It seems that with each new release of Windows system administrators have the world’s worst time migrating from the previous operating system release to the latest. One of many compatibility issues with 2008 is that .NET is built into Windows 2008 but is only 2.0, 3.0 and 3.5. When you try to install ASP.NET Windows warns that there are compatibility issues and no solution to installing this software on your operating system. So after doing some searching I found the installation steps and tried it out. This is the method I used to install ASP.NET 1.1 on Windows 2008 Web:

First you have to install IIS Metabase Compatibility. This is done by opening the Server Manager from your start menu. Once the Server Manager has loaded look on the left-hand side, click on Manage Roles and then Web Server (IIS). Check the box next to IIS Metabase Compatibility which is located under Management tools, IIS 6 Management Compatibility.

Now it is time to install ASP.NET 1.1. First download these three packages and run them. You will receive a warning that it won’t work. The reason this message comes up is because these applications are 32-bit only and IIS7 runs in both 32-bit and 64-bit. So if you tried to mix the 64-bit application pools with 32-bit application pools your application would crash, hence the compatibility issue. You have to install all 3 of these ASP.NET packages or it will crash on your system. This is because Windows 2008 has Data Execution Protection and the older ASP.NET is not compliant without Service Pack 1.

Now you must enable the ASP.NET ISAPI extension. To do this open a command prompt as administrator and run “%windir%\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis –enable”. Easy enough right?

Now you have to edit the machine.config or else ASP.NET will throw runtime exceptions. To do this open %windir%\Microsoft.NET\Framework\v1.1.4322\config\machine.config in notepad as administrator and add the following code just above </configSections>:

<section name=”system.webServer” type=”System.Configuration.IgnoreSectionHandler, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089″ />

Save the file and then move your domain to the ASP.NET 1.1 application pool via the IIS manager. Once you have done this your website will be using 32-bit ASP.NET 1.1. I hope this has been helpful as this turned out to be quite an annoyance for me. While transitioning to Windows 2008 seems to be quite difficult I feel that things will get easier as time progresses. I just wish Microsoft had put more care in supporting their older technologies to ease the transition.

Firefox is our favorite browser here at Singlehop, as it is for millions of other users and now its gotten even better! On June 17th Mozilla officially launched firefox 3 and 24 hours later it was downloaded over 21 million times from all around the globe. If you aren’t one of those who have downloaded the newest version and enjoying the improvements, let me fill you in on some of the newest features.

1. ITS FAST! - In previous versions Firefox’s memory used to grow out of control when you added tabs, extensions etc, but not anymore! The dev team’s primary goal was memory reduction. You can read the details on one of the developers’ blogs, Firefox 3 Memory Usage.
From just going to the sites I normally visit I can feel how blazing fast it is but for more evidence I used the sunspider javascript benchmark tool. I ran it in Firefox 2 first and then started it on Firefox 3. Firefox 3 finished before 2 (IE took twice as long as firefox 2) and the test results showed why. But here check out yourself http://webkit.org/perf/sunspider-0.9/sunspider.html
2. Improved Security – Firefox 3 has new security features such as Instant Website ID and Anti-Malware Scanner. You can check the validity of any site you go to by clicking on the favicon ( the icon just to the left of the URL in the location bar). This shows whether or not you are on the site you expect to be on and that the site owners are who they say they are. The three possible colors are

Grey – the site provides no identity information, which is fine if theres no sensitive information passing through the site. So most pages will have a grey icon.
Blue - Basic identity information shows that your connection to the site is encrypted and the domain has been verified and is not being spoofed. But, theres no guarantee as to who owns the domain in question. If you are still concerned. Click on More Information to open the privacy panel, here you can see the site’s identity certificate, if you’ve visited the site before, and if you have any cookies or passwords stored for the site.
Green - Complete identity information Go to paypal.com and you will see part of the location bar turn green. When the Site Identity button is green, that indicates that the site provides fully verified identity information about its owner, and that the connection is encrypted. This site is using the new Extended Validation (EV) certificate, which is much more rigorous in verifying a site’s identity than other certificates. The Green Icon says this connection is encrypted and the site is what you expect it to be.

