HostsVault BlogHostsVault Blog

Have you ever faced this kind of problem where you couldn’t even reboot your sever because it had a HDD error and you cant access the reboot or shutdown commands and they showed this kind of errors :

[root@hostsvault ~]# reboot
bash: /sbin/reboot: Input/output error
[root@hostsvault ~]# shutdown -r now
bash: /sbin/shutdown: Input/output error

Obviously, there is a problem with your drive. These commands are failing because the kernel is unable to access the /sbin/reboot and /sbin/shutdown binaries from the disk so that it can execute them.

A fsck on the next boot might be able to correct whatever is wrong with the disk, but first you need to get the system to reboot. If your machine is located at a managed hosting provider then you could submit a reboot ticket, but you’ll have to wait for someone to take responsibility.

Wouldn’t it be nice if there was a way to ask the kernel to reboot without needing to access the failing drive? Well, there is a way, and it is remarkably simple.

The “magic SysRq key” provides a way to send commands directly to the kernel through the /proc filesystem. It is enabled via a kernel compile time option, CONFIG_MAGIC_SYSRQ, which seems to be standard on most distributions. First you must activate the magic SysRq option:

echo 1 > /proc/sys/kernel/sysrq

When you are ready to reboot the machine simply run the following:

echo b > /proc/sysrq-trigger

This does not attempt to unmount or sync filesystems, so it should only be used when absolutely necessary, but if your drive is already failing then that may not be a concern.
In addition to rebooting the system the sysrq trick can be used to dump memory information to the console, sync all filesystems, remount all filesystems in read-only mode, send SIGTERM or SIGKILL to all processes except init, or power off the machine entirely, among other things.

Also, instead of echoing into /proc/sys/kernel/sysrq each time you can activate the magic SysRq key at system boot time using sysctl, where supported:

echo "kernel.sysrq = 1" >> /etc/sysctl.conf

If you would like to learn more about magic SysRq you can read the sysrq.txt file in the kernel documentation.

Just thought of sharing this if anyone is interested in :

You can use the “listen-on ” directive for this by default its set to :

listen-on { any; };

Here is how it would look like to set it to listen to a certain ip

options
{
        listen-on { 208.43.195.240; };
        directory "/var/named"; // the default
        dump-file               "data/cache_dump.db";
        statistics-file         "data/named_stats.txt";
        /* memstatistics-file     "data/named_mem_stats.txt"; */
        dnssec-enable yes;
        recursion no;
        allow-notify { 208.43.195.240; 208.43.195.241; };
};

419 Scam Named for section 419 of Nigerian law which makes confidence schemes illegal. This is a scam where someone pretends to be a wealthy foreigner who wants help moving a large amount of money overseas. Usually, the scammer requests bank account information to pay for fees supposedly incurred in the large-sum transfer. The large sum transfer never happens and the victim is taken for as much ‘fee’ money as possible.

Anti-virus Software Computer software that attempts to locate, disable and remove from a computer any malicious software (such as viruses and worms). Anti-virus software typically relies on so-called signature files that allows the software to detect malware based on particular code segments that are only present in unwanted programs. Since it is not possible to know what these code segments are before the malware start infecting machines on the Internet (and is analyzed by anti-virus companies), this type of prevention mechanism does not help early on as a new malware version spreads. Some types of anti-virus software also performs so-called behavioral checks to detect yet-unseen strains of malware based on what they are trying to do. This is possible since malware is typically accessing and storing data at computer memory locations that other types of software do not.

Authentication Token A security device carried by an authorized user. The device has a changing value or a secret algorithm that cannot be copied — thus requiring a valid token to be possessed by whomever wants to authenticate. An example of an authentication token is the RSA SecurID token. Also see “second-factor autentication”.

