While thinking about Zachery's suggestion of using the Planet as a very good option right now, I thought even more that perhaps it's worth looking into getting a high speed line into my office and buying hardware myself. I'm always available to myself, trust myself :), don't have to worry about who is touching my server etc... Why is it so necessary to use a datacenter? Especially if you hire a third party to manage the server. Has anyone tried this? How do the fees compare? How fast a line is needed? T1? T3? Something else?

In House can work... as long as the "pipe" is big enough to handle your traffic. As long as you have sufficient power conditioning and back-up.... remember, you may need to be self sufficient for a day to a week or more. As long as your provider will repair outages quickly.... you remember that utility crew down the road that dug up that cable last month and knocked a ton of people out.. etc....

The biggest advantage to using a real datacenter is redundancy and "usually" better peering and clean connections.

The costs to use a datacenter are not that high, VS the features and the better nights sleep. :) In the end, it is up to you.

In House can work... as long as the "pipe" is big enough to handle your traffic.

Any way for me to measure what I need? And just some kind of range of typical pricing?

As long as you have sufficient power conditioning and back-up.... remember, you may need to be self sufficient for a day to a week or more. As long as your provider will repair outages quickly.... you remember that utility crew down the road that dug up that cable last month and knocked a ton of people out.. etc....

The biggest advantage to using a real datacenter is redundancy and "usually" better peering and clean connections.

The costs to use a datacenter are not that high, VS the features and the better nights sleep. :) In the end, it is up to you.

Funny thing is, my datacenter had more outages, less redudancy reliability or anything then my home computer :) They make me lose sleep every couple of weeks. It can't be worse :)

How cold does it have to be :)

Funny thing is, my datacenter had more outages, less redudancy reliability or anything then my home computer :) They make me lose sleep every couple of weeks. It can't be worse :)

How cold does it have to be :)

Sounds like you should research and move to a different data center.

Anyways, hosting from your home is not all that easy. If you get attacked (DDoS, etc) you would have no way of mitigating it and your connection will basically be unusable. There are many other liabilities also involved. It may work fine for a small professional site, but if you are running a business or a larger site it simply won't.

How does the managed aspect of theplanet work? Like if I need an A Name configured in DNS will they do it free or charge? If a domain went down, will they check it out? If cpanel is having problems? If an apache module needs to be installed? That kind of stuff... do they have an hourly support rate or do they handle that stuff?

How does the managed aspect of theplanet work? Like if I need an A Name configured in DNS will they do it free or charge? If a domain went down, will they check it out? If cpanel is having problems? If an apache module needs to be installed? That kind of stuff... do they have an hourly support rate or do they handle that stuff?

Sounds like you can't handle the server by yourself. I would suggest investing in a third-party admin / managed service. I can recommend ServerWizards.

Are you using them yourself or do you just know them?

What kind of stuff do they do and what won't they? It looks like $75 per month, If they do what they say on their site it looks like it might really be a good option.

The catch is always that you can't tell how good it is until you try it.

True, some sysadmins are better than others. Some are fast at resolving problems but poor on people skills (*nix is their life). Others are better at people skills but not very good at resolving server issues (front-end traffic is their life). Few have the best qualities of both.

If you're going to hire a sysadmin make absolute sure you can trust them, or take a crash coarse in *nix administration from a home computer. If you have a falling out with your sysadmin he can really trash your property (and yes, that does occur. Enough horror stories online). It's why you have to really shop for a good one, and not just rely on recommendations from others -- it's one thing you have to trust your instincts on.

The Planet has excellent servers and uptime, but unless you get their admin package they can only help on OS installs and basic jobs related to their network and hardware. If you don't know what sysadmin to get, pay for TP's admin services until you found one that can work with you (and you need one to work with you, not wait forever to get replies or resolving server issues). The popular sysadmins all have their quirks, and it depends on which ones you can tolerate.

Chris

Thanks that's very helpful. Which TP service would you recommend?

I'm also confused as to the difference between ServerMatrix and TP despite reading the About Us. Is SM more or less expensive than TP for a similar server? Do they offer MORE management for the money or LESS?

The Planet is for managed and large sites (business sites). They offer more customer service and better upgrades (like SCSI harddrives and abilities to cluster servers together). Servermatrix is for those who need a cheaper server and/or don't need the handholding nor extras. When you need more, you can just move to TP.

Probably to get started their Gold service will do. It's more expensive than hiring a third-party admin, but until you can find a sysadmin that you feel comfortable with, it's worth it (you're not pressed to find one immediately -- because you'll need one ASAP as your server comes unsecured). Admin time should be enough to get the server configured and ready. Most folks have some special needs (DNS/PHP/Mysql and software installs) in the beginning. Later it's more to do with keeping the server patched/updated, turning on/off services, and tuning LAMP.

