Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«120 »
  • Post
  • Reply
wargames
Mar 16, 2008

official yospos cat censor


Bob Morales posted:

Alright, so this company just finished creating our AWESOME NEW CORPORATE WEB SITE, using WordPress, and they plan on going live with it in a month or so.

Where should we host it?

Is it worth doing Wordpress.com?

Do they handle all the updates, etc?

Should I just throw it on a Linode?

Would it be completely stupid to use something like Hostgator? We don't get much traffic and our e-commerce is all B2B and on another site.

digital ocean is also suppose to be pretty good but i do use linode and they have been pretty good.

Adbot
ADBOT LOVES YOU

nem
Jan 4, 2003

Managed + self-hosted hosting platforms since 2002.


Anything but EIG. If you go VPS, and a VPS is a VPS, make sure - at the bare minimum - you enable automatic OS updates, install fail2ban, enable recidivism, and use WP CLI to check and rollout updates nightly. Otherwise youíve got a pretty slick corporate site for 9 months until bitrot sets in.

mewse
May 2, 2006



Bob Morales posted:

Alright, so this company just finished creating our AWESOME NEW CORPORATE WEB SITE, using WordPress, and they plan on going live with it in a month or so.

Where should we host it?

Is it worth doing Wordpress.com?

Do they handle all the updates, etc?

Should I just throw it on a Linode?

Would it be completely stupid to use something like Hostgator? We don't get much traffic and our e-commerce is all B2B and on another site.

If you haven't used wordpress, it's a pretty standard LAMP app with decent features for running its own updates.

That said you need to be diligent about patching and wordpress.com might be easier.

I've only used it for zero traffic personal sites, not company websites.

Bob Morales
Aug 18, 2006

This post is good to go


We're running Joomla now...barf. Along with a Wordpress site and a Blogger site. gently caress.

Three-Phase
Aug 5, 2006

by zen death robot


General hosting question: for smaller web hosts (including the EIG hosts) - if someone has a cancelled credit card and hosting tries to renew, hosts generally just suspend services, right?

I have two domains on an EIG host that are expiring (I donít need them anymore) and my concern is despite cancelling the associated credit card and setting the domains to NOT auto-renew they are going to try and renew them anyways. Then they send me to collections or something like that. (I did check their TOS and it looks like without payment they donít renew domains and suspend hosting services, sort of like a prepaid phone.)

I am just curious if that billing approach is industry-standard for small hosts.

Also for transferring domains - thereís a 60-day wait period (change of registrant lock) if certain WHOIS information changes. Does that also apply if a privacy service is turned off for a transfer? That means you need to shut off privacy on the domain, wait 60 days, THEN you can transfer out.

Also I am amazed that EIG is still solvent at all and investors are pumping money into them.

Three-Phase fucked around with this message at May 7, 2018 around 12:00

nem
Jan 4, 2003

Managed + self-hosted hosting platforms since 2002.


Three-Phase posted:

General hosting question: for smaller web hosts (including the EIG hosts) - if someone has a cancelled credit card and hosting tries to renew, hosts generally just suspend services, right?
Generally, yes. Validating such a small debt isn't worthwhile unless the host has it out for you.

quote:

I have two domains on an EIG host that are expiring (I donít need them anymore) and my concern is despite cancelling the associated credit card and setting the domains to NOT auto-renew they are going to try and renew them anyways. Then they send me to collections or something like that. (I did check their TOS and it looks like without payment they donít renew domains and suspend hosting services, sort of like a prepaid phone.)
Checking the Reddits, EIG doesn't, but 1and1 does. They're not EIG, but equally poo poo; incredible that people get lassoed in by them. I'd check in with EIG's aggregate Tempe support to verify. Most likely not, but in this climate with EIG hemorrhaging cash and the board ejecting its founder after continuous dismal 10k reports... god knows how cutthroat they've become.

quote:

Also for transferring domains - thereís a 60-day wait period (change of registrant lock) if certain WHOIS information changes. Does that also apply if a privacy service is turned off for a transfer? That means you need to shut off privacy on the domain, wait 60 days, THEN you can transfer out.
I'll let DarkLotus handle this. He's got way more experience with domain registrars.

quote:

Also I am amazed that EIG is still solvent at all and investors are pumping money into them.