DNS Poisoning A way of forcing users to a malicious site by injecting bad data into a domain name server’s cache in order to change (for users of that server) the destination a domain resolves to. The effect of DNS poisoning is that the conversion from a URL to an IP address fails. For example, instead of translating the address www.americanexpress.com to the IP address corresponding to the actual site of American Express, a server that has been a victim of DNS poisoning will supply the incorrect IP address. The URL that the user types will still be printed in the address bar, and if the content of the fraudulent website to which the translation is done looks the same as that of the legitimate site, then the user will not notice that the attack took place. Moreover, the fraudulent website will be able to harvest all the cookies intended for the legitimate website, which will allow it to impersonate the user’s machine to the real site as well. Also see man-in-the-midddle attacks. DNS poisoning is sometimes referred to as pharming, and can be performed in a large number of ways. One of the recently discovered ways in which an attacker can mount an attack of this sort is by uploading malware to a person’s router (or access point). These are devices that have no inherent protection against malware, but which are very powerful in that all the user’s Internet traffic passes through these machines. Therefore, an infected router can easily cause incorrect IP address information to be returned to an unsuspecting user.

DNS server A server that translates DNS names (such as stop-phishing.com) into an IP address that is actually used for communication on the Internet.

Favicon The small icon displayed next to a URL in the address bar of a browser. Phishers can place a ‘lock’ icon here to pretend the connection is secure, or they can set this icon appropriately to mimic a real site. This means that seeing a lock in the address bar does not automatically mean that the corresponding site is secure.

IP address A set of four numbers from 0-255 separated by periods (.) that are used to identify each computer on a network. (Example: 129.79.247.191). An IP address instead of a Domain Name (like bank.com) can be used in a phishing URL to hide the fact that a given website is not legitimate. In a DNS poisoning or pharming attack, the IP address returned by a DNS server is changed to direct victims to a phisher’s site.

Keyboard logger Also known as ‘keylogger’, a piece of software (or hardware) that records all keys pressed on a computer’s keyboard. Often, keyloggers will report the sequence of keys to an ‘owner’ of the malicious logger. The intent of this is to steal passwords and PINs, but also other confidential information types by the victim user.

Lock icon A small padlock icon displayed by a web browser to indicate that the browser has established a secure connection to the currently loaded website. This suggests to the user that nobody can ‘eavesdrop’ on their communications with the server.

Malware Malicious software such as a virus, worm, trojan horse, or spyware that is installed on a system with harmful or malicious intent. Some malware uses technical vulnerabilities (such as buffer overflow) to attack a machine, whereas other types of malware instead uses social vulnerabilities, i.e., attempts to make the victim willingly install and run the software. To do this, various types of deception is used. Commonly, the user is told that the software has a beneficial purpose, such as a screen saver, an Internet optimizer, or spyware detector. While the malware may perform some of these functions, it also performs other functions, unbeknownst to the victim user.

Man-in-the-middle attack An attack where an attacker relays all messages back and forth between a client and server. During the attack, messagesmay be changed or simply recorded for later use. An example of this attack is where a victim contacts a web server that is controlled by an attacker, thinking that this is his bank. The web server then immediately establishes a connection to the user’s bank. It send any information it receives from the bank to the victim, who thinks he received the information from the bank. Any information sent from the victim to the attacker’s web server is immediately forwarded to the bank, who then thinks it receives the information from the user in question. There is no noticeable delay, so this is not detectable. As the web server sends information back and forth, it may also save all the information it receives. While SSL may help protect against man-in-the-middle attacks, there are also ways by which an attacker can cause two sessions to be started by the victim at the same time, where one of them results in a connection with the bank and the other results in the theft of information sent to the bank. Man-in-the-middle attacks can be performed by malware, whether residing on the victim’s machine, on a router or access point he connects to, or on another machine on the Internet.

Pharming In computer security, this is an attack where an attacker compromises domain name values and redirects many people to the wrong IP for a given domain. Often this is accomplished with DNS poisoning or by modifying the hosts files on peoples’ computers. This is a special case of DNS poisoning, and is often the result of malware infections.

Phishing Tricking someone into giving up private data by masquerading as an authority. This is mostly accomplished using email or instant messages, directing the recipient to a fraudulent website that appears legitimate. Phishing is related to conning, but is taking place at a much grander scale, due to the use of the Internet, and is harder to track back to the criminal.

