Scalability Blog

Scaling tips, insights, updates, culture, and more from our Server Experts.
 

Implementing TOTP Authentication Into Your Infrastructure


We have previously covered how to add Time-based One-time Password Algorithm (TOTP) on your mobile device.  Now we can implement SSH access with TOTP. It is more secure to use public key authentication, and disable any password and challenge-based authentication for SSH. However, there are times when you have to have access to your server but you don’t have your public keys with you. In this case, we’ll need to allow root …

Comments Off on Implementing TOTP Authentication Into Your Infrastructure
 

Automatic WordPress Updates Using FTP/FTPS or SSH


Introduction
When working with WordPress in a more secure environment where websites are not entirely world-writable, you will notice upgrades request FTP or FTPS credentials as the server itself does not typically have write access in properly-configured environments. Entering these credentials for every upgrade can become quite tedious, and WordPress has implemented some constants you can define within wp-config.php to make upgrades automatic.
It should be noted here that you can also make upgrades …

Comments Off on Automatic WordPress Updates Using FTP/FTPS or SSH
 

Protect Big Data With Two Factor Authentication

big-data-blog-header
Big data security is everyone’s responsibility.  Using weak passwords or entering your password from compromised workstations can undermine your organization’s entire infrastructure.  Even on a workstation free of trojans, viruses, and software based keyloggers, there is still a threat from hardware keyloggers.
Hardware based keyloggers for USB and PS/2 devices, such as keyboards and mice, are very affordable and easy to conceal. For $40-$60 anyone can buy a hardware keylogger and introduce it …

Comments Off on Protect Big Data With Two Factor Authentication
 

Upgrading Your Managed Server to SSD for Maximum Performance and Cost Savings


The biggest advantage of Solid State Drives is lack of moving parts as compared to traditional hard drives.  This allows the drives to survive longer, and have faster read and write times.  It makes them ideal for an enterprise environment where performance and reliability are expected.  The SSD drives use less than a third of power compared to SAS or SATA, and promise twice the life expectancy.   Power consumption alone should save …

Comments Off on Upgrading Your Managed Server to SSD for Maximum Performance and Cost Savings
 

Protecting Your Managed Server From Packet Flood

packet-flood-header
There are instances when your DNS server, such as BIND or PowerDNS, comes under a heavy packet flood.  Here is a network activity on two nameservers undergoing UDP flooding to port 53:
network-utilization-1
network-utilization-2
To mitigate this issue, we need to do a little investigation as to where the packets are coming from.  Tcpdump is an excellent tool for …

Comments Off on Protecting Your Managed Server From Packet Flood
 

Using GlusterFS On Your Managed Server


You will first need to setup a distributed GlusterFS storage cluster and follow these instructions:
First, we will have to install  EPEL repository:
[root@webserver ~]# rpm -Uvh http://mirror.symnds.com/distributions/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
Retrieving http://mirror.symnds.com/distributions/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
warning: /var/tmp/rpm-tmp.CjOwN6: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Preparing…                ########################################### [100%]
1:epel-release           ########################################### [100%]
Now we’ll install the necessary packages:
[root@webserver ~]# yum -y install glusterfs-fuse glusterfs
Place the same hosts file in /etc/hosts as on GlusterFS nodes.  We will also create a folder /mnt/glusterfs to use as our …

Comments Off on Using GlusterFS On Your Managed Server
 

Load Distribution with Nginx and Cloudflare

nginx-cloudflare-header
Nginx is a popular reverse proxy application that is very efficient at serving static content and forwarding requests to other webservers.  It can provide a much needed performance boost for websites that have a lot of visitors and static content like images, videos, PDF files, etc.  While dynamic content like PHP, Python, Ruby, and other scripts, are passed off to an interpreter.  This is usually an Apache webserver, which receives a request …

Comments Off on Load Distribution with Nginx and Cloudflare
 

How ServerStack Fully Manages and Optimizes Magento Hosting

magento-blog-header
Magento is a powerful and incredibly flexible ecommerce program. While the expansive ecommerce platform offers an enormous amount of store customization, a slow loading online site will do little to entice a customer to buy its product. An optimized server running Magento, on the other hand, can offer a strong performance, resulting in higher sales and happier customers. To ensure the lowest system loads and best possible response time, ServerStack works to …

Comments Off on How ServerStack Fully Manages and Optimizes Magento Hosting
 

ServerStack Maintains 100% Uptime During Hurricane Sandy


The day after Hurricane Sandy six weeks ago, all ServerStack employees found themselves without power, heat, hot water, or access to gas.
In the days after Hurricane Sandy six weeks ago, all ServerStack servers and sites continued to maintain the perfect uptime record that they have held for nearly a decade.
On Monday, December 4th, Netcraft ranked ServerStack 7th in its list of November’s Most Reliable Hosting Sites. The list compared hosting sites from across …

Comments Off on ServerStack Maintains 100% Uptime During Hurricane Sandy
 

Encrypting Sensitive Partitions with dm-crypt and LUKS


Introduction
There are many reasons an individual or organization may need/want to encrypt their data. Unfortunately, encryption of data can cause extra overhead and slightly degraded performance, depending on the method being used. We’ve chosen to highlight block-layer encryption, as it gives the best overall performance among the most commonly used methods.
Note: This example setup used involves encrypting the entire /home partition. This partition will need to be manually unlocked each boot by …

Comments Off on Encrypting Sensitive Partitions with dm-crypt and LUKS