| The Idologic Blog is the place to come for news, updates, commentaries, and more from the Idologic team. Updated weekly with topics ranging from customer service to technology. |
Archive for the ‘Technology’ Category
Wednesday, February 17th, 2010
 One crucial area of focus for Idologic Networks is uptime. We prefer not to pat ourselves on the back all too often, but we do possess quite the track record when it comes to keeping our servers online. Uptime is a function of many variables and it begins on a stable datacenter foundation which is supplemented by true server-grade hardware. (IE: We don’t stuff a glorified desktop processor in our servers!) The aspect of uptime that any good System Administrator – whether he or she oversees Linux, Windows, or UNIX – grapples most fiercely with is the software side.
If you ever updated your home desktop or laptop, you know exactly what we are talking about. Upgrades to the Operating System (OS) core virtually always require a reboot. If, as with a server, your object is to stay online as much as possible, this clearly becomes counterproductive. Contrary to the advice of your Uncle Al who refuses to update his Service Pack 1 installation, good security practice requires that a high-value target like a server be up to date. Your customers demand that security from you, you demand it from us, and we demand it from ourselves.
At the very core of Linux is something called the kernel. To keep this blog post short, think of the kernel as the brain and nervous system of Linux that tells it how to operate on the server. Patching this kernel with the latest security releases has always been a source of downtime. It requires a server reboot to apply the changes, and it seems like there is always a necessary update right smack in the middle of your busiest week or newest promotion. It’s not so much a problem when the reboot can wait for late at night or off hours, but it becomes a major issue when the reboot is needed quickly.
Ksplice Uptrack is the advent of rebootless kernel upgrades. This technology has been in the pipes for some time, and the good folks here at Idologic Networks maintained a watchful eye, ready to adopt it when the technology matured. This is a capacity that Linux possesses which really gives it a major advantage over Windows servers right now.
The basic synopsis on how Ksplice works is that it takes the vendor releases and converts them into hot updates (in laymen’s terms, you could think of it as a live update). The MIT minds behind the project put out a whitepaper on the subject if you would like to go into further detail, but this is the brainchild of a couple excellent observations. They realized that the vast majority of kernel upgrades simply did not need any need code and therefore required no reboot to be applied. To make a long story short, they came up with a system where they could apply the hot updates and forego the once-required server reboot for a very long time.
This technology, Ksplice, is coming to Idologic, as we’ve already begun implementing it on many of our customers’ servers. We look forward to entering a new era of uptime sans the annoying downtime that accompanies kernel upgrades. With Ksplice, we can schedule our maintenance and begin to do away with unscheduled reboots for kernel upgrades. As always, let us know at the helpdesk if you have any questions!
Posted in Blog, Business, Customer Service, General, Technology | No Comments »
Tuesday, October 27th, 2009
In lieu of the tired old press release, Idologic is rather pleased to announce the introduction of MailFoundry to its awesome lineup of services. MailFoundry is the name for a new anti-spam and anti-virus solution that will indeed keep your inbox clean. We noticed that many of our customers were running into various issues with the existing cPanel software. These issues resulted in missing emails and general frustration with spam-fighting capabilities. We decided to find a solution and we think we’ve found the best!
So what makes this tool any different from other (non-working) solutions? As you may know, cPanel and DirectAdmin both use a combination of ClamAV and SpamAssassin to fight spam. The latter name gives you a good idea as to how the software works, it kills. Traditional spam fighting literally seeks out and destroys spam. The software relies basically on guesswork and a complex scheme of scoring to determine the “spamminess” (pretend it’s really a word) of an email. The obvious issue is that artificial intelligence concepts like this remain rather simple-minded; that’s not to say the existing software is ineffective or poor by any stretch. However, the existing software is made to handle the average shared account as opposed to handling larger amounts or particularly critical email correspondence. It will miss spam, and it may land a few false positives.
