Engadget: Man erases thousands of websites with a bad command

As one business owner showed, things can go spectacularly wrong when you don’t backup properly. User “bleemboy,” who runs a site-hosting business with 1,535 customers (!), wrote to a server forum saying he was using a bash script command to erase some specific files. The command he used, “rm -rf” is infamous in Linux circles for causing disasters, thanks to the “f” part that forces it to proceed without warnings. Normally, his script only deletes specific files, but something went wrong and “all servers got deleted and the offsite backups too,” since they were mounted to the same machine.

Source Link

Just how secure is your data with Google or Yahoo? NSA shows plans for accessing data

NSA is using links between data centers to have unencrypted access to your data according to files released by Snowden.  See more at:


Apache Binary Backdoors on Cpanel-based servers

For the last few months we have been tracking server level compromises that have been utilizing malicious Apache modules (Darkleech) to inject malware into websites. Some of our previous coverage is available here and here.

However, during the last few months we started to see a change on how the injections were being done. On cPanel-based servers, instead of adding modules or modifying the Apache configuration, the attackers started to replace the Apache binary (httpd) with a malicious one. This new backdoor is very sophisticated and we worked with our friends from ESET to provide this report on what we are seeing.


Google is no longer accepting self-signed SSL certificates

In a move not previously announced, Google is now no longer allowing pop3 connections to servers with self-signed SSL certificates.  This means that anyone using gmail to pull email from hosted email accounts with various providers, if the server has a self-signed SSL certificate, the email pulls will fail.

Read more at:


US Government: You Don’t Own Your Cloud Data So We Can Access It At Any Time

On Tuesday the EFF filed a brief proposing a process for the Court in the Megaupload case to hold the government accountable for the actions it took (and failed to take) when it shut down Megaupload’s service and denied third parties access to their property. Many businesses used Megaupload’s cloud service to store and share files not related to piracy. The government is calling for a long, drawn-out process that would require individuals or small companies to travel to courts far away and engage in multiple hearings just to get their own property back. Additionally, the government’s argument that you lose all your property rights by storing your data on the cloud could apply to Amazon’s S3 or Google Apps or Apple iCloud services as well (see page 4 of their filing).

Originally found on Slashdot

SEO Optimization Tips

Search Engine Optimization is a very complex field of study.  I call it a “field of study” because it is not a finite subject but it is ever evolving and expanding.  Many of the recommendations listed here are based on personal experience, forum reading or other SEO sites.  First we will start with a discussion of exactly what SEO is and then we will discuss a few common SEO tactics that should help would-be webmasters and future Internet tycoons.

Search Engine Optimization is a desire to manipulate a web page in order to cause the website or page to appear higher in the Search Engine Results Page (SERP) for a specific keyword or set of keywords.  Essentially what we are looking to do is to “fool” the search engines into listing our website as one of the most relevant results for a given topic.  The hope, of course, is to drive more traffic to a website…and hopefully drive more sales.

Selecting Keywords
One of the most important aspects of SEO optimization is keyword selection.  The balance one must strike when selecting keywords is to pick keywords that are specific enough to drive the right kind of traffic, but broad enough to have a high level of traffic.  For example, let’s say that you are selling red chairs.  If we were to optimize just on the phrase “red chairs” you would only get approximately 33,100 searches per month.  This may not be enough traffic to yield enough traffic  to provide the business desired.  However, if you were to optimize just on the keyword of “chairs”, this would net 13,600,000 searches per month.  This is a significant difference.  Many people pick keywords that are way to specific and even if they achieve top SERP position, there is never enough traffic brought in to support an online business.  The best way to judge the amount of traffic a given keyword or set of keywords provides is to use Google’s Keyword Tool.  It is a good idea to only target one keyword or key phrase per page.  The reason for this will become more evident as you read additional suggestions.

Domain Name
While it is not always an option, one really good way to get ahead in search engine results is to have your domain name match or include your keyword.  For example, if you are selling cameras and your domain name is hotcameras.tld for example.  That would give you a boost in your SERP.  Again, this is not always possible but should be a consideration if a site is just starting out.

Page Name
One thing that is a little easier to control is page name.  I always advise customers to change their page names to include the keyword or keyphrase they are targetting.  For example, if I have chosen “exchange hosting” as my keyword, then my optimal page name would be http://www.alphaomegahosting.com/exchange-hosting.html.  As you can see, if you are targeting a phrase, you can separate the words in the phrase with hyphens.

