|
Yeah, get a linode.Aeka 2.0 posted:What the hell is up with Bounceweb? My wife's website has slowed to a crawl, its a rather light little WP page for her business. Takes about 15 seconds to load even the dashboard is slow, i've disabled plugins to see if that was the issue, nope. I didn't know there was an issue until google adwords stopped our advertising because the site was too slow, 3 months ago. Bounce web keeps telling me that nothing is wrong, but I suspect their cpus are overloaded pieces of poo poo. I also see it is no longer on the goon list. Awesome. It's really really bad, lol. Just switch to lithium hosting.
|
# ? Jan 29, 2015 17:10 |
|
|
# ? May 31, 2024 13:56 |
|
Bob Morales posted:bahahaha that spec he listed is probably like $50-100 or less, the rest is just paying for "fully managed"
|
# ? Jan 29, 2015 17:12 |
|
What's a good place for reasonably priced but reputable SSL certs?
|
# ? Jan 29, 2015 17:31 |
|
Bob Morales posted:bahahaha I would not think more than a few hundred a day even once we get going. If/when we start advertising in media that will probably jump to multiple thousands, but I don't think that will be for several months at the earliest. I have no idea for orders, that depends on too many factors for me to guess at. As Biowarefare mentions, we need it to be fully managed as I am unfortunately the only person at this company with anything resembling webhosting experience, and I only know enough to know that I don't know enough. RackSpace support was not that helpful. They apparently need to have a website ready to go to gauge how much it's going to cost to host. Somewhat understandable and I understand the need to play it safe in regards to quoting for future business, but I would at least like to get a ballpark somewhat more restrained than $600-$2,500, which is obviously way more than we need. I'm looking into Linode now. Thanks for the help!
|
# ? Jan 29, 2015 17:39 |
|
2gb/4gb linode + linode management + longview problem solved for the most part
|
# ? Jan 29, 2015 17:47 |
|
Ahz posted:What's a good place for reasonably priced but reputable SSL certs? do you need wildcard, EV etc? if not then startssl (free) or rapidssl/positivessl (cheap) via a reseller like https://www.greensslcertificates.com/ your domain registrar may also have a deal on cheap certs
|
# ? Jan 29, 2015 18:20 |
|
Rufus Ping posted:do you need wildcard, EV etc? I have a few domains on the same name (.ca, .co, etc..), but I just plan to forward them all to my main .com domain homepage. Do I just need the one domain SSL cert right? I don't plan to have the entire domain SSL'd, just the buying/login parts and API.
|
# ? Jan 29, 2015 18:41 |
|
Ahz posted:Do I just need the one domain SSL cert right? depends precisely how people will be accessing the additional domains. If you want people to be able to go to https://whatever.biz you'll need a cert for it, even if it just does a redirect to .com straight away. It's your call Ahz posted:I don't plan to have the entire domain SSL'd, just the buying/login parts and API. this is a separate issue but why? just stick the whole thing behind SSL. And configure HSTS while you're at it
|
# ? Jan 29, 2015 18:56 |
|
Ahz posted:What's a good place for reasonably priced but reputable SSL certs? SpartanIV posted:we need it to be fully managed I would highly recommend vNucleus for a fully managed VPS solution. I'm not just blatantly plugging right now, I have seven (7) servers with them (albeit not all fully managed), but since you're asking in this thread, I would suggest them. Shoot out an email to sales@vnucleus.com and see if you can get what you're seeking.
|
# ? Jan 29, 2015 19:24 |
|
Peanut and the Gang posted:Yeah, get a linode. Already in progress. Had Bouncweb since 2012, and every time i complained, they said it was me.
|
# ? Jan 30, 2015 04:29 |
|
Rufus Ping posted:depends precisely how people will be accessing the additional domains. If you want people to be able to go to https://whatever.biz you'll need a cert for it, even if it just does a redirect to .com straight away. It's your call That's not a bad idea. Now I'm wondering if I should use a CDN for Jquery/D3.js/bootstrap if I'm going all HTTPS.
