Author Archives: Nathaniel Hyson

Automatic Optimization of images

I was cleaning out my email folder yesterday and I came across this old email. While I have removed anything that would specify who this email is with the results are still proving of CLDMV’s systems. I’m also pretty sure this email was prior to the double compression PNG system we currently use now.

As you can see from above not only did our system compress the images as much as Google said we could. But we were able to compress 1-4% more. Here is a recent daily report of our image compression system.

Keeping in mind all the compression is done lossless. Meaning there is no loss in visual quality. The only downside to the compression is if the images store data such as where they were taken, that data is removed.

 

New Security Features

Previously we had been using the over-popular Fail2Ban to scan our logs as a temporary fix for the issue. While the anti-DDOS software written by CLDMV takes care of a ton of bans every day. The hacking attempts are still being attempted by some what smarter hackers.

Today we rolled out our first module for log scanning. With SSH probably being the #1 threat to servers out there that is what we chose to target for our scanner. Took several days but the results are amazing. While I can’t divulge the inner workings of the module. Let me just show you the first ban email we got after running it for the first time:

Keep in mind these numbers and bans are simply based upon the past 24 hours of logs.

Update:

This guy takes the cake for CLDMV’s Anti-DDOS software catching a potential intrusion. Just received this email:

Also the log processing module for SMTP hackers is in place as well now. Here’s the first email for the past 24 hours of attempts:

Why CLDMV for hosting?

On average our clients are seeing a 20-30% increase in page speeds from their old hosting environments to CLDMV’s Servers. Roughly a 40% decrease in the size of downloaded content as all CSS/JS is minified, users can minify their HTML if they choose to do so and all images are compresses to the maximin they can be (completely lossless compression of course).

So far all of our clients have came to us from their own dedicated servers where they were paying on average 300$/month for their servers. CLDMV’s clients pay on average 130$/month as of writing this post. While essentially our service is “Shared hosting on steroids” it can also be compared to a “no limit” VPS. Since most people who are running online websites grow out of their shared hosting environment within the first couple years of business (assuming traffic increases at a steady rate) they don’t want all the hassle of managing a server.

Often more times than not they pay 30-40$/month to have a commercial control panel installed and on top of that pay a system administrator to change things when needed. With CLDMV changes are only a call away and once the control panel rolls out many operations of the hosting plan will be available via the control panel (free of charge).

In our experience most clients running online websites simply need a faster website. They don’t need nor want an entire dedicated server. The industry has forced users to upgrade to that point due to over selling and over crowding servers. Here at CLDMV we monitor everything on the servers daily and apply upgrades or code changes to keep the system running smoothly. Client stats are tracked every hour, server stats every 15 minutes. Traffic is always instantly tracked (logged every 60 seconds). Our mission is to provide affordable hosting with all the benefits of a going out and hiring a optimization company to come and optimize your dedicated server. With CLDMV you don’t have to hire or pay for anything extra for your service.

With many options available (some not listed or posted about yet) the possibilities of hosting with CLDMV are endless. Need your own or want to use your own database server? We got your covered. Need load balancing? We can do that as well (though our biggest servers can handle over 1000 512MB php threads at any given instance and up to 10Gbps of transfer). Just want complete isolation? We offer dedicated servers as well where all the optimization and management of the server is done by us and you have a completely isolated part of our network.

Lets step back for a minute. Any hosting company can offer you the world but can they deliver? Do they have hard numbers which prove their service? Lets let the numbers talk for themselves. Below is a table of response time, load time, downloaded content (with a hard refresh to force all content to be downloaded), google page speed score and estimated cost if any idea of cost is available.

Site 1: http://beautyjoint.com

 

Site  Response Time  Load Time  Download (First Load)  Page Speed Score  Cost
Original  575ms  2.25s  900KB  66  1000$~
Compare  444ms  1.56s  627KB  86  200$~

Site 2: http://adrianas.1stwebstudio.com/en/

 

Site  Response Time  Load Time  Download (First Load)  Page Speed Score  Cost
Original1.61s7.00s4.9MB46??
Compare775ms3.97s3.6MB86130$~??

Site 3: http://www.extasybooks.com/

 

Site  Response Time  Load Time  Download (First Load)  Page Speed Score  Cost
Old945ms5.85s1.1MBKB  74600$~
Current772ms1.97s  627KB  88300$~

 

Notes:

Site speeds and scores ran on 2014/05/07 at 4pm PST (for site 1 and site 2)

Links may or may not be valid at time of viewing.

