Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





Search Forums

(Advanced Search)

Forum Statistics
» Members: 2
» Latest member: Russ
» Forum threads: 21
» Forum posts: 22

Full Statistics

Online Users
There are currently 3 online users.
» 0 Member(s) | 3 Guest(s)

Latest Threads
Running successful mail s...
Forum: VPS Hosting
Last Post: Russ
02-07-2018, 05:40 PM
» Replies: 0
» Views: 11
Current Game Servers
Forum: Game Hosting
Last Post: Russ
01-06-2018, 04:22 PM
» Replies: 0
» Views: 91
How to install wordpress ...
Forum: Web Hosting
Last Post: Russ
01-06-2018, 04:21 PM
» Replies: 0
» Views: 93
How to access and manage ...
Forum: Web Hosting
Last Post: Russ
01-06-2018, 04:19 PM
» Replies: 0
» Views: 66
Bitcoin payments have cha...
Forum: Announcements
Last Post: Russ
01-06-2018, 04:16 PM
» Replies: 0
» Views: 80
Free webhosting - Special...
Forum: Announcements
Last Post: Russ
01-06-2018, 04:15 PM
» Replies: 0
» Views: 47
[phpMyAdmin] Critical XSR...
Forum: Advisories
Last Post: xz3r0
01-06-2018, 09:03 AM
» Replies: 0
» Views: 88
Meltdown Attack
Forum: Advisories
Last Post: xz3r0
01-06-2018, 02:15 AM
» Replies: 0
» Views: 59
What is SSH (Secure Socke...
Forum: VPS Hosting
Last Post: xz3r0
01-06-2018, 02:06 AM
» Replies: 0
» Views: 78
Apache Optimizations
Forum: VPS Hosting
Last Post: xz3r0
01-06-2018, 02:05 AM
» Replies: 0
» Views: 56

 
  Running successful mail servers.
Posted by: Russ - 02-07-2018, 05:40 PM - Forum: VPS Hosting - No Replies

A tremendous amount of orders we receive are for email servers for mailing lists, and many other uses.  This is fine however you must make sure you fall in compliance with our ANTI-Spam features and do not abuse resources during this process.  If you are interested in hosting or running a email server with us you should follow these steps to keep your IP from being blocked from sending mail.  Also below those steps will be a article linked on "bounced" or "bouncing" mail.  It is the marketers responsibility to handle where there emails go and whats contained inside of the mail.  A lot of times people are running legitimate mail servers for lists or forums and legitimate advertising, but they receive a ton of bounced or denied mail, this is in part of company's trying to filter and get rid of a lot of illegal "Spam".  Make sure you follow these guidelines when setting up a mail server,  i suggest reading the second article if you do not understand why you are getting so much bounce mail.



http://docs.ovh.ca/en/troubleshooting-an...ctice.html  This will keep your IP from being blocked for spam since our servers are located in OVH's data center's.

https://en.wikipedia.org/wiki/Bounce_message  This article will help you understand why you are receiving so many hard bounces. (This can create high VPS loads and HDD abuse from a client if not managed properly)

Thank you,

- Russ

Print this item

  Current Game Servers
Posted by: Russ - 01-06-2018, 04:22 PM - Forum: Game Hosting - No Replies

Game Server Hosting
Currently we host these games quite often.

  • Ark Survivor Evolved - We currently use arkmanager to manage the ark server automatic restarts, updates, and mods.  We have hosted several custom arks in the past and they have been quite popular.
  • Arma3 -  We currently use battleye along with InfISTAR anti-cheat and admin tool.  We have hosted Epoch, Exile, and arma3 life servers in the past.  We do have admins familiar with .sqf for custom scripts.
  • Minecraft -  We have hosted several minecraft servers from vanilla to modded.  Its not my cup of tea but il be more then glad to help you admin one.
  • DayZ -- DayZ is looking to go to full release and allow users to host there own DayZ servers, as soon as DayZ comes out we will be offering and hosting one of our own DayZ servers.
     

    These are just the current game servers we have active is there any games in our list of the site we don't offer you would like to see?  Contact us and we will be more then glad to see if we can help you.

 
-Russ

Print this item

  How to install wordpress through Softcalculous
Posted by: Russ - 01-06-2018, 04:21 PM - Forum: Web Hosting - No Replies

WordPress is a free open source software that is available for install in your cPanel Softaculous installer for free. This article will explain how to install WordPress through Softaculous.

