Web server administrators should take notice of a “severe” vulnerability that computer scientists have discovered in OpenSSL, the free and open source encryption software package for Linux and Unix-like systems.

The bug is in OpenSSL’s cryptographic library and vulnerability allows attackers to retrieve a server’s cryptographic key, leaving any secure transactions, such as banking and sales, exposed to the attacker. Hundreds of thousands (perhaps even millions) of businesses, banks, and other enterprise-level institutions depend on SSL encryption security, particularly that of OpenSSL.

Those who discovered it said that the attack is difficult to execute, but administrators should still be cautious. An OpenSSL spokesperson said that they are already working on a solution and will release a patch for the software. Furthermore, an attack requires access to the power source of the device, making it unlikely that an attacker could exploit a server, since most attack remotely.

Source: The Register
Photo: Ivan Petrov

0 comments

Given the high cost of electricity, companies are always looking for ways to increase efficiency. This may involve optimizing CPU usage or reducing active cooling, but in the case of Google, Facebook, and soon Goldman Sachs, these companies have found another way go green: integrate batteries into servers.

Data centers spend millions on large UPS systems to provide temporary power during utility outages. A UPS only needs to provide power for a few minutes until generators can be started.

In 2008, Google became the first firm to integrate 12-volt batteries into servers for the same purpose. The technology works likes a charm and now others in the industry are catching on. This new system is not only cheaper and more reliable, but uses less power as well.

0 comments

Question: What is FFmpeg hosting?

Answer: FFmpeg is a suite of tools that provide users with video manipulation, editing, streaming, and recording capabilities on numerous platforms and multiple formats. As the name indicates, it supports a number of mpeg compression formats as well as other open and proprietary video codecs.

In order to have better than average video conversion and streaming on a website, you need a webhost that has FFmpeg installed on your server, accessible from web scripts, and ready to use. Since the advent of YouTube, many hosts have started offering dedicate FFmpeg server packages completely separate from their shared hosting accounts.

This allows the video conversion, streaming, and other tasks to use as much of the CPU and RAM that it needs to complete the tasks quickly and thoroughly. Normally, such servers will also include other related tools and libraries to support as many codecs and options as possible. Those may include but are not limited to Myplayer, xvidcore, Ogg (Theora and Vorbis), and LAME (MP3 Encoder).

0 comments

Question: How do I upgrade my CentOS installation to a higher version?

Answer: Using YUM you can upgrade CentOS with only a few steps.

1. Backup your important data. If most or all of is in a database, make sure to backup all databases.

2. List all of the updates:

# yum list updates

3. Upgrade your distribution:

# yum update

4. Reboot the server:

# reboot

5. Verify that all systems are working:

# uname -a
# netstat -tulpn
# tail -f /var/log/messages
# tail -f /path/to/log/file
# cat /etc/redhat-release

Note: Because the kernel will be upgraded, you will need to reboot the server after completion, so you should plan a scheduled down time when your website(s) will have the least amount of activity.

Source: nixCraft

0 comments

Question: I want to setup my own server. What software and tools will I need?

Answer: The first major decision to make after you have purchased server hardware is what operating system to use. Many servers come with one already, but if yours does not, you will need to decide on one. Linux or other Unix variants, such as BSD or Solaris are by far the most popular, but there are also many Windows servers out there. If you are on a limited budget, go with a free Linux distribution, such as CentOS.

The next thing to choose is the web server. Choices include Apache, Nginx, and Lighttpd. After that, you will probably one a database server such as MySQL or PostgreSQL Finally, you will want a web-based control panel. Depending on the one you choose, it might also install its own versions of Apache, PHP, and MySQL.

There are many control panel solutions on the market, and most of them are commercial. Popular control panels includ cPanel and Plesk. There are also free solutions available like Virtualmin. Decide what you need for whatever type of websites you plan to have and then choose the software that meets those needs.

Photo: Flickr

0 comments

With a name that even sounds like the beautiful love interest of a secret affair, Cassandra appears to be positioning itself to steal the hearts of those once in love with MySQL. Twitter is now set to replace its MySQLdatabase system with the open source home wrecker.

Cassandra was originally developed by Facebook and was released to the public via Google’s code repository in 2008. In 2009, the Apache Foundation added it to its project, and in February of 2010, Apache made it a top-level project. It is designed to work with large amounts of data by spreading the data across multiple servers. Its notable feature is that it has no single point of failure.

Twitter joined a growing list of major companies that have adopted Cassandra. Among them are Digg, Cisco, IBM. Cassandra is free and open source software released under the Apache License 2 and is available for download from Apache.org.

Photo: Flickr

0 comments

Problem: Apache HTTP Server on a web hosting system will undoubtedly run multiple virtual hosts. Each of those virtual hosts logs its activity in a separate location making it impossible to effectively monitor each log and each virtual host for errors or security issues.

Solution: Use mod_status to monitor Apache’s activities. This module for Apache allows the system administrator to have real-time viewing of all of the web server’s activity. It is part of the default Apache 2 package on many Linux systems, and you can enable it by doing the following:

1. Make sure you have mod_info module loaded:

a2nmod info

Continue reading: Monitor Apache web server with mod_status

0 comments

Nginx (pronounced “Engine X”) is a lightweight web server that offers speed and flexibility without all of the extra features that larger web servers like Apache offer. Although it is a free and open source application, CentOS does not offer the latest version in its default YUM repository. To install it, you need to add the EPEL (Extra Packages for Enterprise Linux) repository, which is part of the Fedora Project.

1. Install the EPEL repository:

# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5Server/x86_64/epel-release-5-3.noarch.rpm

2. Install nginx

# yum install nginx

3. You will be asked to install the gpg-key for EPEL. Answer yes

4. Start Nginx

# /etc/init.d/nginx start

5. Check the installation by going to your web server’s default site, either using your ip address or domain name.

0 comments

Microsoft provides a tool for Windows Server 2008 that tests for security misconfiguration. It comes with a graphical interface and a command line interface for both local and remote scans. It looks for vulnerabilities, performs assessment checks, and checks SQL Server 2005.

In addition to Windows Server 2008, MBSA runs on Windows Vista, Windows Server 2003, Windows XP, and Windows 2000 systems. It scans for misconfigurations on Internet Information Server (IIS), SQL Server, Internet Explorer, and MS Office.

MBSA is available for download from the Microsoft website. It is free to download and use on Windows systems. It comes with a readme.html document containing information on system requirements, scan options, and tool support options.

Source: Microsoft

Photo: Flickr

0 comments

It is very difficult to test a server’s real-world performance under stress. While you could hire a company or individual to bombard your server, the cost involved may not be worth the results. The open source application called curl-loader simulates load and application behavior of thousands of HTTP/HTTPS and FTP/FTPS clients.

Imagine having your website visited by thousands of visitors at once. Will your website hold up to the stress? Curl-loader allows you to test it and find out. Some of the features include:

• GET, POST, and PUT tests
• Web and proxy authentication
• Cookies and DNS caches
• URL fetching probability
• and much more.

Curl-loader is free and open source software released under the GNU GPL, available for download from the sourceforge.net.

Source: curl-loader

0 comments