HostEntrepreneur

Cloud Computing is a form of computing in which all applications, information and resources are managed in a virtual environment.  The term cloud computing, specifically the use of the word “cloud”, it meant to represent the nature and structure of cloud computing. Cloud computing involves virtual hosted environments allowing users to connect to the services being hosted over the internet.

Google Apps is a great example of cloud computing as companies to no longer require the need for installed word processing software, in house email servers, multiple IT personnel and many more cost saving advantages. Google Apps allows companies to access all services including email, website hosting, calendar, document editing/creation and much more directly through a web browser. The advantage to using Google Apps is increased productivity, security, lower IT costs and data backup. Microsoft has also entered the cloud computing realm by integrating its current software such as Word and outlook with online storage and easy accessibility.

Many hosting companies and even a few internet retailers are beginning to offer cloud hosting services. Rackspace, an internet hosting company, has begun to offer cloud hosting for clients who wish to have personal cloud applications in an environment controlled by them. Amazon.com is also offering cloud hosting services due to its large infrastructure and internet bandwidth capabilities. Most cloud hosting companies offer easy setup and creation of private cloud hosting with simple user interfaces. Most cloud hosting companies have per usage pricing instead of flat rate pricing. Users simply pay for the amount of processing, bandwidth and storage that they use. This pricing method benefits both cloud hosting companies and end users.

There are three main variations of cloud computing:

1. IaaS (Infrastructure as a Service): The need for expensive equipment is outsourced. Instead of companies purchasing expensive equipment including servers, hard drives and networking equipment, they would instead be used over the Cloud and hosted by a cloud computing company. The business entity would use the virtual equipment on a cost usage basis.
2. PaaS (Platform as a Service): Applications are run off of cloud servers hosted virtually. A small company selling cloud applications to businesses will use PaaS to “host” the sold cloud applications and have them run off of the cloud servers instead of having them run off of in-house servers. The company selling the applications pays for the services based on a processor/bandwidth basis.
3. SaaS (Software as a Service): Cloud applications are paid for on a per use basis and not sold in bulk licenses. This allows small companies to purchase a la carte licensing for applications they may use infrequently. Instead of purchasing 15 licenses a company can instead only pay when the software is used and removing the limits on how many machines the software can be installed on.

IaaS, Infrastructure as a Service, is currently the most widely used cloud service. IaaS allows small, medium and even large companies to cut costs considerably. Companies can completely remove the need for expensive network equipment, expensive bandwidth to support their network, expensive network storage equipment and much more. A company only pays for what they use from the cloud infrastructure thus eliminating the capital lost due to lack of usage from in house network equipment, bandwidth, etc. As IaaS gains more popularity and more cloud hosting companies emerge, costs can potentially drop even more due to oversupply and increased cloud hosting competition.

PaaS, Platform as a Service, is second to IaaS in terms of popularity and consumer adoption. A small company selling cloud applications and/or cloud services does not have to host the applications but can instead have them hosted elsewhere. Platform as a Service saves the company selling the applications/services as expensive network equipment, bandwidth and the need for additional IT personnel are instead outsourced to a cloud hosting company. This allows cloud application companies and even small developers the ability to enter the cloud application market without the need for considerable startup capital. PaaS has the potential to overtake IaaS in terms of consumer adoption and overall use.

SaaS, Software as a Service, is the least used cloud hosting service. It is a win-win for both consumers and the software companies. Consumers save money as heavily priced software licenses are no longer necessary due to the fact that consumers are only paying when the software is used. The need to purchase software in bulk is removed and every consumers’ software needs are custom suited based on usage. This is also a win for cloud software companies as it will attract more consumers due to the custom pricing model. Consumers who could not afford the high cost of bulk software licenses will now be able to purchase based directly on their software usage needs. SaaS has the potential to completely revolutionize the software industry and may even curb software piracy.

The customized nature of cloud computing is what makes it such a popular and newly adopted internet technology. It will revolutionize the way that networking and everyday computing is run. It is a great win-win situation for both cloud companies and consumers.