Phishing IQ test A test where emails are displayed to a participant who is then asked to classify each as fraud or real. Usually these tests are used to illustrate the difficulty of identifying phishing emails. Recent research shows that phishing IQ tests are not measuring susceptibility to phishing very well, but rather, simply measure fear of phishing.

Puddle Phishing A phishing attack targeting the clients of a small financial institution, typically with very limited geographical coverage. Smaller institutions typically have lesser resources to fight phishing attacks than large banks do, and their clients are less accustomed to being targeted. This makes puddle phishing often more successful for the phisher.

SSL Post A form submission that originates from an unencrypted ‘http’ page but posts to an encrypted page (https). Encryption only occurs in this case after the submission button is pressed. Some phishers try to make it appear that the sites they manage (and which impersonate legitimate brands) perform SSL posts, whereas they do not. It is difficult for typical users to determine whether a given webpage will perform an SSL post or not, which makes SSL posts less secure than traditional SSL connections.

Screen scraper Software that analyzes the graphics displayed on a computer screen and translates displayed images into text. This is often used to steal information from users, in particular in a user uses an on-screen keypad to enter a PIN.

Second Factor Authentication Second factor authentication demands more than just a password from a user logging in. It could be something he or she knows, something he or she has, or something he or she is. Examples of these three possibilities are: knowing one’s mother’s maiden name; to have a device that displays frequently changing passwords only known by the service provider and the person with the device; and use of a thumbprint to provide evidence of identity. There are many other forms of second factors, but not all are equally secure. Recent banking regulation demands that banks use some form of second factor authentication, but do not specify what type.

Secure Sockets Layer (SSL) A communication protocol developed by Netscape that is used to establish cryptographically secure communications between a client (usually a web browser) and server. This protects against data from being stolen by eavesdroppers. Additionally, when a web browser starts an SSL session, a small lock is displayed in the frame of the browser. However, phishers know that it can be hard to know exactly where the lock should be placed, and even though phishers cannot easily place locks in the browser frame, it is trivial to place lock images in the content portion of the webpage. Many people do not notice the difference.

Signature-based malware detection A method of detecting malware that identifies malware by analyzing behavior of software, configuration and software patterns. See malware.

Spear phishing This attack is to phishing what targeted advertising is to advertising. Namely, in spear phishing, the attacker infers or manipulates the context of his intended victim, and then “personalizes” his attack. It is possible for attackers to learn information about the victim in many ways, and it is difficult to know when this has taken place. This makes spear phishing very dangerous.

Spoofed email Assuming the identity of another person while sending email; often used to disguise the actual sender of a message. It is trivial to spoof an email, and it can be done to make the email appear to come from anywhere, whether it is your best friend, your system administrator, your bank, or whitehouse.gov.

Spyware Malware installed on a computer that covertly gathers information about the computer’s user.

Subdomain A subdivision of a master domain, e.g. ‘cs’ in cs.indiana.edu and ‘informatics’ in informatics.indiana.edu

Synthetic identity fraud Posing as someone using identity that is completely fabricated — making up a new identity and assuming it. While not commonly in the news, this is one of the predominant types of fraud.

Yield (phishing) The percentage of targets in a scam that fall victim. If email asking for credit card details is sent to 100 people and 2 of them respond, the yield is 2%. Phishers, of course, hope for a high yield. It is not known exactly what the yield of phishing attacks are, but researchers and security specialists believe that it is in the range of a few percent, but believe that the increased use of spear phishing can increase the yield well above 20%. Given that phishers target huge numbers of potential victims at the same time, even a yield of just a few percent create a sufficient profit for the phishers to be attracted to committing this crime again and again.

What is APF ?

Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an easy to follow process, from top to bottom of the configuration file. The management of APF on a day-to-day basis is conducted from the command line with the ‘apf’ command, which includes detailed usage information and all the features one would expect from a current and forward thinking firewall solution

We are going to show you in this tutorial how to install it on your server.

