Welcome to Vastspace, provides Reliable Web Hosting since 2014

Welcome to Vastspace

Blog

Blog

Keep away from free VPS!

This was an article about free VPS that I had read here and share with everyone.

 

have no doubt in saying this is a total rip off company. I believe its parent company fortratrust does not have any good reviews here either. I Found their offer for free vps offers in some adword campaign so thought of giving them a try. After all what loss can i have by spending mere .50C . But i was mistaken.

The setup was quick after payment, however that was just start of the problems. Right after signup i ran into problems as the vps would not start after restarting. Also the control panel was very buggy. When you try to open a support ticket it prompts you to pay $5 for the ticket. Since i really wanted to have a vps running quickly i paid it. The issue was resolved within 24 hours and ticket closed. You cannot have any chance to respond to it if you need any further assistance.

It ran fine for couple of days until i decided to give their Professional VPS for 3.99 a try as well. I got it setup within 24 hours, and the next day it ran into problems again. Opened another support ticket , paid $5, and waited patiently for their response. AFTER 3 DAYS They bother to respond to a problem WHICH IS Entirely their system fault. Yet the issue wasntly resolved as i could not respond to the ticket as their panel seems not to allow you to respond to an opened ticket. After countless efforts to contact them on chat, or email , the TICKET IS CLOSED for no response. WTF????

in total i lost about 15$ on their stupid service and got nothing in return. SO i would recommend you to stay away at all cost. ITS a RIP OFFF

Cross-Site Scripting Vulnerability

WooCommerce is an open source e-commerce plugin for WordPress. It is designed for small to large-sized online merchants using WordPress. According to WooCommerce, the plugin now powers over 30% of all online stores running WordPress with over one million downloads.

FortiGuard Labs discovered another Cross-Site Scripting (XSS) vulnerability in WooCommerce. FortiGuard disclosed a different XSS vulnerability in WooCommerce earlier this year, leading Fortinet’s Chris Dawson to ask if it was time to worry about WordPress. As he pointed out,

More often than not, though, plugins don’t get updated simply because WordPress lends itself to a “set it and forget it” mentality. Get everything working, install the extra bits you need, and go on about running your business, not worrying about your website. This ease of use and overall reliability is fantastic for WordPress users, but the false sense of security it creates is a recipe for disaster.

This new vulnerability is caused due to insufficiently sanitizing user-supplied inputs in the product sale price. It could allow remote attackers to launch an XSS attack to gather a user’s sensitive information for further attack, redirect a victim’s browser to malicious website, etc.

Analysis
When submitting a product information update request, vulnerable versions of WooCommerce don’t sanitize the value of product sale price on the server side so that the injected code is also included in the product web page. It can be exploited to attack innocent users visiting the tampered product web page. Any user with edit or higher permission could exploit this vulnerability.

In our proof of concept, we were able to craft a request that, when sent to WordPress WooCommerce, generated a new page and sent it back to the browser. The new web page contains the injected code that can be automatically executed in the browser.

Mitigation
WooCommerce version 2.4.8 and before should upgrade to the latest version of WooCommerce. Networks and users who have deployed Fortinet IPS are automatically protected from this vulnerability by IPS Signature: WordPress.WooCommerce.Plugin.Product.Price.XSS.

Thanks to Fortinet’s FortiGuard Labs for discovering this vulnerability.

cPanel 11.52 on LXC

Today, I’ve installed cPanel 11.52 on LXC. LXC knowns as Linux Containers certainly are a lightweight virtualization technology. They are more quite like an enhanced chroot instead of full virtualization like Qemu or VMware, they do not emulate hardware and share the same operating system kernel on a host. Linux-vserver and OpenVZ are two pre-existing, independently developed implementations of containers-like functionality for Linux.

Vastspace has no plan to launch LXC any time soon in spite of the benefits and performance gain over OpenVZ. In case you want to try it out yourself, this is the recommendation from cPanel.

To run cPanel & WHM inside an LXC container, cPanel strongly recommend that you use the following settings:

Host

We strongly recommend that you use Red Hat® Enterprise Linux (RHEL) 7, CloudLinux™ 7, or CentOS 7 as your LXC host. This ensures the best compatibility with cPanel & WHM. While other Linux distributions may work, they require that the system administrator performs additional steps, which we do not support.

