|
What are you using for configuration management? Ideally it shouldn't be a big deal to have a (slightly) different mysite.conf for staging vs. production. In chef I would handle that by creating a new environment where the attributes that control that conf file can be overridden from the defaults that production uses.
|
#
?
Sep 19, 2014 22:48
|
|
|
|
| # ? May 31, 2024 23:43 |
|
|
yeah this should probably be done at the config management level but at a pinch you could do: if ($host = "blah.com") { auth_basic etc (yuck)
|
|
#
?
Sep 19, 2014 22:52
|
|
|
Yeah I use phing and a build.settings file for config management. I guess I could do code:code:
|
|
#
?
Sep 20, 2014 03:07
|
|
|
Peanut and the Gang posted:But I think that's hacky and dumb because staging shouldn't have any extra changes beyond what live has. This is definitely something to strive for, I don't think it's always true though. For example, maybe you want to have a different logging level or debug tooling on staging. I don't think differences like that matter as much. Another option could be to just lock it down at a network/firewall level so only your office can hit staging.
|
|
#
?
Sep 20, 2014 03:19
|
|
|
is there a reason your staging site is publicly accessible to begin with? would this not be a good use for e.g. split horizon DNS? you could have unfettered access to it from inside your LAN/VPN without a password, and perhaps force external visitors through an nginx reverse proxy which adds basic auth if you need to show it to people outside obviously I'm not sure how elaborate a setup you're running here
|
|
#
?
Sep 20, 2014 03:23
|
|
|
I just got it in a least-ugly way by doing code:
|
|
#
?
Sep 20, 2014 03:33
|
|
|
Rufus Ping posted:is there a reason your staging site is publicly accessible to begin with? would this not be a good use for e.g. split horizon DNS? Oh, didn't see this. I want to give the pass to random internet people and have the least amount of effort coding it up. L@@K ^^^^^ for the badass solution.
|
|
#
?
Sep 20, 2014 03:33
|
|
|
Is the place to ask dumb apache questions? I have been building out babbys first apache server. I have webserver.de as a bootstrap site I have mail.webserver.de as an Open-Xchange site It took me about 90 minutes to sort out how virtual hosts work in Apache (I come from an IIS 7 background) However, I can't figure out how to trunicate the URL. When I go to mail.webserver.de I want it to say "mail.webserver.de" in the address bar, instead it says "mail.webserver.de./appsuite/signin". I am guessing this has something to do with the scary-sounding "symlinks" and/or "allowoverride"s.  The bootstrap site lives on /var/www/html/bootstrap The Open-Xchange site lives on /var/www/html/appsuite CentOS 6.5/Apache this is my ox.conf file (I don't have an httpd.conf file, I should probably rename this) code:
|
|
#
?
Sep 20, 2014 08:04
|
|
|
You're getting redirected to the login endpoint for that application, so naturally it won't be at the root. You really don't want to try to put that at the root with rewrites as you'll very likely end up breaking the application in the process.
|
|
#
?
Sep 20, 2014 20:03
|
|
|
That's kind of what I was afraid of, ok, thanks.
|
|
#
?
Sep 20, 2014 20:26
|
|
|
I recently discovered that my favourite hoster also offered really loving cheap unmanaged VPS for an unbeatable price. Yeah, you don't get any loving support whatsoever and have to do everything yourself with the controlpanel...but man... http://waveride.at/plans For those prices?
|
|
#
?
Sep 22, 2014 12:16
|
|
|
So what's the best/cheapest way for a goon to store just some pics, music, and backups in the cloud these days? I don't need and fancy web page hosting or anything, just something I can use to access a cloud drive to which I can just upload and download stuff. I read through the OP and noticed it hasn't really been updated in a little over a year, so I'm really just asking if anybody knows off hand what the cheapest solution is where I can store personal files and where it's mostly guaranteed that the datacenter won't spontaneously combust at any given moment. GreatGreen fucked around with this message at 18:26 on Sep 23, 2014 |
|
#
?
Sep 23, 2014 18:13
|
|
|
GreatGreen posted:So what's the best/cheapest way for a goon to store just some pics, music, and backups in the cloud these days? I haven't tried it, but maybe check out Amazon Glacier. Otherwise something like Dropbox/Google Drive depending on how much storage you actually need? Michaellaneous posted:I recently discovered that my favourite hoster also offered really loving cheap unmanaged VPS for an unbeatable price. Yeah, you don't get any loving support whatsoever and have to do everything yourself with the controlpanel...but man... How legit is this? I've been happy with Linode for some time but I don't think I've ever had to use their support so this is interesting.
|
|
#
?
