Ubuntu 12.10 Quantal Quetzal install images

We are proud to announce the release of the new installer images for Ubuntu 12.10 Quantal Quetzal Server Edition. It is available as an reinstall option for existing servers, or in the new servers orders page

The version is intended for those looking at getting newer versions of the packages for the 12.04 LTS (long term support) image. The trade off is that it is not LTS, having only 18 months of package updates from Ubuntu.

On the server-side there is not too much new or remarkable in the 12.10 image.  Most packages get minor updates.  We have provided a new kernel 3.6.4 for these images.  The install comes with a refreshed Python 3.2.

Posted in Rimuhosting | Tagged , , , , , , , | Comments Off

Custom VPS Image via API

The RimuHosting server management API can be used to create new servers (and shut them down and reinstall them and more).

The API lets you pass in scripts that run during setup.  And to provide links to external files.

This lets you do some interesting things.  Like using the API to setup a custom image.  Maybe a snapshot of a server you have.  Or migrating a dedicated server image to a VPS image.  Or installing a TurnKey ISO.  Or grabbing an image of a distro type we do not offer as standard.  Or deploying a custom image you have created for your distributed web service.

The below script accepts a filesystem image from a URL with a zip, tar.bz2, tag.gz or iso which will be used to populate the VPS filesystem. This needs to be a live system image (not an installer).

Continue reading

Posted in Rimuhosting | Tagged , , , | Comments Off

New Relic Shirts and Goodies Arrived

Today a box arrived apon my doorstep, i was super excited when i saw the New Relic stickers on the outside! I took it to work, and opened it to find a slew of goodies including shirts, bottle openers, can coolers, stickers galore!

I carefully went around every ones desk in the office sharing out the goodies so when they came in they had a nice surprise when they arrived at work.

Everybody was super happy with their new shirts, and other bits and pieces, huge thanks go out to the guys at New Relic!

Back Row: Eugene, Peter, Erwin, Glenn
Front Row: Juan, Paul

Posted in Office | Tagged , , | Comments Off

Finding Exploits and Trojan php hacks on a website

Its always unfortunate when you are exploited, and the best method to fix a site is to wipe and restore from a known backup as well as track down the entry point they gained access and fix it.

Sometimes you need to 'clean' a site of these files before migrating things over however , or to keep the site going for a short time until you are able to do this. This is what this HOWTO is for, keeping things going for a short time until you can track down the entry point, or migrate/upgrade the site and get it back online.

I use multiple methods to identify scripts, and even doing so there will probably be things that are missed. Here are the ones i usually use
Continue reading

Posted in HOWTO, Security | Tagged , , , , , , , | 4 Comments

Servers for Hurricane Sandy refugees

Has your hosting been affected by Hurricane Sandy?  We would like to offer you free hosting.

Order a server from http://launchtimevps.com

In the order comments say "My server xyz.com is affected by Hurricane Sandy.  May I please have the $50 credit."

We will verify that server has been 'Sandy-ized', apply the credit and setup your server.

You will not be required to make any payment until after the credit runs out (typically in 1-2 months depending on what server you order).  You can cancel and shutdown the server at any time.

If you have any questions, just let us know here (in the comments) or in live chat at http://rimuhosting.com/chat.jsp

Posted in Rimuhosting | 2 Comments

Blocking malicious crawlers or scrapers in Apache

Occasionally we see a customer who has a popular website that often gets people trying to crawl it and copy the lot, This has the unfortunate side effect that its hammering the site.

Made worse only by dynamic pages and loops this can literally take down a server in some occasions. Often you can slow them down by putting something in a robot.txt in the DocumentRoot like this

User-agent: *
Crawl-delay: 5

You can even use various geoip blocking techniques and firewalls, though these are harder and more complex.

If you are unlucky then you need to take another form of action. You can manually block these when you see them in the logs, but if you are getting hit by them a lot it may pay automate blocking them.
In one such case a user had taken every option he could to block them, including firewalling entire countries from his server. This is what we ended up resorting to
I put the following code into a script called crawlerblock.sh and ran it on a crontab every 5 minutes.

