Connecting to MySQL from external sources + IPTables

MySQLBy default, MySQL only allows local connections. This is due to security, and for the most part works just fine for most people. Ideally you can use things like PHPMyAdmin for things like this, or even command line.

Occasionally people need to connect from externally, either from a web front end, or some other PC, and this also opens things up for anyone else to connect and potentially exploit weak users/passwords, so this is how we do it.

Continue reading

Posted in HOWTO | Comments Off on Connecting to MySQL from external sources + IPTables

Sync live sites to in-house dev servers

One of our customer found it tedious to sync his live websites to his dev servers, it involved using FTP (since he had no version control) as well as the database.
The files were over 2GB by themselves, so it could be a time consuming task. As a result he asked us for a solution, and we were able to provide the following script to help him out.
Continue reading

Posted in HOWTO | 1 Comment

Two Factor Authentication

authenticator-tokenWe have just added optional two factor authentication to the RimuHosting control panel.

You can enable it at

It uses Time-based One Time Password (TOTP) so you will need an application like Google Authenticator or Authy.

To enable 2FA scan the QR code to your TOTP application then enter the 6 digit token your TOTP application presents.

The next time you log in you will be asked to enter your confirmation code.

This setup means that even if someone obtains your password they will still require something you have (e.g. your smartphone with the TOTP application) in order to log in.


Posted in Rimuhosting | Tagged , , | Comments Off on Two Factor Authentication

Preventing brute force WordPress login attacks

wordpress-logo-notext-rgbOver the last month or two we have seen an increase in WordPress brute force login attacks.

The symptom is typically higher CPU usage on your server (often resulting in slower page load times). It can be particularly painful on servers running php through fast CGI (like Plesk server setups).

For a good summary of the issue see:

If you have good, strong passwords set then this will likely not be a security threat to you.  But the CPU usage on those login attempts can be very high and result in lower performance.

You can check if you are affected by taking a peek at your apache logs. e.g. looks for lots of these kinds or requests: Continue reading

Posted in Rimuhosting | Tagged , | Comments Off on Preventing brute force WordPress login attacks

NTP servers and DoS Attacks

NTP servers have been in the news over the New Year, as security sites and social media talk about potential attacks. This is important because many linux servers run ntpd to help keep their clock time correct.

One of the first reports and some solutions are clearly described on litnet ...

In LITNET we recently observed a very interesting NTP attack following the mentioned pattern during which enormous amounts of data was being sent from our stratum 1/2 NTP servers [...] it turned out that it was utilizing 'monlist' query which is a built-in monitoring function providing a history of recent NTP clients. [...] After upgrading our NTP servers the attacks stopped.

There is another really great post here which explains in more detail how such attacks are carried out... Continue reading

Posted in Security | Tagged , , , , , | Comments Off on NTP servers and DoS Attacks – LCA2014 Perth visit (Part 2)

This page is a continuation of Page 1

One thing i will say about perth, it gets fairly hot! The first Monday was about 36C outside, which is pretty bad when you are walking long distance between buildings with a laptop on your back (or in my case, a large 17" laprock!)

Luckily for us, all the rooms were air conditioned. In fact, since im on the subject of the Location, if you are ever in Perth, go down and take a look at The University of Western Australia Continue reading

Posted in Office | 1 Comment – LCA2014 Perth visit (Part 1)

Recently i started talking to an amazing bunch of people, who had proposed, and been accepted to host the next in Auckland, New Zealand. I immediately requested to help, and be a part since i really love this sort of thing, and i want to give back.

Since the whole idea was still very Secret Squirrel and had not been publicly known, we had to keep hush until it was formally announced. The Announcement was going to be at in 2014 Perth.
With that in mind, i harassed my boss into providing funds to get me over (which he did of course), allowing me to learn the ropes of how an LCA was run. Continue reading

Posted in Office | Tagged , | 1 Comment

Now accepting bitcoins

rsz_1bitcoinlogo1000Currently is trial/manual mode. You can make a one off account payment with Bitcoins per the details on our payment page.

As an introductory offer we will add an extra 20% credit on payments up to 1BTC.

Posted in Rimuhosting | Comments Off on Now accepting bitcoins

Start up Stories: Cashboard

cashboard_logo_squareWhat is Cashboard?

Cashboard is invoicing software that also handles employee timesheets, estimates, and online payments. It's geared towards freelancers and small businesses.

Who are you, what is your role at Cashboard?

I'm the founder, main designer, and engineer of Cashboard. Sometimes I play server admin too, but usually I have to email you guys to bail me out when things get wild.

What did you do before Cashboard?

I started my tech career in 1996 at a small web hosting firm, then worked for Hewlett Packard, and a variety of "dot com" startups in and around San Francisco.

Around 2003 I started freelancing - providing user interface design, usability testing, and front-end engineering to startups around the Bay Area.