Guest

We strongly recommend that your LXC containers use CentOS, RHEL, or CloudLinux 6 as the guest. A CentOS, RHEL, or CloudLinux 7 installation requires additional steps to use it as the guest.

Privileged vs unprivileged containers

cPanel & WHM functions in both privileged and unprivileged containers. We strongly recommend that you run cPanel & WHM in a privileged container, because it expects unrestricted access to the system.

The following limitations are inherent to an unprivileged container:

  • The host operating system treats the root user as a non-root user.
  • You cannot raise the hard limit of a process if you previously lowered it. This action could cause EasyApache 3 to fail.
  • Subtle behavior differences may occur.

Required changes for CentOS 7, RHEL 7, or CloudLinux 7

You must make the following configuration changes to run cPanel & WHM inside an LXC container:

  1. After you create the LXC container, change the lxc.include line in the lxc.conf file to the following line:
    lxc.include = /usr/share/lxc/config/fedora.common.conf
  2. Edit the lxc.conf file to drop setfcap and setpcap capabilities. To do this, comment on the following lines:
    1
    2
    # lxc.cap.drop = setpcap
    # lxc.cap.drop = setfcap
  3. If your system uses AppArmor, you must uncomment the following line in the lxc.conf file:
    lxc.aa_profile = unconfined

 

 

 

Plesk Panel 12.5.30 is finally here

Finally, Plesk 12.5.30 has officially released. Load of great features, like MariaDB 10 and PostgreSQL 9.4 are supported, better Database management and DB users’ rights, Apache 2.4 is supported for CentOS 7 and Ubuntu 14.04 and many others, learn more at : http://download1.parallels.com/Plesk/PP12/parallels-plesk-12.5-for-linux-change-log.html

Plesk 12.5.30 uses responsive design, the layout should fit nicely on different screen sizes on computers, tablets or event smart phone. However, it will take some time to get used to the new UI and the placement of some items have been rearranged since Plesk12. Nonetheless, I’ve to agree Plesk still have the best UI compares to other control panel.

 

VPS ran out of space, are you informed?

Many users are tied up in their day-to-day routines. It is difficult for them to find time to check disk usage on their VPS on a daily basis, until one day they come to realize server has stopped working, website is down and emails are not sending.

Putting the customer at the heart of our business at Vastspace is our objective. To help customers to save time and ensuring good up-time of their VPS, our monitoring system collects daily disk usage statistic from each VPS. Engineers will identify the VPS have consumed 90% of the total disk storage and inform the customers in a timely manner.

Protect your mail server from ylmf-pc bruteforce

If you have been getting regular brute force attacks which has cmd: EHLO ylmf-pc from different IPs. These bruteforce can be blocked and it’s easy to do it with Exim mail server on cPanel.

1) Create a file with a list of the HELOs that you want to block. For example, create and edit /etc/heloblocks

2) Go to WHM > Exim Configuration Manager > Advanced Editor.

3) Scroll down until you find “acl_smtp_helo”

4) Below that, you will find a box titled “custom_begin_smtp_helo”. In that box, paste the following code:
Code:

drop
 condition = ${lookup{$sender_helo_name}lsearch{/etc/heloblocks}{yes}{no}}
 log_message = HELO/EHLO - HELO on heloblocks Blocklist
 message = HELO is on our blocklist
 accept

Check your exim_mainlog, you will see similar result using when you to telnet and helo ylmf-pc.

 

SmarterMail 14.x is here

I urge all smartermail users to upgrade their current SmarterMail server to Version 14.0.5637. One of the significant improvement is the the newly compiled ClamAV 64bit which is more efficient and lower system overhead to replace the outdated and less efficient 32bit ClamAV.

 

Version 14.0.5637 (2015-06-08)