Sep 23, 2014 19:08
|
|
|
GreatGreen posted:So what's the best/cheapest way for a goon to store just some pics, music, and backups in the cloud these days? Google Drive? OneDrive? Mega.co.nz? Not sure if any of those really meet your desires. You get some free space on all of them. If you're a student at a qualifying university, you can get 1TB of OneDrive for free. Mega.co.nz gives you 50gb for free. Paid tiers are usually pretty resonable. Mega is the least established of these particular 3, and I honestly wouldn't recommend it for anything serious. Heskie posted:I haven't tried it, but maybe check out Amazon Glacier. Otherwise something like Dropbox/Google Drive depending on how much storage you actually need? I wouldn't recommend glacier as he specified upload/download. Glacier is a place you upload things that you plan to never have to download. sleepy gary fucked around with this message at 19:14 on Sep 23, 2014 |
|
#
?
Sep 23, 2014 19:10
|
|
|
Michaellaneous posted:I recently discovered that my favourite hoster also offered really loving cheap unmanaged VPS for an unbeatable price. Yeah, you don't get any loving support whatsoever and have to do everything yourself with the controlpanel...but man... Intentionally oversold, also the owner is kinda an idiot
|
|
#
?
Sep 23, 2014 19:47
|
|
|
DNova posted:Google Drive? OneDrive? Mega.co.nz? Not sure if any of those really meet your desires. You get some free space on all of them. If you're a student at a qualifying university, you can get 1TB of OneDrive for free. Mega.co.nz gives you 50gb for free. Paid tiers are usually pretty resonable. Mega is the least established of these particular 3, and I honestly wouldn't recommend it for anything serious. Well actually... Glacier sounds pretty good to me. I wouldn't really download anything unless my computer shat the bed so Amazon Glacier could be really useful for a "break in case of emergency" type backup situation. I have about 350 GB of music alone, so that $0.01/GB storage per month doesn't sound like a bad price at all, really.
|
|
#
?
Sep 23, 2014 20:14
|
|
|
GreatGreen posted:So what's the best/cheapest way for a goon to store just some pics, music, and backups in the cloud these days? What I've done (assuming you have access to adequate storage on a hosting server somewhere) is OwnCloud with periodic backups of that to Glacier. Don't have to hand over data to a company that may or may not have proper procedures in place to prevent nosy employees from looking at your poo poo (Dropbox) or change their name and features repeatedly (Windows Live Mesh/SkyDrive/OneDrive) or have a horrible lousy reputation in online services (iCloud) or just be a questionable venture to begin with (mega.co.nz), or give it to a company who's primary business is datamining your poo poo (Google Drive).
|
|
#
?
Sep 23, 2014 20:17
|
|
|
text editor posted:Intentionally oversold, also the owner is kinda an idiot Yeah, there's no way with the current cost of hardware + colocation - and I'm talking about buying the hardware outright wholesale, not even leasing direct from a vendor, and definitely not renting from a dedicated server provider - that this isn't massively oversold or running on what essentially amounts to rackmounted desktops.
|
|
#
?
Sep 23, 2014 21:47
|
|
|
Hmm, so if I just wanted to make sure I had all my static, never-updated files like music, movies, pics, etc. safe and sound... I'd probably be better off just going out and buying a HDD, backing all my stuff up on it, and storing it in a $15-20 per year bank safety deposit box, huh. $100 HDD + $20 for 1 year storage = $120/12 = $10 per month for 2TB storage $100 HDD + $40 for 2 year storage = $140/24 = $5.83 per month for 2TB storage $100 HDD + $60 for 3 year storage = $160/36 = $4.44 per month for 2TB storage Not a terrible deal as time goes on, if a bit inconvenient. Then again even if you took the drive home and back once every 3 months or so, you're still barely talking about any time at all in the grand scheme of things. Even if you have to replace the hard drive once, by the end of year 2 you're still back down to $10 per month on average. GreatGreen fucked around with this message at 23:05 on Sep 23, 2014 |
|
#
?
Sep 23, 2014 22:52
|
|
|
GreatGreen posted:Hmm, so if I just wanted to make sure I had all my static, never-updated files like music, movies, pics, etc. safe and sound... I'd probably be better off just going out and buying a HDD, backing all my stuff up on it, and storing it in a $15-20 per year bank safety deposit box, huh. As with all things, it depends on how much data you want to back up. $10 a month is basically a terrabyte from Glacier, so if you have LESS than a terrabyte, Amazon is better, and if you have more, then the drive is better. Though, if I may ask, what's the point of backing up stuff like movies and music - unless it's something you can't redownload and is actually legally purchased? Just let TPB be your backup.
|
|
#
?
