Hi,
This email is mostly relevant to people who currently pay by Google
Checkout, or who really hate PayPal. If that doesn't apply to you
then you can safely ignore it.
- Google Checkout goes bye-bye
Google are shutting down their Checkout payment service on November
20th, so anyone who currently pays BitFolk by that means is going to
have to switch to something else from then on. I'm kind of glad
really because GC had the highest transaction fees of any payment
method, but I kept it around because it was the only choice for some
people.
In addition, PayPal have been getting increasingly hostile towards
customers who use them to pay by credit card without having a PayPal
account and I've now had several instances where this has proven
impossible for the customers concerned. So, something new needed.
- Stripe for credit card payments
I'm currently working on integrating http://stripe.com for credit
card payments, and the initial minimal implementation is nearly
ready. That will just allow one-off payment of invoices using a
card whose details you supply on the spot.
I could do with some testers for this. If you've got (or shortly
will have) an invoice ready to pay, you don't currently pay by
PayPal subscription or recurring Direct Debit, and you're willing to
give it a go, could you let me know off-list please?
I need to get the initial version ready before GC shuts down, but
after that I will improve the implementation to have more useful
features like saving credit card details¹ and continuous authority
(ability for BitFolk to charge your card when it needs to, without
your action).
Those who currently pay by Google Checkout and don't like any of the
other existing payment methods are going to need to pay by this
method from 20th November.
Since Stripe's transaction fees (2.4% + £0.20) are less than
PayPal's (3.4% + £0.20) I would prefer it if everyone moved to
either Direct Debit (1%) or Stripe, but whatever works for you.
Cheers,
Andy
¹ Stripe handles all the card details without passing any of them to
us; it does it in Javascript in your browser between you and them
and never lets any of the secure card data reach us, so it does
not require our side to be rated for storing or handling any of
that data.
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Hello,
Since I am both lazy and stupid:-
Is there a way to exclude e-mails received from certain (external)
senders from the spamd check?
Am using the BitFolk spamd service from my Debian vps, and it works
really fine with just one exception. Every time I get an e-mail from
DPD about a scheduled delivery, it is marked as spam by the spamd
service. And since I am not checking the spam account every day I
don't see this until it is too late.
Is the a prefered way to "whitelist" the e-mail sender
yourdelivery(a)dpd.co.uk somewhow? So those emails are never sent to
spamassasin and filtered out as spam?
In /etc/mail/spamassassin/spamc.conf?
Or /etc/postfix/master.cf?
Or is the only method to change the shell script communicating with
spamd: /usr/local/bin/spamchk.sh? That is a quick fix, but it is
not a clean solution IMHO...
Thanks,
__
/ony
OpenCart also has a Google Authenticator plugin. The Google Authenticator
is available for Android, Blackberry, and iOS. This will make the admin
login like the login at your bank, where you have to enter a few numbers
either sent on sms message, or generated by some small device. Unless there
is a critical flaw in OpenCart people will not be able to login to admin
without access to your phone as well.
http://www.opencart.com/index.php?route=extension/extension/info&extension_…
--
My PGP is available at: http://downgoat.net/contact/
Hey there
A couple of quick questions if I may;
I'd like to use Filezilla to manage upload of new files to my server. I
need to set up an ftp server on my VPS, therefore. Which do you use? Any
recommendations?
I got round to upgrading to Wheezy earlier. All went well but when I
restarted apache2 the restart failed with the message that it couldn't find
httpd.conf. I commented out the appropriate line in apache2.conf and all is
well. A search (using find) yielded no sign of httpd.conf so I guess I did
the right thing, but I'd just like to confirm that there is indeed no
httpd.conf in my VPS.
Thanks for any help
Barry
>
> Dear All
>
> Yesterday I friend asked me how I'd build a webstore. I told him that I
> would take something like Magento[1] or OpenCart[2] for that. But I could
> not tell him how I'd set things up to protect the store against getting
> compromised. Could anyone come up with a suggestion on how to build up a
> webstore securly using bitfolks infrastructure?
>
Thank's to you all for these very interesting inputs.
Cheers,
Sam
Dear All
Yesterday I friend asked me how I'd build a webstore. I told him that I
would take something like Magento[1] or OpenCart[2] for that. But I could
not tell him how I'd set things up to protect the store against getting
compromised. Could anyone come up with a suggestion on how to build up a
webstore securly using bitfolks infrastructure?
Cheers,
Sam
[1] http://www.magentocommerce.com/download
[2] http://www.opencart.com/index.php?route=download/download
--
Samuel Bächler
Obere Bläsistrasse 1
8049 Zürich
Web: boeser.ch
Tel: +41(0)43 817 46 28
Mob: +41(0)79 478 49 42
Just stumbled across the Bitfolk Steam group, so thought I'd say 'hi' and see
if I can join. I'm whaletales if anyone wants to find me on there - a few more
friends most welcome :)
--
Paul Tansom | Aptanet Ltd. | http://www.aptanet.com/ | 023 9238 0001
=============================================================================
Registered in England | Company No: 4905028 | Registered Office: Ralls House,
Parklands Business Park, Forrest Road, Denmead, Waterlooville, Hants, PO7 6XP
Hi,
At approximately 0530Z on Saturday 28th September an alert was
received regarding anomalous bandwidth usage. On further
investigation a customer's VPS was found emitting around
80-100Mbit/s of small UDP packets destined for port 80 of three
different remote hosts.
There being no likely legitimate reason for this activity, the
customer's networking was disabled and they were contacted.
The customer discovered that their (not updated) install of Tomcat
was running a instance of JSPSpy¹ that they had not put there
themselves, so a root-level compromise was indicated.
Unfortunately the exact means of initial compromise is not known
for certain but is thought to be Tomcat. A reinstall of the
customer's VPS is now required.
The three target IPs have no reverse DNS so it is difficult to
speculate what they may host. Two of them are in China and one in
Korea, if WHOIS records are to be trusted.
About this email:
https://tools.bitfolk.com/wiki/Security_incident_postings
Cheers,
Andy
¹ http://www.malos-ojos.com/?p=672
--
http://bitfolk.com/ -- No-nonsense VPS hosting
> I'd be interested to hear any (even two word) reviews of their sofas…
Provides seating.
— Andy Davidson
Hi,
sol.bitfolk.com just stopped responding, and being unable to get any
response from serial console I had to power cycle it. It has now
booted and I am having a look around for any ideas as to why it
locked up, before attempting to restart any customer VPSes.
Thanks for your patience.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Snowden hasn't said anything about sudo as far as I know. I just got
thinking after I heard the news about SSL. If a backdoor could be
planted in OpenBSD and SSL without anyone noticing for all these years
then why not with sudo too? I heard some people weren't happy with its
introduction when it was first released - a bit before my time though!
