Linode VPS – Lish SSH Gateway

We’re rolling out a new Lish SSH gateway that simplifies Lish by introducing a single place to access Lish for all of your Linodes, regardless of their host or datacenter. It eliminates the need for per-Linode Lish passwords and SSH keys. Instead, the Lish gateway uses your existing Linode Manager credentials for authentication. You will also notice a new “Lish SSH Keys” field in the My Profile section of the Linode Manager, where you can submit SSH public keys to authenticate yourself to these new Lish gateway boxes.

To provide a little background, Lish is the Linode Shell. It provides you with the ability to issue reboot and shutdown jobs, check the status of your Linode, and most importantly, access and interact with the console of your running Linode. Lish is an out-of-band console, which means you can access it even when your Linode’s networking is disabled.

Previously, each Linode required its own Lish SSH username, password, and SSH keys. Access to Lish was via a direct SSH connection to your Linode’s host machine. In the coming weeks, we will be completely removing host access from the public Internet, and as such the old Lish access methods will no longer function.

Lish-via-SSH into hosts will cease to function on Friday, May 10, 2013 1:00PM EDT.  As such, please adjust any scripts or aliases to utilize the new Lish gateway.

When you log in to the new Lish gateway, you’ll see a list of your Linodes and their locations, as shown below:

$ ssh caker@lish-newark.linode.com 
Linodes located in this data center:
linode2345           Newark, NJ
linode3456           Newark, NJ
linode4567           Newark, NJ

Linodes located in other data centers:
sandbox              Dallas, TX
linode5678           Dallas, TX
[caker@lish-newark.linode.com]#

Then, at the command prompt, you can enter the name of the Linode to which you want to make your Lish connection. In the example shown above, you could enter “linode2345? to access the Lish console for linode2345. Once you’re on a specific Linode, Lish will work like it always has. When you exit linode2345?s Lish, you’ll be taken back to the gateway menu.

You can also do tricks like this to bypass the menu all together:

$ ssh -t caker@lish-newark.linode.com linode2345

And like this to send commands directly to a Linode’s Lish:

$ ssh -t caker@lish-newark.linode.com linode2345 logview

We’ve set up Lish gateways in all six data centers. You can use any gateway to get to any Linode, but we recommend using the one geographically closest to you or your Linodes. Here are the Lish gateway boxes:

  • lish-tokyo.linode.com
  • lish-fremont.linode.com
  • lish-dallas.linode.com
  • lish-atlanta.linode.com
  • lish-newark.linode.com
  • lish-london.linode.com

The Lish gateway boxes are accessible via both IPv4 and IPv6. The Ajax method of connecting to your Linode’s Lish is unaffected by these changes.

Enjoy!
-Chris

Click here for full Story

Linode NextGen: RAM Upgrade

This is the third and final post in a series about Linode: NextGen. The first post in the series focused on network upgrades and the second post focused on host hardware. This post announces yet another upgrade, and discusses the upgrade procedure and availability.

We’re doubling the RAM on all of our plans. This upgrade is available to existing and new customers. New Linodes will automatically be created with the new resources. Existing Linodes will need to go through the Upgrade Queue to receive the upgrades.

The new Linode plans lineup is now the following:

PlanRAMDiskXFERCPUPrice
Linode 1G1 GB24 GB2 TB8 cores (1x priority)$20 / mo
Linode 2G2 GB48 GB4 TB8 cores (2x priority)$40 / mo
Linode 4G4 GB96 GB8 TB8 cores (4x priority)$80 / mo
Linode 8G8 GB192 GB16 TB8 cores (8x priority)$160 / mo
Linode 16G16 GB384 GB20 TB8 cores (16x priority)$320 / mo
Linode 24G24 GB576 GB20 TB8 cores (24x priority)$480 / mo
Linode 32G32 GB768 GB20 TB8 cores (32x priority)$640 / mo
Linode 40G40 GB960 GB20 TB8 cores (40x priority)$800 / mo

Upgrade Queue

Here’s how to get the upgrade for your existing Linode: Log into the Linode Manager and view your Linode’s Dashboard, where you’ll have a new “Upgrade Available” box on the right-hand side. This links to a page describing the upgrade process, which is very simple. Simply click the button and your Linode will enter the Upgrade Queue. While in the queue, your Linode can remain booted.

