How to Secure your MySQL On VPS or Dedicated Server

Running a WordPress on a Virtual private Server or dedicated server is not an easy as running a WordPress on shared hosting server. There are a few things need to install and configure. Basically you will need web server(Apache, Nginx or Lighttpd) and database server(MySQL). The most popular database for WordPress platform is MySQL. Installation of the MySQL is very easy, but most of the webmaster will facing difficulties on the configuration part. Therefore i have prepared the article that will cover configuring and securing your MySQL on Virtual private Server(VPS) or on dedicated server. MySQL database is actually the brain of your website or blog. It will store all the configuration information, the posts, comments, login information, user information and etc. This article assumed that you already installed the MySQL server on your VPS or dedicated server and then you may proceed to configure and harden it as below :

1. Run pre-install mysql script, mysql_secure_installation. This will do the following :

a) Set the root password ensures that nobody can log into the MySQL root user without the proper authorization.
b) Remove anonymous users
c) Remove test database and access to it
d) Normally, root should only be allowed to connect from ‘localhost’. Disallow root login remotely if you want. However i prefer to disallow it later

[root@mysql-server ~]# /usr/bin/mysql_secure_installation




NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!


In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n
 ... skipping.

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...



All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!

2. List of MySQL users, make sure all users have password :

mysql> SELECT User,Host,Password FROM mysql.user;
+---------------+-------------+-------------------------------------------+
| User          | Host        | Password                                  |
+---------------+-------------+-------------------------------------------+
| root          | localhost   | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
| root          | mysql       | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
| root          | 127.0.0.1   | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
| wordpressuser | 192.168.0.5 | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
+---------------+-------------+-------------------------------------------+
4 rows in set (0.00 sec)

3. Set a strong password for the MySQL root account and also existing user account :

Existing user account :

mysql> select Host,User,Password from user;
+-------------+---------------+-------------------------------------------+
| Host        | User          | Password                                  |
+-------------+---------------+-------------------------------------------+
| localhost   | root          | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
| mysql       | root          | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
| 127.0.0.1   | root          | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
| 192.168.0.5 | wordpressuser | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
+-------------+---------------+-------------------------------------------+
4 rows in set (0.00 sec)

Set new strong password :

mysql> set password for 'root'@'localhost'=password('newstrongpassword');
mysql> set password for 'root'@'127.0.0.1'=password('newstrongpassword');
mysql> set password for 'wordpressuser'@'192.168.0.5'=password('newstrongpassword');

4. Make sure logging such as general_log, slow_query_log and log-error has been enabled in mysql :

[root@mysql-server ~]# vim /etc/my.cnf
[mysqld]
..
..
..
general_log_file=/var/log/mysql/mysqld.log
general_log=1
slow_query_log_file=/var/log/mysql/mysqld.slow.log
slow_query_log=1

[mysqld_safe]
log-error=/var/log/mysql/mysqld.error.log
...
..

Create folder for mysql log and change the folder owner to mysql:

[root@mysql-server ~]# chown -R mysql:mysql /var/log/mysql

Verify the logs :

[root@mysql-server ~]# ll /var/log/mysql
total 12
-rw-r----- 1 mysql mysql 3547 Apr  7 16:57 mysqld.error.log
-rw-rw---- 1 mysql mysql  373 Apr  7 16:58 mysqld.log
-rw-rw---- 1 mysql mysql  174 Apr  7 16:57 mysqld.slow.log

This Will help administrators to monitor critical events and helps in troubleshooting.

Reference : http://dev.mysql.com/doc/refman/5.7/en/server-logs.html

Once you have done above configuration, make sure yo restart the mysqld service :

[root@mysql-server ~]# service mysqld restart
Stopping mysqld:                                           [  OK  ]
Starting mysqld:                                           [  OK  ]

Note : This configuration and hardening practice is very basic, you can fine tune your database based on your expected security level and also you can implement host iptables, physical firewall protection and operating system hardening in order to protect the MySQL server. You may refer to “Securing and Hardening Linux Dedicated Server

How to Install WordPress on CentOS 6.4

wordpressWordPress is free web blogging software and open source content management system (CMS) which based on PHP and MySQL platform. You can run and install WorPress on shared Web hosting service, on virtual private server (VPS) or if you need high performance WordPress blog which can serve many concurrent users at a time, you can choose dedicated server for it. This post covers the steps how to install WordPress on linux CentOS 6.4. It was assumed that this CentOS 6.4 already installed with PHP, apache and MySQL server.

