Displaying items by tag: CloudLinux
Worried about Dirty COW? You should be, because last week a serious vulnerability was discovered in the Linux kernel which runs the majority of the world's servers. It was so critical that it can lead to a privilege escalation, denial of service, or information leaks. And it's called Dirty COW! Why the name Dirty COW? It gets its name from the Linux sub-system, called Copy-On-Write or COW, in which it appears.
You may well have seen reports in national dailies about it, and now it's spread to Android Phones as well. Basically, if you've got a website then you are potentially at serious risk because it could take weeks before web hosts get round to patching the kernel on their servers. Then the server will need to be rebooted resulting in downtime.
Unless of course you're a WebSpain client! Because when we switched to Cloud Linux earlier this year we also purchased Kernel Care as part of the package. KernelCare keeps Linux servers secure with all the latest kernel patches available immediately, and they're automatically applied without needing to reboot the server. So no security issues and no downtime!
It keeps running permanently and checks for any kernel security updates every 4 hours. If there's an update available, it just applies it without any human intervention or downtime. Our kernel was patched on 21st October......literally as the news broke.
If you're not a WebSpain client then you just have to cross your fingers that somebody is going to take action at some point to protect your business interests. Timescale is impossible to estimate......but I can guarantee that the less you paid for your hosting then the longer it will take. If it's even patched at all! But that's what happens when your main priority is cheap!
It just demonstrates, once again, how proactive we've always been in this area, and how not all web hosting is created equal.
If you're serious about your business then you need a serious provider. If you're not serious about your business, or perhaps you just don't care......then there's plenty of providers out there that would be a perfect fit for you. But we're not one of them!
Published in Web Design News
We've now entered the CloudLinux era, as our main UK server is now running on this commercial operating system. CloudLinux is purely designed for shared hosting environments, and delivers numerous benefits to you as a user, and to us as a web host.
1. Each account is contained within a “Lightweight Virtualized Environment” (LVE), that totally isolates each user. This means that tenants cannot jeopardize the stability of anybody else's site, or the server, because each one will be allocated a specific amount of memory, CPU etc that they can use.
2. CloudLinux OS also “cages” tenants from one another using a component called CageFS to minimise the risk of security breaches. This way, unstable scripts or malware are unable to spread across other sites causing defacement. This short video is a bit simplistic but it shows how individual users are caged to prevent them causing harm to anybody else's site.
3. LVE Manager will limit all CPU, IO, memory resources, numbers of processes, and concurrent connections per each user to maintain stability right across the platform.
4. CloudLinux comes with a PHP Selector which will allow users to define the version of PHP that they use. But unlike others, we will not be using this component to continue to run outdated and vulnerable versions of PHP.
If PHP have discontinued security updates for a particular version then it will be removed, because we won't abuse this feature by turning it into a "workaround" for potentially vulnerable software. That's just asking for trouble.
5. We have also implemented the additional security initiative known as Kernel Care! This automatically updates the linux Kernel of the operating system as soon as vulnerabilities are discovered. There's no waiting weeks for patches to be released while you remain at risk......it happens instantly!
The implementation of CloudLinux was something that we have been working towards for many months. Earlier this year we doubled the server memory to 32GB, and changed the PHP handler to FPM-FCGI, in order to take full advantage of CloudLinux and recent advances in server processes.
And when the time came to implement it, we didn't just get the datacentre support staff to handle the process, we took the unprecedented step of paying for the services of an external CloudLinux specialist to carry it out. Simply because we wanted to ensure that all aspects of this operating system were deployed in the most effective way possible.
It's a very specialised system, and a generic "one size fits all" installation is not what we wanted. We wanted it fine-tuned and optimised just for our sites!
As I've stated before, not all web hosting is the same. We know for a fact that we were already offering a far superior hosting platform to our competitors anyway.....the majority of which only operate on reseller accounts on other companies' shared servers. I'm not knocking that......we all have to start somewhere, and that's where we were 15 years ago.
But the reality is that you can't compare that environment to the type of infrastructure that we deliver via our own private dedicated servers. Now with the addition of CloudLinux, we've taken a big step forward once again!
We're determined to offer our clients the very best in all areas......and we'll make whatever investments that need to be made in order to achieve that, at no additional cost to yourselves!
Bottom line is that nobody else does what we do.....in the way that we do it. That is absolute fact, and for those of you who've been with us for many years......I'm not telling you anything you don't already know.
Published in Web Design News