It's just a really really really big balloon that's taking time to deflate. They're suffering - consolidating brands such as eHost, canning support in Provo, jacking up prices, cutting billing confirmation notices, and trying to save what's left. Really, good riddance. They destroyed shared hosting by trying to maintain pole position with Dreamhost that introduced "unlimited" hosting by way of CephFS. It was janky and slow as poo poo, but at least "unlimited" on paper. EIG? Not at all. Go no further than the legal agreements to learn what "unlimited" means to them.

DarkLotus
Sep 30, 2001

Lithium Hosting
Personal, Reseller & VPS Hosting
30 day no risk Free Trial!


Three-Phase posted:

Also for transferring domains - thereís a 60-day wait period (change of registrant lock) if certain WHOIS information changes. Does that also apply if a privacy service is turned off for a transfer? That means you need to shut off privacy on the domain, wait 60 days, THEN you can transfer out.

Disabling privacy protection will not trigger a 60-day hold unless you actually update the registrant contact info.
The hold is not triggered by changing what the public sees, only what is actually set for your domain.

Three-Phase
Aug 5, 2006

by zen death robot


Nem - thank you very much for that information.

DarkLotus posted:

Disabling privacy protection will not trigger a 60-day hold unless you actually update the registrant contact info.
The hold is not triggered by changing what the public sees, only what is actually set for your domain.

OK, now that's something I wasn't aware of. Interesting, thank you!

DarkLotus
Sep 30, 2001

Lithium Hosting
Personal, Reseller & VPS Hosting
30 day no risk Free Trial!


Three-Phase posted:

OK, now that's something I wasn't aware of. Interesting, thank you!

Yeah, ID / Privacy Protection just masks your whois information and doesn't actually update the registrant or other contact info.

Three-Phase
Aug 5, 2006

by zen death robot


These two domains have been derelict (nothing hosted on them) for a long time and have pretty much nil resale value (oddball names > 8 character .com and nil search metrics) so I am just going to let them expire. Made sure that any accounts tied to old email were moved to third-party mail services (gmail, iCloud, etc.)

Web hosting just isnít for me, at least doing stuff at this lower level. Too much stuff you have to watch very carefully and EIG hasnít helped. But it has taught me a lot of respect for people who have the responsibility of managing web hosting and all the challenges and pitfalls.

Three-Phase fucked around with this message at May 8, 2018 around 14:36

Syfe
Jun 12, 2006



I was going to try out lithium hosting for the leecher trial they have, but apparently I had some phonecall/SMS stuff I didn't catch and now I can't even participate in the leecher, I can only start a payment plan? talk about sadness.

DarkLotus
Sep 30, 2001

Lithium Hosting
Personal, Reseller & VPS Hosting
30 day no risk Free Trial!


Syfe posted:

I was going to try out lithium hosting for the leecher trial they have, but apparently I had some phonecall/SMS stuff I didn't catch and now I can't even participate in the leecher, I can only start a payment plan? talk about sadness.

You should submit a ticket, it's an easy fix

Three-Phase
Aug 5, 2006

by zen death robot


Hey, one additional question about domain expiration:

When a domain expires and isnít renewed, does WHOIS show the last ownerís information, or does it generally revert to the original hosting companyís contact information, or something completely different?

DarkLotus
Sep 30, 2001

Lithium Hosting
Personal, Reseller & VPS Hosting
30 day no risk Free Trial!


Three-Phase posted:

Hey, one additional question about domain expiration:

When a domain expires and isnít renewed, does WHOIS show the last ownerís information, or does it generally revert to the original hosting companyís contact information, or something completely different?

A domain expires on it's expiration date, for 36 days it is in the renewal grace period, then 30 days of redemption and another 5 or so for deletion.
During all of that time, it shows the current/last owner's registrant and whois info. Once it is deleted, it can be immediately purchased by a new registrant.


**Those numbers are not exact and vary by TLD.

Three-Phase
Aug 5, 2006

by zen death robot


Ugh thatís great since domain privacy will disappear and since I cancelled the registration I cannot edit my information. I did change the email and phone to a ďburnerĒ google voice and email addresses before cancelling at least so thatís good. Iím just paranoid about privacy I guess.

I canít wait until this albatross is off of my neck. Thanks again for the clarification.

sleepy gary
Jan 11, 2006



Three-Phase posted:

Ugh thatís great since domain privacy will disappear and since I cancelled the registration I cannot edit my information. I did change the email and phone to a ďburnerĒ google voice and email addresses before cancelling at least so thatís good. Iím just paranoid about privacy I guess.

I canít wait until this albatross is off of my neck. Thanks again for the clarification.

Can't you just re-register it for a year with some fake information (since you don't care about the domain anyways, it doesn't matter if you are violating the registrar's ToS...)?