1. Login as a root, download latest wordpress file :

[root@centos64 ~]# wget http://wordpress.org/latest.tar.gz

2. Once downloaded, move yje wordpress file to document root on your web server.

[root@centos64 ~]# mv latest.tar.gz /var/www/html/

3. Enter document’s root directory and extract the wordpress file :

[root@centos64 ~]# cd /var/www/html/
[root@centos64 html]# tar xvzf latest.tar.gz

4. Make wordpress folder readable :

[root@centos64 ~]# chmod 755 /var/www/html/wordpress

5. Create Database name “newwordpress” :

mysql> CREATE DATABASE newwordpress;
Query OK, 1 row affected (0.08 sec)

6. Create user “newwordpressuser” with password “newwordpresspassword” :

mysql> CREATE USER 'newwordpressuser'@'localhost' IDENTIFIED BY 'newwordpresspassword';
Query OK, 0 rows affected (0.07 sec)

7. Grant all privileges to “newwordpress” to user “newwordpressuser” from localhost access :

mysql> GRANT ALL PRIVILEGES ON newwordpress.* to newwordpressuser@localhost;
Query OK, 0 rows affected (0.00 sec)

8. Verify the granted access for user “newwordpressuser” :

mysql> SHOW GRANTS FOR 'newwordpressuser'@'localhost';
+-------------------------------------------------------------------------------------------------------------------------+
| Grants for newwordpressuser@localhost                                                                                   |
+-------------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'newwordpressuser'@'localhost' IDENTIFIED BY PASSWORD '*2E824B82B9B162C4283AA039118AD4C5248380DA' |
| GRANT ALL PRIVILEGES ON `newwordpress`.* TO 'newwordpressuser'@'localhost'                                              |
+-------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)

mysql>

9. Display the created database :

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| newwordpress       |
+--------------------+
3 rows in set (0.00 sec)

10. Copy and rename wp-config-sample.php to wp-config.php:

[root@centos64 ~]# cp /var/www/html/wordpress/wp-config-sample.php /var/www/html/wordpress/wp-config.php

11. Modify the wp-config.php :

[root@centos64 ~]# vi /var/www/html/wordpress/wp-config.php

12. Change below database details such as database’ name, database’ username, database’ password nand database’ hostname.

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'newwordpress');

/** MySQL database username */
define('DB_USER', 'newwordpressuser');

/** MySQL database password */
define('DB_PASSWORD', 'newwordpresspassword');

/** MySQL hostname */
define('DB_HOST', 'localhost');

13. To install, navigate the browser to http://servername/wordpress/.
http://192.168.2.64/wordpress/
1
14. To login, navigate the browser to http://servername/wordpress/wp-login.php :

How to Install and Securing MySQL on CentOS 6.4 VPS

MySQLMySQL Database server is one of the most popular used database in the internet especially for content management and blogging site. It’s can stores and retrieves data for the blog, websites and applications. This post will describes how you can install and securing MySQL on CentOS 6.4 virtual private server (VPS) or dedicated MySQL database server. For more information on MySQL, you can visit their website at www.mysql.com.

1. Install MySQL Database Server using yum command :

[root@centos64 ~]# yum install mysql mysql-server -y

Example :

[root@centos64 ~]# yum install mysql mysql-server -y
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.upsi.edu.my
 * epel: kartolo.sby.datautama.net.id
 * extras: mirror.upsi.edu.my
 * updates: mirror.upsi.edu.my
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package mysql.x86_64 0:5.1.69-1.el6_4 will be installed
--> Processing Dependency: mysql-libs = 5.1.69-1.el6_4 for package: mysql-5.1.69-1.el6_4.x86_64
---> Package mysql-server.x86_64 0:5.1.69-1.el6_4 will be installed
--> Processing Dependency: perl-DBI for package: mysql-server-5.1.69-1.el6_4.x86_64
--> Processing Dependency: perl-DBD-MySQL for package: mysql-server-5.1.69-1.el6_4.x86_64
--> Processing Dependency: perl(DBI) for package: mysql-server-5.1.69-1.el6_4.x86_64
--> Running transaction check
---> Package mysql-libs.x86_64 0:5.1.67-1.el6_3 will be updated
---> Package mysql-libs.x86_64 0:5.1.69-1.el6_4 will be an update
---> Package perl-DBD-MySQL.x86_64 0:4.013-3.el6 will be installed
---> Package perl-DBI.x86_64 0:1.609-4.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================
 Package                    Arch               Version                    Repository           Size
====================================================================================================
Installing:
 mysql                      x86_64             5.1.69-1.el6_4             updates             907 k
 mysql-server               x86_64             5.1.69-1.el6_4             updates             8.7 M
Installing for dependencies:
 perl-DBD-MySQL             x86_64             4.013-3.el6                base                134 k
 perl-DBI                   x86_64             1.609-4.el6                base                705 k
Updating for dependencies:
 mysql-libs                 x86_64             5.1.69-1.el6_4             updates             1.2 M