3. Anti-Malware - If you happen upon an malicious website. Firefox 3 will popup a full-sized message as a warning against viruses, worms, trojan horses and spyware.4 .One-Click bookmarking – The built in list of attack-sites is constantly being updated and shows when to stop you from browsing, so there’s nothing for you to update. Other security enhancements include; insecure versions of plug-ins won’t run, Use of the Microsoft Antivirus API for full integration with antivirus software, and it also works with Vista’s parental controls, so you can better control where your kids go on the net.
At the end of every URL you will see a star. By clicking on the star firefox will bookmark that site for you. Two clicks on the star will open the bookmark manager allowing you to organize and tag the bookmark.
4. Smart Location Bar (aka The Awesome Bar) - The firefox location bar used to be just the place where you typed in a websites URL, but not any more. Now the location bar learns as you use it and adapts to your preference and improves its findings, to give you a quick way to get to the sites you love—even the ones that are just on the tip of your tongue. Type in a term and the autocomplete function includes possible matching sites from your browsing history, as well as sites you’ve bookmarked and tagged in a drop down. For example, you could enter the tag: “dedicated servers” to find “www.singlehop.com”. Matched terms are highlighted, making the list of results easy to scan.

If you are upgrading from Firefox 2 you may find some of your favorite addons are yet compatible with Firefox 3, but Firefox periodically checks for updates to addons and with so many people installing this version, you wont have to wait too long for updates.

Another little function has returned to firefox is the ability to block third party cookies. In order to protect you from advertisers who are collecting personal information, surfing behavior, interests etc
for more information on this check out http://www.grc.com/cookies.html

If you want to disable 3rd party cookies in Firefox heres how to do it. Open up Preferences(OS X) or Options (Windows & Linux), click on Privacy and then uncheck Accept Third Party Cookies. click OK and you are done. No more third party cookies.

So Firefox 3 has some great improvements and protective features and is a definite download must but always remember that you are the first line of defense when it comes to your computers security and that no software is FULLY SECURE, because just 24 hours after the release of firefox 3, security researchers have already found vulnerabilities. For more information check out. http://www.securityfocus.com/brief/759

Apache 2.x is designed to balance flexibility, performance and portability. Apache is a good all-purpose webserver. Since Apache is designed to fit most scenarios it hasn’t been optimized to set any kind of speed records, but Apache 2.x is capable of high performance.

There have been many improvements made in Apache 2.x and many are enabled by default. But, there are some changes you can make at compile-time and run-time that can positively affect performance.

Ram is the single biggest hardware issue that determines webserver performance, so the more the better. Once a server runs out of memory it starts using the swap space on the hard drive. You never ever want have to the web server use swap. Using swap slows down of each request to such slow speeds which causes users to hit “reload”, which increases the work swap has to do, slowing it further.
So I always recommend putting in as much ram as your server can hold.

The rest of the hardware is up to you: get a fast CPU, a fast network card, and fast hard drives, you’ll have to figure out what is fast enough for you based on needs, availability and price.

You can counter, and should, control the MaxClients setting so that your server does not spawn so many children it starts swapping. This procedure for doing this is simple: determine the size of your average Apache process, by looking at your process list via a tool such as top, and divide this into your total available memory, leaving some room for other processes.

So lets go through some of the simple httpd.conf changes you can make to tune apache for higher performance.

Timeout - Is the number of seconds before receives and sends time out. By decreasing it to 15 seconds we can offset effects of a denial of service attack/server load

KeepAlive - This allows multiple requests to be sent over the same connection, which is useful when serving HTML pages with a lot of images. So make sure KeepAlive is turned ON. eepAlive

MaxKeepAliveRequests – This is the maximum requests allowed during a persistent connection. Zero allows an unlimited amount, so use a high number, for maximum performance

KeepAliveTimeout – This determines how long the server waits for the next request, put this on at a low value between two to five seconds

StartServers - This controls the number of child-processes that Apache spawns before accepting connections. Put this StartServers and MinSpareServers on high numbers,so if there’s a high load after restarting the server, there will be plenty of servers ready to serve requests.

MaxSpareServers and MinSpareServers – This tells apache how many processes to keep waiting for requests. Set this number high so apache wont have have to create new child processes to serve requests.

MaxClients – This is maximum simultaneous requests that the server can support. This number should be tuned very well. Too low and new connections end up in a queue and eventually time out, leaving unused resources. Set it too hight and the server will start using swap space and the response time with drop drastically.
So the trick is to properly calculated.