This is where MailFoundry steps in. The software is actually hosted on hardware exclusively devoted to MailFoundry, so this literally takes some of the load off of your server and frees it up for things like processing website pages. Beyond that, though, MailFoundry uses a system called MessageIQTM which is basically a system of real people who monitor global email. These folks staff a datacenter 24×7x365 simply looking at email and finding spam. (Good times!) This makes this setup pretty darn effective against image spam and other devious spammer tricks. In fact, the software catches 99% of all spam and 100% of all viruses. Those are pretty good odds for you non-gamblers out there. The really nifty aspect of the software is that it updates roughly every 5 minutes. As you can imagine, these details make it quite effective. It further boasts a one-in-a-million shot of a false positive!
This new MailFoundry service does come at a cost. We’ve managed to make it a very small one, though. Right now, you can protect 10 mailboxes (per domain) for just $1/month! We’ve created a handy PDF reference sheet for the software that you’re welcome to peruse. If you’re interested in signing up, please contact our helpdesk, which is available 24/7 for help and information! Feel free to ask questions in our forum community as well.
Posted in Blog, Business, Customer Service, General, Technology | No Comments »
Thursday, May 14th, 2009
No, there is not a typo in the title. Idologic is proud to announce that Subversion & Trac and Ruby on Rails are now available to all of our cPanel Reseller customers. These new tools are quite powerful, and offer some nifty features to developers. Both tools are easily accessible in your cPanel control panel.
Ruby on Rails is a programming language (Ruby) on a framework (called Rails). Chances are that if you host with us, you at least know what a programming language does. However, the concept of a framework might be foreign to you. Ruby is a unique programming language in that it tries very hard to resemble a written or spoken human language, as opposed to a complex computer language. Arguably, it succeeds at this task where others failed. If you want to know more about the language, we suggest checking out the homepage at http://www.ruby-lang.org/ to learn about Ruby. There are several helpful tutorials to get you started, and there are many books available at your local bookstore. Ruby further boasts a lot of local groups for those that are really interested because Ruby remains quite popular in the open source community.
Ruby on Rails is the next step; think of it as sort of an optimized version of Ruby specifically for web applications. Although you might not even know it, chances are that you already use websites that function through Ruby on Rails. The list includes: Twitter, YellowPages.com, Hulu, Backpack, Basecamp, and so on. As you can see, for this to be a relatively young scripting language framework, Ruby is already employed in some very demanding environments. More information about Ruby on Rails is available from the official website at http://www.rubyonrails.org/.
Subversion and Trac is a completely different animal. Subversion is what is known as a version control system. Think of it as a type of “time machine” for a script; it is a tool that enables a user to manage changes to a script over time. This is a popular tool for many developers because it enables the safe use of cutting-edge features. However, benefits are not just limited to developers, as it can be employed for any number of files that need to be modified and managed through time. Trac is a type of wiki and issue tracking system. The unique aspect of Trac is that it is tailored to be easy to use with Subversion. To fully understand this technology, check out the official sites: http://subversion.tigris.org/ for Subversion and http://trac.edgewall.org/ for Trac.
We could not possibly describe the merits of either Ruby on Rails or Subversion and Trac in a single sitting. However, from our terse descriptions, the high points are apparent. These features have now progressed far enough that they can be considered safe and useful in shared environment. They are now incorporated into all cPanel reseller accounts. If you have any questions, please feel free to contact Idologic at http://helpdesk.idologic.com.
Update: Ruby on Rails is also available on the DirectAdmin servers; please update your client packages if you’d like to give them access to ROR.
Tags: Ruby on Rails, Service, Subversion, Trac
Posted in Business, Customer Service, General, Technology | 2 Comments »
Monday, April 27th, 2009
One of the topics that we frequently find ourselves discussing here at Idologic is Sender Verify. Pretty much your only interaction with this nifty little feature will be negative, because you will see this much-maligned error message: 550 Sender verify failed. This is the hallmark error that shows up when something doesn’t work; otherwise you would never even know this feature even existed, as it quietly hums along doing its diligent duty and keeping spam from your inbox.
Sender Verify works like this in a nutshell: It sends out a callback to a mail server when it receives mail to verify that the email address actually exists. This is accomplished by a series of checks that do simple tasks like check for a broken DNS setup or verify an MX entry. It’s a powerful tool for fighting spam because most spam has forged information and is not sent from a “real server” – yes that is one of those vague explanations, but put that on the shelf for now.
