We have a number of customer using MySQL replication. For the uninitiated, replication copies changes from a master server to a number of slave servers. This makes scaling your service mush easier and helps improve redundancy and failover. An introduction to setting that up is available in our Mysql Replication guide.
Once you have replication running it is easy to check if the slave servers are keeping up, and not reporting any errors. For example on one of the slave servers you might Continue reading
A lot of people use WordPress, and seemingly a lot forget to click the upgrade button regularly enough and find they are exploited. In an ideal world, you would click that button whenever you see it needs updates, and have copious amounts of good backups. However, sometimes these things do not happen, and you need to bring the site back from being exploited, and you need it done quickly.
This is a how to, which will explain the quickest and best method for upgrading those sites and getting them back online.
Step 1: Disable the website, either in the apache config, or point it to another DocumentRoot with a 'be back soon' page somewhere.
We have had a customer who is not overly technical wanting these instructions. Since i thought he was probably not the only one wanting a simple step by step instruction on how to install drupal on plesk easily, i though i would put them on the blog for anyone else interested
We have noticed a couple of people running older tomcat 5.5 installs, and these are being exploited . The main thing we noticed were slowdowns on bandwidth as well as CPU along with a few odd other things running as tomcat user
www-data 20654 0.0 0.6 38616 8004 ? S 21:26 0:00 \_ /usr/sbin/apache2 -k start
www-data 20655 0.0 0.5 38468 7488 ? S 21:26 0:00 \_ /usr/sbin/apache2 -k start
www-data 20696 0.0 0.5 38468 6952 ? S 21:43 0:00 \_ /usr/sbin/apache2 -k start
tomcat55 18323 66.6 0.1 349368 1432 ? Ssl 10:53 448:28 ./gg
doing an lsof -p pid shows
root@prod-web1:~# lsof -p 18323
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
gg 18323 tomcat55 cwd DIR 202,1 4096 492548 /var/lib/tomcat5.5/webapps
gg 18323 tomcat55 rtd DIR 202,1 4096 2 /
gg 18323 tomcat55 txt REG 202,1 1415201 498584 /var/lib/tomcat5.5/webapps/gg
gg 18323 tomcat55 mem REG 202,1 109152 311967 /lib/ld-2.7.so
gg 18323 tomcat55 mem REG 202,1 1274092 312131 /lib/libc-2.7.so
gg 18323 tomcat55 mem REG 202,1 38412 312185 /lib/libnss_files-2.7.so
gg 18323 tomcat55 mem REG 202,1 286 247821 /usr/lib/locale/en_US.utf8/LC_MONETARY
gg 18323 tomcat55 mem REG 202,1 52 247733 /usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES
gg 18323 tomcat55 mem REG 202,1 34 247754 /usr/lib/locale/en_US.utf8/LC_PAPER
gg 18323 tomcat55 mem REG 202,1 77 247771 /usr/lib/locale/en_US.utf8/LC_NAME
gg 18323 tomcat55 mem REG 202,1 155 247823 /usr/lib/locale/en_US.utf8/LC_ADDRESS
gg 18323 tomcat55 mem REG 202,1 59 247824 /usr/lib/locale/en_US.utf8/LC_TELEPHONE
gg 18323 tomcat55 mem REG 202,1 23 247825 /usr/lib/locale/en_US.utf8/LC_MEASUREMENT
gg 18323 tomcat55 mem REG 202,1 25700 219280 /usr/lib/gconv/gconv-modules.cache
gg 18323 tomcat55 mem REG 202,1 373 247826 /usr/lib/locale/en_US.utf8/LC_IDENTIFICATION
gg 18323 tomcat55 0u CHR 1,3 309 /dev/null
gg 18323 tomcat55 1u CHR 1,3 309 /dev/null
gg 18323 tomcat55 2u CHR 1,3 309 /dev/null
gg 18323 tomcat55 3u IPv4 178006 TCP yourhost.com:46579->220.127.116.11:10993 (ESTABLISHED)
New files we found included
/var/lib/tomcat5.5# find ./ -mtime 0
Its safe to say, if you see this on your own server, you need to stop the processes and tomcat, and upgrade immediately. Check all applications carefully before re-deploying for extra files or backdoors.