Steps to install WordPress through Softaculous

  1. Login into your cPanel.
  2. Go to Software section, then click on the Softaculous icon. 
  3. Click on the WordPress logo. Click on the Install link.
  4. Fill in the WordPress set up information.
  
Software Setup
Domain
Select the Domain where you want to install your WordPress.
Directory
Leave this blank to install on the domain.
Username
Enter a username for your WordPress Dashboard login.
Password
Enter whatever password you want for the Dashboard Login.
eMail
Enter a valid email.

Installing to Subdomains
- If you decide that you wish to install to a subdomain, then you will need to first make sure that you have correctly created the subdomain in cPanel. The main difference is that the path will appear like this: subdomain.domain.com instead of like this domain.com/subdomain. If the Subdomain is already created, then you will be able to select the subdomain at the Choose Domain stage of the installation. If you are trying to install it to a sub-folder that is not specified as a subdomain, then the
Choose domain option should remain as the domain name that you wish to use for the installation.
The In Directory option will be filled with the folder that you wish to use - as per the example above.
Click Install.

  1. Softaculous will Check the submitted data and install the files to your server for WordPress..
    Click Return to Overview.
    Now you will see your WordPress Installation in the Current Installations.
  2. Visit your website in your browser. You should see a new WordPress install like the snapshot to the right.
    Note! If you do not see your website load after installing your WordPress site, you may need to point the name servers, wait for the domain to propagate (resolve), or try using a dedicated IP address.
Congratulations, now you know how to install WordPress using Softaculous!

Print this item

  How to access and manage wordpress.
Posted by: Russ - 01-06-2018, 04:19 PM - Forum: Web Hosting - No Replies

WordPress is a CMS software with an easy to access admin account and a simple to manage blog system. In order to access your WordPress account, you need to follow these instructions:

1. Open http://example.com/wp-admin (Replace "example.com" with your domain name) in your browser.
2. Enter your Wordpress username and password in the login fields an click on "Login".
3. Wordpress will redirect you to the WordPress Admin Dashboard.

Print this item

  Bitcoin payments have changed for now
Posted by: Russ - 01-06-2018, 04:16 PM - Forum: Announcements - No Replies

For now bitcoin payments will only be accepted on orders larger then 100$.  This is because companies such as bitpay, circle app... etc are limiting the minimum transaction amount.  We cannot control 3rd party prices and regulations.  We recently have added stripe payments as another form of payment.
 
I personally have been quite excited about the growth of btc.  Since bitcoin has fluctuated so much and costs such a pretty penny to transfer and mine how do you all feel this is going to affect the longevity of bitcoin?  Do you feel that bitcoin could be the future of currency?  Do you feel that it will flop?

In the past month we have seen bitcoin peak as high as $20,000 USD and then drop 10k in 1 week. Now its back up to $16,000  What are your predictions?  I am curious to see.  Post your thoughts.
 
Happy Hollidays,
-Russ

Print this item

  Free webhosting - Special Promotion
Posted by: Russ - 01-06-2018, 04:15 PM - Forum: Announcements - No Replies

FREE WEB HOSTING - SPECIAL PROMOTION - FREE WEB HOSTING

We are offering our visitors a free web hosting special promotion

  • 250 MB of Disk
  • 2 GB Data Per Month
  • 1 MySQL Database
  • 1 POP3 e-Mail Account
  • UK LONDON SERVER
Try Now!

This offer is perfect for a small website, it has a basic control panel - not covered by any service guarantee, we will offer minimum support, it's nothing like our premium services, but it's completely free!

It's great for anyone wanting to try a blog, forum or test out there web developments.

| GIGEBOX
| High Performance LINUX Hosting.
| https://www.gigebox.com
| Tel: +44 (843) 289-0010

Print this item

Bug [phpMyAdmin] Critical XSRF/CSRF Vulnerability PMASA-2017-9
Posted by: xz3r0 - 01-06-2018, 09:03 AM - Forum: Advisories - No Replies

Announcement-ID: PMASA-2017-9

Date: 2017-12-20

Updated: 2018-01-03

Summary

XSRF/CSRF vulnerability in phpMyAdmin

Description

By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.

Severity


We consider this vulnerability to be critical.

Affected Versions

Versions 4.7.x (prior to 4.7.7) are affected.