Sep 23, 2014 23:03
|
|
|
I guess I like a lot of really weird music that I probably wouldn't be able to find online again even if I tried, (hence the custom title. I talked poo poo about Nickelback to a Nickelback-loving goon and GOT THE SMACKDOWN!!!) so I'm a little paranoid about losing it. Buying music online from publishers no longer in business is always a risky proposition in this regard.
|
|
#
?
Sep 23, 2014 23:08
|
|
|
GreatGreen posted:I'd probably be better off just going out and buying a HDD, backing all my stuff up on it, and storing it in a $15-20 per year bank safety deposit box, huh This doesn't come anywhere NEAR a proper storage solution in a real data center, can't even compare it I backup most things to my raidz2 NAS and the NAS is backed up to Crashplan. Irreplaceable things like personal photos are also backed up to Amazon S3 via Jungle Disk.
|
|
#
?
Sep 23, 2014 23:15
|
|
|
Storing poo poo on a hard drive in a safe deposit box isn't a good solution.cstine posted:Though, if I may ask, what's the point of backing up stuff like movies and music - unless it's something you can't redownload and is actually legally purchased? Just let TPB be your backup. Not always possible. I've got some rips from CDs I lost/borrowed and will never see again, and good luck finding some of this stuff on TPB/Spotify/anywhere. Not to mention various video recordings from the years.
|
|
#
?
Sep 23, 2014 23:18
|
|
|
GreatGreen posted:I guess I like a lot of really weird music that I probably wouldn't be able to find online again even if I tried, (hence the custom title. I talked poo poo about Nickelback to a Nickelback-loving goon and GOT THE SMACKDOWN!!!) so I'm a little paranoid about losing it. Buying music online from publishers no longer in business is always a risky proposition in this regard. It needs to be in multiple places. Like two drives (not any form of RAID) that you rotate, preferably with one offsite, preferably used only for backups with a local copy on your drive or a NAS backed by RAID1/5/6/10. If you're buying >2tb drives, get 3 of them in case of an unrecoverable error if a drive dies and you try to save from the other. This is a reliable backup. One drive in an enclosure is not. Also consider just using Spotify or iTunes Match or something. Your music almost certainly isn't as obscure or important as you seem to think it is. It may not be Nickelback, and Spotify doesn't have everything (I know they're missing a significant amount of albums from some bands, random songs from albums they "have", etc), but unless you listen to this all the time, it doesn't matter. Pick your most obscure 20000 songs. U Put them on Google Music (this is free, and streaming them is free). Get a subscription to Spotify. Done.
|
|
#
?
Sep 23, 2014 23:24
|
|
|
fletcher posted:This doesn't come anywhere NEAR a proper storage solution in a real data center, can't even compare it That method is exponentially more expensive than the old HDD-in-a-deposit-box method.
|
|
#
?
Sep 23, 2014 23:25
|
|
|
GreatGreen posted:That method is exponentially more expensive than the old HDD-in-a-deposit-box method. ~ $1/mo for the photos on S3 (20GB or so I think) + $60/year for Crashplan, it's not prohibitively expensive.
|
|
#
?
Sep 23, 2014 23:28
|
|
|
fletcher posted:~ $1/mo for the photos on S3 (20GB or so I think) + $60/year for Crashplan, it's not prohibitively expensive. That's not bad at all. As for me, I already backup everything important to a USB drive with Crashplan Free. I think that plus Glacier would be a pretty reasonable backup solution.
|
|
#
?
Sep 23, 2014 23:34
|
|
|
A bit late to that "shockingly cheap" VPS provider, but it's openvz so it's oversold by definition. If you care about performance at all, don't use any VPS running on that kind of virtualization.
|
|
#
?
Sep 24, 2014 17:33
|
|
|
Heskie posted:How legit is this? I've been happy with Linode for some time but I don't think I've ever had to use their support so this is interesting. This is pretty legit. A few sysadmins I know use it as their secondary server for proxies, tunnels, etc. EDIS is also rather well known in this part of the world, so
|
|
#
?
Sep 25, 2014 07:56
|
|
|
Major CVE regarding bash's handling of environment variables. CGI setups are vulnerable to remote code execution. Update bash immediately! The patch is still incomplete, but it's better than the unpatched version. I'll post another bit here when I get an alert of a further fix. More info: https://bugzilla.redhat.com/show_bug.cgi?id=1146319#c11 All distros are affected, and not just Linux. OSX is vulnerable, FreeBSD is vulnerable, etc.
|
|
#
?
Sep 25, 2014 16:54
|
|
|
Thalagyrt posted:Major CVE regarding bash's handling of environment variables. CGI setups are vulnerable to remote code execution. Update bash immediately! The patch is still incomplete, but it's better than the unpatched version. I'll post another bit here when I get an alert of a further fix. CloudLinux has released a patch for you other CL users. To update your server, please run: $ yum clean all $ yum update bash http://cloudlinux.com/blog/clnews/update-for-bash-remote-vulnerability-cve20146271.php Edit: this is still just for CVE-2014-6271. A patch for CVE-2014-7169 is in the works.
|
|
#
?