In 2004 I created a fairly popular Ruby on Rails shopping cart package called Substruct. Substruct allowed me to stop working on-site at other companies, and assisted the transition into developing products instead of one-off websites for other people.

Who are the other key people involved during the startup phase?

What was the thing that made you decide to 'do' cashboard?

[I'll combine the answers here because they're closely related...]

As a UI specialist, I had the opportunity to work with a variety of startups - mostly funded "dot coms" from right before (and during) the big crash. Being a hired gun, I was usually brought in to rethink poorly designed software systems.

Of all those experiences, I can't recall a single instance where a solution I designed was properly implemented. Disagreements mostly occurred due to engineering pushback or lack of stakeholder buy-in. The idea to build products of my own that could generate recurring, passive income was born from that dysfunctional process.

Working as a freelancer and then as a project manager, I was constantly sending proposals and billing clients with templates I created in Adobe InDesign. I didn't have a really good system to organize all of it, and I couldn't find an existing solution that I liked.

There were perhaps 2-3 other products in the space at that time, but none of them handled the entire workflow of sending a project estimate, tracking time, and invoicing for it.

I built Cashboard to solve my business needs, and other people seemed to enjoy the way it was designed. We launched in 2007 and the rest is history.

What were some of the key milestones/challenges getting started?

How did you overcome them?

My main challenge getting started was finding the time to work on Cashboard. Looking back, I did it probably the most irresponsible way possible. I'd saved up a few thousand dollars from freelancing, stopped taking jobs all together and decided I'd do nothing else until I could launch.

I started in November, 2006 and figured I'd have a working solution done in 2-3 months. Of course, as everyone in software knows projects routinely go over budget, and this this was no exception. It took until April 2007 before I launched and accepted my first income.

During that 6 month process I had to move out of my apartment, take out a couple credit cards, and finally apply for a $15,000 line of credit. That money went to fund my rent/office (a studio apartment), food, contractor help, business startup fees, and hardware / software purchases.

I was fortunate to be semi-well known in the Ruby community at that time, so blogging about the process and speaking at meetups really helped build anticipation for the app. Another good move was integrating with Basecamp and developing a Desktop Timer Widget for Mac OS X, which drove a ton of traffic to Cashboard during the early days.

As your service matured, what have you found is different?

Are things easier? Are you finding new challenges?

One huge misconception about running your own business (especially software) is that at some point things get "easier". There's always new challenges to be tackled.

I'm constantly working to set Cashboard apart from the rest of the pack in the invoicing space and building awareness for what we do. Once you get to a certain point you have to start worrying about scale and performance tuning, growing your organization, and bringing on quality people to help with the project. That's the place I'm at currently.

Describe your server setup.

Right now Cashboard runs on 3 servers: one for MySQL and two app servers. All three are privately networked at the Dallas colo facility. We run background jobs for sending email, data imports, and email processing on one of the app servers. The other handles all of the web requests.

Our app servers were originally running fastcgi/ruby, then mongrel, and finally we've settled on an Apache + Phusion Passenger + Ruby Enterprise Edition stack. Sometime in the near future we'll probably move onto Nginx, as I've used it on a couple of other projects and the memory overhead + response times are more favorable for our needs.

Every machine we host at Rimu runs Linux in dedicated machines on VMs, for easy backup and replication. I love the ability to move virtual machines, tweak memory and disk size through your control panel.

Describe ways RimuHosting contributes to your setup

What haven't you guys helped with? I started out managing most of the servers myself, but I'm definitely not a Linux expert by any means.

You've assisted in the past with tuning my hardware setup, SSL certificates, finding bottlenecks, and just general troubleshooting that I'd never be able to figure out on my own.

It's great to have the luxury of emailing the Rimu support staff at any hour and get a speedy response to any crazy question I have. There have been multiple instances of me hysterically contacting support with an "URGENT" problem, and everyone is always very responsive and calm.

I can't thank Liz, Paul, Andrew, and the rest of you gurus enough!


If you want your startup story posted on our blog, check out this post here

Posted in Rimuhosting | Comments Off on Start up Stories: Cashboard

CPanel Upgrades break Cookie IP validation

A few people have done upgrades on their WHM/CPanel found the default change to 'Cookie IP validation' is now giving them the message that their IP address has changed. The easy fix is to change this from Strict to Loose, however if you are unable to login to the admin panel this may be a little harder to fix.

The easy/quick way to fix it via the command line is as follows. Log in via SSH, and edited the file /var/cpanel/cpanel.config

Change the line that says


and make it


Then run
/usr/local/cpanel/whostmgr/bin/whostmgr2 --updatetweaksettings

If you need any further help, pop in a support ticket

Posted in HOWTO | Tagged , , , , , | Comments Off on CPanel Upgrades break Cookie IP validation