Once it’s your Linode’s turn in the queue, your Linode will be shut down, upgraded, and migrated to another host. The migration will take about 1 minute per GB of disk images. After the migration has completed, your Linode will be returned to its last state (booted or shutdown) – but with the new RAM!

Full disclosure: the new plans are $0.05 more expensive per month. We did this to get rid of the legacy $19.95, $39.95, $59.95, etc pricing model in favor of a simpler $20, $40, $60 model. The upgrade is not mandatory, so if you’re not down with the 5 cent increase you can keep your existing resources and pricing.

Upgrade Availability

We’ll be enabling the upgrade by data center very soon, with the exception of Fremont which may take another week or two – we’ll be explaining more on Fremont in another post.

Fremont, CA: TBD
Dallas, TX: Upgrades are available
Atlanta, GA: Upgrades are available
Newark, NJ: Upgrades are available
London, UK: Upgrades are available
Tokyo, JP: Upgrades are available

Check back regularly for updates for your data center.

Linode NextGen Recap

This has been a great couple of weeks for Linode and our customers. We’ve spent millions improving our network, a fleet refresh with new hardware and 8 core Linodes, and now this: doubling your RAM without doubling the price. Enjoy!

-Chris

Click here for full Story

Securing and Hardening Linux Dedicated Server

securing linuxWhen we hosted the linux dedicated server or virtual private server(VPS) in a data center, security of the system is very important in order to ensure the data and the information are safe from the hackers. Securing and hardening linux dedicated server is mandatory when nearly every computing resources and the application systems is online and susceptible to attack. This post share basic security and hardening tips for the linux dedicated server. If you are plan to host your own linux dedicated server, then this post should able to provide you a good baseline and ideas. The following are the best practices to securing and hardening linux dedicated server :

1. Patching Linux Systems
2. Keep Linux Kernel and Software such as WordPress/Joomla Up to Date
3. Secure SSH
4. Enforcing Stronger Passwords and Password Aging
5. Disable Unnecessary Processes, Services and Daemons
6. Install a host based firewall to protect your dedicated server from unauthorized access
7. Implement Linux Kernel /etc/sysctl.conf hardening
8. Configure Logging and Auditing
9. Install And Use Intrusion Detection System

How to Setup Apache httpd on CentOS Dedicated Server

apachehttpdThe Apache HTTP Server is a free or open source Web server developed by the Apache Software Foundation (http://www.apache.org/). This post describes the basic steps to setup Apache httpd on CentOS 6.4 64 bit dedicated server to host the website and blog. Having dedicated web server, you will get more control and flexibility on the configuration and you does not share its resources with anyone else. With at least 2GB RAM, you will get fairly consistent load times and better speed if compared to shared hosting and virtual private server (VPS). Bloggers or webmasters can get reasonable dedicated server price starting at $139 at very reputable companies such as hostgator.

1. How to Install httpd :

[root@centos64 ~]# yum install httpd -y

2. How to Check Apache server version :

[root@centos64 ~]# httpd -V
Server version: Apache/2.2.15 (Unix)
Server built:   Feb 22 2013 11:19:58
Server's Module Magic Number: 20051115:25
Server loaded:  APR 1.3.9, APR-Util 1.3.9
Compiled using: APR 1.3.9, APR-Util 1.3.9
Architecture:   64-bit
Server MPM:     Prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/prefork"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=128
 -D HTTPD_ROOT="/etc/httpd"
 -D SUEXEC_BIN="/usr/sbin/suexec"
 -D DEFAULT_PIDLOG="run/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_LOCKFILE="logs/accept.lock"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

3. Change /etc/hosts file :

[root@centos64 ~]# vi /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.2.62 centos64.ehowstuff.local

4. Always backup the original configuration file before doing any changes :

[root@centos64 ~]# cp -p /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.backup.01042013

Note : -p mean preserve the specified attributes (default: mode,ownership,timestamps)

5. How to Configure httpd Apache service :

[root@centos64 ~]# vi /etc/httpd/conf/httpd.conf
ServerTokens Prod
KeepAlive On
ServerAdmin root@ehowstuff.local
ServerName www.ehowstuff.local:80
Options Indexes FollowSymLinks ExecCGI
AllowOverride All
DirectoryIndex index.html index.cgi index.php
ServerSignature Off
#AddDefaultCharset UTF-8
AddHandler cgi-script .cgi .pl

6. Restart Apache httpd :

[root@centos64 ~]# /sbin/service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]