* You need root access to install this

* The configured Ports here are for Cpanel servers.

cd /usr/src/
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -xvzf apf-current.tar.gz
cd apf-0.9.6*
./install.sh

You should get responses similar to that :

Installation Details:
Install path:         /etc/apf/
Config path:          /etc/apf/conf.apf
Executable path:      /usr/local/sbin/apf
AntiDos install path: /etc/apf/ad/
AntiDos config path:  /etc/apf/ad/conf.antidos
DShield Client Parser:  /etc/apf/extras/dshield/

Other Details:
Listening TCP ports: 1,21,22,25,53,80,110,111,143,443,465,993,995,2082
,2083,2086,2087,2095,2096,3306
Listening UDP ports: 53,55880
Note: These ports are not auto-configured; they are simply presented for information purposes. You must manually configure all port options.</pre>
<p>Now configure APF :</p>
<pre lang="bash">pico  /etc/apf/conf.apf</pre>
<pre lang="bash">Change USE_DS="0"
to USE_DS="1"

This uses a list of networks that have exhibited suspicious activity captured from DShield.org

Now lets configure the ports to block/open

configure IG_TCP_CPORTS and IG_UDP_CPORTS (Incoming TCP/UDP connections)

IG_TCP_CPORTS="20,21,22,25,26,37,53,80,110,143,443,465,783,993,995,2077,2078,2082
,2083,2086,2087,2095,2096,3306"
IG_UDP_CPORTS="21,37,53,873"

configure EG_TCP_CPORTS and EG_UDP_CPORTS (Outgoing TCP/UDP connections)

EGF="1"
EG_TCP_CPORTS="21,22,25,37,43,53,80,443,873,2082,2083,2086
,2087,2089,3306"
EG_UDP_CPORTS="20,21,37,53,123,873"

Save your changes and exit the editor and then restart the firewall :

/etc/init.d/apf restart
OR
apf -r

Here is a list of other possible commands :

usage ./apf [OPTION]
-s|--start ......................... load firewall policies
-r|--restart ....................... flush & load firewall
-f|--flush|--stop .................. flush firewall
-l|--list .......................... list chain rules
-st|--status ....................... firewall status
-a HOST CMT|--allow HOST COMMENT ... add host (IP/FQDN) to allow_hosts.rules
and immediately load new rule into firewall
-d HOST CMT|--deny HOST COMMENT .... add host (IP/FQDN) to deny_hosts.rules
and immediately load new rule into firewall

After checking everything is fine and nothing is messed you should change
APF from running in development mode (default) as it restarts itself
every 5 minutes through cron.

pico /etc/apf/conf.apf

Change: DEVM=”1″
To: DEVM=”0″

Exit and restart the firewall.

Enjoy

How Do You Make Favicon.ico Files?
Create a file that is 16 x 16 pixels with 16 colors. Then use a program like http://irfanview.com, or http://gimp.org to save it as an ico ( icon ) file with the name “favicon.ico”. You can also visit Favicon UK. They have a free online icon maker that sends your favicon.ico file to you via email.
Or even generate it online using http://www.favicongenerator.com/

Note, you can’t simply save a graphic file with .ico extension and hope it works. It must be a favicon.ico format.

How Do You Install Favicons?
Name the file favicon.ico ( must be a real icon file ), and upload it into your web directory in the root of your html files. For example you would put it here: http://www.domain.com/favicon.ico
Also add this line in your html head section :

If anyone bookmarks your web page now it will list that favicon will show up in their favorites and when they return to your website.

If you want them to have the same favicon on every page you’ll have to add some html code into your headers

What about Apache MIME types and Favicons?
By default your httpd.conf file should be set with “AddType image/x-icon .ico”, but if it isn’t, you need to get your server admin to add that line.

Just what is web hosting anyway?

In simple terms, web hosting is renting space on a web server. A website is not simply a domain name, it is a collection of files linked together by HTML code to display text and graphics on a computer. In order for anybody to see this collection of files you’ve created, it has to be housed on a computer somewhere that has access to the internet. Not just any computer will do, of course. A web server is a computer set up with special software that allows it to receive requests from the internet for the website files it has stored on it and to send those files out over the internet so that the requesting computer can display them. It is very much like a waiter in a restaurant taking your order and bringing the food that you ask for from the kitchen, hence the name “server.”

What kinds of web hosting are there?