Sites listed above have given permission to post these stats as a comparison of our service.

Minify HTML as a service

While mileage may vary with minifying HTML it is not done automatically like minifying css and js. However there is a background service running for anyone wishing to use it on the server free of charge. Below is the php code to access the service.

Combined with the above code you can use the below code to retrieve the minified html body as well as the original bytes, minified bytes, and saved percent by minifying the html.

Server Upgrade

Server (s1) is scheduled to have another SSD hard drive added to it on:

5.4.2014 (Sun) 01:00 (GMT-0500) – 04:00 (GMT-0500)

Shouldn’t be any downtime as it’s simply a hard drive however there may be some downtime between 10pm PST and 1am PST.

Referral Credits

The below promotional offer expires 2014/08/01 at 12am PST.

As systems for the control panel are starting to come together. I’ve decided to offer some incentive options for referrals.

Option 1: 5% off your Monthly additional charges (bandwidth, disk space, backups, db space, email space, dedicated IP) for 1 node. As long as your referred customer keeps their subscription.

Option 2: 100$ credit to your account for every 12 months your referred customer pays for server service (If the referred customer pays for 12 months now and then in 12 months pays for another 12 months you’ll get 200$ in account credit).

Each customer referred allows one of the two options for referral credit.

Essentially if you refer 32 customers to CLDMV your hosting is free (assuming 1 node in use) as long as those 32 customers keep service.

Note: Account credit is only redeemable for services and invoices. It is not redeemable for cash/money.

What is a node you may ask. A node is specified as a single domain/application. IE say you run example.com and example.net, each is a single node on our servers. Thus you are running 2 nodes.

Database backup system bugs

A bug was found in the database backup system. This has been resolved. The bug was an issue with the backup system not properly removing old backups when it came to the database backups. HTML backups were being removed correctly though.

As a result of more coding the database backup system now supports sending the backup file to the correct website which the database is used for. For those using multiple sites and/or multiple databases.

Crons are here

While there is still no control panel yet. The system now supports schedules crons. These crons can be set at a min interval of 5 minutes and are easily modified. So once the control panel is in place it will be easy to implement it into the panel.

Currently I have already setup the crons manually that were needed for some clients. If you need any crons setup for now just send me an email.

Note: These crons have a low priority in order to keep the server running smoothly. (nice commanded)

PHP CLI added, crons to come soon

PHP has been added to the shells. There was a bug with the mysql side of this that didn’t let PHP load the mysql extensions. Now that that is fixed PHP can properly be used through the command line for each user.

With this being fixed cron jobs will be the second thing on my list to implement into the control panel.

Heart bleed bug

A friend just pointed me to this: http://www.theepochtimes.com/n3/609175-heart-bleed-bug-imperils-web-encryption-putting-passwords-credit-cards-at-risk/ which in turn turned me to this: http://heartbleed.com/

Basically OpenSSL for 2 years had a major flaw in it which allows hackers to obtain 64 kilobytes of data from the server where OpenSSL was installed and being used. I rushed onto the server and checked the OpenSSL for it’s version number. While I will not specifically state what version the servers are running for security measures I will say that the service is NOT running OpenSSL versions which were vulnerable.

However after using a test site (http://filippo.io/Heartbleed/) on a client’s server I found that even though 1.0.0 was not supoused to be affect (their version was 1.0.0c) they were vulnerable. I would strongly urge ANYONE to either run their update program (centos/rhel: “yum -y update openssl”) or manually install 1.0.1g as soon as possible. Then broadcast to your account holders to change their passwords.

Keep in mind OpenSSL 1.0.0c was released in December of 2010. Which means if 1.0.0c was vulnerable this bug has been around for 3 1/2 years.


 

Excerpt from http://heartbleed.com/

 

What versions of the OpenSSL are affected?

Status of different versions:

  • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
  • OpenSSL 1.0.1g is NOT vulnerable
  • OpenSSL 1.0.0 branch is NOT vulnerable
  • OpenSSL 0.9.8 branch is NOT vulnerable

Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.


Commands to update your own dedicated server:

Just in case the above command doesn’t clean up here is the clean up command:

In case you’re having issues with “openssl version” still showing you your old version and are using StorMan use the following commands:

If not using StorMan and still having issues of the old version being reported try:

To test your openssl version use the below command:

 Also keep in mind you will want to re-key your SSL Certificates if your server had a known issue. As someone could be sitting on your private key just waiting to use it.