Blog Header Banner

Archive for the ‘Ask the Experts’ Category

Cloud Tip of the Month- August 2013   no comments

 

cloud and exclamation sign illustration

Why move to The Cloud? Here is August’s cloud tip!

Cloud Architecture is Exceptionally Flexible

The entire concept of cloud computing is divided into three forms of cloud. These include Public cloud, Private Cloud and Hybrid Cloud. All three have significant characteristics; however their choice depends on the personal requirements of businesses.

 

Check out the benefits!

  • Public Cloud

In this type of cloud form, data stored is in a cloud server- which is located at a distant place elsewhere. It enables users to share and access data from anywhere and at any point of time. This means public cloud promotes shared environment for businesses. It can save having to hire a tech department and can be placed in a data center like TurnKey, where our techs can handle your entire IT infrastructure.

  • Private Cloud

A private cloud is beneficial for those organizations that do not want to share their confidential data with any third party. Data stored in a private cloud is secured in the firewall settings, which enable only the authorized parties to access data and do not invite any third party. The private cloud model is good for super-secure businesses, but tend to cost more to buy all the equipment and hire techs.

  • Hybrid Cloud

A hybrid cloud is a mix of both and gives users or business entities the advantage of both the cloud environments. Suppose, a business enterprise wants to share its services and products with its clients across the globe, but at the same time wants to hide the confidential information from them, Hybrid cloud architecture would suit best for such types of businesses.

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Cloud Tip of the Month- July 2013   no comments

Posted at Jul 23, 2013 @ 11:18am Ask the Expert,Ask the Experts,customer service,green

cloud and exclamation sign illustration

Why move to the cloud? Here is July’s cloud tip.

 The Cloud — Cost Effective in Nature

If you haven’t opted for cloud technology yet, don’t lag behind. Pop into the cloud market and enjoy a cost-effective business environment. The cloud promotes device independence, where the cost of hardware and software automatically is cut. Although, there is an initial expense of deploying to the cloud, it can also focus on a pay-for-what-you-use model. Businesses moving to the cloud are guaranteed to save money, and by choosing TurnKey Internet, we can make it easier for you to get to the cloud!

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by Alan on July 23rd, 2013

Tagged with , , , , ,

What makes an IT Professional? Better yet, a TurnKey Professional?   1 comment

Howdy do, Turnkey Lovers?

How are you feeling this week? I’m only asking because I’m not sure how to begin this topic. Let’s see, not too long ago, one of my co-workers mentioned that some of our competitors were writing blog entries on what it’s like to be an “IT Professional”. This has actually been something that I’m curious about myself.

What makes an IT Professional? I mean, IT (Information Technology) is such a large umbrella. So I did what I always do when I need to know something: Google. You would be surprised—well, you might not be—about the number of articles out there that deal with this very topic. Hundreds of “IT Professionals” all list their own explanations of what an IT Professional does.

Rather than bore you with yet another article on what an IT Professional does in general, I would prefer to take you into the world of a “TurnKey Professional”. These are probably one in the same, as a common denominator through all of the articles on IT professionals was this idea of wearing multiple hats; metaphorical hats, in this case. This could be anything from fixing a certain type of software, to providing customer service to a local client. If you’re really lucky, you may even get to work with a businessman or salesman.

In no place did I see this idea chiseled deeper into stone then at TurnKey Internet. On some days, I’m just your friendly, neighborhood slayer of tickets. This extends from any support issue as small as resetting a password on a locked out cPanel account, to deploying a major upgrade to new technology. On other days, I might be working on LiveChat, attempting to sell one of our many services—everything from dedicated servers, to colocation, to domain registration.

A TurnKey Professional is a jack of all trades, if you will. We each have skills that we must call on in a moment’s notice, to best service the needs of our customers. Isn’t that what an IT Professional is supposed to do? I’m not 100% on that, but I know here at TurnKey Internet, that’s what we do.

Having team members who each possess different skills, leads to a diverse, all-encompassing set of solutions to common issues that any IT Professional may run into. You know, that’s why I love working here. There are always multiple ways to solve an issue, and here at TurnKey, we usually end up employing many of them—if not all of them—to solve our clients’ needs. It’s quite refreshing.

