-
Recent Posts
Blogroll
Categories
Tags
Meta
SoftLayer Hosting = Win
So I have a business. It’s a web-based CRM platform for Auto Dealerhips. My partner and I plugged away for about 4 years trying to build and grow it. Somewhere along the way I got fed up with our dedicated host, who shall remain nameless. Constant downtime, awful service, and an account management portal that just plain sucked. In the end, a massive exploit ruined our server, along with every other server configured similarly near our rack. Try and get them on the phone? We lost a client as a result, and frankly I didn’t blame them for leaving. I felt like an amateur.
Enter Softlayer.
From day one, I have been simply amazed at the level of expertise and service these folks provide. My server was provisioned and ready for business within one hour of my ordering it.. on a Sunday… at 2am.
Since that time about 2 years ago, I literally have had exactly zero issues. No downtime. No problems. No nothing. Beautiful. Every request I have submitted was immediately addressed by their impeccable customer support. Their customer account interface and accompanying forum portal are simply the best I have ever encountered from any host, not that I ever really have to use it since I rarely, if ever, have any kind of problem. Now I feel like an expert. And most importantly, my clients feel that way too.
About 6 months ago, my partner and I gave up the dream of our business and went back to full-time jobs. We still enjoy and fully support our existing client base, and one of the main reasons is Softlayer. Today it dawned on me that the server, the sites, all the email accounts, everything.. has been simply sitting there on a rack in one of their many datacenters just doing what it is supposed to be doing.I expect it will continue to do just that for some time to come.
Thanks, SoftLayer.
Cheers,
Murph
CERN LHC going live soon!
Measuring 27km in circumference, it will become the world’s largest particle accelerator when it inaugurates in July.
Related stories:
http://physicsworld.com/cws/article/news/33600
http://gizmodo.com/374066/large-hadron-collider-wont-destroy-earth-of-course-not
Bypass SSL Certificate Errors when connecting an iPhone to Plesk Mail Account
On the iPhone:
- Select Settings, Mail
- Select Add Account…
- Select Other
- Enter all of your relevant email account details. Be sure to select IMAP or POP before you “Cancel” and “Save.” You can’t adjust that setting when modifying the account later.
- Select the Save button. At this point, you will be presented with an ‘invalid certificate’ warning.
- Select the Cancel button; you will be returned to the account details screen
- Select the Save button; ignore the warning that ‘you may not be able to send email’
- Open the settings for your new mail account and select the Advanced button
- Use the sliders to disable SSL for mail receiving/sending. Be sure to check the port numbers to ensure they’re valid for your particular email server
SSL certificate setup for pop3s, imaps, smtps on Plesk
lifted from here
HOWTO to setup an SSL certificate on a Plesk server so that it will be used when people connect through secure pop, smtp and imap.
First, you will need a certificate. It can be self signed or CA signed. Using a self-signed cert will of course result in some browser warnings for those who have not added the certificate as locally trusted on their computer.
You will want a copy of your cert in PEM format. If you don’t have this already, just create a single file with the private key followed by the certificate. That’s it. For example, just run the following (using correct paths to your private key and certificate files):
touch host.pem
chmod 600 host.pem
cat host.key host.crt > host.pem
and you’ll now have a PEM file. It should look like this:
—–BEGIN CERTIFICATE—–
…
—–END CERTIFICATE—–
—–BEGIN RSA PRIVATE KEY—–
…
—–END RSA PRIVATE KEY—–
Courier-IMAP (pop3s and imaps)
The first step is to set it up for pop3s and imaps by backing up and replacing the certs at:
/usr/share/courier-imap/pop3d.pem
and
/usr/share/courier-imap/imapd.pem
with your PEM file.
If you have a chained cert, you need to do one more thing. You need to tell courier-imap about it. Backup and edit both of the following files:
/etc/courier-imap/pop3d-ssl
/etc/courier-imap/imapd-ssl
and set the value TLS_TRUSTCERTS in each file to the path to the certificate chain. For example, drop a copy of the certificate chain into a file at:
/usr/share/courier-imap/chain.crt
and then set the value for TLS_TRUSTCERTS in the pop3d-ssl and imapd-ssl files like so:
TLS_TRUSTCERTS=/usr/share/courier-imap/chain.crt
now restart courier-imap:
service courier-imap restart
Qmail (smtps)
To setup your certificate for use with smtps, copy your PEM file to:
/var/qmail/control/servercert.pem
and if you have a CA certs, append them to that same file (so you should have all of the CA chained certs right after your own certificate in that file).
now restart qmail:
service qmail restart
Test everything
You can test these newly installed certificates to make sure everything is working with the following:
openssl s_client -connect [host]:993
openssl s_client -connect [host]:995
openssl s_client -connect [host]:465
Note that the imaps test (port 465) can take a while to respond when testing like this.
And, of course, you can test these (and should) by trying to use an actual email account to send and receive mail using these protocols.
SMTP on different Port in Plesk
Copy /etc/xinetd.d/smtp_psa to smtp2_psa
In the new file, REPLACE service smtp WITH service smtp2
Then modify /etc/services and add the smtp2 service (port 26 in this example).
smtp2 26/tcp mail
smtp2 26/udp mail
Then restart xinetd
/etc/init.d/xinetd restart
Check that the new port is now listening
# netstat -plunt |grep :26
That should return something similar to
tcp 0 0 0.0.0.0:26 0.0.0.0:* LISTEN 2345/xinetd
Test connection by telnetting from an outside box to port 26 on the server:
telnet 123.123.123.123 26
Plesk qmail notes
lifted from here
Qmail Log Location in Plesk:
/usr/local/psa/var/log/maillog
Ignore Mail to unkown user instead of bouncing:
One domain at a time:
edit /var/qmail/mailnames/<domain.goes.here.com>/.qmail-default and replace its contents with: |true
to change for all domains:
find /var/qmail/mailnames/ | grep .qmail-default | xargs replace “|bouncesaying ‘This address no longer accepts mail.’” ‘|/bin/true‘ –
Hubble Deep Field Video
“Representing a narrow “keyhole” view stretching to the visible horizon of the universe, the Hubble Deep Field image covers a speck of the sky only about the width of a dime 75 feet away. Though the field is a very small sample of the heavens, it is considered representative of the typical distribution of galaxies in space, because the universe, statistically, looks largely the same in all directions. Gazing into this small field, Hubble uncovered a bewildering assortment of at least 1,500galaxies at various stages of evolution.”
Linux / Plesk / APF Quick and Dirty Howto
As root from SSH term:
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -xvzf apf-current.tar.gz
cd apf-*/
./install.sh
Check for install errors
Installation Details:
- Install path: /etc/apf/
- Config path: /etc/apf/conf.apf
- Executable path: /usr/local/sbin/apf
- AntiDos install path: /etc/apf/ad/
- AntiDos config path: /etc/apf/ad/conf.antidos
- DShield Client Parser: /etc/apf/extras/dshield/
Edit the config file:
vi /etc/apf/conf.apf
Turn on DShield.org blocklist
USE_DS=”1″
Allow Plesk Ports (add or remove the ports relevant to your configuration here)
IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465,993,995,8443″
IG_UDP_CPORTS=”37,53,873″
EGF=”1″
EG_TCP_CPORTS=”20,21,22,25,53,37,43,80,113,443,465,873,5224″
EG_UDP_CPORTS=”53,873″
Run in debug mode first, and check to make sure everything is open/blocked appropriately, then turn debug mode off.