Shared Hosting – Most websites are not huge affairs with hundreds of pages and thousands of files and graphics, and they are targeted toward a particular audience, so they will not get as many visitors as the large general sites like Yahoo! that are targeted at everybody who uses the internet. As such, the average website therefore is not going to require the full resources of an entire web server to run it. Web servers are designed to be able to handle dozens, even hundreds of websites at once because they are powerful machines.

Shared hosting is simply the concept of hosting more than one website on a particular server. Over 95% of all websites on the internet are being run in a shared hosting environment. Since the resources of the server can be split among the clients hosted on it, so can the costs of operating the server, so shared hosting is universally cheaper than any other type. Shared hosting packages are generally designed so that each client is allotted a certain amount of each resource, with different payment levels representing different amounts of resources such as disk space, bandwidth, email addresses, and so on. Shared hosting is also known as virtual hosting.

Dedicated Hosting – If you do have a big, powerful website that gets lots of visitors and has a tendency to hog resources, then you might want to have a web server all to yourself. Some companies also prefer the extra security of not having to share the server with anyone else who could do something accidentally or on purpose to crash it. Renting the use of an entire server is known as dedicated hosting. The web hosting company still owns the machine and takes responsibility for maintaining the hardware and the web hosting software, but you have greater control over the configuration and use of the server. There is also such a thing as semi-dedicated hosting, in which a web server is only split between a very small number of clients, such as 2 to 4, with strong partitions between each to prevent them from interfering with one another. Since the hosting company is still responsible for the upkeep of the server, this type of hosting is also known as managed hosting. For obvious reasons, dedicated hosting always costs significantly more than shared hosting.

Server Co-Location – If you really want complete control over every aspect of your web server, you might very well choose to buy one and maintain it yourself if you have sufficient knowledge. However, chances are that you still don’t have the resources to keep your server completely safe from power outages, roof leaks, thieves, unwary employees and other hazards and keep it on the internet on a fast, high-bandwidth connection at all times. You need a data center to provide those services for you. Co-location is the rental of physical security, continuous electrical power and a fast, reliable internet connection for a server that you own. The data center is not responsible for any of the hardware or software maintenance of a co-located server, you are. This can be a cheaper alternative to dedicated hosting if you have the necessary expertise and time to run a web server yourself.

Some web hosts are offering UNIX hosting and Windows hosting. What’s the difference?

The terms UNIX hosting and Windows hosting refer to the operating system (OS) that is running on the server. The operating system, of course, is the software that allows the computer to function and manage all of the other hardware and software that is installed on it. Chances are good that you are reading this on a computer running a version of the Windows operating system, the most popular operating system in the world for personal and business computers. Other operating systems that are growing in popularity are Macintosh and various versions of Linux. However, the operating system you use on your computer is irrelevant to which type of hosting you choose. Here are some of the main features of UNIX and Windows:

UNIX Hosting

Most of the web servers in the world today run on one of the many variants of UNIX. The UNIX operating system was originally developed by universities for servers and networking, and many different versions have been written by programmers around the world under the open-source protocol, which means that the code for the operating system is openly available for programmers to customize and make improvements. Linux and BSD are the most popular forms of UNIX and come in many varieties, such as Red Hat Linux, Debian, SuSE, and FreeBSD. Most of these different versions (and much of the software that runs on them) can be obtained for free, which makes UNIX hosting cheaper for a web host than other operating systems and allows them to offer lower prices. UNIX hosting platforms are generally considered to be stable, secure, powerful and fast. Most web programming applications can be performed by software that is available for a UNIX platform. “UNIX hosting” has become a generic term to refer to any platform that is derived from the original UNIX.

Windows Hosting

Microsoft has developed its own operating system for servers as a special version of its Windows operating system, Windows Server 2003. It is a commercial product which requires the operator to purchase a license, which increases the cost of operation for the web host and usually results in higher hosting prices. Windows is designed to be user friendly, but it is generally considered to be less powerful and secure than UNIX for operating in a network environment. ASP, ASP.NET, and ColdFusion are scripting languages which will only run on a Windows server, as will the Microsoft SQL Server and Microsoft Access database programs. These are popular for certain web programming applications, and if you are planning on using them to build your website, you will need to find a Windows host.