|
# ? Jan 30, 2015 06:46 |
|
Maybe they're just reselling through Rackspace and acting as an intermediary between rackspace customer service and the end user? A pretty good gig if you can get it. 5 customers @ $500/mo, you could live like a king in somewhere like Spain, Greece or Argentina. Some company I was working for about 5 years ago was paying Rackspace something like $25,000 a year ($1100/mo?) for a dual core dedicated windows webserver that was fully managed. We saw about 800 users a day. Granted the website pulled in about $3 million a year but the employees were renting (unmanaged) linodes for hobby use with about 70% of that capacity for a couple bucks a month. In comparison I pay $4/mo for godaddy* hosting on a wordpress blog that gets about 1500 visitors a day. *Don't hurt me Hadlock fucked around with this message at 07:10 on Jan 30, 2015 |
# ? Jan 30, 2015 07:05 |
|
Ahz posted:That's not a bad idea. Now I'm wondering if I should use a CDN for Jquery/D3.js/bootstrap if I'm going all HTTPS. They all have https cdns already by companies much larger than you (google, microsoft, etc) also if you load ANY insecure element, your page is not secure anymore, so there's not much point same thing with persisting sessions across http to https: if you land on http, redirect to https for login, your page is ALREADY insecure, and there is no point in doing so.
|
# ? Jan 30, 2015 07:21 |
|
Does a VPS control panel that supports xenserver exist? I need to look for a better solution for providing VPSes for some of my clients. In the past I have used cloudmin running on centOS and it was great but the GUI is awful for end users and they were contacting me a lot to do fairly basic things. I have been testing xenserver right now because the high availability features are free. I have a few servers set up using a storage server and it has been fine. My problem is that I can't really easily delegate roles and stuff. Otherwise it seems alright.
|
# ? Jan 30, 2015 17:26 |
|
Biowarfare posted:same thing with persisting sessions across http to https: if you land on http, redirect to https for login, your page is ALREADY insecure, and there is no point in doing so. HSTS fixes that, but there's always laggards in adoption (IE, coming in 11). Even a redirect via mod_rewrite to https would leak cookie and other sensitive data in the request if the https request flops back to http. So we're probably, based on IE6 obsolescence, 10+ years from HSTS becoming fully-implemented by most web users. Additionally, you can set cookies as secure. If a request goes from https to http, and a cookie is marked as secure, it won't get transmitted in the request. Request URI will still leak in that case. edit: coulda/woulda/shoulda nem fucked around with this message at 17:35 on Jan 30, 2015 |
# ? Jan 30, 2015 17:28 |
|
Certificates are related to hosting, so I'll try this thread: Symantec is refusing to update our certs to support Certificate Transparency until we renew them. This is frustrating, and their certs are rather outrageously expensive. Solid recommendations for certificate authorities that support wildcard domains, ssl with extended validation, and certificate transparency?
|
# ? Feb 1, 2015 16:35 |
|
I'm trying to convince someone to transfer their domain to a different registrar but they're reluctant because they think they're gonna lose emails while it's transferring. How likely is that? In the past when I've transferred domains I'm pretty sure all the MX records etc. were preserved. But is there a period when no DNS records are accessible at all while it's transferring? It's a .uk domain if that makes any difference (you transfer it by changing the IPS tag rather than with an EPP code).
|
# ? Feb 14, 2015 17:51 |
|
fuf posted:I'm trying to convince someone to transfer their domain to a different registrar but they're reluctant because they think they're gonna lose emails while it's transferring. How likely is that? In the past when I've transferred domains I'm pretty sure all the MX records etc. were preserved. But is there a period when no DNS records are accessible at all while it's transferring? Is the email hosted at the registrar or elsewhere? Also, are you using the registrar's name servers? If you are, my recommendation is to use a third party for DNS (I like Amazon Route 53 for DNS personally), as when you keep your DNS separate from your domain registration it's trivial to transfer the domain without affecting anything - you just keep the same name servers through the transfer. If you're using the registrar's name servers, they'll likely shut down the zone when you transfer out, which will cause an outage. Email will retry, so if your domain is down for a day due to a DNS outage, all of the emails that were supposed to come in will be stuck in a queue retrying every so often. You should get them all, just a bit late. If you set things up well though, you don't have to worry about that outage at all.