Potential Disadvantages

There are also disadvantages to cloud computing, specifically in online storage and client applications. A company which utilizes cloud computing to host its email, document editing, calendars and other applications can be shut down if a cloud hosting company experiences downtime. This specific disadvantage was the case on February 24^th, 2009, when Google Apps as well as Gmail were down for several hours. The downtime also reiterated that if Google can go down so can any other hosting companies. Confidence in cloud computing may have been hindered after this specific downtime although Google has assured it will not happen again. Google Apps services over 1million business around the world and is the leader in cloud computing applications.

Security is also a potential disadvantage to cloud computing. Companies that are willing to adopt the ability to host their services on the cloud may be reluctant to do so until the security of cloud computing has been heavily demonstrated and thoroughly tested. Large companies may consider the additional costs of in-house network hosting outweigh the potential security risks associated with cloud hosting. A security breach involving a companys’ cloud information storage has the potential for disaster. However, hacking and security breaches are rampant for in-house IT hosting such as millions of credit card numbers being stolen as well as detailed customer information. If cloud computing can prove that its security is much better than any in-house hosting this may help it to grow and overtake the percentage of companies that have in-house IT infrastructures.

Cloud computing is still in its infancy and is expected to grow and revolutionize the way of everyday computing. Many theorize that cloud computing will one day take over today’s desktop computing altogether. Until intense applications are developed for use over the cloud, desktop computing will remain the staple of everyday computing. Cloud computing innovation is rapid and as new cloud technologies emerge more people will start to adopt the cloud.

Current browser technologies are not up to date with cloud computing capabilities, especially in the mobile computing world. Cloud applications require several browser technologies including Adobe Flash, JavaScript, Adobe Flex and much more. Until browser technology evolves to fit the capabilities of cloud computing, cloud computing will remain a relatively simple method of computing.

Overall Benefits

The advantages of the cloud heavily outweigh the disadvantages. As better cloud computing technologies are developed and redundancy is fine tuned, the disadvantages will slowly become obsolete. As mentioned, cloud computing is in its infancy and new cloud technologies are growing exponentially. One day we will all use the cloud. In-house IT hosting as well as desktop computing may become a thing of the past.

cPanel servers have a good small file named as antivirus.exim. It is a central filter for the exim mail server which lets you setup all kinds of good filters which helps you to stop spam from coming in and going out of your server.

In this article I will provide you my /etc/antivirus.exim config file which will help you to protect your servers from spammers. First off the default /etc/antivirus.exim has a couple different rule sets in it. The main ones are attachment filters to help stop email viruses from your users. They stop things like .src and .com and .exe attachments.This shows you some custom rules to stop spammers from sending out of your server, you can also use it to stop spam from coming in. I don’t really go into a lot of detail for filtering incoming mail since other applications like Spam Assassin handle that better IMO.

You will need root access to your cPanel server.

First off we need to create a special log file for these filters do this:

touch /var/log/filter.log chmod 0644 /var/log/filter.log

Now open up the configuration file vi /etc/antivirus.exim

Simply add this to your existing file, and save the changes and they take effect instantly.

# START # Filters all incoming an outgoing mail

logfile /var/log/filter.log 0644 ## Common Spam if

# Header Spam $header_subject: contains “Pharmaceutical” or $header_subject: contains “Viagra” or $header_subject: contains “Cialis” or $header_subject: is “The Ultimate Online Pharmaceutical” or $header_subject: contains “***SPAM***” or $header_subject: contains “[SPAM]”

# Body Spam or $message_body: contains “Cialis” or $message_body: contains “Viagra” or $message_body: contains “Leavitra” or $message_body: contains “St0ck” or $message_body: contains “Viaagrra” or $message_body: contains “Cia1iis” or $message_body: contains “URGENT BUSINESS PROPOSAL” or $message_body matches “angka[^s]+[net|com|org|biz|info|us|name]+?” or $message_body matches “v(i|1)agra|vag(i|1)n(a|4)|pen( i|1)s|asu|seks|l(o|0)l(i|1)ta|dewacolok”

then # Log Message – SENDS RESPONSE BACK TO SENDER # SUGGESTED TO LEAVE OFF to prevent fail loops # and more work for the mail system #fail text “Message has been rejected because it hasn # triggered our central filter.” logwrite “$tod_log $message_id from $sender_address contained spam keywords”

seen finish endif

# END # Filters all incoming an outgoing mail

# START # All outgoing mail on the server only – what is sent out

#Check forwarders so it doesn’t get blocked #Forwarders still work =)

