Very Happy (Day - 1)

MiCarl

Member
I have a couple domains on a shared hosting plan. One is for a club and the other is for my business. Total storage is less than 2GB. Bandwidth usage is non-existent, but I do peg the CPU a few seconds/day. All told it is 2 static(mostly) web sites, a forum and a homemade business app built in PHP/MySQL. Until a couple months ago it's been very good and a real steal at under $5/month.

Then they upgraded the server. For whatever reason it's painfully slow more than not. Fortunately it's my off season but I need that business app to be responsive come spring. I decided a VPS was probably the way to go so I would have consistent and predictable performance. Still it was a painful decision because a managed VPS is at least 8x the price.

Based on a recommendation from someone I know who runs a very large forum with hundreds of users at any time I decided to look at KnownHost. Today I purchased a VPS-2. I added some DNS records at the other host to point here, moved a copy of my application and database and tried it out.

As I write this the, instance on the shared hosting plan is performing pretty well. The one on the VPS-2 is noticeably faster. And the one on the VPS-2 should perform like this 24/7/365! Woohoo!

For any potential new customers considering the move:

- I have been out of IT for 20 years, I was trained on punch cards (if you know what those are). All of my "modern" skills were self developed taking care of that shared hosting plan for five years.

- I really struggled with the decision to buy a cpanel license. Cpanel alone costs more than my shared plan. All in all though it was very nice to be able to work in the familiar environment to set this up.

- The only real challenge was figuring out how to create a hosting account in cpanel. Once I got that set up it was pretty much the same things I've been doing for years.

In summary, so far I'm very happy with my purchase!
 
@MiCarl welcome to KnownHost! I'm very happy to hear that your initial experience has been nothing but pleasing.

We strive to always be the best we can be and we're only a quick ticket away day or night 365 days a year so just shoot us a line should you ever need anything.
 
Yesterday was my first day here too. I also moved from a shared server. I was bumping up against CloudLinux but couldn't get anything but copy/paste responses from support about what was going on. So I decided it was time to move on. I also got a VPS-2 and so far my resource use is pretty conservative even though I get about 3000 visits a day (and growing).

When I first logged in and saw WHM, I felt totally lost and overwhelmed. So I was up most of the night trying to figure out WTF. It's intimidating but also exciting. Anyway, I'm happy I made the leap too.

(Don't tell anyone else, but I know all about those punch cards. ;) )
 
What I learned today:

[+] If you back up a hosting account on the old server and restore it (cPanel on both ends) it can overwrite some of the cPanel files. The fix was to log on to the host WHM and force a cPanel upgrade. In my case I'd only lost the icons for the x3 theme.

[+] If you screw up a DNS record and/or subdomain on the new server Firefox may cache the error page and keep displaying it even after you fix the problem. That cost me several hours .........
 
I also ran into some surprises today. As I was reading the WHM documentation and getting acquainted with the interface, I clicked on the Security Adviser which ran a scan resulting in several red flags. 1) the password slider was set at zero, 2) the pseudo-user “nobody” was permitted to send email. (Several more whose significance I'm unclear on - that's tonight's work.)

I was not expecting to find stuff like this when the VPS's are advertised as "Fully Optimized & Secured" and with "Free initial security hardening." Hmmm.
 
Everyone has a different definition of security. We have to find a happy medium between usability and insane lockdown.

If "nobody" couldn't send email then no web script which needs to send email via sendmail would work. This means 90+% of web scripts.
Password security is something controlled by you. People that are going to use secure passwords are going to use them anyway. People that aren't are going to open tickets and complain that WHM won't accept their password and even after our advice will want the requirement lowered so that slider/definition is pretty pointless.
 
My mail script uses a from header, so I'm good on that count.

I'm starting to look up a few more. What about this one? "Apache vhosts are not segmented or chroot()ed."

I found at http://www.cyberciti.biz/tips/chroot-apache-under-rhel-fedora-centos-linux.html: "You should never ever run a web server without jail. There should be privilege separation between web server and rest of the system."

Maybe I should just open a ticket and ask about these since they are all over my head at this point.
 
By default our servers are deployed with DSO+mod_RUID2 as the PHP handler. This takes care of what you just mentioned by running web scripts as an individual user (whatever account the scripts are in).
 
One of the emails sent during migration included the following:

"The PHP handler in your source server is shown as LiteSpeed but it is not installed on the KH server. I've configured your new server to use SuPHP."
 
Got it all quickly sorted out in a support ticket. I like to be very conscientious about security, especially since I basically have no clue about all this o_O
 
Got it all quickly sorted out in a support ticket. I like to be very conscientious about security, especially since I basically have no clue about all this o_O

Being security-conscious is a must these days! Always keep it in the back of your mind.
 
Top