Transaction Summary
====================================================================================================
Install       4 Package(s)
Upgrade       1 Package(s)

Total download size: 12 M
Downloading Packages:
(1/5): mysql-5.1.69-1.el6_4.x86_64.rpm                                       | 907 kB     00:07
(2/5): mysql-libs-5.1.69-1.el6_4.x86_64.rpm                                  | 1.2 MB     00:12
(3/5): mysql-server-5.1.69-1.el6_4.x86_64.rpm                                | 8.7 MB     01:30
(4/5): perl-DBD-MySQL-4.013-3.el6.x86_64.rpm                                 | 134 kB     00:00
(5/5): perl-DBI-1.609-4.el6.x86_64.rpm                                       | 705 kB     00:06
----------------------------------------------------------------------------------------------------
Total                                                               101 kB/s |  12 MB     01:57
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating   : mysql-libs-5.1.69-1.el6_4.x86_64                                                 1/6
  Installing : perl-DBI-1.609-4.el6.x86_64                                                      2/6
  Installing : perl-DBD-MySQL-4.013-3.el6.x86_64                                                3/6
  Installing : mysql-5.1.69-1.el6_4.x86_64                                                      4/6
  Installing : mysql-server-5.1.69-1.el6_4.x86_64                                               5/6
  Cleanup    : mysql-libs-5.1.67-1.el6_3.x86_64                                                 6/6
  Verifying  : mysql-libs-5.1.69-1.el6_4.x86_64                                                 1/6
  Verifying  : perl-DBD-MySQL-4.013-3.el6.x86_64                                                2/6
  Verifying  : perl-DBI-1.609-4.el6.x86_64                                                      3/6
  Verifying  : mysql-server-5.1.69-1.el6_4.x86_64                                               4/6
  Verifying  : mysql-5.1.69-1.el6_4.x86_64                                                      5/6
  Verifying  : mysql-libs-5.1.67-1.el6_3.x86_64                                                 6/6

Installed:
  mysql.x86_64 0:5.1.69-1.el6_4                 mysql-server.x86_64 0:5.1.69-1.el6_4

Dependency Installed:
  perl-DBD-MySQL.x86_64 0:4.013-3.el6                 perl-DBI.x86_64 0:1.609-4.el6

Dependency Updated:
  mysql-libs.x86_64 0:5.1.69-1.el6_4

Complete!

2. Make mysqld daemon start at boot and start MySQL Database Server :

[root@centos64 ~]# chkconfig mysqld on
[root@centos64 ~]# service mysqld start
Initializing MySQL database:  Installing MySQL system tables...
OK
Filling help tables...
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h centos64.ehowstuff.local password 'new-password'

Alternatively you can run:
/usr/bin/mysql_secure_installation

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the manual for more instructions.

You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd /usr/mysql-test ; perl mysql-test-run.pl

Please report any problems with the /usr/bin/mysqlbug script!

                                                           [  OK  ]
Starting mysqld:                                           [  OK  ]

3. Securing MySQL Database Server. This includes setting up the password for mysql root, remove anonymous users, disallow root login remotely and remove test database and access.

[root@centos64 ~]# /usr/bin/mysql_secure_installation




NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!


In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...



All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!


4. For testing, login to MySQL Server using defined password :

[root@centos64 ~]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 5.1.69 Source distribution

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
+--------------------+
2 rows in set (0.01 sec)

mysql>

Linode VPS – Lish SSH Gateway

We’re rolling out a new Lish SSH gateway that simplifies Lish by introducing a single place to access Lish for all of your Linodes, regardless of their host or datacenter. It eliminates the need for per-Linode Lish passwords and SSH keys. Instead, the Lish gateway uses your existing Linode Manager credentials for authentication. You will also notice a new “Lish SSH Keys” field in the My Profile section of the Linode Manager, where you can submit SSH public keys to authenticate yourself to these new Lish gateway boxes.