MaxClients = Total RAM dedicated to the web server / Max child process size

However if you need to configure more than 256 clients, you will have to edit the HARD_SERVER_LIMIT entry in httpd.h and recompile Apache

Here is an example of the numbers you should be using.
Timeout 15
KeepAlive On
maxKeepAliveRequests 100
KeepAliveTimeout 3
StartServers 8
MinSpareServers 10
MaxSpareServers 20
MaxClients 250
MaxRequestsPerChild 0

There are other things you can do to speed up apache but we will go over that next time.
If you have any problems setting this up on your server please submit a ticket to your support team at control.singlehop.com. We are here to help.

Jackson Blvd., Chicago’s ‘Hosting Boulevard,’ as it is commonly referred to by industry-folk, is a busy street. With the Sears Tower, the Chicago Board of Trade, the massive Union Train Station and a half-dozen web hosting companies (including SingleHop) there is always a lot going on. During a break from work a number of us from SingleHop were walking down the street on our way back to the office when we saw this driving down the street (in traffic, I might add.)

The car was maybe two and a half feet high, and there was a person inside it – but you couldn’t really see him. At first we thought it was unmanned, until we saw someone moving inside the ‘bubble’ on top.

Following closely behind it was what looked like an operations van. It said ‘Solar Powered Car Head – Do Not Follow’ on the back and there were a number of people inside.

Sometimes here at SingleHop, we run into small speed bumps when migrating large accounts. We have encountered this conundrum more often recently due to the response of our $200 Cash Back Offer. The accounts can be large for numerous reasons: The customer does not realize how big their account is, or receives an unknown increase of disk space. Most of our clients use cPanel or Plesk, so this only applies to moving these types of accounts.
Most of the actual data in these accounts are in the document root of the website. I have seen document roots of around 150 gigabytes, proving a tough challenge if the server only has 250 gigabytes of storage. When migrating accounts using cPanel or Plesk, it usually copies the data to a central location, then makes a larg packaged file with everything in it. This includes the document root, the DNS zone files, any databases (MySQL, Microsoft SQL server and PostgreSQL) and email. The second largest set of files is usually email.

Prior to starting the migration you might want to run down the following checklist in order to prepare:

1. Move the larger files to another location on the server — this will work for both Windows and Linux

(you can easily find these out by executing “find /home/username/ -size +100000k” on the Linux command line — this will locate any files greater than 100MB in size)

3. Copy the email to another location where more disk space is available

3. Ensure that your database server is running prior to beginning the migration

Begin the migration as you would normally, but when it is done packaging the account, put those files back in their original location. The migration utility should also package and restore a lot faster using this method since the larger files are out of the way. After the mgiration is done, copy the files from one server to the other over the publicly facing interface. If your server is running Linux I suggest using rsync. Rsync provides a full set of options that will not only ensure data integrity, but can be used in incremental mode if there is a lapse in communication during the migration. If your server is running Windows, Windows File Sharing comes into play, or use FTP to upload it to the destination server. It is also wise to do a migration at night or during off peak hours for your site in order to avoid a drop in traffic and upset customers.

The above tips and tricks will help anyone quickly migrate configuration of your site to another server. If you have any questions or would like assistance just drop a line or a ticket to our subsantially experienced System Administrators!

This isn’t exclusively for dedicated servers, the web hosting industry. In fact, the idea of giving something to get something back has gone on for a lot longer than anyone reading this has been around, but it’s just as effective today.

What got me going on this is a book that Dan Ushman recommended to me- The Psychology of Influence, which is a good read. The author writes the book based on what’s influenced him toward making a decision in the past. One point that I really took note of was the idea that when you give something, the person receiving will have a sense of loyalty to return something to you.

If you think about it, we run into real world examples all of the time. You’re at the grocery store, you take a sample and the smiling person says “How do you like it?” She doesn’t tell you how much better it is than everything is, she doesn’t offer you a coupon, etc. Perhaps without knowing, she’s reminding you that you were just given something. I don’t know how many times I’ve ended up at a checkout counter buying some new natural juice that I’ll likely never drink, or liked very much.
Survey companies have also really taken this up a notch by sending surveys with a dollar. Just a dollar, and the response rate goes through the roof because recipients feel that they shouldn’t take the dollar without doing something- oh, how about sending back a survey, yes?

