Archive for May 2014

Your VPS is likely to have no backups (which makes them cheaper). However, this doesn’t mean you shouldn’t have your own backup. If your provider allows you to have snapshots of your server, that might be helpful, but it will cause your server to be offline for a few seconds whenever you want a backup. If you aren’t using your VPS for a crowded site, this wouldn’t be much of a problem. But if you can’t have any downtime in anyway, then backing your VPS to Dropbox is a great way to have easy and automated backups. For this, we’ll need two things. (Some of the following commands assumes you are using Ubuntu/Debian. If you are using another linux distro, use another command to install the mentioned software.)

1. Dropbox Uploader script by Andrea Fabrizi. We’ll need to download it from here. The installation instructions are also on the website. The file will walk you through the setup. Simply run apt-get update. Then run apt-get install curl.

2. Use the following bash script. The script was originally written by Dave Hope. But I’m guessing it was written for an earlier version Dropbox Uploader and it required you to fill Dropbox login information. Since Dropbox Uploader does the authentication using an API key, you don’t really need that. With my limited knowledge of bash, I modified Dave Hope’s script into the following, it does the trick for me. Save the following as dropboxbackup.sh and do a chmod +x dropboxbackup.sh and put it in the same folder as Dropbox Uploader sh file. If you don’t have it already, installing an easy to use text editor might also be useful. Simply type apt-get install nano to have Nano installed.

#!/bin/bash
DROPBOX_DIR=""
BACKUP_SRC="/home /var/www /etc /root"
BACKUP_DST="/tmp"
# Stop editing here.
NOW=$(date +"%Y.%m.%d")
DESTFILE="$BACKUP_DST/$NOW.tgz"
 
# Backup files.
tar cfz "$DESTFILE" $BACKUP_SRC
./dropbox_uploader.sh upload "$DESTFILE" "$NOW.tgz"
 
rm -f "$DESTFILE"

3. After we arrange and config all the stuff, we should now test it. Simply run your dropboxbackup.sh and test if it works. If it successfully starts uploading your backup file, you can now set a cronjob to automate the process. Depending on how active you are on the site, you might want to change the frequency of the backup. Also think of the bandwidth you are going to use each time you take a backup. To easily create a cronjob, go to generateit.net and follow the instructions.

What about the database? Well, I take regular backups of my MySQL databases using things like WordPress plugins designed for this. But you can make changes to the script above by looking at Dave Hope’s script, or simply googling cronjob mysqldumb, etc. Good luck and let me know if this works for you!

Tags: , ,

My previous post on VPS was about why you should prefer a VPS. Now, I’ll focus on what you shuold first do on your VPS.

1. Choosing the OS
You should go with linux because well, it’s better, and it’s free. Probably almost all software that you would need on the web is developed for linux first. Then you need to decide on the linux distribution. You can simply google and ask google what you should choose. I don’t want to quote any other website in order not to have some blatant plagiarism. Unless you have the knowledge to prefer a particular distro, you might want to try Ubuntu. It’s probably the most frequently updated distro out there. Plus, because it is highly preferred by a lot of novice users, it’s highly likely that a problem you encounter is already answered a dozen times. You can simply google how you can do something and voila! Also, it uses the APT thingy (the apt-get command) which helps you easily install and uninstall software, look for updates and install them if necessary. No need to compile stuff on your server. Another popular option is CentOS. I’ve never personally used it, but years ago I used Redhat (CentOS is based on Redhat). It uses RPM (similar to APT) to install packages and so on.

Whatever OS you choose, you should be able to install it in seconds using the control panel your company provides you.

2. Securing the OS
There are a couple of things you should do after installing your OS. Let’s first connect to it using SSH. If you are on a Mac, you should already have the SSH client. If you are on Windows, download Putty. Then using the information the company sent you, connect to your server. You should use it as root@IPaddress. Then it’ll ask you for your password. Now, you are in.