To provide a little background, Lish is the Linode Shell. It provides you with the ability to issue reboot and shutdown jobs, check the status of your Linode, and most importantly, access and interact with the console of your running Linode. Lish is an out-of-band console, which means you can access it even when your Linode’s networking is disabled.

Previously, each Linode required its own Lish SSH username, password, and SSH keys. Access to Lish was via a direct SSH connection to your Linode’s host machine. In the coming weeks, we will be completely removing host access from the public Internet, and as such the old Lish access methods will no longer function.

Lish-via-SSH into hosts will cease to function on Friday, May 10, 2013 1:00PM EDT.  As such, please adjust any scripts or aliases to utilize the new Lish gateway.

When you log in to the new Lish gateway, you’ll see a list of your Linodes and their locations, as shown below:

$ ssh caker@lish-newark.linode.com 
Linodes located in this data center:
linode2345           Newark, NJ
linode3456           Newark, NJ
linode4567           Newark, NJ

Linodes located in other data centers:
sandbox              Dallas, TX
linode5678           Dallas, TX
[caker@lish-newark.linode.com]#

Then, at the command prompt, you can enter the name of the Linode to which you want to make your Lish connection. In the example shown above, you could enter “linode2345? to access the Lish console for linode2345. Once you’re on a specific Linode, Lish will work like it always has. When you exit linode2345?s Lish, you’ll be taken back to the gateway menu.

You can also do tricks like this to bypass the menu all together:

$ ssh -t caker@lish-newark.linode.com linode2345

And like this to send commands directly to a Linode’s Lish:

$ ssh -t caker@lish-newark.linode.com linode2345 logview

We’ve set up Lish gateways in all six data centers. You can use any gateway to get to any Linode, but we recommend using the one geographically closest to you or your Linodes. Here are the Lish gateway boxes:

  • lish-tokyo.linode.com
  • lish-fremont.linode.com
  • lish-dallas.linode.com
  • lish-atlanta.linode.com
  • lish-newark.linode.com
  • lish-london.linode.com

The Lish gateway boxes are accessible via both IPv4 and IPv6. The Ajax method of connecting to your Linode’s Lish is unaffected by these changes.

Enjoy!
-Chris

Click here for full Story

Linode NextGen: RAM Upgrade

This is the third and final post in a series about Linode: NextGen. The first post in the series focused on network upgrades and the second post focused on host hardware. This post announces yet another upgrade, and discusses the upgrade procedure and availability.

We’re doubling the RAM on all of our plans. This upgrade is available to existing and new customers. New Linodes will automatically be created with the new resources. Existing Linodes will need to go through the Upgrade Queue to receive the upgrades.

The new Linode plans lineup is now the following:

PlanRAMDiskXFERCPUPrice
Linode 1G1 GB24 GB2 TB8 cores (1x priority)$20 / mo
Linode 2G2 GB48 GB4 TB8 cores (2x priority)$40 / mo
Linode 4G4 GB96 GB8 TB8 cores (4x priority)$80 / mo
Linode 8G8 GB192 GB16 TB8 cores (8x priority)$160 / mo
Linode 16G16 GB384 GB20 TB8 cores (16x priority)$320 / mo
Linode 24G24 GB576 GB20 TB8 cores (24x priority)$480 / mo
Linode 32G32 GB768 GB20 TB8 cores (32x priority)$640 / mo
Linode 40G40 GB960 GB20 TB8 cores (40x priority)$800 / mo

Upgrade Queue

Here’s how to get the upgrade for your existing Linode: Log into the Linode Manager and view your Linode’s Dashboard, where you’ll have a new “Upgrade Available” box on the right-hand side. This links to a page describing the upgrade process, which is very simple. Simply click the button and your Linode will enter the Upgrade Queue. While in the queue, your Linode can remain booted.

Once it’s your Linode’s turn in the queue, your Linode will be shut down, upgraded, and migrated to another host. The migration will take about 1 minute per GB of disk images. After the migration has completed, your Linode will be returned to its last state (booted or shutdown) – but with the new RAM!

Full disclosure: the new plans are $0.05 more expensive per month. We did this to get rid of the legacy $19.95, $39.95, $59.95, etc pricing model in favor of a simpler $20, $40, $60 model. The upgrade is not mandatory, so if you’re not down with the 5 cent increase you can keep your existing resources and pricing.