What are some of the terms I need to know when I choose a web host?

Disk Space or Storage – Because your website is a collection of files being offered on the internet for viewing, they have to be stored somewhere for retrieval and take up space. Each web server has a finite amount of hard disk memory to divide up and offer to hosting customers. Typically that space is divided up by different package levels so that the more you pay, the more space you are allowed to store pictures, web pages, videos and whatever other files you like on the web server’s hard drive. If your website gets bigger than the space you are given, you will need to purchase more disk space from the web host.

Bandwidth or Data Transfer – Whenever you visit a website and view a page, you are transfering a copy of the files that make up that page over the internet from the web server to your computer. If the page you are viewing consists of an HTML file that is 3KB in size and three pictures of 47KB, 100KB and 250 KB, then you have just used 400KB of bandwidth or data transfer, because that is the total amount of data you just downloaded from the web server to view that page. Bandwidth is a commodity like disk space that the web host has to buy from its internet service provider, so it too is divided up and offered to the customers in specific amounts. Bandwidth amounts are usually measured in gigabytes (GB), because while only one copy of your files needs to be stored on the server, thousands or even millions of copies may be downloaded for viewing. If your website is viewed more times than the amount of bandwidth you are allowed can handle, your website may be turned off until the next billing period starts, or you may simply be billed for the excess amount used, depending on your host’s policies. You can always purchase more bandwidth as your site’s traffic increases.

Uptime – In an ideal world, every web server would be up and running and offering your web pages to the world 24 hours a day, 7 days a week forever. However, web servers are computers, and like any other computer, things happen to make them fail, or they get old and out of date and require maintenance and repair. When a web host gives you a 99% uptime guarantee, they are saying that the web server will be up and running for 99% of the billing period. If they fail to meet this guarantee, most web hosts will refund a certain portion of your money depending on the amount of excess downtime they experienced.

Traffic Statistics – Website traffic statistics programs try to track visitors to your website. They can track how many times your site was visited, how many visitors were unique and how many returned more than once, which pages were most popular, where the visitors came to your site from, what search terms they used in the search engines, and many other types of information which could be useful to you in marketing your website to a target audience. These statistics can be displayed in tables, graphs and charts by hour, day, week, month or year. Some statistics programs are better than others and offer more types of data, better displays, easier navigation or other useful features. Most web hosts today offer some sort of traffic statistics software with their hosting packages.

CGI Scripts – Many web hosts offer a variety of free CGI scripts with their packages. These are things like hit counters, guestbooks, form mail programs, message boards, and other programs that allow your website to perform commonly desired functions. You can use the ones your host provides you with or you can upload and run custom CGI scripts written by yourself or somebody else to perform different tasks like conducting a survey or processing customer information to produce an automatic price quote. Most CGI scripts are written in common programming languages like Perl, PHP or ASP.

For a website to be interesting, it must be able to give its visitors a constant stimulation of freshness. Therefore, a successful website must have the ability to evolve as time goes by. For any good website, they must have the 5 factors so that the website is professional.

Firstly, what a professional website should have is the consistent look and feeling. What we are talking about right now is the mantra of the website. This is the feeling that surfers see when they arrive to your website. Throughout times, the website must have a consistent design, colors, font and general look. If your website has different fonts on different pages and the color scheme is changing as the visitor surfs through your website, it will create an unprofessional attitude because your website will look like a patchwork of web pages. This will also create a visual confusion to the visitors making them feel like your website links to their people’s website. Another point is, the visitors might feel that the contents in your website tend to be irrelevant. The best way to give the visitors a professional yet comfortable feel is to use 1 font as the heading and maybe 2 fonts for the text. As for the colors, you should use two primary colors and have a third one as a secondary color. The shading of your website should also be made up of one or two primary color one more for the secondary color. With all these elements build into your website, it will be able to create a sense of harmony and unified design.