At our company, while we LOVE all of our customers, the most profitable are those that buy managed web hosting services from us. We like to find ways to let our current clients, and anyone else, see how talented our technicians are and how much there is to benefit from our managed services. It’s not something that we learned from a psychology book- it’s more of looking at simple karma in business. At times, our very talented technicians have a bit of downtime, so we have them seek out people needing assistance. One benefit that I’m sure we’re seeing, according to this book, is the internal programming that some of us have in wanting to reciprocate.

I found this interesting, and maybe you’ll find a way to apply the thinking to your business. Share some knowledge, or give something away. If the psychology stuff is all wrong then, if nothing else, you might be due for some good karma.

In the line of “Which operating system, which browser, and which distribution of Linux should I use?”, is the question, “Which Email server should I use?”. While there are no solid answers hopefully I can shine some more light on your options.

I always believe in using the right tool for the right job, so while there may be some instances to trade security for speed, you better know what you are doing. For everyone else finding that sweet spot between security, speed and flexibility can be difficult. There are many different MTAs (Mail Transfer Agent) available, some very good and some very bad. We will be looking for MTAs that are secure and easy to administer. After all most people just want to get their email working and not have to think much about it.

For the longest time the most popular MTA was Sendmail, but with an obscure configuration file and a long history of security breaches allowed other faster, more flexible, and secure MTAs to come to light. The two I’ve chosen to focus on are Postfix and Exim.

Postfix (Short Answer : Secure, easy to administer, efficient.)
Postfix is, a drop-in replacement for Sendmail. Postfix has a monolithic main configuration file with an interface like most other Unix programs and was written with security in mind. The author specializes in writing software that has been proven harder to break. As secure as the software is it remains quite flexible and manageable in its configuration, but not to the extent of Exim which we will see in a bit.

However that security design goal prohibits some very convenient features Exim offers. Postfix is a great balance of speed, flexibility and ease of administration but still remains highly secure. If you have good reason to need high security, then depending on how big your network is, you would probably consider using Postfix for Internet-facing servers and some other mta for local mail.

But, if your network isn’t that big and security is paramount, Postfix is the way to go. Postfix is compatible with Sendmail command line interface, and modules.

Finally when you do have problems or want to go to the next level with Postfix. The Postfix community is very active. There are lots of resources for postfix documentation and support. Postfix comes installed by default with Plesk.

For more information check out http://www.postfix.org and http://postfixwiki.org .

Exim (Short Answer: The all-purpose MTA. Much more configurable)
By design Exim was intended to be an all-purpose MTA. Exim doesn’t restrict its feature set in order to achieve theoretical security, like Postfix. Exim give administrators the reliability and performance they want, with a strong bit of security. Although Exim can’t ever be as secure as Postfix, it seems to be secure enough for most admins and day to day use.

Exim is also a Sendmail drop-in replacement, can deal well with high loads, has had good security record over the last seven years and can be extended in many ways.

Exim can become all-purpose or special-purpose by adding or omitting features during compile-time. Exim is also well documented and has an active community. Exim is available by default in WHM/Cpanel.

For more information check out http://www.exim.org/ http://www.exim-new-users.co.uk/ http://www.exim-users.org/

There are so many ways to configure Linux firewall so i will explain my favorite and easiest one.

I use script that is called ConfigServer Security & Firewall (csf).This script is released under ConfigServer Services script license that can be obtained from http://www.configserver.com/free/csf/license.txt . It is released free of charge and is compatible with any Linux server running 2.4.x and 2.6.x kernel with packet filtering framework enabled. Also can be configured via Web interface when installed on servers running cpanel/webmin control panels.You will need iptables installed and LWP perl module (libwww-perl).
The suite of scripts provides:

* Straight-forward SPI iptables firewall script
* Daemon process that checks for login authentication failures for:
* courier imap and pop3
* ssh
* cpanel / whm / webmail (cPanel servers only)
* pure-pftd
* password protected web pages (htpasswd)
* mod_security failures
* suhosin failures
* POP3/IMAP login tracking to enforce logins per hour
* SSH login notification
* SU login notification
* Excessive connection blocking
* WHM configuration interface (cPanel servers only) or through Webmin
* WHM iptables report log (cPanel servers only)
* Easy upgrade between versions from within WHM (cPanel servers only) or through Webmin
* Easy upgrade between versions from shell
* A standard Webmin Module to configure csf is included in the distribution ready to install into Webmin - csfwebmin.tgz
* Pre-configured to work on a cPanel server with all the standard cPanel ports open (cPanel servers only)
* Auto-configures the SSH port if it’s non-standard on installation
* Block traffic on unused server IP addresses - helps reduce the risk to your server
* Alert when end-user scripts sending excessive emails per hour - for identifying spamming scripts
* Suspicious process reporting - reports potential exploits running on the server
* Excessive user processes reporting
* Excessive user process usage reporting and optional termination
* Suspicious file reporting - reports potential exploit files in /tmp and similar directories
* Directory and file watching - reports if a watched directory or a file changes
* Block traffic on the DShield Block List and the Spamhaus DROP List
* BOGON packet protection
* Pre-configured settings for Low, Medium or High firewall security (cPanel servers only)
* Works with multiple ethernet devices
* Server Security Check - Performs a basic security and settings check on the server (cPanel servers only)
* Allow Dynamic DNS IP addresses - always allow your IP address even if it changes whenever you connect to the internet
* Alert sent if server load average remains high for a specified length of time
* mod_security log reporting (if installed)
* Email relay tracking - tracks all email sent through the server and issues alerts for excessive usage (cPanel servers only)
* IDS (Intrusion Detection System) - the last line of detection alerts you to changes to system and application binaries
* SYN Flood protection
* Ping of death protection
* Port Scan Tracking and blocking
* Permanent and Temporary (with TTL) IP blocking
* Exploit checks

So here is how you install the script.

1 Login to your server via ssh with your favorite ssh client .You will need to have full root access in order to complete the install.
2 Download the script in your root directory ” wget http://www.configserver.com/free/csf.tgz”
3 Download libwww-perl “wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/libwww-perl-5.812.tar.gz”
4 Uncompress libwww-perl “tar xzvf libwww-perl-5.812.tar.gz”
5 Prepare to install libwww-perl “cd libwww-perl-5.812; perl -y Makefile.PL”. Answer “yes” on all of the questions and type “make ;make install ”
6 Uncompress the installation script via “tar -xzf csf.tgz” and run the installer “cd csf; sh install.sh”
7 You should not run any other iptables firewall configuration script. For example, if you previously used APF+BFD you can remove the
combination (which you will need to do if you have them installed otherwise they will conflict
horribly) so you run “sh /etc/csf/remove_apf_bfd.sh”
8 You should ensure that kernel logging daemon (klogd) is enabled.Some times VDS servers have syslog disabled.

That’s it.You have good working Linux firewall.

By default your firewall is set to allow connections to “ftp,ssh,smtp,dns,http,pop3,imap,https,smtps,rndc, whm/cpanel
and secure whm/cpanel”. If you like to add/remove any services you will need to edit /etc/csf/csf.conf file.
Just and add/remove the service port under TCP_IN(for inbound TCP )/TCP_OUT(for outbound TCP)/UDP_IN( for inbound UDP)
/UDP_OUT(for outbound UDP)

Here is example of how to add IRC to your existing configuration
TCP_IN = “20,21,22,25,53,80,110,143,443,465,953,993,995,207 7,2078,2082,2083,2086,2087,2095,2096,6667″
TCP_OUT = “20,21,22,25,53,80,110,143,443,465,953,993,995,207 7,2078,2082,2083,2086,2087,2095,2096,6667″

You can also allow/deny access to your server base on ip or subnet.
Examples:
1. To deny access.
csf -d 192.168.1.2 Because of spam .
2. To allow access.
csf -a 192.168.1.6 Is my workstation.