Upgrade Availability

We’ll be enabling the upgrade by data center very soon, with the exception of Fremont which may take another week or two – we’ll be explaining more on Fremont in another post.

Fremont, CA: TBD
Dallas, TX: Upgrades are available
Atlanta, GA: Upgrades are available
Newark, NJ: Upgrades are available
London, UK: Upgrades are available
Tokyo, JP: Upgrades are available

Check back regularly for updates for your data center.

Linode NextGen Recap

This has been a great couple of weeks for Linode and our customers. We’ve spent millions improving our network, a fleet refresh with new hardware and 8 core Linodes, and now this: doubling your RAM without doubling the price. Enjoy!

-Chris

Click here for full Story

Best Web Hosting 2012 – Best Linux & Windows Web Hosting Providers

PR Web

San Francisco, CA (PRWEB) November 01, 2012

BestHostingSearch.com, a leading web hosting review site since 2006, named BlueHost as the best web hosting on Linux platform and WinHost as the best web hosting on Windows platform for personal and small businesses based on their web hosting technology, features, reliability, performance, technical support, and affordability.

Best Web Hosting 2012 > PHP, ROR, Python, Perl

BlueHost is awarded as the best web hosting provider in 2012 based on Linux platform for hosting sites developed on PHP, Zend Framework, Ruby on Rails, Python and Perl. BlueHost offers a single all-in-one unlimited web hosting plan named “BlueHost Professional” which is the most rich-featured Linux-based hosting plan. Besides supporting almost all the modern programming languages, it includes one free domain & $100-value Google AdWords credits, allows one to host unlimited sites on one account by paying once, and provides Shell Access (SSH), email, MySQL, PostgreSQL, FTP, SSL, etc. It starts at $6.95/mo regularly, but now BlueHost is offering a 44% discount for $3.95/mo for all visitors who go through this BlueHost promotional link.

BlueHost was founded in 1996 and designed to offer the affordable hosting solution to personal and small businesses. Unlike many other web hosts, BlueHost has 3 world-class dedicated data centers in Provo Utah, which had been invested with 20+ millions of USD since 2010. All the data centers are Eco-friendly, with the Internet bandwidth exceeding 150,000 Mbits totally. So far, BlueHost is serving for 2.5 million customers worldwide and it’s fast growing with approximately 20,000 new customers added for each month.

To read the in-depth BlueHost review, visit http://besthostingsearch.com/bluehost-review

Best Web Hosting 2012 > ASP.NET, ASP.NET MVC, Silverlight

WinHost is awarded as the best web hosting provider in 2012 based on Windows platform for hosting sites developed on ASP.NET, ASP.NET MVC and Silverlight technology. WinHost is the most developer and technology friendly web hosting company of all which BestHostingSearch.com had reviewed so far. WinHost supports almost all the latest cutting-edge Microsoft technology. It’s one of the first ASP.NET hosting providers that declaim to support Windows Server 2012, ASP.NET 4.5 and MSSQL 2012. Now, the WinHost ASP.NET hosting plan supports Windows Server 2008R2 & Windows Server 2012, MSSQL 2008R2 & MSSQL 2012, ASP.NET 2/3.5SP1/4/4.5, ASP.NET 2/3/4, Silverlight 4/5, and provides Full Trust configuration, remote IIS management capability, and remote MSSQL management capability.

WinHost ASP.NET hosting starts at $4.95/mo regularly, but now it’s offering a special discount for 2 months free for annual billing at $4.12/mo effectively for all visitors who go through this WinHost promotional link.

To learn more about the award of best web hosting providers in 2012, visit http://besthostingsearch.com/web-hosting-guide/best-web-hosting-2012 >>

About BestHostingSearch.com
BestHostingSearch.com is a leading web hosting review site since 2006. It ranks web hosting providers based on their real hosting experience and the reviews collected from real customers, designed to help people find the best web hosting deal, saving time and money from a bad choice.