a. Change the password: Typing passwd will help you change your password. Choose a proper password.
b. Add a new user: Typing adduser will help you add your new user. Choose a username which can’t be guessed. If your site is radiognome.com, a username like radiognome will be a really bad one. Make it different. Choose a proper password.
c. Disable root login on SSH: Why? Because root is the default admin user on linux. Every linux machine has a root account. So, they have your username, now they need your password. If you disable it, they not only need your password, but also the username. Google’ing “ssh root login disable” will give you the required info. How will you now login to your VPS? Well, you’ll now ssh to your server using newusername@IPaddress. After you login, type “su” (short of superuser), it’ll ask you for your root password, and boom. You are in as root.
d. Change SSH port. Google is your friend. Choose a port other than the default 22. This might prevent people from choosing you as a target after they run a a scan on a particular IP block. After you make these last two changes, you’ll need to restart your SSH daemon. On Ubuntu, you need to run service sshd restart .
e. Hide the version information from Apache and PHP. Google. This is good because noone will know what version of whatever you are running. So, if in time, your particular Apache version turns out to be vulnerable to some attack and you are not aware, you will still be vulnerable but at least noone will directly know you are until they actually try.
f. Disable FTP, telnet, etc daemons: Google. Telnet is SSH without any encryption. Same goes for FTP. Try SFTP or “FTP over SSH” (you should be able to connect using your login info and the SSH port). Or upload whatever you need to upload and disable them after you are done. You shouldn’t really need to upload a lot of files all the time if your server will function as a webserver primarily.

. Are you being paranoid? Not really, these should be standard with every linux open to the internet 24/7. You can never be too secure.

You know something I should have included in the list? Please put it in the comments to help out!

Tags: ,

VPS is short for virtual private server. It’s basically a virtual portion of a server that acts as a standalone computer. You share the RAM, the CPU, the drives and anything else with the other users – depending on how big a slice of a server you have. Typically, they run a linux distibution of your choice; though, they could also run Windows if you have specific needs. The slice of the server could be customizable depending on your provider. However, typically, you’d get 256 MB of RAM and up (512, 1 GB and so on) and access to CPU cores (0.5, 1, 2 etc). You’ll also find companies providing you with SSDs and unmetered bandwidth.

Now, let’s move onto why you should prefer a VPS:

1. Having full control over the server
On a VPS, you’ll have root access allowing you to do whatever (anything that the ToS allows you to do, that is) you want on the server. You can install anything or configure Apache in any way you want. You can host your own web site (WordPress, or anything else), have your own VPN server, and a TeamSpeak server.

2. Cost
A VPS is (I was also surprised) cheaper than a shared hosting. Of course, it all depends on your choice of hosting company (I used to use Hostgator and it cost me 10$ a month). The VPS I use costs 5$ a month. I can use any number of domains, subdomains and so on. The only limit is the technical limit of the VPS, which is much higher than any shared hosting. You can find even cheaper VPSs (like 2.5$ a month or 20$ a year) – it all depends on what you want to do with your server. If you only want to host one website, a server with 256 MB of RAM (usually 2-3$/mo) will be enough.

3. It’s much faster
After moving my site (along with others), setting up a VPN server, and installing some other stuff, I decided to have a stress test on my server. Even during the stress test, the server was able to respond quickly to my queries. It was still faster than my blog on the earlier shared hosting.

4. Because you can!
If you have some knowledge of linux or you are willing to learn, this is a great way to start. Not only you’ll hone your knowledge of the OS, but you’ll also learn a lot about how certain things on the web work. All you need to do is google whatever you need to do.

Why are they cheap?
VPS’s are cheap because they are self-managed. This means you’ll get no support for things you should be doing. You need help setting up LAMP (Apache, MySQL, PHP) and a WordPress on top? Well, they won’t help you with that. You’ll only get your questions answered when there is something wrong on their side. If you have no clue how to do what, this is the reason you should prefer something else.

Which VPS company to choose?
I started using Bandwagonhost after someone recommended it to me as an affordable and good company. I decided to try them (they have 30 day money-back guarantee). Then I found some better deals on the the web and decided to try another one. However, I found out that a cheap “unmetered bandwidth” is a dream that will never actually happen. The bandwidth on those sites are usually throttled, so unless you are paying what it should actually cost, you are probably getting a server with not-so-fast connection to the net.

Bandwagonhost recently switched to SSD and they mailed existing customers and asked if we wanted to switch to them – at the same price. They have a very easy to use admin area that lets you install whatever OS you want from images – in seconds. You can migrate to other datacenters (from EU to US, for instance), or you can take a snapshot (a backup) of your server at the click of a button. You can also remotely reboot or shutdown your server or use the shell on the client web area. Most of these are (except the snapshot as far as I know) are default on all providers. There are other companies like DigitalOcean which is also a highly preferred company. You can also browse Low End Box for VPS deals.

That’s all for now. Later, I’ll write about what to do (first) with your first VPS.

Tags: ,

mumblings on life, literature, computers, media, whining, university life, movies, poetry, music, internet, procrastination, technology, media, horror, gender, blogging, concerts, film studies, wordpress, sexuality, vegetarianism, ideology, i greatly dislike sugar in my coffee, and all other unnecessary crap you would otherwise ignore.