7. How to configure Apache httpd auto start at boot :

[root@centos64 ~]# chkconfig httpd on

8. How to check the apache access log :

[root@centos64 ~]# tail -f /var/log/httpd/access_log
192.168.2.52 - - [01/Apr/2013:23:14:35 +0800] "GET /index.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524 "http://192.168.2.62/" "Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0"
192.168.2.52 - - [01/Apr/2013:23:14:35 +0800] "GET /index.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146 "http://192.168.2.62/" "Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0"
192.168.2.52 - - [01/Apr/2013:23:14:35 +0800] "GET / HTTP/1.1" 200 71412 "-" "Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0"
192.168.2.52 - - [01/Apr/2013:23:14:36 +0800] "GET /favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0"
192.168.2.52 - - [01/Apr/2013:23:14:36 +0800] "GET /favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0"

9 Steps to Setup Dedicated Server for your Website

dedicated serverThere are different types of hosting services are used in the computer technology such as shared hosting, VPS (Virtual Private Server) and Dedicated Server hosting. For new websites with low numbers of visitors, I would highly recommend getting a shared hosting. If you need more control of the server, then you should moving from shared hosting to a VPS. There are plenty of hosting companies offering Virtual Private Servers, and VPS hosting is getting cheaper. This blog hosted at RamNode VPS.

At some point, your site will get super slow server performance impact on limited resources when running VPS hosting. More server resources required is due to the increased number of visitors to the tens of thousands or hundreds of thousands per day.

At the situation when you are hitting super slow website performance due to huge numbers of traffic, I would recommend you to getting dedicated servers. Cheaper way is to setup VPS additional to balance the load. If cost is not an issue, I always recommend you to purchase a dedicated server as this will give you excellent processing performance. In a dedicated server environment , resources such as memory , hard drive storage capacity, processing power, and network access are all 100% to dedicated servers instead of shared with multiple VPS or dozens of shared hosting customers. Popular websites on the Internet certainly have excellent servers behind them. Without such an excellent server, web sites with high concurrency of visitors will not be able to survive.

If you are an experienced system administrator, the following articles may not attract you, but for web developers and those new to the web hosting, the following article can be a useful guide on their first steps. I believe the popular website on the internet has been setup by a consultant who specializes in servers or installed by an experienced system administrator. In this article, I would like to share 9 steps to setup Dedicated Server for your Website.

Once you have purchased a dedicated server, you can log in to your server to complete the setup of your server from start to finish. Below is a guide and checklist for you who are new to server administration.

9 Steps to Setup Dedicated Server

1. Choose and Install Linux operating system :

Choosing the right platform on which to host your dedicated server. Please make sure that you are familiar with the preferred operating system (OS) either CentOS or Fedora or Ubuntu or maybe Windows OS. If you choose linux OS, I would recommend you to do a clean minimal installed of the OS.

2. Update operating system :

Make sure that the OS has been applied the latest patches.
How to Update CentOS 6.4 System using ‘yum update’

3. Install Apache or Nginx Web server :

Apache httpd is one of the most popular web servers and has a lot of features that make it very extensible and useful for many different types of websites. As an alternative to Apache http server, you also can install NGINX. Nginx or “engine x” is a free, open-source HTTP server that provide high-performance edge web server with the lowest memory footprint and the key features to build modern and efficient web infrastructure. I used Nginx to run this blog.

How to Setup Nginx With PHP-FastCGI on CentOS 6.2/CentOS 6.3 VPS Server

4. Install MySQL Database server :

MySQL server is a database server that can stores and retrieves data for the blog, websites and applications. It is one of the most popular most used in the internet especially for content management and blogging site.

5. Install PHP :

PHP: Hypertext Preprocessor is a widely used, free and open-source server-side scripting language that was especially designed for web development to produce dynamic web pages and can be embedded into HTML.

6. Install Bind DNS server :

BIND (the Berkeley Internet Name Domain) also known as NAMED is the most widely used DNS server in the internet. Bind DNS helps to resolve domain name to ip address and ip address to domain name.

7. Install FTP server :

File Transfer Protocol (FTP) is a network protocol used transfer file in the network. one of the most popular FTP server for Unix/Linux is vsftpd. Vsftpd stand for Very Secure FTP Daemon. Vsftpd not only just another popular FTP server for Unix/Linux systems, but vsftpd delivers excellent performance by consuming less memory.