Three-Phase
Aug 5, 2006

by zen death robot


Thatís one idea. Part of the problem is itís an Endurance host that I want to have as little to do with as possible. So almost every solution is a bit ďdamned if you do, damned if you donítĒ.

My understanding with the TOS is pretty quick after expiration they will take over the domain for auctioning and stuff, try and see if they can flip it for a profit (this is part of the TOS, once it expires it becomes their property and they can put their corporate info into the WHOIS record.) So itís sort of like the domain doesnít really expire, it just becomes EIGIís property to resell or put up a parking page.

I also leaned recently that there are paid services that can provide an ďownership historyĒ of a domain going way back, so if someone registered a domain and then tacked on privacy, their information could still be determined.

It is a bit silly this whole thing since the only info thatís really confirmed is the email address used. I also thought there was going to be a huge WHOIS blackout due to the European privacy stuff but GoDaddy is like ďNAAAAHHH ainít gonna do that brahĒ.

Three-Phase fucked around with this message at May 26, 2018 around 14:00

Triglav
Jun 2, 2007

IT IS HARAAM TO SEND SMILEY FACES THROUGH THE INTERNET


Does anyone have any experience with Vultr's $2.50/mo plan? https://www.vultr.com/pricing/

I'm just looking to serve static files with Nginx while running a couple cron jobs.

Has Vultr ever shown themselves to be lacking in their security, like Linode?

Rufus Ping
Dec 27, 2006





I'm a Friend of Rodney Nano


Triglav posted:

Does anyone have any experience with Vultr's $2.50/mo plan? https://www.vultr.com/pricing/

Yeah it's only available in certain locations and permanently "out of stock" in others, something I only learned after depositing money in my account

Triglav
Jun 2, 2007

IT IS HARAAM TO SEND SMILEY FACES THROUGH THE INTERNET


Yeah, I see that now. It's only available in New Jersey and Miami. Doing some reading online, it seems consensus is the plan is mostly a marketing gimmick, and they limit them so too many people don't downgrade from $5/mo to $2.50/mo.

I'm still curious about the plan, though.

StabbinHobo
Oct 18, 2002

nothing beats the hobo life, stabbin folks with my hobo knife

hey research question, do any of you actually want to deal with vps poo poo? what stops you from heroku or app-engine-ing your thing?

like if you could just rsync php files somewhere and then load them in a browser... what else do you actually want?

Triglav
Jun 2, 2007

IT IS HARAAM TO SEND SMILEY FACES THROUGH THE INTERNET


I went ahead and got a $2.50/mo Vultr yesterday. So far it seems fine. Stressing it locally, top shows nginx using 10% CPU and 0.4% RAM to serve 1000hits/sec with 0ms response time. You get a static IPv4 with it, their web frontend is clean, with usage charts, a terminal, a reboot button, easy snapshots, etc, and you can add their backup solution for $0.50/mo (or just do it yourself).

Bob Morales
Aug 18, 2006

This post is good to go


I have a $5 vultr that I have ran for almost two years, switched from DO because it would lose or have very slow networking at times. Just use it for some static web hosting, irssi, socks proxy for surfing at work, and loving around with Linux/programming

skipdogg
Nov 29, 2004
Resident SRT-4 Expert


Might not be the best place for this, but any good ideas for an email host for say a family? I want to buy a domain for us and then create email addresses for each of us and then some aliases/groups as well. LIke parents@domain.com goes to both me and my wife. I'm probably better off going gsuite or outlook premium. No webhosting needed, just email. Don't really need email storage in fact, email forwarding to our personal gmail addresses would work as well. Just want something easier to use online than blahblah12389@yahoo or whatever.

I do have an OLD google apps standard account good for up to 50 users, I don't think you can change the domain though. I'm looking into maybe using that

ChubbyThePhat
Dec 22, 2006

Who nico nico needs anyone else


skipdogg posted:

Might not be the best place for this, but any good ideas for an email host for say a family? I want to buy a domain for us and then create email addresses for each of us and then some aliases/groups as well. LIke parents@domain.com goes to both me and my wife. I'm probably better off going gsuite or outlook premium. No webhosting needed, just email. Don't really need email storage in fact, email forwarding to our personal gmail addresses would work as well. Just want something easier to use online than blahblah12389@yahoo or whatever.