Click here for full Story

How to Setup Private DNS With Bind9 Chroot on CentOS 6.2 VPS

dnsAssumed that you already buy two Virtual Private Server (VPS) but you dont want to point your nameservers on your hosting provider. To look more professional and stylish, you can run and have two private nameservers such as ns1.ehowstuff.local and ns2.ehowstuff.local. This post will show you the steps on how to setup and run your own Bind9 Chroot private nameservers on CentOS 6.2 VPS or dedicated server with atleast 2 IP addresses. To fit you requirement, please replace domain (ehowstuff.local) and ip addresses to your own domain and IPs.

ns1.ehowstuff.local : 192.168.1.44 (Master Private DNS server)
ns2.ehowstuff.local : 192.168.1.54 (Slave Private DNS server)

1. Install Bind Chroot DNS Server on both Primary and Slave server :

Master DNS Server

[root@ns1 ~]# yum install bind-chroot -y

Slave DNS server

[root@ns2 ~]# yum install bind-chroot -y


Master DNS Server



2. Login to Primary DNS server (ns1), and create a file /var/named/chroot/var/named/ehowstuff.local with the following configuration:

[root@ns1 ~]# vim /var/named/chroot/var/named/ehowstuff.local
;
;       Addresses and other host information.
;
$TTL 14400
ehowstuff.local.        IN      SOA     ns1.ehowstuff.local.    admin.ehowstuff.local. (
                                        2012060201      ; Serial
                                        86400      ; Refresh
                                        7200       ; Retry
                                        3600000    ; Expire
                                        86400 )  ; Minimum

;A record for domain mapping domain to IP
ehowstuff.local.        IN      A       192.168.1.44

;Define the atleast 2 private nameservers
ehowstuff.local.        IN      NS      ns1.ehowstuff.local.
ehowstuff.local.        IN      NS      ns2.ehowstuff.local.

; Map 2 private nameservers to IP addressess using A record
ns1     IN      A       192.168.1.44
ns2     IN      A       192.168.1.54

; Specify subdomains if any using CNAME or alias.
www     IN      CNAME   ehowstuff.local.
ftp     IN      CNAME   ehowstuff.local.

; Mail exhanger and map it IP using A record.
ehowstuff.local.        IN      MX      10      mail.ehowstuff.local.

3. Still on ns1, please generate an RNDC key :
The rndc tool is used to managed the named daemon. We need to generate a keyfile called /etc/rndc.key which is referenced both by /etc/rndc.conf and /etc/named.conf To do this we use the following command;

[root@ns1 ~]# rndc-confgen -a -c /etc/rndc.key
wrote key file "/etc/rndc.key"

View the content of the RNDC key :

[root@ns1 ~]# cat /etc/rndc.key
key "rndc-key" {
        algorithm hmac-md5;
        secret "T6tduqyMQ/YbIDXOmE0Fzg==";
};

4. on ns1, edit the /var/named/chroot/etc/named.conf file for ehowstuff.local

[root@ns1 ~]# vi /var/named/chroot/etc/named.conf
options {
       directory "/var/named";
       dump-file "/var/named/data/cache_dump.db";
       statistics-file "/var/named/data/named_stats.txt";
forwarders { 8.8.8.8; };
};
include "/etc/rndc.key";
// We are the master server for ehowstuff.local

zone "ehowstuff.local" {
        type master;
        file "/var/named/ehowstuff.local";
        allow-transfer {192.168.1.54;};
        allow-update {none;};
};

5. Start the DNS service using the following command :

[root@ns1 ~]# /etc/init.d/named start
Starting named:                                            [  OK  ]

6. Make named daemon auto start during boot :

[root@ns1 ~]# chkconfig named on


Slave DNS Server



7. Making slave DNS server can be so easy. Login to the other DNS server(ns2) and open the named.conf file. You need not create any file as the slave will automatically download the master zone information through zone transfer. After sometime, you can view the zone file. :

[root@ns2 ~]# vi /var/named/chroot/etc/named.conf
zone "ehowstuff.local" {
type slave;
file "/var/named/slaves/ehowstuff.local";
masters {192.168.1.44;};
};

Note: Bind will not allow you to run master and slave on same server, even-though you have 2 IP addresses

8. Start the DNS service using the following command :

[root@ns2 ~]# /etc/init.d/named start
Starting named:                                            [  OK  ]

9. Make named daemon auto start during boot :

[root@ns2 ~]# chkconfig named on

10. Before testing, make sure your pc or server using the Bind Chroot DNS Server that has been set up :

[root@ns1 ~]# cat /etc/resolv.conf
nameserver 192.168.1.44
nameserver 192.168.1.54
[root@ns2 ~]# cat /etc/resolv.conf
nameserver 192.168.1.44
nameserver 192.168.1.54

11. Test your DNS service :

Test from Master DNS server (ns1)

[root@ns1 ~]# dig ehowstuff.local

; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> ehowstuff.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25783
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;ehowstuff.local.               IN      A

;; ANSWER SECTION:
ehowstuff.local.        14400   IN      A       192.168.1.44

;; AUTHORITY SECTION:
ehowstuff.local.        14400   IN      NS      ns1.ehowstuff.local.
ehowstuff.local.        14400   IN      NS      ns2.ehowstuff.local.