99% of the time, Sender Verify works just like it should. That is why you don’t even know it exists; email that should be delivered is indeed delivered and email that is spam and should not be delivered is rejected. There is no need for the resources of antispam/antivirus software to be brought to bear thanks to this utility.
When Sender Verify occasionally doesn’t work [when it should], it is typically a result of a different email configuration from the sending server. The tool functions by making the generally correct assumption that all mail servers follow a set of basic guidelines (which most all do). However, there are certain email systems out there that don’t exactly follow these guidelines for one reason or another. This does not make them wrong, nor does this make Sender Verify wrong.
These are the times that a support ticket is necessary. In order to help you continue functioning and receive the mail you expect to receive, Idologic, Inc. offers two solutions:
- Whitelist the “Offending” Mail Server. This is pretty simple; we grab the name of the mail server and add it to a special whitelist which will ensure safe passage of mail from that domain, as the actual sender verify checks are ignored. This is the recommended and most common solution.
- Opt your domain out of Sender Verify. This is the nuclear option, if you will. We will remove your domain from Sender Verify altogether. You’ll never be bothered by Sender Verify again, but the same is also true for spam email sent to your account. Spam amounts will increase. This path is for those that are concerned about Sender Verify or just are lucky enough to frequently find themselves in disagreement with Sender Verify.
If you need to use either of the two options, simply create a ticket with the helpdesk informing us of what you would like to do. Either option must be carried out by Idologic staff.
(And to let you in on a little secret, we are currently developing a tool for your Billing panel that will allow you to remove a domain from Sender Verify without opening up a ticket.)
I feel a bit like a broken record when I say this, but Idologic is always here to help. We will be happy to field any questions or assuage any concerns. Reach us 24/7/365 on the helpdesk at http://helpdesk.idologic.com/.
Posted in Customer Service, General, Technology | No Comments »
Monday, November 17th, 2008
An exploited website is every webmaster’s worst nightmare. There is nothing scarier than logging on to a completely defaced website or receiving a notice from abuse that your account became a spammer and your IP was blacklisted. The thoughts begin to race from there. What about backups? Do I still receive all my email? Have I lost clients or money? This nightmare scenario (and the associated headaches) can be easily avoided if you take a simple step and make sure that your scripts are always updated to the latest version.
Web hosting is driven far by the wonderful engine of free and/or open source software. Scripts such as phpBB, SMF, Joomla, Drupal, and so on are freely available to webmasters in place of paid alternatives which would cost no less than a few thousand dollars. However, where the source of script is available to you, it is also available to anyone else. This even holds true to those who would like to cause a little trouble for fun, fame, a challenge or even for money. Aside from this, even a poorly coded custom script can be just as much of a security hole, so it is important to always stay abreast of things. Modifications for open source scripts are also yet another source of exploits. Many folks are surprised by this information, but it’s a good idea to know exactly what you are installing on your website. All it takes is a badly coded modification or outdated software and you’ll fall victim to the next round of attacks launched by a group of Turkish hackers or a 15-year-old “script kiddie” sitting in his basement and using software that he found in a backchannel IRC room.
With open source software, you have the benefit of a community that is constantly using, searching, and securing the script. Most of these scripts offer a mailing list, RSS feed, or news alerts about exploits. A premier example of this is the Drupal mailing list which sends out alerts for security issues both with the actual software and the modifications that come with it. The software that Idologic employs should also alert you when an update is available. However, some folks may choose to install their scripts by hand, and so our alerts would not be available in that case.
It is supremely worth the few minutes it takes to signup for these lists on the software website. These lists publish information that is vital to you. When a new version of software is released, it generally applies a fix or few to security issues. If you continue to run an outdated version, it is literally a matter of when (and not if) your website will be exploited. And trust us, you are going to lose visitors and customers when your website plants a virus on their desktop. It’s just not worth the headaches when you can do a few simple things to keep updated. We do encourage all of our customers here at Idologic to stay aware and up-to-date!
Tags: exploits, hacking, PHP, scripts
Posted in Customer Service, General, Technology | No Comments »
Friday, October 17th, 2008
 We’ve noticed an increase of folks having problems with being unable to access their respective server. We thought it would be worthwhile to clear the air on the situation so that you would be a little more aware of what goes on behind the scenes when this occurs.