I do have an OLD google apps standard account good for up to 50 users, I don't think you can change the domain though. I'm looking into maybe using that

You could always setup O365 with Exchange Online licenses. That way you only get the mailbox and not the software licensing. Then just verify your domain in the tenant and boom done.

Methylethylaldehyde
Oct 23, 2004

BAKA BAKA


skipdogg posted:

Might not be the best place for this, but any good ideas for an email host for say a family? I want to buy a domain for us and then create email addresses for each of us and then some aliases/groups as well. LIke parents@domain.com goes to both me and my wife. I'm probably better off going gsuite or outlook premium. No webhosting needed, just email. Don't really need email storage in fact, email forwarding to our personal gmail addresses would work as well. Just want something easier to use online than blahblah12389@yahoo or whatever.

I do have an OLD google apps standard account good for up to 50 users, I don't think you can change the domain though. I'm looking into maybe using that

O365 is super nice for that, because you can also do the usual exchange crap, like contacts, mail aliases, and so on. About the only thing to keep in mind is to make drat sure your registrar PW is secure, and keep the contact details up to date.

Axiem
Oct 19, 2005

I want to leave my mind blank, but I'm terrified of what will happen if I do


skipdogg posted:

Might not be the best place for this, but any good ideas for an email host for say a family?

Fastmail can handle this sort of thing, I'm pretty sure. I've never been anything but happy with them, and I've used them for over a decade at this point (though not always with a custom domain, and I haven't done any of their multiple-user things)

Rocko Bonaparte
Mar 12, 2002

Every day is Friday!


Is there something I can host on my own stuff that is similar to meetup or evite? I'd basically want to send out private party invitations with email confirmations.

On another note, I am noticing a lot of failed login attempts to my Wordpress site from AWS systems. Is there a way to ban HTTP requests from AWS entirely?

nem
Jan 4, 2003

Managed + self-hosted hosting platforms since 2002.


Rocko Bonaparte posted:

Is there something I can host on my own stuff that is similar to meetup or evite? I'd basically want to send out private party invitations with email confirmations.

On another note, I am noticing a lot of failed login attempts to my Wordpress site from AWS systems. Is there a way to ban HTTP requests from AWS entirely?

You'd clutter your iptables if you tried to ban all of their networks. I'm partial to using mod_evasive + fail2ban as a sieve to iptables. Set DOSPageCount low (10) and DOSSiteInterval to something that no reasonable human would do, like 2. Whenever the same page is requested 10+ times in a 2 second interval it emits a message to /var/log/messages, fail2ban picks it up and bans their rear end. You could also use WP fail2ban that works off the same idea on a narrower scope.

Rocko Bonaparte posted:

Having set up Apache on a VPS over the weekend, I assume then that we're probably not going to see a really solid free, open-source cpanel alternative due to all the secret sauce that has to be constantly updated behind the scenes for all the tools it supports.

Incidentally came here to bring this up. Finished a rough cut of apnscp provisioning playbooks last night. There are still some bugs to ferret out over the next week during live testing. It takes a pristine CentOS/RHEL environment, installs some packages, reconfigures services, and sets up a firewall; yet, it's still some 5500 lines of yaml. The panel is a whole different beast of complexity and a good indicator why a free panel is untenable.

nem
Jan 4, 2003

Managed + self-hosted hosting platforms since 2002.


apnscp technical preview has launched. It's everything but the admin interface, which will be included in the pre-alpha, along with DNS providers for Cloudflare/DO/Linode + Ghost/Laravel web apps. I sent out licenses to those who signed-up that I recognize from the forums. Send me a PM if I missed you.

JosephMullen
Jun 13, 2018


You guys heard of Frantech or buyvm as they are called now. They're really stable. I've been with them for about a year now.

Tiny Faye
Feb 16, 2005

Are you ready for an ORGAN SOLO?!


If you want to kick the tires on DigitalOcean it looks like there is a $300/60-day credit that is part of this dev pack:
https://pusher.com/developer-package

CarForumPoster
Jun 26, 2013


https://aws.amazon.com/activate/

I signed up for AWS a few weeks before applying to the above linked program and got $1000 in credit in about a week. They literally gave my company $1000 in AWS credit. If you have a startup it rules.

Bob Morales
Aug 18, 2006

This post is good to go


Vultr is having issues in Chicago. Bleh.

mewse
May 2, 2006



I made a major breakthrough with spamassassin today on my personal vps.