Well, that’s just another little bit of information I wanted to share with you. It’s another way to show you Turnkey-lovers that I love what I do; another piece of information to share and bond over.

Until next time…

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Disaster Recovery Remedies   1 comment

Are you ready? - Hurricane“Hindsight gives you 20/20 vision,” is a statement you should keep in mind as you read this blog article. Many businesses that were just recently affected in some way by Hurricane Sandy could have avoided the complete standstill to their services by preparing and planning out just what they would do if their facility suffered a catastrophic loss. Hurricanes, earthquakes, tornadoes,  snow storms, flooding, and fire are some of the most obvious causes of potentially disastrous losses that could halt the operations of a business. In fact, the property of a business does not even have to have any direct damage for a natural disaster to halt their business. For example, loss of electricity, telephone, or internet connectivity can cause problems with functionality, as those services are paramount.

The question any disaster recovery consultant will ask you is, “how would your business survive if it was affected short-term and/or long-term by some catastrophic event?” If you understand that any type of disaster could destroy your computing infrastructure – where all of your company records and data are stored, which could quite possibly destroy your business – then you should have a plan in place to alleviate that possibility.

At the very least, any business that uses computing to manage their operations should have an off-site back-up of their most important data and records. This is not a very expensive strategy, it is something that can be entirely automated, and it does not even need to be accessed until you actually need to use it. There are automated back-up systems available from most data-centers, which back-up your data as frequently as you desire. The incremental changes made in the time-frame chosen are then sent across the internet through an encrypted protocol, and stored in a managed backup system at the data center. Usually, the client is provided with a secure web interface to access those files as needed. These back-ups can also be used to restore individual data files that may have become deleted or damaged at any time, and downloaded back to the computers in your office.

The next step up from simply backing-up your data for protection from a disaster would be hosting some, to all, of your regular computing infrastructure in a data center (cloud computing). If you hosted your main office server in a data center and accessed your files over the Internet from the PCs in your office, you could survive a disaster from a computing standpoint. All of your important data could then be accessed from a temporary, remote location, or even by having your employees work from home until the office is re-established. Many companies are now hosting their entire computing infrastructure in a data center; everything from virtual PCs to their application servers. These can then be accessed through just about any device that is connected to the internet, such as a PC, Mac, tablet, and many types of smartphones.

Communicating with your customer base during and after any disaster is vital in many cases. When your email and telephone systems are cut off, and you and your customers can no longer communicate, this could be extremely damaging to your business. By hosting your email server at a data center, you have access to your email system through almost any device connected to the internet.

One of the data center services that is really gaining popularity lately is VOIP-based hosted phone systems. In a VOIP-based system, The PBX system normally nailed to the wall in an office is replaced by a PBX server in a data center. Management and administration of the system is then done though a web interface. All phone communication is channeled through voice over Internet protocol (VOIP).  The advantage of this in a disaster is that your phone system is always intact. You can access your administration portal over the Internet and change any settings that may be necessary, such as adding additional extensions for remote users. Staff members can work from remote locations or at home, by accessing the phone system with a softphone on their PC or by having their calls transferred from their extensions to their cell phones.

I have suggested that data center services, TurnKey Internet included, are great solutions to the issues surrounding disaster recovery. The key reason is that they have multiple redundancies in place to provide 100% up-time guarantees. At TurnKey Internet, we have multiple fiber providers supplying our Internet and bandwidth through diverse physical paths into our facility. We have complicated switch gear in place to maintain your connections, in case one or some of the fiber connections coming into the building are disrupted. Additionally, our power supply is backed-up with both a robust battery back-up supply to all servers and equipment, as well as an on-site diesel generator that can power our facility long-term if necessary.  For these reasons and more, anyone considering disaster recovery planning should consider the options available from reputable data centers like ours at TurnKey Internet, to insure that their business is not damaged long-term by a catastrophic event that had not been planned for.

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Securing your cPanel Dedicated, Cloud or Virtual Server   2 comments

Posted at Apr 25, 2012 @ 5:41pm Ask the Expert,Ask the Experts,Web hosting

One of the most frustrating things that can happen to shared hosting provider is to find that one or more of their servers have been compromised.   As a shared hosting provider we are responsible for maintaining the integrity of our servers and the client data residing on the server.   Not always an easy task.