All Idologic reseller servers make use of a firewall. Along with certain cPanel services, the firewall and associated services monitor various logins: cPanel logins, webmail/email logins, .htaccess logins, etc. and blocks a user by IP address when too many incorrect logins are made in a short period of time. In this case, the number is five(5) incorrect logins within a span of five(5) minutes. This is a temporary block, but it does last for quite a bit and can become permanent if triggered too often. So, if you forget a password, try it three or four times and then give it 5-10 minutes and try again.
This feature is in place for your protection. One of the most common forms of exploitation on the internet is what is called a brute force attack. In a nutshell, something (either a person or script) attempts to guess your password. The idea is that the attacker will guess simple passwords and a malicious user will gain access to your account and its resources. The problem comes in that most folks choose simple passwords so that they won’t forget them, so this is where a firewall comes in against this sort of action. The quandary is that more difficult passwords can easily be forgotten, and that might leave you locked out of your server until your IP is removed. This meant submitting a ticket in the old days.
In light of this, we here at Idologic have two new solutions to help you (and us) work with the firewall.
Firstly, we have a plugin to WHM which allows resellers to open port 3306 (MySQL) for a specific ip address to have remote MySQL access:
1. Login to WHM
2. Under Plugins, click “Mysql Firewall Configuration”
3. Enter the IP you would like to access MySQL from (your ip)
4. Click submit
Note: This only opens the firewall! You will need to allow your user access to the specific database in cPanel >> MySQL Databases.
The second feature is that now resellers have the ability to unblock IP addresses via their Idologic billing control panel. This means you won’t need to put in a ticket or contact us to remove the IP address:
1. Login to the billing site (http://secure.idologic.com/payment/)
2. Click “Firewall” on the right hand side
3. Enter the IP you believe is blocked.
4. Click search
Note: If you or your client is unsure about what their IP address is, a handy-dandy website is available: http://www.whatismyip.com.
As always, if you have any questions or problems at all, do not hesitate to contact our support department!
Posted in Customer Service, Technology | 9 Comments »
Monday, June 23rd, 2008
Roundcube, a webmail program, is now featured in cPanel’s recent release. Roundcube, just like its name, is a little…well…different. After spending much time pondering the origin of the name, I came to the conclusion that it is not another square peg meant to fit in a rather round hole. Roundcube is the round peg, that still is a square (think webmail) at heart, but not in look and function.
Roundcube differs from the alternatives of Horde and Squirrelmail in that it functions much like a desktop email client such as Microsoft Outlook or Mozilla Thunderbird. This bit of news will fall on welcome ears for those who thought the previous cPanel webmail offerings fell short of the mark.
First things first, cPanel implemented an autoload utility that allows you to load up your webmail tool of choice when visiting the /webmail URL on your domain. The new feature includes a redirect tool that offers the ability to specify the number of seconds that the redirect will take, which leaves you ample room to feel quite dangerous and choose an alternate webmail client each day while waiting for the redirect to complete.
If Roundcube were to be assessed in a single word, I would choose the word “smooth.” It offers a rather bland, yet useful, interface that does have a slight learning curve. Included in the design are icons at the center top of the page which are not labeled with text. You can hover your mouse over them to find out their functions After using Roundcube for a while, you’ll know them automatically. These will fade out when they are unavailable – such as when no message is highlighted.
The message pane in Roundcube is one of those features that feels just like a traditional email application. To select a message, simply click on it There are no annoying checkboxes to click. (Finally, someone has listened!) Selecting a message in Roundcube highlights just as it would in Outlook. Notice that you can drag and drop an email to a folder as well. To highlight multiple individual messages, simply use your control key and click on the appropriate messages. To highlight a group of messages, such as every message on the page, hold your shift key and click. These features improve the webmail experience in general, and make Roundcube much more user friendly than the alternatives.
On the top bar, you’ll notice a send/receive button and an address book. The “Personal Settings” button leads to the best and simplest feature set of any of the cPanel webmail choices. Here you can select basic features such as timezone, language, automatic draft saving, and whether or not you want to use HTML in your emails. The “Folders” tab allows you to create, edit, and remove folders as needed. Finally, the “Identities” tab allows for the management of your webmail identities. It means that you can set reply-to addresses, display names, organization names, bcc recipients, and your signature.