#!/bin/bash
# This is the threshold they get blocked at
threshold=2500
# logfile to parse
apachelogfiles="/var/www/vhosts/site1.com/statistics/logs/access_log /var/www/vhosts/site2.com/statistics/logs/access_log"
 
if [ ! -f /tmp/cb.txt ];
then
touch /tmp/cb.txt
fi
 
timestamp=$(date)
for logfile in $apachelogfiles ; do
        /bin/cat ${logfile} | /usr/bin/awk '{print $1}' | /usr/bin/sort | /usr/bin/uniq -c | /usr/bin/sort -n | /usr/bin/tail | while read line
        do num=$(echo ${line} | /usr/bin/awk '{print $1}')
        ip=$(echo ${line} | /usr/bin/awk '{print $2}')
        # echo Num ${num} and IP ${ip}
        if [ $num -gt $threshold ];then
                if ! /bin/grep -Fxq ${ip} /tmp/cb.txt
                then
                        echo ${timestamp} detected bot from ${ip} - blocking >>/var/log/messages
                        /sbin/iptables -I INPUT -s ${ip} -j REJECT
                        echo ${ip} >>/tmp/cb.txt
                fi
        fi
        done
 
done

This script basically searches for anyone who has hit the server over 2500 times in your current log. That number is changeable if you want more or less leeway, and it would be easy to adapt that to ignore local ips or similar (just add in a grep -v 127.0.0.1 in the line under timestamp).

If you used this regularly it would probably help to remove the ip cache from /tmp/cb.txt and save the iptables every now and again.

Let us know if you need this setup at all on your VPS by dropping in an email to support.

Note: this script was made to work on debian based system, may need paths tweaked for other distros

Posted in HOWTO | Tagged , , , , , , , | Comments Off

Finding spam sending PHP scripts on your server

PHP LogoEveryone has the occasional user who may leave something on their server that may send spam, or not update things as fast as they should. Tracking down the spammer can be a real problem though.
Sometimes you can track down the domain, but not the script, other times they may have so many files that its nearly impossible.

Continue reading

Posted in HOWTO | Tagged , , , , , | 5 Comments

Installing Oracle RDBMS Server

Oracle is a very popular database.  Particularly for enterprise customers running on dedicated servers with lots of CPU and fast RAID setups.

This tutorial will guide you to install Oracle database server on CentOS Linux distro.  Hopefully the steps are simple enough that even a technically minded non-DBA can get the database installed.

Oracle RDBMS can use quite a bit of server resources.  So for reliability and best performance we recommend that Oracle is installed only on one of our dedicated servers (or VPS-on-dedicated server) setup (rather than on our shared VPS hosts).

If you get stuck or just need Oracle RDBMS installed, simply pop in a support ticket for our sysadmin team to do the install for you.

1) Install openmotif.  So you will have a window manager and when a pop-up or dialog window appears during installation you will be able to switch to it or interact with it. Firefox is needed to download Oracle 11gR2 installer when you don't have the cd media installer and the rest of the other packages are required part of the software requirements. Take note some packages that will be installed are a mix of i686 and x86_64 packages as noted in the manual under Package Requirements. You can also check a screenshot below of Prerequisite Checks - Step 8

Continue reading

Posted in Rimuhosting | Tagged , , , | 1 Comment

Zonomi DNS TTL improvements

There have been a few updates to the Zonomi service (and RimuHosting's DNS as well after the next code push there).  These changes have been added to help address improve the service for a few 'niche/advanced' users.

Time To Live (TTL) edits

TTL values tell name servers how long they can cache DNS results before they need to re-query for updates.
Continue reading

Posted in Rimuhosting | 2 Comments

WordPress mass update script 3.4.2

This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version.
It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites have a lot of uploaded files).

It pays to check each site after the upgrade to make sure plugins all worked (and upgrade plugins before the upgrade works also!)

Let me know if you have any bugs at all, or any problems.

Here’s your script to upgrade them all.

wget http://b.ri.mu/files/wordpress-upgrade.sh
bash wordpress-upgrade.sh

MD5
d2e204576652457fd543c6ae3587941a wordpress-upgrade-3.4.2.sh

SHA1
8276bec77e19ee752d2cbfe51f32310d63115bfa wordpress-upgrade-3.4.2.sh

If you find any bugs or problems, just let me know at liz at rimuhosting dot com. I have now renamed the script to wordpress-upgrade.sh for easy future memorability (using symlinks to link to the latest version)

Posted in Security | Tagged , , , | 2 Comments