Sep 25, 2014 17:09
|
|
|
The guy who runs EDIS and waveride.at just recently lost a court case for having a lot of child porn flowing through his (personally ran) Tor Exits, he defends cp as 'free speech' and takes no efforts to prevent that kind of abuse on his networks, and the thing that further condemned him was that he suggested Tor was a good place to host child porn. So he is one of those stupid 'free speech' absolutists (unless you are badmouthing Israel, because he is a hardcore Zionist). If that kind of idiot who could (again) disappear from the web because police have to seize his hardware is the kind of person you feel safe hosting with, go with EDIS or waveride.
|
|
#
?
Sep 26, 2014 04:52
|
|
|
Thalagyrt posted:Major CVE regarding bash's handling of environment variables. CGI setups are vulnerable to remote code execution. Update bash immediately! The patch is still incomplete, but it's better than the unpatched version. I'll post another bit here when I get an alert of a further fix. CGI is only vulnerable if it calls out to the shell at any point. You can trivially test this with: code:Most git frontends are vulnerable if the user's shell is bash. FreeBSD is not vulnerable in most configurations since bash is not the system shell. Bash on FreeBSD is still vulnerable. FreeBSD itself is mostly safe.
|
|
#
?
Sep 26, 2014 05:43
|
|
|
An update for Bash was just released to address CVE-2014-7169 and it is recommended that you update as soon as possible. This resolves the incomplete patch for CVE-2014-6271 (''ShellShock''). Info Links: https://rhn.redhat.com/errata/RHSA-2014-1306.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762760#56
|
|
#
?
Sep 26, 2014 13:25
|
|
|
Speaking of cloudlinux, how do you guys like it? I provide a basic webhosting service for some people and I would like to lock it down even more. I run cpanel which handles a lot of limits but ideally I would like to limit peoples IO so they can't slow the server down with a bad sql statement or whatever. I run my hosting on SSDs but even then I would like to limit the effect that one user can have on others.
|
|
#
?
Sep 26, 2014 19:03
|
|
|
Stealthgerbil posted:Speaking of cloudlinux, how do you guys like it? I provide a basic webhosting service for some people and I would like to lock it down even more. I run cpanel which handles a lot of limits but ideally I would like to limit peoples IO so they can't slow the server down with a bad sql statement or whatever. I run my hosting on SSDs but even then I would like to limit the effect that one user can have on others. cPanel doesn't protect one user from another, it is really kind of lovely about account security. CL lets you impose resource limits to prevent abuse but it also offer cagefs and mysql governor. I don't use the mysql governor but cagefs allows all users to have shell access without the risk of doing any damage. Edit: don't rely entirely on cagefs to protect you, you still need to secure your server, tweak cagefs and only give users access that you trust. It's not an all in one security solution but it definitely adds a nice layer of protection. DarkLotus fucked around with this message at 21:58 on Sep 26, 2014 |
|
#
?
Sep 26, 2014 21:50
|
|
|
Ugh... #shellshock is not dead. According to a Google Security Researcher who was able to defeat all of the current patches and make the vulnerability easier to exploit, they are now recommending the following unofficial patch until it is pushed upstream: http://www.openwall.com/lists/oss-security/2014/09/25/13 Further Information: http://www.itnews.com.au/News/396256,further-flaws-render-shellshock-patch-ineffective.aspx
|
|
#
?
Sep 29, 2014 16:15
|
|
|
DarkLotus posted:Ugh... #shellshock is not dead. Wheeeee! I get to push more patches. I need more beer.
|
|
#
?
Sep 29, 2014 17:16
|
|
|
If anyone's using zPanel on any of their servers, make sure you're patched up against shellshock. And preferably, stop using zPanel. Seen a lot of servers compromised as a result of zPanel in the past few days.
|
|
#
?
Oct 5, 2014 04:17
|
|
|
|
| # ? May 31, 2024 23:43 |
|
|
I just switched a client from a crappily-managed Rackspace reseller account to Bluehost. During the time gap between DNS switchover, some emails went to the old server. I'd like to get access to those emails through webmail or something before we decomission the old servers. The old reseller is claiming no ability to access those emails since they're "only accessible" by web/mail.hostname.com (which has since been transferred to a new host), but has proven himself to be a lazy gently caress whose answer over the last several months has always been "can't help ya" regardless of the context, so I don't trust him. Are we really not able to access mail stored on the previous server, even through webmail, or is my mistrust of the previous host justified?
|
|
#
?
Oct 10, 2014 23:35
|
|
