Welcome to Vastspace, provides Reliable Web Hosting since 2014

Welcome to Vastspace

Archive

TTFB vs disk speed

TTFB vs disk speed

While I’m doing some researches. I bumped into a new player for Cloud servers in Singapore. They are quite similar to the Linode and Digital Ocean.

The price structure is alike. However, they have the Windows version and of course, you pay more for the number of CPU core purchased.

They have claimed their disk read and write speed are faster than Digital Ocean and others. So, I’m keen. Since that, I have been using Linode for my disaster recovery service and this could be my alternative. Hence, I have signed up.

The entire process is no stranger to me since I’m quite familiar with Linode and Digital Ocean. The Cloud server was created quickly but I have to top up at least USD 10 to remove my trial. During the trial, you are not able to update rule in the firewall section.

I planned to DR my website at first but I have taken the opportunity to see if I will able to speed up my website since the disk read and write are faster.

I have used the under-construction template as my test page, and I make sure my SSD VPS is identical to my new cloud server. Both have gzip enabled and HTTP/2.

However, the result is a bit disappointing. Vastspace’s SSD VPS still load better. Frankly speaking, you cannot tell the differences with your naked eyes. Until you use tools like GTmetrix or the speed test at Pingdom.

The VPS with the IP starts with 103.237.X.X is sold by Vastspace. This is the original VPS, not the high-performance VPS. I’m happy to see Vastspace’s VPS outperforms in TTFB despite the speed is better in the disk drive as claimed.

cloud server

vastspace sdd vps

 

cloud servervastspace ssd vps

Cloud server vs VPS

Both the Cloud server and a VPS are fundamentally the same. They are virtualized, but in terms of function, they cloud be different. Operating both the cloud server of the VPS are the same, you do need special skill on a cloud server or a VPS.

The major difference is the storage. When you are labelling your service as cloud means the guest machine will move to another host when the resided host has failed. VPS works directly with the local storage.

If the resources are spread to a few hosts like MySQL, Web Server, Tomcat, etc are known as cloud hosting. They could be confusing especially to a beginner. So Cloud server is better? In a certain way, yes if your instance has failed. The guest machine (Cloud server) will move to another host.

There are more points of failure for a cloud server set up. The setup requires more equipment, costs are higher and there are more interconnects. So it is quite a debatable question which is better. Most importantly, you have a backup and you can restore quickly.

However, I reckon a VPS might perform better at the same CPU class due to the shared storage. Even it is a fibre connection, it will definitely cost more. In the industry, many providers jump into the bandwagon using the word ‘cloud’ on their services to get more people to sign up.

As a consumer, we need to ask more pre-sales question if you are buying a ‘Cloud’ service, it could be misleading. Anyway, you can know more about the service what you are paying.

Protected from RDP Bruteforce

You might not have been aware that Kaspersky Endpoint Security comes default for our Microsoft Windows Cloud Servers and Dedicated servers which included Intrusion Detection System, and now it has an ability to detect RDP (Remote Desktop Protocol) brute-force attack attempts.
Hacking an RDP-connection is very lucrative: once an attacker gets login-password pair for RDP, he or she effectively owns the system where the RDP server is installed. Attackers can then plant malicious software in the affected system, exfiltrate data, etc. He (or she) also can gain access to your company internal network, given that the “penetrated” workstation is connected to it, or attempt to check out all of the passwords in the browser installed on the affected system. Opportunities are multiple, and the consequences can be dire.

How to schedule a backup Job on Cloud Server

Each Cloud Server comes with 2 free backup instances at no cost regardless of backup size. Additional backup instances can be ordered at only $10 /monthly. This is a useful feature to customers make changes to their files often and requires a rollback in case of any mishaps.

To perform a manual backup and scheduled backups are very easy tasks with our control panel, just a few clicks away and the hassle-free backup feature will send you an email notification if whether the backup is successful or unsuccessful that requires attention and rectification.

 

 

 

 

 

 

Why ISCSI Multipath?

By now, you’ve heard from a hundred different sources that moving your operations to the cloud is better, save you money and all the incredible things can be done on Cloud and not on the conventional hosting infra. Frankly, many web hosters jumped on the cloud bandwagon with smaller investment and little knowledge.

Getting a cloud infra connected to internet and having a resilient cloud infra are entirely different matters. I’ve been hearing many cases of VM failed due to missing drive and data corruption, which has been identified one of the common short fall on connectivity redundancy from servers to storage.

Main purpose of multi-path connectivity is to provide redundant access to the storage devices when one or more of the components in a path fail. Another advantage of multi-pathing is the increased throughput by way of load balancing. Common example for the use of multi-pathing is a iSCSI SAN connected storage device. You will have redundancy and maximum performance and especially important feature to be deployed for a more populated cloud environment.

Squid Proxy with multiple outgoing IP

1. SSH to your Linux Cloud Server or SSD Cloud Server

yum -y install squid
chkconfig squid on

2. mv /etc/squid/squid.conf /etc/squid/squid.conf.original

3. vi /etc/squid/squid.conf

4. add this into the configuration file

http_port 3128

acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
hierarchy_stoplist cgi-bin ?
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_access  # change to lib64 for 64bit Centos
auth_param basic childred 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl ncsaauth proxy_auth REQUIRED
http_access allow ncsaauth
forwarded_for off
acl ip1 myip 192.168.0.1
tcp_outgoing_address 192.168.0.1 ip1
acl ip2 myip 192.168.0.2
tcp_outgoing_address 192.168.0.2 ip2
acl ip3 myip 192.168.0.3
tcp_outgoing_address 192.168.0.3 ip3
acl ip4 myip 192.168.0.4
tcp_outgoing_address 192.168.0.4 ip4
acl ip5 myip 192.168.0.5
tcp_outgoing_address 192.168.0.5 ip5
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all

5. Save squid.conf

6. chkconfig squid on

7. Restart Squid with “service squid restart”