"The mind of a Mad Tech!"

Seeing that the company I work for has viewed the “Cloud” platform a viable and neccessary ground for extending its hosting, I’ve been devoted to looking at our existing and expanding “Cloud” environment as well as comparing it to other hosting solutions from hunderds (ok, not hundred’s, but see get what I mean) of vendors. Doing so I’ve come to realize that the major of key “Cloud” players are using Vmware’s ESX/ESXi, Microsoft’s Hyper-V (Not a huge fan), Xen/Xen Server (only small scale and only offering Linux) and even custom “Cloud” suites such as Amazon’s EC2.

Today I just wanted to through out a comparions of Softlayer’s “Cloud” offerings as it compares to Amazon and Rackspace and the differences in tech and pricing.

http://http.cdnlayer.com/softlayerweb/PS_EC2vsCL.pdf

Pretty interesting regarding the huge difference in price compared to what they offering you in terms of CPU, Storage and Memory.

If you have ever encountered the issue with Plesk 9, where you run a backup and the domain is suspended and you are not able to bring the account back by telling it to unsuspend the account in the domain settings, there is a way to do so via SSH.

To do this, you simply need to do the following;

1. Log into the server via SSH.

2. Type the following at your shell promp;

” /usr/local/psa/bin/domain -u domainname.com -status enabled”

Make sure you replace “domainname.com” with your domain name.

3. Once you do this, Plesk will bring the domain out of suspension.

“SUCCESS: Update of domain ‘domainname.com’ complete.

Now your domain is no longer suspended.

As of Plesk 8.x, Parallel’s has yet to provide SuPHP support for Plesk. However it is possible to add this manually, however it does involve using a 3rd party repo and involves recompiling php. If you are running a VPS, you will need to check with your Hosting provider to see if this is something they can do for you or if you would be responsible for doing so.

And with that, let’s get to the good stuff!

1. In order to install SuPHP on the server, download and install the atomic script

# wget -q -O – http://www.atomicorp.com/installers/atomic | sh

2. Once the script is installed, install SuPHP module using yum

# yum install mod_suphp

3. The next step is to load the SuPHP module with Apache. The suphp installation automatically creates a “mod_suphp.conf” file under the Apache configuration directory, if not create it.

# vi /etc/httpd/conf.d/mod_suphp.conf

and insert the following lines:

#Load the Mod_SuPHP module
LoadModule suphp_module modules/mod_suphp.so

### Uncomment to activate mod_suphp
suPHP_AddHandler x-httpd-php
AddHandler x-httpd-php .php

#Enable the SuPHP engine
suPHP_Engine on

#Specify the path to the configuration directory
suPHP_ConfigPath /etc

Apache calls all the configuration files from the /etc/httpd/conf.d directory by default so there is no need to include the module in the httpd.conf file separately.

4. Now,  configuration file under /etc should be present (if not create it)

vi /etc/suphp.conf

copy/paste the following contents as it is:

[global]
logfile=/var/log/suphp.log
loglevel=info
webserver_user=apache
docroot=/var/www/vhosts
allow_file_group_writeable=true
allow_file_others_writeable=false
allow_directory_group_writeable=true
allow_directory_others_writeable=false
errors_to_browser=false
umask=0022
min_uid=30
min_gid=30
x-httpd-php=”php:/usr/bin/php-cgi”
x-suphp-cgi=”execute:!self”

Make sure the “handle_userdir” directive is commented or removed from the file since it is deprecated from the latest version.

5. At the end, we have to restart the httpd service for all these changes to take effect

# service httpd restart

6. Test the SuPHP installation: Create a phpinfo.php file with 777 permission and it should show you an “Internal Server Error” on browsing.

Let’s face it, giving out your root password to your Linux server isn’t very smart or security minded. Still there are many of us who provide our root user and before we know it, we’re either looking at a compromise or a permissions issue or worse. Though it doesn’t need to be this way. No… We can create a new user and give them root access or we can edit the abilities of this user.

How does one do this you ask? Simple. In this instance, we’ll setup a new user to have root access, but this works out as we can add the user to the sudoers file, meaning we know who we are giving access to. Heck, you may want to do this for your main user and disable the root user for security reasons, but that’s your call.

Any how, on to the fun stuff!

1. First we need to login to the server, so don’t disable the root user yet, and create a new user. For this example, I’ll make a new user called madtech. So we SSH into the server and type the following;

“useradd madtech”

2. Next we need to add a password for the user, to do this we need to type the following;

“passwd madtech”

It will then ask for us to enter the password and then again to confirm the password.

3. Now that we created the user, we need to edit the sudoers file. Take note we don’t want to edit this with or standard text editors.. no, thats bad. We need to use visudo. Visudo should already be installed on the server. So what we need to do now is goto the following line;

If you use cPanel, Plesk or any Linux control panel or Distro, you may notice that your Proftpd connection is either slow or takes some time before it becomes responsive. This is likely due to the Proftpd instance doing a Reverse DNS Lookup and it is having issues doing so. However it is possible to disable this option to help speed up the negotiation. This will not help with slow upload speeds if you have a slow upstream however, please make a note of this.

To disable the DNS Lookups you need to do the following;

1. Log into the server that is running Proftpd. You will need to do so by using SSH.

2. Once you have logged into the server you will now need to edit the Proftpd configuration file. This is called the Proftpd.conf file. You can simply type the following to do so;

“vi /etc/proftpd.conf”

Please note this is the default Proftpd configuration location. If your’s is in a different directory, you will need to adjust the command to your location. In this example we are using VI to make the changes. You are free to also use either Nano or Pico, which ever you feel comfortable using.

3. Once you are in the file, you will need to look for the following lines;

“IdentLookups on”
“UseReverseDNS on”

You will need to turn off the lookup by changing them to the following;

“IdentLookups off”
“UseReverseDNS off”

4. Once you make the changes, save the file. You will then need to restart the proftpd instance.

5. You then will need to restart Proftp. Take note, if you are using Plesk you will need to restart the xinetd service as Proftp runs under this service.

To restart in Plesk, type “service xinetd restart”

To restart in everything else, type /etc/init.d/proftpd restart or service proftpd restart