Key Features
  • A temporary address can now be generated by users with a short life span that operates as an alias to their account. This is to allow sign ups to external services without giving out the account’s real email address.
  • Message Sniffer is now available as an antispam add-on.
  • Multiple calendars can now be added to a single account.
  • Option to mark a domain as external and have messages to that domain sent either to the domain’s MX record or to a specified host address.
  • System administrators can now add customized HTML and change the login header text through settings on the General Settings page. They may also allow domain administrators to override these customizations.
  • Deleting email folders in either an email client or webmail will now have their associated folder on disk removed as well. Orphaned folders from earlier releases of SmarterMail will be cleaned up automatically.
Changes
  • IMPORTANT: SmarterMail 14 now requires Microsoft .NET 4.5. This prevents SmarterMail from running on Windows Server 2003.
  • Added: An instance of a recurring calendar event can now be deleted from the context menu.
  • Added: An option for external domains on whether messages should deliver locally or remotely if the user account exists locally.
  • Added: An option to toggle between overlaying multiple selected calendars, contacts, tasks or notes collections in a combined view versus displaying one at a time.
  • Added: CalDAV now supports syncing multiple calendars.
  • Added: Contacts, Tasks and Notes now allow multiple collections to be viewed at the same time.
  • Added: Domain conference rooms can now be selected to view on the calendar page.
  • Added: Dropbox is now available as a connected service allowing links to Dropbox files in email messages.
  • Added: Editing a recurring event now displays the series instance’s start and end dates.
  • Added: Exchange Web Services now supports syncing multiple calendars.
  • Added: Grids now support multi-selection on Apple Mac browsers by holding down the command key.
  • Added: IMAP authentication now supports Cram-MD5.
  • Added: Microsoft OneDrive is now available as a connected service allowing links to OneDrive files in email messages.
  • Added: Migrating Google calendars now migrates all calendars from a Google account.
  • Added: Multiple calendars can now be synced using Exchange ActiveSync.
  • Added: Multiple calendars can now be viewed together in a combined view, which color codes events from the different calendars.
  • Added: SMTP Accounts has been added to the Features tab in domain settings, allowing them to be enabled or disabled per domain.
  • Added: System administrators can now customize the messages sent for certain automated emails.
  • Added: Tasks can now be imported from Gmail.
  • Added: The My Today Page now displays appointments for all calendars in a user’s account.
  • Added: The reminders popup now displays items for all calendars in a user’s account.
  • Added: Unsubscribe links for mailing lists can now be given friendly text instead of just displaying the unsubscribe URL.
  • Changed: Blocked senders will now block on the From address in the header of the message, in addition to the Mail From address given in the SMTP session. Previously it only blocked on the Mail From address of the SMTP session.
  • Changed: Content filtering now decodes base64 and quoted-printable encoded text parts in email messages before applying filters.
  • Changed: Improved the ClamAV definitions update process, including 64 bit support and ClamSup.
  • Changed: Migrating the same Google calendar twice will now overwrite the previously migrated events instead of creating duplicates.
  • Changed: Time zone information now utilizes the built-in system registry time zone information instead of an external file.
  • Efficiency: Deleting a large number of items from the IP blacklist or whitelist is now much faster.
  • Efficiency: The load time of the monthly calendar view is now much faster.
  • Fixed: A recipient address formatted with a quoted username containing a certain sequence of characters will no longer cause high CPU during the SMTP session.
  • Fixed: Changed how recurring calendars with a recurrence count of zero are transmitted via Exchange Web Services to work around an error when syncing with emClient.
  • Fixed: Gmail email migration now functions correctly when one or more Gmail labels contain characters that are not allowed in Window’s folder names.
  • Fixed: IMAP search now handles search commands with multiple levels of parenthesized lists correctly.
  • Fixed: Messages displayed in the mobile interface now wrap text when the length of a line exceeds the width of the display.
  • Fixed: Migrating contacts from Gmail now functions correctly.
  • Fixed: The action “Send VCard(s)” now functions correctly for the Global Address List.
  • Fixed: The date and time input fields can no longer be edited when viewing a read-only appointment.
  • Fixed: Two scenarios within the mobile interface where downloading an attachment could fail.
  • Removed: All day appointments no longer display times in webmail.
  • Removed: The five-ten RBL check is no longer included as part of the default RBL checks for either spam filtering or server blacklist checks.

Protected from RDP Bruteforce

You might not have been aware that Kaspersky Endpoint Security comes default for our Microsoft Windows Cloud Servers and Dedicated servers which included Intrusion Detection System, and now it has an ability to detect RDP (Remote Desktop Protocol) brute-force attack attempts.
Hacking an RDP-connection is very lucrative: once an attacker gets login-password pair for RDP, he or she effectively owns the system where the RDP server is installed. Attackers can then plant malicious software in the affected system, exfiltrate data, etc. He (or she) also can gain access to your company internal network, given that the “penetrated” workstation is connected to it, or attempt to check out all of the passwords in the browser installed on the affected system. Opportunities are multiple, and the consequences can be dire.