Unaffected Versions

Versions older than 4.7.0 are not affected.

Solution


Upgrade to phpMyAdmin 4.7.7 or newer or apply patch listed below.

References

Thanks to Ashutosh Barot for reporting the vulnerability.

Assigned CVE ids: CVE-2017-1000499

CWE ids: CWE-661 CWE-352

Patches

The following commits have been made on the 4.7 branch to fix this issue:

The following commits have been made on the 4.8 branch to fix this issue: More information

For further information and in case of questions, please contact the phpMyAdmin team. The website is phpmyadmin.net.

Print this item

Bug Meltdown Attack
Posted by: xz3r0 - 01-06-2018, 02:15 AM - Forum: Advisories - No Replies

Reference: https://meltdownattack.com/

Meltdown and Spectre

Bugs in modern computers leak passwords and sensitive data.

Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

Meltdown and Spectre work on personal computers, mobile devices, and in the cloud.

Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.

Meltdown

Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.


If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information. This applies both to personal computers as well as cloud infrastructure. Luckily, there are software patches against Meltdown.

 Meltdown Paper


Spectre
[size=undefined]
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre[/size]


Spectre is harder to exploit than Meltdown, but it is also harder to mitigate. However, it is possible to prevent specific known exploits based on Spectre through software patches.
 Spectre Paper

Who reported Meltdown?

Meltdown was independently discovered and reported by three teams:
[size=undefined]

Who reported Spectre?[/size]

[size=undefined]
Spectre was independently discovered and reported by two people:[/size]


Questions & Answers

Am I affected by the bug?

Most certainly, yes.

Can I detect if someone has exploited Meltdown or Spectre against me?

Probably not. The exploitation does not leave any traces in traditional log files.

Can my antivirus detect or block this attack?

While possible in theory, this is unlikely in practice. Unlike usual malware, Meltdown and Spectre are hard to distinguish from regular benign 
applications. However, your antivirus may detect malware which uses the attacks by comparing binaries after they become known.

What can be leaked?

If your system is affected, our proof-of-concept exploit can read the memory content of your computer. This may include passwords and sensitive data stored on the system.

Has Meltdown or Spectre been abused in the wild?

We don't know.

Is there a workaround/fix?

There are patches against Meltdown for Linux ( KPTI (formerly KAISER)), Windows, and OS X. There is also work to harden software against future exploitation of Spectre, respectively to patch software after exploitation through Spectre ( LLVM patch ARM speculation barrier header).

Which systems are affected by Meltdown?

Desktop, Laptop, and Cloud computers may be affected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). We successfully tested Meltdown on Intel processor generations released as early as 2011. Currently, we have only verified Meltdown on Intel processors. At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown.

Which systems are affected by Spectre?

Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors.

Which cloud providers are affected by Meltdown?

Cloud providers which use Intel CPUs and Xen PV as virtualization without having patches applied. Furthermore, cloud providers without real hardware virtualization, relying on containers that share one kernel, such as Docker, LXC, or OpenVZ are affected.

What is the difference between Meltdown and Spectre?

Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory. Both attacks use side channels to obtain the information from the accessed memory location. For a more technical discussion we refer to the papers ( Meltdown and  Spectre)

Why is it called Meltdown?

The bug basically melts security boundaries which are normally enforced by the hardware.

Why is it called Spectre?

The name is based on the root cause, speculative execution. As it is not easy to fix, it will haunt us for quite some time.

Is there more technical information about Meltdown and Spectre?

Yes, there is an  academic paper and  a blog post about Meltdown, and an  academic paper about Spectre. Furthermore, there is a Google Project Zero blog entry about both attacks.

What are CVE-2017-5753 and CVE-2017-5715?

CVE-2017-5753 and CVE-2017-5715 are the official references to Spectre. CVE is the Standard for Information Security Vulnerability Names maintained by MITRE.

What is the CVE-2017-5754?

CVE-2017-5754 is the official reference to Meltdown. CVE is the Standard for Information Security Vulnerability Names maintained by MITRE.

Can I see Meltdown in action?







Print this item

  What is SSH (Secure Socket Shell)?
Posted by: xz3r0 - 01-06-2018, 02:06 AM - Forum: VPS Hosting - No Replies

What Is SSH? 

SSH, or Secure Shell, is a protocol used to securely log onto remote systems.

