to the next level.

Cons of Managed Hosting

The most obvious con of managed hosting is that, as stated above, it will always cost more: you’re taking more of the administrative component and entrusting it to the hosting company. Consider, however, that the servers will need to be managed one way or another – it’s just a question of who does it, your company or the host.

Additionally, you need to be aware in a managed hosting situation exactly what your limitations are regarding data transfer and storage. When you break the limit, you will have additional fees. Of course, these limitations are typical to most hosting packages, but it is something to keep in mind when weighing your general options.

Managed web hosting is not all positive – you need to be aware of the increase in expense and whether that is justified by the increase in support, and additionally you need to consider limitations of any hosting contract, managed ones included. The con of managed restaurant hosting is that you’ve started gritting your teeth at night, and it’s given you TMJ; but if Tom recommends the steak, you’re going to eat it anyway, and you’re not going to wince, because that’s a sign of personal weakness.

Summary & Conclusion

When you look at administration of your web site, you have to decide whether it makes sense to house the server at your own location – which will probably require hiring or contracting an IT professional – or using managed hosting via your hosting service provider. If you decide that managed hosting makes sense, you can either go all-in with a fully managed package or try a partially managed option. Make sure if you choose partially managed that you know exactly what you’re getting in terms of support.

When you look at managed hosting as a solution, examine all the pros and cons to ensure you’re making the right decision. Essentially the pro is a simplified, structured, and dependable management solution put in the hands of professionals implementing those types of services each day. The con is that it’s an additional expense and, like most hosting solutions, involves caps on usage of the system, requiring monitoring to avoid overages.

Mismanaged IT hosting can let you down, but like mismanaged restaurant hosting, you will persevere. Keep your head down, stare hard at Vanessa, and hire a hacker to go into the Dutch guy’s Facebook account and make him look like a lunatic.

by Kent Roberts and Richard Norwood