Another issue to look after on your website is the consistent navigation. What we mean here is the way your visitors could get around your website. For instance, your links should always place at the same location in all pages. This is a matter of consistent and to achieve this will give your visitors an assured impression that you have gone through great effort in designing your website. This feature is very important so that users could get back to your home page no matter where they have gone in your website. This is very useful as visitors tend to want to get back to home page most of the time and being able to do that with just a click is a must. Another situation where this function could be useful is when someone lands into a subsidiary page on your site from a search engine or another website, they can easily find a way back to your home page.

Search function is also very important for your users so that they could search for specific details in your website. This can save him ample time so that he doesn’t have to go through all the pages in order to reach his destination. Next, your website should have well balance text and graphics. Too much complicated graphics may make your website load slower. Therefore, it creates a longer waiting time for your users. So, in spite of going for style, we must also remember the effectiveness of the website.

Contacts should be displayed with extra care and attention. Make sure that you phone numbers, logo and slogan is properly displayed. This is very important so that you customers can contact you if they feel the need to. It would be very frustrating if they can’t find a way to contact you.

If you website possesses all the factors that we have discuss, you will have a very informative, useful and effective website because visitors could get around easy, get information easily and so on. Make sure all the pages in your website have such elements and the foundation of your website will have the ideal balance. Then, your website will be successful.

In case you’re shopping for web hosting, have a look on HostsVault you wont regret it.

I recently had the opportunity to develop a small web based application. This time round I was determined to make use of some development framework. Not for me the slow slog of writing all my code from scratch – surely we have moved beyond that now in 2008.

The big question was – which framework to use? Since the advent of Ruby on Rails, development frameworks have become quite the flavour d’jour and there are now, well, maybe not thousands of them, but quite a few! The last time I heard there are about 80 development frameworks out there. I am not 100% user of this number, it could be a bit higher, it could be a bit more conservative (on the phpwact site you can find about 40 PHP frameworks listed). The point is, the web developer is now really spoilt for choice. Which is a problem in itself, since having too much choice can leave you dithering between different options.

This article is therefore about how I made my choice, which was CakePHP, and which factors I took into consideration.

Obviously, and certainly, I will get bombarded with “Why don’t you try X framework, it is really much simpler to use…” type responses. That is quite OK, to each his own! But this is the choice I made and I am sticking to it. Frankly, the idea of going through another learning curve gives me the heeby-jeeby’s….

I found that the selection criteria were not independent. In other words, once I have ruled out some frameworks due to some specific criteria, other factors came into play. It was therefore more a process of elimination than judging all the frameworks off a predefined set of criteria.

The first major selection point was: Ruby on Rails or not.

Obviously there is the attraction of using a brand new, hip, buzz-word hyped framework. You can’t go wrong with something that is getting so much attention… or can you?

Let’s look at some of the selection criteria that filtered out Ruby on Rails

1. Ease of installation and ability to run on shared hosting
The problem is that most of my clients make use of a shared hosting environment. Can Ruby on Rails run on common-or garden variety type shared hosting? The answer was, I soon discovered – no. One needs to either have access your own private servers or run on a shared hosting environment that has Ruby on Rails preinstalled. Admittedly, there are a couple of them now starting up. A comprehensive list of hosting providers that offer Ruby On Rails hosting can be found on the RoR Wiki – http://wiki.rubyonrails.org/rails/pages/RailsWebHosts.

2. Minimize the learning curve
Even though I knew that any new framework will involve a steep learning curve, I really did not have the guts to go through TWO learning curves – one for the language itself and one for the framework. I might still have been prepared to go through the learning curve though if it wasn’t for the fact that RoR requires special hosting.

So basically the decision was: Not RoR. And based on criterion 2, I decided to stick to a PHP framework, and not go for something else based on Perl or something else since I’ve been developing in PHP for the past two, almost three years. Having said this, it is all very well to say that CakePHP allows you to use your PHP skills – because it is an object oriented framework/MVC based framework it has its own rich language infrastructure. You still need to learn the CakePHP terminology and the learning curve is pretty steep!

3. Ability to run on PHP 4
Although PHP 5 offers more object oriented features, once again, not all shared hosts offer PHP 5 out of the box. I decided that I wanted to stick to a framework that will offer backwards compatibility and enable me to run on most of the servers that I, as well as my clients, host on.