## FINANCIAL FAKE SENDERS ## Log all outgoing mail from server that matches rules logfile /var/log/filter.log 0644 if ( $received_protocol is “local” or $received_protocol is “esmtpa” ) and ( $header_from contains “@citibank.com” or $header_from contains “@bankofamerica.com” or $header_from contains “@wamu.com” or $header_from contains “@ebay.com” or $header_from contains “@chase.com” or $header_from contains “@paypal.com” or $header_from contains “@wellsfargo.com” or $header_from contains “@bankunited.com” or $header_from contains “@bankerstrust.com” or $header_from contains “@bankfirst.com” or $header_from contains “@capitalone.com” or $header_from contains “@citizensbank.com” or $header_from contains “@jpmorgan.com” or $header_from contains “@wachovia.com” or $header_from contains “@bankone.com” or $header_from contains “@suntrust.com” or $header_from contains “@amazon.com” or $header_from contains “@banksecurity.com” or $header_from contains “@visa.com” or $header_from contains “@mastercard.com” or $header_from contains “@mbna.com” ) then logwrite “$tod_log $message_id from $sender_address is fraud” seen finish endif

## OTHER FAKE SENDERS SPAM ## Enable this to prevent users using @domain from addresses ## Not recommended since users do use from addresses not on the server ## Log all outgoing mail from server that matches rules logfile /var/log/filter.log 0644 if ( $received_protocol is “local” or $received_protocol is “esmtpa” ) and ( $header_from contains “@hotmail.com” or $header_from contains “@yahoo.com” or $header_from contains “@aol.com”

) then logwrite “$tod_log $message_id from $sender_address is forged fake” seen finish endif

## KNOWN FAKE PHISHING ### Log all outgoing mail from server that matches rules logfile /var/log/filter.log 0644 if ( $received_protocol is “local” or $received_protocol is “esmtpa” ) and ( #Paypal $message_body: contains “Dear valued PayPal member” or $message_body: contains “Dear valued PayPal customer” or $message_body: contains “Dear Paypal” or $message_body: contains “The PayPal Team” or $message_body: contains “Dear Paypal Customer” or $message_body: contains “Paypal Account Review Department” or

#Ebay $message_body: contains “Dear eBay member” or $message_body: contains “Dear eBay User” or $message_body: contains “The eBay team” or $message_body: contains “Dear eBay Community Member” or

#Banks $message_body: contains “Dear Charter One Customer” or $message_body: contains “Dear wamu.com customer” or $message_body: contains “Dear valued Citizens Bank member” or $message_body: contains “Dear Visa” or $message_body: contains “Dear Citibank” or $message_body: contains “Citibank Email” or $message_body: contains “Dear customer of Chase Bank” or $message_body: contains “Dear Bank of America customer” or

#ISPs $message_body: contains “Dear AOL Member” or $message_body: contains “Dear AOL Customer”

) then logwrite “$tod_log $message_id from $sender_address is phishing” seen finish endif

# END # All outgoing mail on the server only – what is sent out

The log file will have the logging format like this: /var/log/filter.log

2006-05-10 12:05:13 1Fds7S-0002Sa-MV from smooth595@gmail.com contained spam keywords 2006-05-10 14:18:47 1FduCn-0006GV-1r from dayton.nowellu7xn@gmail.com contained spam keywords 2006-04-27 15:44:35 1FZDLn-0005Mo-5z from nobody@ocean.wavepointmedia.com is fraud 2006-04-27 16:37:40 1FZEB9-0002KQ-VP from nobody@ocean.wavepointmedia.com is phishing

Date and time, the Exim message ID, the sender and the section of the filter, like phishing, fraud or spam. You can check the mail message by grepping the exim_mainlog for it like this

grep 1FZEB9-0002KQ-VP /var/log/exim_mainlog

If you don’t use one of the control panels that makes it easy, figuring out how to generate the CSR for a SSL certificate can be a pain (installing the cert can be a pain too, but that’s another pain altogether)

Fortunately, there’s help! DigiCert put together a small javascript page that gives you the command you need. See it here: https://www.digicert.com/easy-csr/openssl.htm

One you get the command you’ll log into your server and run it. It will generate 2 files – the key and the csr. You’ll need both. You can use the csr at any of the certificate authorities to get a SSL cert issued not just digicert.