Composing a message is simple with Roundcube. Simply click on the icon to do so from the main screen. You’ll notice that everything is pretty much self explanatory via icons here. The great feature here is that attachments can be attached from the left side of your current screen. Simply click the “+” box and browse and upload your file.
Roundcube is simply simple. This welcomed addition to cPanel provides the next generation of webmail usability with desktop-like interface. The introduction of Roundcube might even bring a few people to the dark side (of webmail). This is a tremendous improvement upon the existing webmail offerings included with cPanel.
And, as always, Idologic will be available should you need any help. Don’t ever hesitate to ask us a question.
Posted in General, Technology | No Comments »
Sunday, January 13th, 2008
 We’ve had a vast majority of our (customers’) servers in the 56 Marietta Street datacenter in downtown Atlanta for a couple of years now. We’ve been pretty happy with the datacenter and its overall track record of being responsive to us and providing a quality service. However, we’ve pretty much filled our space at the datacenter and need to expand.
Idologic has chosen the datacenter at 55 Marietta street (yes, across the street from our current one) to expand to. This datacenter will provide Idologic with a lot of room to grow and expand over the coming years. We’re excited about placing our new servers in this datacenter (which is on the same network at the 56 Marietta location).
As company, in addition to providing top of the line customer service, we’re dedicated to offering our customers the best and latest technology available. Our technical team has spent a lot of time, money, and effort into designing our space in this state of the art datacenter. Some of the things this new location will feature:
- One hour of UPS power backup per rack (at full load), which can be expanded easily to 8 hours
- Filtered power
- A backup generator
- GigE private and public connections
- KVM access
- Remote reboot port accessThe last two features might particularly interest our dedicated server customers. The location will allow us to continue to grow and improve our offerings. We’ve already ordered all of the necessary parts. When they’re delivered, racked, and setup, we’ll be able to offer servers in this new datacenter. It’s exciting for us a company.For our current customers in 56 Marietta, there will be no migrations or anything. Your servers will stay there and will continue to operate like they usually do. This only affects new customers and customers who will be purchasing a dedicated server in the future.
Posted in Business, Technology | No Comments »
Friday, October 5th, 2007
We’ve begun (and have been successful so far) upgrading our cPanel servers to the latest version of cPanel, version 11. The move to upgrade was one that we thought and planned out pretty carefully. We are fairly conservative when it comes to major software (cPanel, PHP, MySQL, etc.) upgrades at Idologic, so we wanted to wait a while and make sure cPanel 11 was going to run without problems. We announced our tentative schedule in late August and began upgrading from there.
What are some of the benefits of using cPanel 11? Here are some that we’ve noticed right away at Idologic:
- Prettier. cPanel 11 is quite a bit prettier than 10. It has a lot more AJAX and a lot of UI improvements such as sorting and more drag and drop features. The interface is also faster.
- Resellers have enhanced branding features as well as faster / easier theme switching.
- There have been a lot of changes in the areas of spam handling and protection for cPanel 11. Spam is one of the biggest causes of server trouble at any hosting company and any improvement to this area is welcomed. In particular, cPanel’s spam handling has been optimized to handle a much higher volume of spam without slowing the server down (which is a good thing given the increasing amount of spam).
- New file manager. If you (or your customers) use the cPanel file manager, you will notice it has undergone significant changes.
- It is now much easier to install modules for Perl and other programming languages.
- The help section of cPanel has been improved significantly. There is also a getting started tour within cPanel now.
If the server you are on hasn’t been upgraded, don’t worry, it’s coming soon. So far, cPanel 11 has been working great (and we expect it to continue to be that way), so you only have positive changes to look forward to in the near future. If you have a dedicated server with us, please contact us and let us know when you’d like to upgrade. You can upgrade at your convenience (and if you’d like, not at all), but it is an upgrade we’re suggesting.
As always, if you have any questions whatsoever, we are standing by and more than happy to assist you.
Posted in General, Technology | No Comments »
Monday, May 21st, 2007
Note: this is reposted (and updated a bit even) from our previous website however everything below is still valid.