My further criteria came down to:

4. Must have good documentation
Under good documentation I count the following:

- User manual

- Examples and code snippets

- Screen casts and videos – although I do not see these as essential

5. Good support by the user community
This, in combination with formal documentation is absolutely essential. All of these frameworks are pretty young and the documentation is also constantly evolving. Some documentation might be patchy in details. This is where the user support in terms of the community comes in. How active are the forums? Is there a bug tracker? Any other informal tutorials, write-ups, comments, blogs and other support?

6. Regular upgrades and bug fixes
..but not so close to each other that the software becomes unstable and unusable. Backward compatibility is also important.

Version number of the software can be used to indicate maturity.

Working off the following list (http://www.phpit.net/article/ten-different-php-frameworks/) one can see that the list has narrowed down to the following frameworks:

CakePHP
Seagull Framework
WACT – latest version now requires PHP 5 so its OUT!
Zoop
CodeIgniter

The next step was a bit less scientific – but still fitted in with point 5 – how well is this Framework regarded? How much support does it generate in the ‘community’.

I scouted through forums and followed links and surfed the net and tried to get a general feel – and overall, CakePHP did seem to come out tops. A similar check that one can do is the following – do a Google search for each of the frameworks and see how many results are returned. This will give you a good idea of the general support, number of tutorials, number of forum posts and general ‘talked about’ factor for the specific framework.

After doing all this it was clear CakePHP is the chosen one.

MySQL is a widely used multi-threaded, multi-user RDBMS in the Linux world its intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software.

However sometimes specially in the shared environment its the sole purpose of overload in the server

Here is a how-to to install mytop (top version for MySQL) which will help you identify a user query that’s taking long time or user opening to much connections to the server so it can help you maintain stability on your server.

First install TermReadKey:

cd /usr/local/src
wget http://search.cpan.org/CPAN/authors/id/J/JS/JSTOWE/TermReadKey-2.30.tar.gz
tar -zxf TermReadKey-2.30.tar.gz
cd TermRead*
perl Makefile.PL
make test
make
make install
cd ..

Then install DBI:

wget http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-1.48.tar.gz
tar -zxf DBI-1.48.tar.gz
cd DBI*
perl Makefile.PL
make test
make
make install
cd ..

And finally our beloved MyTop

wget http://jeremy.zawodny.com/mysql/mytop/mytop-1.4.tar.gz
tar -zxf mytop-1.4.tar.gz
cd mytop*
perl Makefile.PL
make test
make
make install

Then by running mytop it will bring up a page similar to this :

DKIM is an authentication framework which stores public-keys in DNS and digitally signs emails on a domain basis.

rpm --nodeps http://www.c-corp.net/linux/centos/5/general/RPMS/i386/dkim-milter-2.2.1-1.i386.rpm
mkdir /etc/dkim-milter
chown dkim-milt.dkim-milt /etc/dkim-milter
chmod 700 /etc/dkim-milter
chgrp postfix /var/run/dkim-milter
chmod 770 /var/run/dkim-milter

Generate The Keys

Enter the following command to generate your private key:

openssl genrsa -out rsa.private 768

Enter the following command to generate your public key:

openssl rsa -in rsa.private -out rsa.public -pubout -outform PEM

mv rsa.private /etc/dkim-milter/_default.key.pem

Edit the file /etc/sysconfig/dkim-milter

USER="dkim-milt"
PORT=local:/var/run/dkim-milter/dkim.sock
SIGNING_DOMAIN=""
SELECTOR_NAME="default"
KEYFILE="/etc/dkim-milter/${SIGNING_DOMAIN}_${SELECTOR_NAME}.key.pem"
SIGNER=yes
VERIFIER=yes
CANON=simple
SIGALG=rsa-sha1
REJECTION="bad=r,dns=t,int=t,no=a,miss=r"
EXTRA_ARGS="-h -l -D"


Restart milter service

service dkim-milter start

Edit /etc/postfix/main.cf:
smtpd_milters = unix:/var/run/dkim-milter/dkim.sock
non_smtpd_milters = unix:/var/run/dkim-milter/dkim.sock