8. Harden and Secure the dedicated server :

There are a few steps to harden the OS of dedicated server.
a) Install a host based firewall to protect your dedicated server from unauthorized access:
Once you have your web server running, you have to install host based firewall and open only certain port in your firewall. I would recommend you tosetting up iptables on your linux dedicated server.

b) Use Strong passwords :
Password complexity requirements should be in place to enforce strong password. A strong password should have mixed case, special characters, numbers, and be longer than 8 characters. Additional security, the passwords should be changed regularly.

c) Disable Unnecessary Processes, Services and Daemons :
I would recommend you to disable unneeded processes,services and daemon such as bluetooth, hidd, cups, yum-updatesd, ypbind, nfs, snmpd, saslauthd, netfs, gpm, pcmcia and sendmail. SELinux also should be set to “Disabled”. This is still very experimental so I would leave this disabled unless you really know what you are doing.

9. Install or migrate over the content of your website or blog :

You can start to migrate over the content of your website or blog to your new dedicated server. For dynamic content blog, i would recommend you to use WordPress as a platform. WordPress is an open-source blogging platform. It’s a free blogging tool and content management system (CMS) based on PHP and MySQL.

I hope that this 9 steps to setup dedicated server can be a useful guide on your first steps to have your own dedicated server to run a websites.

Linode Network Upgrades and 8 Cores Xen Instances

Linode Network Upgrade

Early of March 2013, Linode has performed network upgrade that improves throughput, decrease latency and
add redundancy at their host layer. They are upgrading overall network in all six datacenters in the US, Europe, and Asia-Pacific. With zero downtime, Linode customer will get outbound network cap increased 5 times and amount of outbound transfer increased 10 times as below :

Linode 512 upgraded from 200GB to 2000GB (2TB)
Linode 1G upgraded from 400GB to 4000GB (4TB)
Linode 2G upgraded from 800GB to 8000GB (8TB)
Linode 4G upgraded from 1600GB to 16000GB (16TB)
Linode 8G upgraded from 2000GB to 20000GB (20TB)

8 Cores Xen instances

8coreIn 18th March 2013, Linode has upgrading new “NextGen’ host hardware specification, CPUs and a fleet refresh. Linode has upgrades all Linodes to 8 cores Xen instances. Customer will require to schedule a downtime for reboot and then get doubling in computing power. Customer will get faster websites, services, and processing at the same price points. Another things that Linode need to improve is the drive speed. Will they go for SSDs in the future ?

Why I Choose HostGator rather than MERCUMAYA.NET Web Hosting?

There are a few reason why i choose Hostgator rather than my local Webhosting service, MERCUMAYA.NET that hosted at Malaysia.

At HostGator, you will be provided the best webhosting service because of many reasons.

1. Hostgator offer technical support at all hours of every day. While MERCUMAYA.NET did not pick up the phone after office hours.

2. PHP value for upload_max_filesize at HostGator is higher if compared to MERCUMAYA.NET. The value are as below :

HostGator = PHP value for upload_max_filesize = 64M
MERCUMAYA.NET = PHP value for upload_max_filesize = 30M

3. Hostgator used up to 16 CPUs for their shared hosting server, but MERCUMAYA.NET use only 4 CPUs.

Mercumaya

4. Hostgator use latest Apache and Mysql server version if compared to MERCUMAYA.NET

Hostgator Apache Version = Apache 2.2.22
Hostgator Mysql Version = MySQL 5.5.19
MERCUMAYA.NET Apache Version = Apache 2.2.17
MERCUMAYA.NET Mysql Version = MySQL 5.0.95-community

5. Hostgator shared hosting server allowed to to configure php.ini if required using “php.ini QuickConfig” but MERCUMAYA.NET not allowed you to change since all the php.ini control by them 100%.

However, i still use Mercumaya shared hosting service for Bahasa Malaysia’s blogs as my target visitors is mostly come from malaysia. So it is better to use malaysia webhosting service for better network performance since it nearest. Other reasons why i still use Mercumaya service are the price of domain name and the price of shared hosting packages. It actually more cheaper if compared to other Malaysia webhosting provider such as www.internet-webhosting.com, www.serverfreak.com and www.datakl.com.

The information above is based on my experiences only. of course i would recommend you to choose the best web hosting service provider for better performance and support. From now on, Mercumaya.Net should improve and upgrade their webhosting server.