Often when people switch servers, or move to new providers, transferring email can be problematic. If you are using POP3, the email is already on your personal computer, however if you are using IMAP then you are stuck trying to add a second account and drag and drop for each user, or similar.
Never fear,there are tools around that help migrate things for you. Here i will explain the basics of imapsync which appears to be one of the better ones.
Happy birthday to us! RimuHosting has now been providing VPS hosting for 10 years.
Let's do some fun things to celebrate. First up a sale! We will add a $100 credit to your account when you order a new server with us.
This offer applies to new VPS, VPS-on-dedicated and regular dedicated servers. Pricing starts at around $16/m.
Our VPS plans are very flexible. You select the memory, disk space and data transfer allowance you need. You do not pay for resources you are not going to use.
The VPSs are powerful, fast Xen virtual machines. You have root SSH access. You can add in a control panel (like Virtualmin or Plesk or cPanel) to help you manage the server. Plus our sysadmins are available 24x7 to help install, troubleshoot and help out with your server.
So take take the hassle out of your hosting and sign up for a new server with us today. Grab us on Live Chat if you had any quick questions. Or email us an enquiry.
The fine print:
- You will need to sign up between now and the end of June (or whenever we cut off the offer before then). If you happened to have already ordered with us in the previous month or so then good news! You'll still get a (partial) credit.
- After you order you'll need to pay the invoices created in the first 30 days (hosting fees and any setup fees). You'll also need to have any other balance owing on your account paid.
- After the server has been up and running for a 30 days, go add the credit to your account at http://rimuhosting.com/cp/coupons.jsp
- The offer excludes additional VPSs on multi-VPS-on-ded servers.
- The coupon must be applied before the end of August.
Image credit: aih
We’re happy to announce the availability of Debian 7.0 (release notes) and Ubuntu 13.04 (release notes) images for new VPS installations.
Both releases are pretty stable and there is not much to report.
It seems that the biggest news (for Ubuntu) is the shorter life cycle for non-lts versions, and longer cycle (5 years!) for LTS. So the 13.04 release of Ubuntu (Raring Ringtail) will be supported until January of 2014, while 12.04 LTS support extends until April 2017.
Given the relatively minor changes in this release, we would recommend users select Ubuntu 12.04 LTS over Ubuntu 13.04.
Most of the Debian packages get a minor version update from the previous version Debian 6/Squeeze. None are too notable. Examples: MySQL 5.1=>5.5 and PHP 5.3=>5.4.
If you already have a running server and need to upgrade (without reinstalling), see our notes on distribution upgrades please see the following pages for Ubuntu and Debian. Or put in a ticket and let us help you with that.
I have been seeing a few people unsure what to do when they lose or forget their root password. Some are resorting to reinstalling their server thinking this is the only option, however there is another option with Rimuhosting. Continue reading
I have made posts before regarding how to find exploits, and what to do about those previously, however it has come to my attention that some people are not even realizing what the basics are to look for. In this post i will give you ideas on what to look for, how to identify exploits and similar.
A vast majority of exploits are web based, and only impact the web user. They are usually from an insecure CMS like wordpress, joomla, or drupal, and almost always PHP based, with the odd perl ones thrown in. If you run these CMS, make sure you update whenever there is a new version of the CMS, as well as plugins - this is vital to staying secure.
Signs and Symptoms of being exploited:
A customer came to us with a problem copying one database to another, and requested we do it for him. Once we logged in we saw the error fairly quickly
~# mysqldump -uadmin -p`cat /root/.mysqlpass` database >dbdump.sql
mysqldump: Got error: 29: File './database/tablename.MYD' not found (Errcode: 24) when using LOCK TABLES
It can be fairly easy to work out what the error message means using something called perror
~# perror 24
OS error code 24: Too many open files
Once you know the error, you can add the work around that fixes it. In this case make it do a single transaction to dump the large database.
~# mysqldump --single-transaction -uadmin -p`cat /root/.mysqlpass` database >dbdump.sql
If you ever have a problem similar, and need a hand with that, just let us know.