We’ve been busy lately… we’ve installed SolusVM and have been integrating existing OpenVZ nodes into the system. Overall the process went fairly smoothly. We installed the management console into a VPS primarily for backup reasons. We could if needed take the dump and place it on another node and bring it back up pretty quickly. This adds slightly to the cost ($2.50/month) but is well worth it in our opinion. Otherwise, you install the management console on an full server and it becomes a node.

We did have one issue with an existing node, that had long ago been a HyperVM node. I placed a ticket with SolusLabs and within 30 minutes or so had the initial response. After trying a few things, their support person logged into the node for me and did the setup. The problem was with  compatibility between lighttpd and a library iirc.  Strangely enough that server did a kernel panic a few hours later after acting “wierd” for a few minutes.  Since it was brought back up, it’s been stable. I suspect it was all of the loading and unloading of various components that led to the problem.

One of the features is the pricing… It is $10 per month per node. The number of vpses per node doesn’t matter. You pay just for each physical server. The downside is that some providers will use this to justify placing more vpses per server. But those that think that way will be doing that anyway because of other per server costs like power, rack space, etc.

So far we’re pretty impressed. Of the VPS management consoles that have been brought to market since the demise of HyperVM’s founder and developer, this one seems the most solid.

One of the best services I’ve found for finding expired domains that are cheap is http://freshdrop.net. This one site lets you search several domain dropping services at the same time and sort them based on all kinds of criteria. The only “issue” with it is that it provides so much information that it can be overwhelming. But there are a couple to pay particular attention to… The PR column is just that, Google’s pagerank. But notice the column next to it, “Fake”. This flags domains that may have suspicious pageranking going on. Realize though that once Google sees the site change, it’s likely to redo the PR anyway.

Next look at the ‘age’. Since you’ll pick up these domains on their way out, the age stays with it. It’s one way to make a site appear older than it really is… but that leads to some ethical questions that this isn’t the place to discuss.

Move on the GR and GRN – these are Google search results for the domain with and without the extension respectively. Related to those is GIDX which is the number pages in Google’s index for the domain. GBL will give you the number of backlinks on other domains pointing to that domain.

Similar to all the Google colums, there are columns for Yahoo, Altavista, Ovation, etc. And over on the right there is a very complete search filter section.  You can filter of TLD (TLD is the top level domain – com, net, org, etc. or a country like .us, .ca, etc.) as well as looking for domains with certain terms in them, or excluding, or with based on any of the columns listed. And you can do compound searches: .COMs containing “host”, excluding “adult”, with 10 to 500 Google backlinks, for example. It’s really quite powerful.

The price you see listed is on top of the regular annual registration fee, but considering they have many that start at $5 it’s quite reasonable compared to some services.

If you’re a webhost and have less than 10 employees, you may be eligible for Microsoft’s WebsiteSpark Program, http://www.microsoft.com/web/websitespark/. If you’ve been in the hosting business a long time, you might remember Microsoft’s Certified Hosting Partner’s program, where MS provided some support and leads for customers. This one appears to be the new incarnation of that program. 

You get software:  Microsoft Windows Server 2008 (or R2 if available) Web Edition plus SQL Server 2008Web Edition… so you’ll actually be in license compliance, something I bet most small Windows hosts are not. You also get Visual Studio Pro, Expression Studio 2 (or 3) or Expression Web 2 (or 3) to design and develop websites. 

Plus you get Support and Training from Microsoft and the network partners, and best of all, sometime in the future you’ll get “Visibility & Opportunities” – meaning probably a directory or providers and sales leads.

You can be in the program for up to 3 years, but one thing to note,  a $100 fee is due at exit. So it’s not totally free, but pretty dang close.

