Hi everyone,
Please can you recommend a domain registrar that won't treat me like poo and that won't force me to use their name servers so I can host my own DNS? Reasonable pricing and someone that doesn't throw up needless obstacles to leaving would be a plus.
Thanks,
Paul.
--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.
Anyone been having difficulties using pear, curl, etc. to other domains
lately? I've started getting the following when trying to use PEAR:
# pear list-all
Connection to `pear.php.net:80' failed: Connection timed out
if I try to send a cURL request to the majority of domains I get the same
issue (though curl www.google.co.uk is fine)
So I've decideed to join the cool kids and try PHP - in particular, I've
installed roundcube.
Is there any good info out there on securing php? I'd quite like to not
get hacked, which seems to be a common problem with PHP web apps.
There's nothing all that good that shows up on a quick google - it
mostly seems focused at developers rather than running other people's
PHP code.
Michael
Hi,
At about 0549Z I was alerted to a problem with node dunkel. On
investigation it was unresponsive and the serial console was
scrolling with typical out of memory OOPS errors.
After waiting a couple of minutes to see if the situation could be
recovered, I decided it couldn't and power cycled it. After checking
it booted up okay I took the opportunity to adjust some kernel
parameters that I had been meaning to do (it had been up nearly 2
years), and rebooted it again.
I am now in the process of booting customer VPSes.
I will follow up again when I have some more information.
For more up-to-date notices you may wish to follow
https://twitter.com/bitfolk
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Hi all,
I wrote a small shell script to mount/unmount the NFS shares for my
automated backups. You may find it useful. It needs minor modification
per-VPS.
http://pastebin.com/aQvkvaM5
Regards,
--
Misha Gale
PGP Public Key: http://mishagale.co.uk/pubkey.asc
Hi,
A few day ago we received an abuse report from a remote site
regarding receipt of email spam from one of our IP addresses.
After sniffing outbound port 25 traffic for a few seconds it was
obvious that the spam run was ongoing, so the customer's access to
TCP port 25 was firewalled off and they were informed.
The customer managed to track down the spam to Wordpress, but
unfortunately no further details are known as to the exact way that
the application was exploited. The customer has since reinstalled
their VPS without reinstalling Wordpress.
Cheers,
Andy
About this email:
https://tools.bitfolk.com/wiki/Security_incident_postings
--
http://bitfolk.com/ -- No-nonsense VPS hosting
<Eyecon> freecycle is for dating single mothers
Hi,
Yesterday morning we were notified via abuse report that two
customer VPSes had participated in distributed denial of service
attack on a remote site.
The vector of attack was to abuse the customer's recursive
nameserver with forged queries for a large record in the DNS,
turning a 78 byte query into a 4KiB response - 52x amplification of
traffic. Each customer only contributed around 800kbit/sec to the
attack, but many thousands of insecure resolvers will have been
abused in total.
Firewall rules were put in place on BitFolk's side to deny UDP port
53 access to the customer's VPSes and customers were contacted to
arrange for correction of their configuration.
A full scan of BitFolk IP space was then undertaken and one more
customer with an insecure resolver was discovered. In this case
rather than the usual installation of BIND, it turned out to be
dnsmasq. They have since corrected this.
I would like to take this opportunity to remind those operating
nameservers on their VPSes that recursion should only be offered to
trusted hosts, not the entire Internet. Allowing arbitrary hosts to
issue recursive queries can lead to participation in DDoS attacks
(as seen here) and other unpleasant outcomes. For these reasons open
recursive nameservers are not permitted on BitFolk's network.
https://bitfolk.com/orns.html
Cheers,
Andy
About this email:
https://tools.bitfolk.com/wiki/Security_incident_postings
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Hello,
What's the list's preferred techniques for preventing spidering of a
web application (in this case Mediawiki) by misguided web robots?
robots.txt already in place, but they ignore that of course.
Ideally Apache-based.
I don't particularly care if they are still able to download the
content or not, I just don't want them taking up every single
process slot thus impacting non-abusive 'real' web clients. So a
rate-limiting solution would be acceptable.
Cheers,
Andy
Hi,
On 15th December a customer asked for help in diagnosing high system
load and unusual Apache logs which contained login credentials for
MySQL.
Upon further investigation it appeared that around 30th November one
of the site's legitimate Wordpress admins had logged in from an
unexpected place (a Tor exit node) and had uploaded a PHP file which
appeared to enable full filesystem traversal, downloading of file
content, shell command execution as Apache user, etc.
This was also used to read the content of the Wordpress
configuration files thereby to gain access to the database as the
Wordpress user.
It appears that the Wordpress admin's own system was earlier
compromised and this opportunity was used to further compromise
sites they were known to have access to.
A copy of the hostile PHP upload can be found here:
https://gist.github.com/4299683
It is difficult to strongly critique the customer's setup since the
compromise was as a result of a legitimate user account with admin
privileges being used to further attack the system.
It is easy to advise that web applications should run under limited
permissions, with little access to the filesystem or other database
content. Security measures such as SELinux could be used in order to
even limit what the root user can achieve, though no proven root
compromise was noted in this case. These recommendations are easy to
make though I suspect much harder for people to put into practice on
their own personal hosting setup.
Still, perhaps this example can spur us all to think about what the
consequences could be if privileged users of our systems get
themselves compromised.
The customer's VPS has since been fully reinstalled.
Cheers,
Andy
About this email:
https://tools.bitfolk.com/wiki/Security_incident_postings
--
http://bitfolk.com/ -- No-nonsense VPS hosting