|
# ? Feb 14, 2015 18:03 |
|
Ok so maybe I should get them to change the name servers to point to my Route 53 account first. And then we can do the registrar transfer after. That makes sense.
|
# ? Feb 14, 2015 18:38 |
|
I have an account with Lithium hosting and I remember all the ftp, cpanel, etc credentials except for my client area password. I don't remember the privacy questions either (I don't usually forget them easily, but for some reason, I'm completely blanking on this one). Am I screwed? The IT dude who's working on my ticket is, like, sales or something and he's being completely unhelpful because I totally sound like a scammer. How can I get my account back?
|
# ? Feb 24, 2015 02:19 |
|
Storgar posted:I have an account with Lithium hosting and I remember all the ftp, cpanel, etc credentials except for my client area password. I don't remember the privacy questions either (I don't usually forget them easily, but for some reason, I'm completely blanking on this one). Am I screwed? For the sake of anonymity, your account name is John Doe and your driver's license says Jack Wu. Your address doesn't match and you can't verify your security question answer. If you used invalid contact info and a fake name when signing up and have since forgot your account credentials, you're kinda screwed. I really don't know what else to tell you. DarkLotus fucked around with this message at 02:35 on Feb 24, 2015 |
# ? Feb 24, 2015 02:30 |
Storgar posted:I have an account with Lithium hosting and I remember all the ftp, cpanel, etc credentials except for my client area password. I don't remember the privacy questions either (I don't usually forget them easily, but for some reason, I'm completely blanking on this one). Am I screwed? http://passwordsafe.sourceforge.net/
|
|
# ? Feb 24, 2015 02:36 |
|
DarkLotus posted:For the sake of anonymity, your account name is John Doe and your driver's license says Jack Wu. Your address doesn't match and you can't verify your security question answer. drat... I did sign up with a pseudonym, but the contact info isn't "invalid". I bought a PO Box for the site and it's different from the address on my license. Ah, this is completely my fault anyway. Nevermind then... PS: "Jack Wu"? I would have appreciated something more neutral like "Jack Johnson", thank you very much. PPS: Thanks for your help. Lithium Hosting is very professional. I hope I didn't inconvenience you guys too much. Storgar fucked around with this message at 05:05 on Feb 24, 2015 |
# ? Feb 24, 2015 03:20 |
|
I have a strange question - how are sites like Netcraft detecting webserver versions and software packages like Varnish when they aren't advertised by the server in the headers?
|
# ? Feb 24, 2015 07:57 |
|
BlackMK4 posted:I have a strange question - how are sites like Netcraft detecting webserver versions and software packages like Varnish when they aren't advertised by the server in the headers? they are advertised in the headers. Via: 1.1 varnish and nginx/0.7.67 etc it's also trivial to tell specific webservers apart like apache and nginx based on their responses to nonexistant files and some other quirks
|
# ? Feb 24, 2015 08:00 |
|
Biowarfare posted:they are advertised in the headers. Via: 1.1 varnish and nginx/0.7.67 etc I see it now, they were sending the header as 'server' rather than 'Server'. My mistake.
|
# ? Feb 24, 2015 08:40 |
|
I already have a domain name that I got through namecheap, and I've been building a simple personal page in HTML over the past week. Now I'd like to put it on a host so others can access it when I link to it. Is there a good guide on how to set that up and make sure everything is secure?
|
# ? Feb 24, 2015 14:54 |
|
TopherCStone posted:I already have a domain name that I got through namecheap, and I've been building a simple personal page in HTML over the past week. Now I'd like to put it on a host so others can access it when I link to it. Is there a good guide on how to set that up and make sure everything is secure? If you're really only dealing with straight HTML, there isn't much in the way of security that you have to be concerned with. Just check reviews and find a reputable web-host. As long as the web-host keeps the server and apps updated, your html only site will be fine. If you eventually upgrade your site to contain dynamic content via a CMS of some sort, be sure to keep it updated and only use trusted plugins and themes. Be sure to use a secure cPanel and FTP password too, it's ridiculous how many accounts get compromised because the account owner used a simple password for cPanel.