Logical Volumes are one of the cool technologies that finally made it to Linux.  LVMs present your filesystems with a virtual (or logical) drive to use that may reside on one or more physical volumes.  Once you start working with LVMs you’ll never want to go back. How about the ability to extend or reduce their size? Or my personal favorite, the ability to snapshot a filesystem, which is like taking a picture (a snapshot) of how it looked at a point in time.  This is done through some “trickery” with a snapshot volume that holds the real writes to the snapshotted volume on a separate LVM.  You can then backup the snapshotted LVM without worrying about if changes are being made to the filesystem. When you un-snapshot the LVM, all the writes are committed to the real LVM. As far as the applications thinks, the filesystem is business as usual. And unlike splitting mirrors, you 1) keep your redundancy intact 2) its MUCH faster and 3) you only need space to hold the writes.

But there are times you need to modify a filesystem.  For example, you may need to reduce or extend a Logical Volume on a system…  Say we have a /vz filesystem and we want to reduce it to 500GB to open some unused space for something else.

1. Backup your data – this is ALWAYS step 1.
2. umount /vz
3. e2fsck -f /dev/Volgroup##/LogVol##    … where the #’s are the logical volume group and volume numbers for /vz
4. resize2fs /dev/VolGroup##/LogVol##   500GB  … same ##’s as above
5. lvreduce -L 500GB /dev/VolGroup/LogVol##  … do I need to say it?
6. e2fsck -f /dev/VolGroup/LogVol##    …. just for good measure
7. mount /vz   … or mount -a

Just a quick update but an important one at that… Buy.com and Godaddy.com are offering a special on .COM domain names… See http://www.godaddy.com/default.aspx?sssdmh=dm5.157776&isc=299buycom  and click the yellow box on the left for details. There are some restrictions (no paypal, new or transfer only, etc.)

HostEntrepreneur.com has been getting a pretty decent response and we want to keep the drive alive. The past several days have been very busy for me – new ad coming out in Ping! magazine with the next issue, lots of work to do, as well as some personal development plans all underway.

I’ve mentioned this before and had several people express interest but not follow through, so I’m putting it back out there… if you would like to write for http://HostEntrepreneur.com/  we would love to hear from you. We’re looking for business and technical writers who love to share with and teach others about the industry.  There is a bit of small monetary compensation as we do require exclusive content. Plus you also get an “About the author” section, where you can also put a link back to your site (even if it competes with one of ours … this site is about teaching and helping others, all are welcome).  So if you’re interested register here, so you can send me a message…

And rest assured we’ll be returning to our “regularly scheduled programming” shortly.

One of the things you may need to develop, and we probably all stand to improve it some, is time management. This is true even more so for small business owners. There are many methods or techniques to explore, and I plan on going through some of them with you, but today I want to show you the method I like best. It’s commonly referred to as the “Eisenhower method” after the President who used this technique.

It’s a simple method, and works well for managing many aspects. Divide everything up based on the above table into 1 of the 4 quadrants.

1:  Important and Urgent – These are the fires! Put them out right away!
2:  Important but Not Urgent – These are important, but don’t need addressing now. Schedule them for later.
3:  Not Important but Urgent – Delegate these to someone else. Have them do them now.
4:  Not Important and Not Important – Iif you can’t do everything, these are the ones not to do.

Your attention as a small business owner should be on the tasks in boxes 1 and 2 primarily, and sometimes on 3. The 4′s are the ones to ignore for now. They may be “nice to haves” or “nice to dos”, but the time they take is taking away from the more important and/or more urgent matters. Leave them on the list for a while, but don’t be afraid to let them go if need be.

Also realize that items can move from one quadrant to another, especially between 2 to 1, 4 to 3, and 4 to 2 . But they almost never go from a 4 to 1 directly. They almost always go over only 1 direction at a time, either between Urgent and Not, or between Important and Not. Often things move from one to the other because of being neglected, at which time they become either more important or more urgent, and rarely both.

So you may ask yourself, if I’m focusing on the 1s, why not just ignore the rest? Because almost no task can be completed in 1 session. Often you will find yourself blocked by some outside force that limits what you can work on and actually make progress.  Don’t work on something that you’re not going to be able to move forward on, just because it’s a 1.  If you can take care of a 2 or a few of them, you’ve moved forward more than working on a 1 and not going anyway with it.