;; ADDITIONAL SECTION:
ns1.ehowstuff.local.    14400   IN      A       192.168.1.44
ns2.ehowstuff.local.    14400   IN      A       192.168.1.54

;; Query time: 0 msec
;; SERVER: 192.168.1.44#53(192.168.1.44)
;; WHEN: Sat Jun  2 14:46:46 2012
;; MSG SIZE  rcvd: 117
[root@ns1 ~]# host -t mx ehowstuff.local
ehowstuff.local mail is handled by 10 mail.ehowstuff.local.
[root@ns1 ~]# host -t ns ehowstuff.local
ehowstuff.local name server ns2.ehowstuff.local.
ehowstuff.local name server ns1.ehowstuff.local.

Test from Slave DNS server (ns2)

[root@ns2 ~]# dig ehowstuff.local

; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> ehowstuff.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11526
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;ehowstuff.local.               IN      A

;; ANSWER SECTION:
ehowstuff.local.        14400   IN      A       192.168.1.44

;; AUTHORITY SECTION:
ehowstuff.local.        14400   IN      NS      ns2.ehowstuff.local.
ehowstuff.local.        14400   IN      NS      ns1.ehowstuff.local.

;; ADDITIONAL SECTION:
ns1.ehowstuff.local.    14400   IN      A       192.168.1.44
ns2.ehowstuff.local.    14400   IN      A       192.168.1.54

;; Query time: 3 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jun  2 15:26:19 2012
;; MSG SIZE  rcvd: 117
[root@ns2 ~]# host -t mx ehowstuff.local
ehowstuff.local mail is handled by 10 mail.ehowstuff.local.
[root@ns2 ~]# host -t ns ehowstuff.local
ehowstuff.local name server ns2.ehowstuff.local.
ehowstuff.local name server ns1.ehowstuff.local.

How to Check Opened Port on Linux VPS Server

By default, the linux operating system manages 65536 ports. If you run Virtual private Server (VPS) on linux platform, it is better to turn off any services or ports that you don’t actually need. This is to ensure your VPS server will not become avenues of attack for any security threats. Simply run these commands to easily see open ports on your Linux VPS server that are currently listening.

1. List opened ports with protocol name :

[root@vps-server ~]# netstat --listen --tcp

Examples :

[root@vps-server ~]# netstat --listen --tcp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 *:mysql                     *:*                         LISTEN
tcp        0      0 *:http                      *:*                         LISTEN
tcp        0      0 *:ftp                       *:*                         LISTEN
tcp        0      0 *:ssh                       *:*                         LISTEN

2. List opened ports with protocol number :

[root@vps-server ~]# netstat --listen --tcp -n

Examples :

[root@vps-server ~]# netstat --listen --tcp -n
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN

How to Check VPS Network Speed

Several important factors to consider before buying a Virtual Private Server (VPS) are Internet connection speed, I/O speed, CPU performance and the server or network uptime. Actually, you can get a complete comparison about the VPS performance at serverbear.com websites, but if you want a second opinion on how fast is your connection speed VPS, you can perform the speedtest by yourself. In this post I will share with you how to check the speed of network for Linux VPS. These steps have been tested on a CentOS 5 and CentOS 6 VPS hosted at different locations in the United States.

1. Test 100MB File on the CentOS 5 VPS located at North Carolina, USA :

# wget -O /dev/null - http://cachefly.cachefly.net/100mb.test

Example :

# wget -O /dev/null - http://cachefly.cachefly.net/100mb.test
--2012-04-19 17:40:00--  http://cachefly.cachefly.net/100mb.test
Resolving cachefly.cachefly.net... 205.234.175.175
Connecting to cachefly.cachefly.net|205.234.175.175|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 104857600 (100M) [application/octet-stream]
Saving to: `/dev/null'

100%[=======================================================>] 104,857,600 11.1M/s   in 9.1s

2012-04-19 17:40:09 (11.0 MB/s) - `/dev/null' saved [104857600/104857600]

FINISHED --2012-04-19 17:40:09--
Downloaded: 1 files, 100M in 9.1s (11.0 MB/s)