Obviously this is very easily done for new sites.  However, if you are working with an existing site, you will need to rename the files AND leave a method to redirect traffic from the existing page name to the new page.  If you fail to do this, you could very easily lose existing linked or organic search engine traffic.  The easiest way to do this for apache users, if your server supports it, is via .htaccess file.  Here is an example:

redirect 301 /exchange.html http://www.alphaomegahosting.com/exchange-hosting.html

In the above example, we are redirecting the old page name, exchange.html to a new url, exchange-hosting.html.  Obviously different web servers will have different methods for forwarding traffic or creating redirects.

Meta Tags
Meta tags are special, hidden tags inside of html that are used to tell search engines what your page is about.  Once upon a time, this was the only way that search engines knew how to classify your page.  However, many search engines either completely ignore this content or place very little weighting on it.  However, it is still a good idea not to overlook this obvious and easy method to provide some information.  The 2 most important meta tags are “keywords” and “description”.  Here are some examples of meta tags and how they are implemented:

   <meta name="keywords" content="managed vps, vps hosting, vps, virtual private server, managed virtual private server, virtual dedicated server, vds, vmware vps, hosted vps ">
   <meta name="description" content="AlphaOmegaHosting.com provides exception managed vps services for the vps hosting community.">

These tags should be placed int he section of your html.

Continued in Part 2

Tags: , , , ,

MySQL Query format can prevent proper caching

One of the questions many MySQL administrators struggle with is getting greater caching of queries.  It is important to remember that MySQL does not normalize a statement when it checks for a cache hit.  It uses the statement and other connection details sent by the client to attempt to match the queries.  Any difference in spacing, character case, spacing or comments will  prevent a query from matching a previously cached version.  Therefore, it is important to ensure that all instances of similar queries in a site’s code be formatted exactly the same.

Tags: , , ,

Reading vmstat in linux – Part 2

In the second part of this series, we are going to target 3 different types of potential bottlenecks that a system might suffer from.  Specifically these are:

  • IO Bound
  • CPU Bound
  • Memory Bound

Most performance problems can be placed into one of these categories.  By using what we learned in Part 1, we can use the information from vmstat to provide more information about what aspect of a system is limiting it from handling a greater load….and therefore what should be upgraded to provided greater capacity.

IO Bound System

An IO bound system is a machine that is usually suffering from performance limitations due to disk speed.  While there are other types of IO a server could be waiting on, usually it is disk and disk speed that are the problems.  This can be culled from reviewing vmstat by looking at both the uninterruptable sleep column (b column) and a high value in the wa column.    An example from vmstate would look as follows:

#vmstat 5

procs      ———–memory———-             —swap–       —–io—- –system–                          —–cpu——
r  b        swpd   free   buff  cache                   si   so          bi    bo   in   cs                             us sy id wa st

1  8      5888 140136 167700 1506440        0    0        6783 17333  1738  16648                   6  2 9  83  0
1  6      5888 140136 167700 1506440        0    0        6885 18353  1831  18658                   8  4 9  77  0
1  6      5888 140136 167700 1506440        0    0        6482 12323  1534  17632                   16  12 9  63  0

In the above, you can clearly see both issues at work as predicted above.  The wa is quite high 63-83 and the number of processes in uninterpretable sleep is between 6 and 8.

Memory Bound – Swapping

The second type of system we will look at is a system that is attempting to allocate more memory than physically exists in the system.  It is normal for a linux/unix system to use swap to augment its available memory.   As such, any system can show some amount of memory allocated to swap.  However, this only becomes a problem when the system starts waiting for memory to be paged in and out of swap to satisfy its processes.  From a vmstat perspective, this would appear in 2 ways.  First is the swpd column.  However, the presence of large values in the swpd column does not, in and of itself, constitute swapping.  The more important demonstration of this is high values in si and so columns.  Here is a sample vmstat that shows some swapping.