|
# ? Feb 24, 2015 15:09 |
|
Also, in the case of WordPress, assume EVERY third party theme and plugin is a vulnerability waiting to happen. I see way way way way too many customers that get exploited because this AWESOME THEME was last updated in 2013, and nobody noticed that until AFTER they send out half a million spam emails or whatever.
|
# ? Feb 24, 2015 15:37 |
|
cstine posted:Also, in the case of WordPress, assume EVERY third party theme and plugin is a vulnerability waiting to happen. This is 100% good advice. poo poo, just don't use wordpress unless you know what you're doing. Even then, you still have a 50/50 chance of getting e-raped by a malicious user.
|
# ? Feb 24, 2015 15:40 |
|
Yeah I'm not planning on anything too elaborate and I'm pleased with what I was able to come up with in just plain CSS/HTML. I was actually thinking of Lithium Hosting, I think I signed up for a 30 day trial when I first bought the domain but got sidetracked and never set anything up.
|
# ? Feb 24, 2015 16:07 |
|
TopherCStone posted:Yeah I'm not planning on anything too elaborate and I'm pleased with what I was able to come up with in just plain CSS/HTML. I was actually thinking of Lithium Hosting, I think I signed up for a 30 day trial when I first bought the domain but got sidetracked and never set anything up. Hostgator will work good for you I guess. They have a very quick response time and I never had problems with them over 3 years. We do have a webhosting service that offers discounts for goons in this section I think, some people say it's even better than Host Gator so you might give it a try
|
# ? Feb 24, 2015 17:02 |
|
don't use hostgator especially after the sale DarkLotus posted:This is 100% good advice. poo poo, just don't use wordpress unless you know what you're doing. Even then, you still have a 50/50 chance of getting e-raped by a malicious user. my favourite are completely unnecessary and bizarre things like a plugin that 'only' adds google analyticsphoning home and adding backlinks to the footer
|
# ? Feb 24, 2015 17:04 |
|
Someone actually recommending Hostgator? Hmm yes I hear Bounceweb is pretty good too.
|
# ? Feb 24, 2015 18:24 |
|
Biowarfare posted:my favourite are completely unnecessary and bizarre things like a plugin that 'only' adds google analyticsphoning home and adding backlinks to the footer TimThumb.php. It's like herpes. It's everywhere, you can't get rid of it, and it'll cause endless problems! Oh, and it's EOL so no more patches and it's STILL in zillions of themes and plugins. And I'm not sure WHY you need it. Wordpress has the functionality built in.
|
# ? Feb 24, 2015 18:25 |
|
cstine posted:TimThumb.php. ... and it still insisted on using the "DOCUMENT_ROOT" server variable when storing thumbs. If you used mod_rewrite to serve content from another location, it altogether ignored WordPress requiring custom patches.
|
# ? Feb 24, 2015 18:33 |
|
DNova posted:Someone actually recommending Hostgator? Hmm yes I hear Bounceweb is pretty good too. Yep and network solutions is the
|
# ? Feb 24, 2015 18:48 |
|
NyxBiker posted:Hostgator will work good for you I guess. No it won't. This is bad advice. I know first hand, because I am a current HostGator client
|
# ? Feb 24, 2015 19:52 |
|
I just discovered my hosting company stores their passwords in plain-text. I figured it when they had a 12 character limit on their password reset form. If anyone here is Irish, avoid Digiweb. And if anyone knows any good .ie domain registrars, I'd appreciate info (Register365 are also crap, and I used to dislike Blacknight). If anyone wants to help give Digiweb a scare, you can retweet this: https://twitter.com/BBrian1/status/570733699337224192
|
# ? Feb 26, 2015 16:36 |
|
|
# ? May 31, 2024 13:56 |
|
The most well known companies on the accredited list are probably instra.com, MelbourneIT, and key-systems (rrproxy/domaindiscount24) gandi.net also sell them for €88/year Didn't realise .ie was so expensive
|
# ? Feb 26, 2015 18:36 |