I have diligently trained the bayes classifier, but spam was still hitting my inbox with a header like this:

code:
X-Spam-Status: No, score=3.7 required=5.0 tests=BAYES_99,BAYES_999,
	HTML_MESSAGE,T_REMOTE_IMAGE,UNPARSEABLE_RELAY autolearn=no autolearn_force=no
	version=3.4.0
So the bayes classifier was 100% certain this was spam but spamassassin was still letting it through.

This is on debian btw. I found I had previously uncommented these lines in /etc/spamassassin/local.cf:

code:
#   and a well-trained bayes DB can save running rules, too
#
#   enabling these -mewse 2017-08-20
shortcircuit BAYES_99                spam
shortcircuit BAYES_00                ham
This clearly wasn't working, probably because the Shortcircuit plugin wasn't enabled. I grepped the /etc/spamassassin directory for Mail::SpamAssassin::Plugin::Shortcircuit and found a loadplugin line in v320.pre that was commented out.

The header of this .pre file explains that when they add new plugins they'll add a new v###.pre file where you can enable the new plugin so they aren't constantly modifying init.pre.

Enable the plugin by uncommenting:
code:
# Shortcircuit - stop evaluation early if high-accuracy rules fire
#
loadplugin Mail::SpamAssassin::Plugin::Shortcircuit
Reload spamassassin:
code:
service spamassassin restart
It works!

code:
Content analysis details:   (103.5 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 100 SHORTCIRCUIT           Not all rules were run, due to a shortcircuited rule
                            [score: 1.0000]
 3.5 BAYES_99               BODY: Bayes spam probability is 99 to 100%

nem
Jan 4, 2003

Managed + self-hosted hosting platforms since 2002.


Look into rspamd, its algorithm is better at matching spam and faster too. SA requires a ton of samples, both ham and spam, to be effective.

mewse
May 2, 2006



nem posted:

Look into rspamd, its algorithm is better at matching spam and faster too. SA requires a ton of samples, both ham and spam, to be effective.

Yeah I'm gonna switch when I move to the new ispmail guide for the next debian release, I already have a new VPS, just need to get off my rear end. I've never liked spamassassin and it's resource consumption, I just wanted to share the solution to something that was a problem for literally a year

nem
Jan 4, 2003

Managed + self-hosted hosting platforms since 2002.


I've built a simple benchmarking script for cloud providers and curious as to what you get for bootstrap time. It stresses CPU/network/disk and provides a good baseline on single CPU. Multiple CPUs will speed up some compilation processes (PHP, Ruby, Python, Passenger from source). If you're spinning up a new CentOS server and have 90 minutes to burn, benchmark and time it for me pretty please or submit a PR directly.

code:
curl https://raw.githubusercontent.com/apisnetworks/apnscp-bootstrapper/master/bootstrap.sh | bash
code:
IFS=$'\n' ; DATES=($((tail -n 1 /root/apnscp-bootstrapper.log | grep failed=0 ; grep -m 1 'u=root' /root/apnscp-bootstrapper.log ) | awk '{print $1, $2}')) ; [[ ${#DATES[@]} -eq 2 ]] && python -c 'from datetime import datetime; import sys; format="%Y-%m-%d %H:%M:%S,%f";print datetime.strptime(sys.argv[1], format)-datetime.strptime(sys.argv[2], format)' "${DATES[0]}" "${DATES[1]}" || (echo -e "\n>>> Unable to verify Bootstrapper completed - is Ansible still running or did it fail? Last 10 lines follow" && tail -n 10 /root/apnscp-bootstrapper.log)
You can wipe the server afterward.

So far what I've gathered between comparably priced 2 GB/1 CPU DO/Linode/Vultr instances:

  • Vultr performs best, about 1 hour 7 minutes
  • DO 1 hour, 39 minutes. 2x CPU was worse at 1 hour 47 minutes. High throughput CPU line (2x cost, same cost as 2x CPU) performed well at 1 hour, 7 minutes. Double the price of Vultr.
  • Linode was consistently average at 1 minute 19 irrespective 1 or 2x CPU

AWS t2.small is a comedy option. Still working through that. It's on SSD, but takes around 4 hours to complete and disk speed is reporting a paltry 40 MB/s.

jre
Sep 2, 2011

To the cloud ?






asking people to pipe curl into bash is shameful.

Adbot
ADBOT LOVES YOU

nem
Jan 4, 2003

Managed + self-hosted hosting platforms since 2002.


jre posted:

asking people to pipe curl into bash is shameful.

Sure. Thatís why the source is on Github. You can wget and invoke from shell if thatís your thing too. Or clone the repo or just check the SHA2...

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«120 »