#vmstat 5

procs      ———–memory———-                   —swap–       —–io—- –system–              —–cpu——

r  b        swpd   free   buff  cache                    si           so          bi    bo   in   cs               us sy id wa st
1  18   3794291 140136 167700 1506440     19851    9780        16783 27333  1738  1648        6    2 29  63  0
1  16   3797936 140136 167700 1506440     15913  30807        38353 28331  1658  3342        8  14 19  57  0
1  10   3847364 140136 167700 1506440     18334  22355        26482 32323  1534  1732      16  12 29  33  0

CPU Bound Machine

The last type of system we will review is a CPU-Bound machine.  A server that is experiencing this problem simply does not have enough processing power to properly perform its operations.  Usually this system will show a high number in the us column.  Again, remember the us column shows us the amount of time spent processing non-kernel code.  It is also quite normal in this scenario to have a larger number in the r column as they are queued up waiting for cpu time.

procs ———–memory———-      —swap–      —–io—-      –system–      —-cpu—-
r  b   swpd   free   buff  cache   si   so         bi    bo        in    cs      us sy id wa
5  1    648 755300  31460 2095012         0    0         76  3458 2013  1369      95  5  0  0
5  0    648 741196  31568 2103336         0    0         24  1852 2063  1481      88 12  0  0
8  0    648 706828  31616 2115936         0    0         50  2590 2118  1609      90 10  0  0
14  0    648 700628  31664 2133024       0    0       117  4320 2138  1290      90 10  0  0


Reading vmstat in linux – Part 1

Linux comes with many tools to enable administrators to evaluate the performance of a system. One of these very useful tools is vmstat. Vmstat is available on most unix distributions and is included by default on many modern Linux distributions. As with most Linux commands, built in help is available via the command man vmstat.

First we will review what the different columns means and then we will review the output that would be consistent with a few common bottlenecks.

Sample vmstat output:

procs      ———–memory———-             —swap–       —–io—- –system–              —–cpu——
r  b        swpd   free   buff  cache                   si   so          bi    bo   in   cs               us sy id wa st
1  1       5888 140136 167700 1506440        0    0          10     2    0    0                   6  2 90  3  0
0  1       5888 147864 167724 1507492        0    0       1164   340 2092 4506          8  3 76 13  0
0  1       5888 147220 167760 1508584        0    0       1240   212 2059 2539          2  1 84 13  0


r: The number of processes waiting for run time.
b: The number of processes in uninterruptible sleep.

Uninterruptible sleep usually represents processes that are waiting on input to be processed.  This could either be because it is waiting for user input or disk i/o operations to complete.


swpd: the amount of virtual memory used.
free: the amount of idle memory.
buff: the amount of memory used as buffers.
cache: the amount of memory used as cache.
inact: the amount of inactive memory. (-a option)
active: the amount of active memory. (-a option)


si: Amount of memory swapped in from disk (/s).
so: Amount of memory swapped to disk (/s).


bi: Blocks received from a block device (blocks/s).
bo: Blocks sent to a block device (blocks/s).


in: The number of interrupts per second, including the clock.
cs: The number of context switches per second.


These are percentages of total CPU time.
us: Time spent running non-kernel code. (user time, including nice time)
sy: Time spent running kernel code. (system time)
id: Time spent idle. Prior to Linux 2.5.41, this includes IO-wait time.
wa: Time spent waiting for IO. Prior to Linux 2.5.41, included in idle.
st: Time stolen from a virtual machine. Prior to Linux 2.6.11, unknown.

Continued in Part 2


Server Clustering Solutions

One of the mainstays of our hosting business is the service and support of high usage PHP-MySQL applications. There are many ways to support these types of environments. One of the ways that we are assisting our customers is by providing implementation of server clustering. Server clustering provides both fault tolerance and greater scalability to hosting environments.

Very few websites start out needed a fully clustered solution. Most customers start on the low end and grow their environment as needed. The route most people take is as follows:

  1. Shared Web Hosting
  2. VPS Hosting
  3. Dedicated Server
  4. 2 Server Cluster
  5. Load Balanced Server Cluster

While this is by no means an exhaustive list, it does show the progression to more complicated solutions.

As mentioned earlier, there are a couple different reasons to look to clustering.  Primarily we will focus on solving the performance problems in this issue.  Once a site has outgrown a single server solution, multiple servers must be employed to provide for further grown.  If the website is a simple html/php site with no database access, multiple web servers will suffice.  However, most modern websites are dynamic, database-driven sites.  The simplest method for clustering is to separate the database function from the web serving function.  It is also important to ensure a high speed connection between the database server and web server.

The dual server cluster is often enough for many sites, but again, there are some sites that will need more resources available to them.   At this point, it is important to have an experienced administrator audit the server to see where the bottlenecks are occurring.   Depending upon the outcome of this analysis, additional servers may be needed in either role, web or database servers.

Tags: , ,