LXD containers now available for Ubuntu

containersThe latest Ubuntu LTS release, Xenial 16.04 , comes with support for a container system called LXD.  LXD builds on the existing LXC container system, allowing for more convenient management of those containers.

In this post I show how you can test out LXD containers on a Rimu VPS running Ubuntu 16.04.  I assume you already have a Ubuntu 16.04 VPS set up; if not you can grab one at RimuHosting  or launchtimevps.com.

Containers allow further separation between websites running on your VPS, which can be useful for removing dependency problems, for creating test environments for upgrading or developing new sites and perhaps for improving the security of your websites.
Continue reading

Posted in HOWTO, Rimuhosting | Tagged , , , , , | Leave a comment

How to get an A pass SSL rating for your SSL website

qualys-ssl-labs-logoEveryone wants security, and its ideal that your SSL certificates are also secure. With this in mind, websites like SSLLabs have a testing tool that is used to grade the SSL certificate installed on your server.

Often people get a low ranking when its fairly easy to get an A. I could make this post long winded and complex, but ultimately it comes down to adding the following items in your SSL configuration.

    SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
    SSLHonorCipherOrder on
    SSLProtocol All -SSLv2 -SSLv3

Continue reading

Posted in Security | Tagged , , , | Leave a comment

Monitor sites for exploits

2651852001_36b5df8a0d_z

We dislike dealing with exploited websites. A common cause is "the long forgotten outdated install from a web developer who left years ago. hoping works forever". Public facing services need to be kept updated in order to remain secure, so script-kiddies can't use your server for abuse, like selling dodgy medicinal products.

One would always try to enforce strong permissions and server settings to avoid these from happening, even use something like apparmor (which it is the way to do it), but there are other ways also to strengthen things a bit more. With the inotify feature in newer kernels, it is possible to monitor a file system location for changes and check those quickly with a scanner. We have made a script to help automate rapid notifications when possible issues are detected. This will work with a CMS or tomcat install. We also provide instructions on Maldetect ahead. Continue reading

Posted in HOWTO, Security | Tagged , , , | Leave a comment

Install ownCloud on a Rimu VPS

owncloud-logoOwncloud is a popular file storage and synchronization system, with many additional features available for it.  It's a self-hosted alternative to systems like dropbox, but with owncloud your files are stored on your own servers.  This allows you to meet requirements to keep data in a certain jurisdiction, for example, or it might give you peace of mind to know where your data is stored and who has access to it.

Running owncloud means you can keep documents organized in the owncloud repository and have access to them from anywhere, including desktop computers, laptops, mobile devices, and even through the web on public computers.  Changes made to those documents will be synchronized so the changes will show up on the other devices automatically.

You can use it as a personal server with a single account or it can be used as an organization's file store with multiple accounts.  Users can be assigned to groups, and different groups can have access to different sets of files.  You can also share files with someone outside your organization who doesn't have an account on owncloud by sending them a special link they can use to access the file.

There are also a number of plugins that can be loaded to enable other functionality; for example you can synchronize calendars and addressbooks between your devices using owncloud.

In this document, I'll explain how to get a recent version of Owncloud running on a new RimuHosting Debian VPS.
Continue reading

Posted in HOWTO, Rimuhosting | Tagged , , , , | Leave a comment

Ubuntu 16.04 LTS is here!

UbuntuLogoWe are pleased to announce the availability of Ubuntu 16.04 LTS server for new setups. This release has been code named Xenial Xerus. The official release notes are available from the Ubuntu team here.

Our new VPS images are based on the official builds provided directly from http://cloud-images.ubuntu.com

Significant updates in this release include Continue reading

Posted in Rimuhosting | Tagged , , , | Leave a comment

Keeping WordPress secure

RimuWordpressAccording to Wikipedia, "WordPress is the most popular blogging system in use on the Web, at more than 60 million websites."  It's also the most commonly installed blogging system on our customers' servers, and we use it to run the blog you're reading right now.

One factor that has contributed to WordPress 's popularity is its ease of installation.  And because it is so popular many themes, extensions and other add-ons are available, documentation and help resources abound, and an ecosystem of support companies has grown up around it.  These provide a positive feedback loop, helping to reinforce its popularity.

But as well as being easy to install and popular, it is also the most commonly exploited system we host.  That's because its popularity has led to increased interest from hackers, and also because the install defaults are not as secure as they could be.  If a hacker can leverage these weaknesses to crack a password for your site, they will often use it to send spam or distribute exploits designed to hack into other computers.  Even without cracking a password, many wordpress sites can be used to attack other sites.  If your WordPress system gets exploited you'll have the unenviable task of cleaning that up, made a bit easier thanks to Liz's restore wordpress script.

Secure WordPress in 5 easy steps

Continue reading

Posted in HOWTO, Rimuhosting, Security | Tagged , , , , | Leave a comment

Debian Squeeze (6) ends support – time to upgrade

openlogo-nd-100February 29th, 2016 marks the end of LTS Support for Debian Squeeze, which is still used by many of our customers.  This means that updates for known security issues will no longer be produced and over time, a server running this version will become vulnerable to being exploited.

Squeeze was released in 2011 and was our recommended distribution at the time, however if you're still running it now is the time to upgrade to a new version.  Wheezy (Debian 7), and Jessie (Debian 8) have been released since then.  Debian is known for having a relatively easy in-place upgrade system, compared to other distributions.  However, there are still potential problems with any upgrade, so be prepared to fix up configuration problems that might prevent your server from operating properly after the upgrade.

Continue reading

Posted in HOWTO, Rimuhosting, Security | Tagged , , | Leave a comment

VM hosting now available at NextDC in Sydney

Screen Shot 2016-01-13 at 2.45.32 PMWe are happy to announce we are now offering VM hosting out of the NextDC facility in Sydney!   Some highlights:

  • Uptime Institute Tier III certification.
  • N+1 power and cooling.
  • Hot and cold aisles for peak cooling power efficiency.
  • Cardboard- (and dust-) free data halls.
  • Locked cabinets.
  • Inert gas fire suppressant.
  • Financially stable, publicly listed data center company.
  • Fenced, secure bio-metric entry, 24x7 staffed and CCTV.
  • Host servers are all latest generation dual processor Intel E5 servers with 128GB of DDR4 memory and blazing fast SSD storage.
  • Reliable, fast and affordable data transfer (from 0.07AUD/GB)

Pricing from around AUD 35/m.  Order (or price up) a Sydney VM here.

Continue reading

Posted in Rimuhosting | Tagged , , | Comments Off on VM hosting now available at NextDC in Sydney

Don’t let the OOM killer stop MySQL

MySQLMany of our customers are successfully using MySQL (or MariaDB) databases on their servers, and they usually run fine as installed and do not need any special attention. However, occasionally problems can occur with MySQL, and this may indicate that some manual tuning is required. One scenario is when the system is short of memory, sometimes MySQL will be killed by the system since MySQL can be a big memory user. Continue reading

Posted in HOWTO, Rimuhosting | Tagged , , | 1 Comment

Using Vagrant to Manage Rimu VPS systems

Vagrant is high level wrapper around virtualization and configuration management
software. It simplifies the creation and management of easily reproduceable
environments. It is particularly suited for development and test enviroments
where servers are brought up and down frequently. It can also be used to bootstrap
production systems.

It can be used with configuration management software such as salt, puppet, chef
and others to easily provision systems.

Many software projects now ship a Vagrantfile which allows their users to quickly
setup and test the software using Vagrant.

Continue reading

Posted in HOWTO, Rimuhosting | Tagged , , , , | Comments Off on Using Vagrant to Manage Rimu VPS systems