Microsoft Silverlight is a new powerful web content language designed to compete directly with Adobe Flash. It has all the same features as Flash, aside from the ability to use 3-D acceleration on the client computer, but does have an advantage in its ability to interact directly with web page content outside of itself. It has the ability to be crawled by search engines, something that isn’t possible with Flash, due to the fact that it stores all text in an XAML database rather than it being built into the application. It is currently compatible with Internet Explorer 6, 7, and 8, Mozilla Firefox, and Safari for Windows 2000, XP, Vista, and Server, as well as Apple OS X. Currently, official compatibility is planned for Opera. You can get it to work in Opera right now with a hack on the Silverlight client, but it is not supported my Microsoft, and could break your browser. There is also a project called Moonlight that is being developed for the sole purpose of running Silverlight applications in browsers on the Linux platform. Surprisingly enough, this project is endorsed my Microsoft, and it’s developers have access to the specifications, which will mean the Linux client has a better chance of being stable versus most Linux applications that have been reverse engineered from closed source software.

This is a touchy subject, which is why you won’t likely find many dedicated hosting company managers and owners openly addressing this topic, instead instructing their sales reps to find ways to jump around the subject. Our take is that it’s common sense, and therefore no reason to avoid the topic!

If you follow the industry at all, have servers elsewhere, read Web Hosting Talk, otherwise stay ‘in the know’, then you’ve likely seen some of our competitors increasing prices retroactively for all their clients. I won’t bother to mention names, but some of the price increases have been as high as $30 a month on a $100 per month server – 30% per month. Each and every price increase, from what I can tell, are direct results of rising energy costs. Just like almost every other business, hosting is very much affected by rising energy costs. That said, there are some things that clients should be aware of, and be protected from 30%~ increases:

First, some of the price increases that I’ve seen are excessive. I don’t doubt the legitimacy of the need to increase prices to cover costs and these businesses, I’m sure, are well aware of the negative PR that will arise (and has!). But, as a business owner, that is the absolute last thing that I would ever want to do. So, the price increases were likely legitimate, but poor planning and playing with fire, is what I say!

These companies are largely using commodity hardware — old and cheap hardware that isn’t at all power-efficient (but it’s cheap!) This leaves the companies severely exposed- rising electricity costs ($), infrastructure upgrades (more $) and, of course, depleting margins. Who picks up the tab? You guessed it.

Here’s what you will hopefully take away from this.

a) Avoid companies that offer a price-lock to every customer. While it sounds great on the surface, think about the economics at play here. Hosting companies, especially dedicated hosting firms, have to pay big electricity bills each month. I’m not an economist, but I know that energy prices are highly unpredictable (given today’s gas prices, who doesn’t?)

With that said, we have *never* raised our prices and we have absolutely no intention, or need to, raise them today, or the foreseeable future. If electricity prices quadruple next month, we would obviously have to address this, but we have some protection from that. A company offering a price-lock indefinitely is playing with fire, because you can’t always guarantee that electricity rates won’t continue to increase at the rate that they have. Have a look here- http://news.google.com/news?q=electricity%20rates%20increase%20this%20year&ie=UTF-8&oe=utf-8&rls=org.mozilla:en-US:official&client=firefox-a&um=1&sa=N&tab=wn

The headlines:
FPL seeks 16 percent rate increase
Are you up to speed… electric rate increases
PUC approves electricity hike
OG&E to ask for rate hike
Pay more for power? I&M electric pursues a 14-percent rate increase
City feels utility rates will rise

… you get the point… Just today, a lot of hosting providers costs just went up! I don’t care where you are- Colorado, Kentucky, California (who are you kidding), it doesn’t matter. Electricity rates are going up!)

b) Along with this, it’s just generally wise to avoid hosting on inefficient hardware. Here are the numbers - our servers use HALF of the power that many of our competitors’ servers use. This means a smaller electricity bill, less strain on our infrastructure (read: less chance of outages/possibility of large issues) and, subsequently, we’ll (you’ll) get more from our infrastructure.

Not to mention that warm fuzzy feeling you’ll have by being more environmentally friendly

Really though- if you have one server and your provider has been using garbage hardware and they increase your price on your server, it probably won’t be the end of the world. You’ll end up paying more and you’ll, of course, have the opportunity to move to a company better prepared. The people that are really in a bind are those with hundreds of servers that just had their margins squeezed dry. Don’t get caught in that situation- June is a great time to move to SingleHop because we’re not only locking in your price (only those that sign up in June) and providing a $200 credit if you transfer from a competitor, but we’ll also guarantee that you’ll be on a much more power-efficient server, with a company better prepared for wherever energy rates might go!