What makes securing a shared server such a challenge?  Well, the intrinsic problems that come with having dozens, if not hundreds, of individual users accessing a single server should be obvious.  Each client has the ability to upload any scripts they desire which are rift with security holes due to poor design, coding errors, or just plain laziness on the part of the programmer.  (A good example is the continued use of “register_globals” by many PHP scripts…a sure guarantee of an injection attack.)  On top of that, a majority of shared hosting clients are not that entirely (if at all) well versed in how to maintain their sites and fail to keep their scripts updated.

But don’t be discouraged as there are some simple steps you can take to help make your servers more secure against many of the more common hacks.    I’ll be outlining the security steps I take when setting up new servers.  Note that I have a few tricks that I won’t be sharing since I don’t want to give the script-kiddies too much info.    Also, I’m only going to give you a brief overview of the steps.  In future articles I’ll get into the details of each step and how to implement them.

  • Disable dangerous PHP functions.   These include exec(), passthru(), shell_exec(), system(), proc_open(), popen(), and show_source().   Some clients might complain that some of their scripts no longer work, but the security this one step provides far outweighs a few broken scripts.
  • Secure your /tmp folder.   The latest versions of cPanel do this by default now, but it’s always good to go back and check.  And while you’re at it, make sure your /usr/tmpDSK file is large enough.   It defaults to 512K, but personally, I’d resize it to 1GB or better.
  • Recompile Apache and PHP to add additional security features.   cPanel makes recompiling and enabling most Apache and PHP features very simple via the EasyApache configuration tool.  At minimum, security wise, enable Mod_suPHP and Mod_Security.
  • Disable php.ini overrides in suPHP.    suPHP forces all users scripts to run as their username.  This prevents users from running any scripts as root or nobody.  It also disables the ability to override php.ini settings in the .htaccess file.  Unfortunately, by default, users can still create custom php.ini files that will override the system-wide version.  Thus, if left in this state, they can reactivate the disabled functions from above.  You can easily fix this by editing the /opt/suphp/etc/suphp.conf file and uncommenting the three lines in the [phprc_paths] section.
  • Configure mod_security.  Now that you have mod_security compiled in, you need to configure it.  I suggest using the GotRoot rules (http://www.gotroot.com/mod_security+rules) and ConfigServer ModSecurity Control  (http://www.configserver.com/cp/cmc.html).   Be prepared to spend some time tweaking the rules, but in the end, well worth the effort.
  • Install ConfigServer Firewall.    CSF w/LFD (http://www.configserver.com/cp/csf.html) is probably the best free firewall protection I’ve used.  Easy to install and manage and it works right out of the box.
  • Install Rack911.com’s Symlink Patch.   By default, Apache allows you to symlink to ANY file on the server.   This means a malicious user or hacker can symlink to system configuration file and other users commonly known scripts config files and read them.  While you could simply disable symlink altogether, that would almost certainly break many system functions.  Rack991 generously released a patch that simply prevents the system from creating a symlink to files that are not owned by the user.
  • Secure SSH.   You can change the SSH port, but I’ve found that it’s not really all that beneficial as port scanners can eventually find the port and it just makes our job harder as admins.  Instead,  simply don’t allow SSH for ANY cPanel user, not even jailed.  And add “PermitRootLogin without-password” to your sshd_config file.  This will only allow you to SSH into the server is if you have a valid SSH key in the authorized_keys file (Be sure to add that BEFORE you change the sshd_config file).
  • Install Maldetect.  Install Linux Malware Detect from R-fx Networks (http://www.rfxn.com/projects/linux-malware-detect/).  While not perfect, it does give that extra layer of detection.
  • Review your Tweak Settings.   Under Mail, set your Emails per hour limits to a low number (100);  enable prevent NOBODY from sending mail; enable Add X-PopBeforeSMTP.    These settings will put a strangle hold to mass-mail spamming and if you do have a spammer, quickly find who it is.

While implementing these steps will not 100% guarantee that your server will never be compromised, it does put you on good footing to prevent a vast majority of the types of attacks that you might see.  I’ll touch more on each of these points in later articles and on other things that can be done to give you that balance of security vs. usability that shared hosting clients require.

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by admin on April 25th, 2012