It is the most common way to access remote Linux and Unix-like servers.

In this article, we will discuss how to use SSH to connect to a remote system.

Basic Syntax

The tool on Linux for connecting to a remote system using SSH is called, unsurprisingly, ssh.

The most basic form of the command is

Quote:ssh domain.com

The domain.com in this example is the IP address or domain name that you are trying to connect to.

This command assumes that your username on the remote system is the same as your username on your local system.

If your username is different on the remote system, you can specify it by using this syntax:

Quote:ssh username@domain.com

Once you have connected to the server, you will probably be asked to verify your identity by providing a password.

What SSH client should you use?

Print this item

  Apache Optimizations
Posted by: xz3r0 - 01-06-2018, 02:05 AM - Forum: VPS Hosting - No Replies

The default Apache settings that cPanel sets upon install are definitely something that can be improved on. With a few small tweaks, the efficiency with which Apache runs with can be greatly improved.

Please note: This article assumes that you are using a Linux server running Apache and cPanel or Plesk, and that you are familiar with editing files from the command line.

To start, open the Apache configuration file and finding the directives section. On a cPanel server, it will be located in /usr/local/apache/conf/. On a Plesk server, it will be in /etc/httpd/conf/. If you are using vi or vim: once you open the file, you can find the directives by scrolling through the file, or by typing forward-slash ‘/’ and typing the exact string that you are looking for (search is case specific).

Quote:
Code:
[root@host /] vim /usr/local/apache/conf/httpd.conf

or

Code:
[root@host /] vim /etc/httpd/conf/httpd.conf

This list is a composite of the settings we will be reviewing from fresh install on a cPanel server:

Quote:Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0

Please note, the settings that we will review in this article are by no means a complete list of tweak-able options in the Apache configuration file. The settings we will be focusing on are the ones that control how Apache handles webpage requests.

Timeout

Quote:Timeout 300

Usually this value doesn’t require editing and a default of 300 is sufficient. Lowering the ‘Timeout’ value will cause a long running script to terminate earlier than expected.
On virtual servers like VPS servers, lowering this value to 100 can help improve performance. 

KeepAlive

Quote:KeepAlive On

This setting should be “On” unless the server is getting requests from hundreds of IPs at once.

High volume and/or load balanced servers should have this setting disabled (Off) to increase connection throughput. 

MaxKeepAliveRequests

Quote:MaxKeepAliveRequests 100

This setting limits the number of requests allowed per persistent connection when KeepAlive is on. If it is set to 0, unlimited requests will be allowed.

It is recommended to keep this value at 100 for virtualized accounts like VPS accounts. On dedicated servers it is recommended that this value be modified to 150

KeepAliveTimeout

Quote:KeepAliveTimeout 15

The number of seconds Apache will wait for another request before closing the connection. Setting this to a high value may cause performance problems in heavily loaded servers. The higher the timeout, the more server processes will be kept occupied waiting on connections with idle clients.

It is recommended that this value be lowered to 5 on all servers. 

MinSpareServers

Quote:MinSpareServers 5

This directive sets the desired minimum number of idle child server processes. An idle process is one which is not handling a request. If there are fewer spareservers idle then specified by this value, then the parent process creates new children at a maximum rate of 1 per second. Setting this parameter to a large number is almost always a bad idea.

MaxSpareServers

Quote:MaxSpareServers 10

The MaxSpareServers directive sets the desired maximum number of idle child server processes. An idle process is one which is not handling a request. If there are more than MaxSpareServers idle, then the parent process will kill off the excess processes.

The MaxSpareServers value should be set as double the value that is set in MinSpareServers.

StartServers

Quote:StartServers 5

This directivesets the number of child server processes created on startup. This value should mirror what is set in MinSpareServers. 

MaxClients

Quote:MaxClients 150

This directive sets the limit on the number of simultaneous requests that will be served. Any connection attempts over the specified limit will be queued. Once a process is freed at the end of a different request, the queued connection will then be served.

For virtual servers such as VPS accounts, it is recommended to keep this value at 150. For all dedicated servers the recommended value for this setting is 250.

MaxRequestsPerChild

Quote:MaxRequestsPerChild 0


This directive sets the limit on the number of requests that an individual child server process will handle. After the number of requests reaches the value specified, the child process will die. When this value is set at 0, then the process will never expire.

Print this item