As we are all quite aware, spam is a large and increasing problem on the internet. According to recent studies, up to 80% of all email is actually spam. Unfortunately, this is not just an interesting piece of trivia — there is a real cost to spam whether it be your time (or your clients’) in weeding through it or the extra storage and utilization on the server in processing so much extra email.
Note: for the purposes of this article, spam includes UBE (unsolicited bulk email) and email that contains viruses.
At Idologic we have been carefully watching various anti-spam solutions for quite a while. Given the enormity of the problem, there are a multitude of solutions available both for purchase (proprietary) or for free (open-source). Interestingly enough, many of the best proprietary solutions are simply well-packaged sets of open-source tools. Given sufficient time and understanding, a knowledgeable server admin can construct an anti-spam solution that fairly accurate while requiring minimal maintenance. A well-built antispam solution can approach 80-90% accuracy rates with no false positives or manual maintenance (i.e. someone to flag spam manually on the server every day).
Simply put, that is what we have now done.
You may have noticed that there is an “Server-Wide Spam & Virus Protection” option in cPanel. This is simply the front-end to a comprehensive sysem consisting of….
- ClamAV — a superior open-source virus scanning solution. Additionally, virus signatures are updated daily from a central repository.
- Exiscan — an extension of the Exim MTA which provides the glue for Exim to call other programs.
- Exim Advanced Configurations — this allows us to block certain well-known virus file extensions. You can always send a file through regardless of its extension by first zipping it.
- DNS RBL’s — that is, DNS-based black-lists. We currently employ 3 very conservative DNS RBL’s. Please see further notes on them below.
- Vipul’s Razor — a distributed, collaborative, spam detection and filtering network that is constantly updated by screened user contributions.
- Server-based blacklist and whitelist overrides. This gives us the ability to override any of the methods above on a server by server basis whether to allow or disallow email. This would be normally be done in response to a request via ticket where a customer needs to receive certain emails but does not want to disable all filtering.
While we have put a large amount of time into crafting a very conservative but accurate spam-blocking configuration, we do realize that some clients may not wish to have any filtering. Because we recognize this need, this system is combined with cPanel Pro to provide user-controlled opt-in or opt-out on a cPanel account basis. Here is a sample screenshot from cPanel showing the configurability provided.
Please note that CPSkins has stopped updating their skins and so is not compatible with enabling/disabling this feature (spam filtering will still be working….you just can’t use CPSkins to enable/disable it). You will need to use RVSkins or x2 as your cPanel skin. We would recommend RVSkin as being very feature-rich and configurable.
Specific instructions.
- For RVSkin, go to RVAdmin Skin Manager / Package-Feature Manager. Choose the Feature List you for the user whose feature set you want to control, find the feature ‘Server-Wide Spam & Virus Protection’ and enable it.
- For the x2 skin, go to WHM > Feature Manager > Edit Feature Set. Check the box for “Server-Wide Spam & Virus Protection” at the bottom of the list and save.
We have enabled the configuration above on all reseller servers and will set up dedicated servers/VPS’s by request (no installation charge).
Explanation of DNS RBLs
Given that there are several irresponsible DNS RBL’s (SPEWS & SORBS for example), DNS RBL’s sometimes get a bad name. Fortunately, there are several highly accurate DNS RBL’s available. After careful research, we have chosen to use…
- list.dsbl.org — tests for open relay SMTP servers and will only list a server if confirmed open.
- zen.spamhaus.org – SpamHaus is a well-recognized anti-spam service provided for free to ISP’s and webhosts. It contains the IP addresses of verified spam sources as well as servers confirmed to be compromised by illegal 3rd party exploits.
These 2 lists have a very low to non-existent false positive rate. For example, in over a year of live implementation in a large environment (80,000 emails/day), the Spamhaus RBL’s have had zero false positives.
Posted in General, Technology | No Comments »
|
Copyright © 2006, 2007, 2008 Idologic Inc. All rights reserved.
The Idologic brand and logo are trademarks of Idologic Inc.
|
|
|
 Categories
|
| Blogroll
|
Search
|
| Archives
|
| Tweets
|
| Meta
|
|