100Mbps port = 12.5M/s Maximum speed

2. Test 1GB File on the CentOS 6 VPS located at New York City, USA :

# wget -O /dev/null - http://speedtest.nyc.solvps.com/1GB.zip
--2015-03-08 03:43:25--  http://speedtest.nyc.solvps.com/1GB.zip
Resolving speedtest.nyc.solvps.com... 104.128.230.11
Connecting to speedtest.nyc.solvps.com|104.128.230.11|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1073741824 (1.0G) [application/zip]
Saving to: â/dev/nullâ

100%[====================================>] 1,073,741,824 33.1M/s   in 37s

2015-03-08 03:44:02 (27.8 MB/s) - â/dev/nullâ

FINISHED --2015-03-08 03:44:02--
Downloaded: 1 files, 1.0G in 37s (27.8 MB/s)

1Gigabit port = 125 MB/s Maximum speed

VPS network speed

How to Check Memory Usage on Linux VPS Server

There are several ways on how to check the memory usage on linux virtual Private Server (VPS). This steps has been tested on linux CentOS 6.2 server and may workings on other linux server as well.

1. Check memory usage using “/proc/meminfo” command:

[root@centos62 ~]# cat /proc/meminfo

Output :

MemTotal:        1030888 kB
MemFree:          710372 kB
Buffers:           36444 kB
Cached:           191484 kB
SwapCached:            0 kB
Active:           180552 kB
Inactive:         104976 kB
Active(anon):      58048 kB
Inactive(anon):     2124 kB
Active(file):     122504 kB
Inactive(file):   102852 kB
Unevictable:           0 kB
Mlocked:               0 kB
HighTotal:        141256 kB
HighFree:            280 kB
LowTotal:         889632 kB
LowFree:          710092 kB
SwapTotal:       2064376 kB
SwapFree:        2064376 kB
Dirty:              1388 kB
Writeback:             0 kB
AnonPages:         57628 kB
Mapped:            16512 kB
Shmem:              2564 kB
Slab:              21372 kB
SReclaimable:      15292 kB
SUnreclaim:         6080 kB
KernelStack:        1192 kB
PageTables:         1712 kB
NFS_Unstable:          0 kB
Bounce:                0 kB
WritebackTmp:          0 kB
CommitLimit:     2579820 kB
Committed_AS:     158252 kB
VmallocTotal:     122880 kB
VmallocUsed:        4264 kB
VmallocChunk:     111800 kB
HugePages_Total:       0
HugePages_Free:        0
HugePages_Rsvd:        0
HugePages_Surp:        0
Hugepagesize:       2048 kB
DirectMap4k:       10232 kB
DirectMap2M:      897024 kB

2. Check memory usage using “free -m” command :

[root@centos62 ~]# free -m

Output :

             total       used       free     shared    buffers     cached
Mem:          1006        317        689          0         36        190
-/+ buffers/cache:         90        916
Swap:         2015          0       2015
[root@centos62 ~]#

3. Check memory usage using “top” command :

[root@centos62 ~]# top

Output :

Tasks:  84 total,   1 running,  83 sleeping,   0 stopped,   0 zombie
Cpu(s):  0.5%us,  2.4%sy,  0.0%ni, 96.0%id,  0.8%wa,  0.0%hi,  0.2%si,  0.0%st
Mem:   1030888k total,   324996k used,   705892k free,    37324k buffers
Swap:  2064376k total,        0k used,  2064376k free,   194916k cached

4. Check memory usage using “vmstat” command :

[root@centos62 ~]# vmstat

Output :

procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu-----
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
 0  0      0 701072  38236 198804    0    0    18    23   88   97  1  3 96  1  0

How to Get the Best VPS Hosting Deals and Informations

Virtual Private Server (VPS) is a term used by internet hosting services which offers a good balance between total control (root access privilege) and a tight budget. Having a VPS account is just like operating a dedicated server. VPS is cost effective way to manage multiple sites and ideal for mission critical applications and websites. This because each VPS can run its own preferred operating system and can be independently rebooted anytime when required. Before you buy any Linux VPS which is unmanaged server, it is better to have basic knowledge of linux system administrations. You will be manage your own web service and database service that you will be installed.

In this post, i want to share two useful link to get the best VPS hosting deals and information. For VPS newbie, it’s better to try cheap VPS before you spend huge amount of money for your production VPS web hosting.

1. www.lowendbox.com
Low End Box – Cheap VPS Hosting Providers Listing & Reviews

2. www.webhostingtalk.com
Web Hosting Talk – The largest, most influential web hosting community on the internet