TP/SM will call you up to confirm the order. TP will run down your requests with you on the phone before the install, making sure it's meets specs. They'll inform you then if it won't.

I had a TP server (too much for what I needed) and now have a Servermatrix one (just right), and the service between the two is much the same. Their support portal Orbit is also probably the best service portal around. One stop shop (and check for the deals! Sometimes they have good server deals only to customers).

Chris

Do you mean servermatrix gold or TP gold? Because I got a quote from TP and it came with Gold free I believe.

I was confused by your statement here:

(you're not pressed to find one immediately -- because you'll need one ASAP as your server comes unsecured).

Meaning the server comes unsecured and I do need one right away or it comes SECURED and I don't need one right away?

Do you mean servermatrix gold or TP gold? Because I got a quote from TP and it came with Gold free I believe.



IIRC, TP Gold and SM gold are the same. You should verify this though.

I was confused by your statement here:

Meaning the server comes unsecured and I do need one right away or it comes SECURED and I don't need one right away?

Don't listen to that BS. You need to have someone secure your server as much as possible AS SOON as the server is online and ready. I recommend doing the following as a minimum:

> a.. Updating kernel to the latest release + security patches
> (grsecurity/openwall)
> b.. Thorough security audit
> c.. Installation and configuration of firewall (APF)
> d.. Installation of security updates as released by OS/Control Panel
> vendor
> e.. Installation of custom software as desired by customer
> f.. Configuration changes as desired by customer
> g.. Disabling of unused and insecure services
> h.. Removal of insecure packages and unnecessary software
> i.. Log auditing for unusual activity (Log watch?)
> j.. Investigating hacking attempts
> k.. Anti-spam configuration (Exiscan?)
> l.. Anti-virus configuration (Clam-Antivirus?)
> m.. Anti-DoS/DDoS kernel code tweaking
> n.. Default system users removal (and groups?)
> o.. SSH server hardening
> p.. Mod_Security (Intrusion detection and prevention engine for web
> applications) - install ruleset?
> q.. Securing /tmp directory
> r.. Kernel tuning with sysctl
> s.. Snort (Network Intrusion Detection System)
> t.. Acid (Analysis Console for Intrusion Databases)
> u.. Smartd (HDD Reliability monitor)
> v.. SIM (System Integrity Monitor)
> w.. PRM (Process Resource Monitor)
> x.. SPRI (System Priority)
> y.. BFD (Brute Force Detection)
> z.. PMON (Socket Monitor)
> aa.. MRTG / RRDTool (Bandwidth Usage Monitor)
> ab.. Tripwire (keeps track of every file being moved/edited in the
> system)
> ac.. CHkrootkit (Rootkit/Exploit scanner reports sent daily) and
> RkHunter?
> ad.. Mod_dosevasive?
> ae.. /dev/shm hardening?
> af.. Secure & Optimize PHP & MySQL & Apache?
> ag.. Host.conf hardening?
> ah.. LES (Linux Environment Security)?
> ai.. TCP/IP hardening?
> aj.. Operating system optimization (faster, lower loads)?
> ak.. Nessus Security Scan?

i.. Log auditing for unusual activity -> Logwatch and LSM
k.. Anti-spam configuration (Exiscan + RBL + our custom-built exim patches)
l.. Anti-virus configuration (latest ClamAV)
n.. Default system users removal and groups
p.. Mod_Security - mild ruleset agains all common php worms, phpbb exploits
and other web-based denial-of-service attacks.
ac.. Latest CHkrootkit and RKhunter
ad.. Mod_dosevasive will be installed
ae.. /dev/shm hardening - setting non-exec,non-suid flags on /dev/shm
af.. Secure , Optimize PHP/MySQL/Apache - our custom tweaks + hardening
ag.. Host.conf hardening - prevents dns lookup poisoning & spoofing
protection
ah.. LES (Linux Environment Security) - secures all key binaries on the
server
ai.. TCP/IP hardening - achieved via special kernel options + sysctl tweaks
aj.. Operating system optimization - primarily lower loads
ak.. Nessus Security Scan - we scan the server for vulnerabilities before we
start our audit

Are you interested in TP's plans only?

If so, go with their entry level admin plan, as the server comes unsecured. You'll need (or let the sysadmin do it) secure the box pronto. Within 12hrs, BFD had tracked and banned a bruteforce bot on my server, so you can't wait days to secure it. If your server is compromised, you're responsible for the damages. So secure it from the start.

It comes to you fresh with just the OS/WHM/Cpanel already installed (if you ordered Urchin and Fantastico, you'll have to install it as well). DNS entries and all you'll have to configure.

Thus, it's best to get their server admin plan and hunt for a sysadmin when you're up and ready -- that'll give you time to shop for one.

Chris

You'll need (or let the sysadmin do it) secure the box pronto.



Meaning the sysadmin that comes w/ the entry level management plan?

Don't listen to that BS. You need to have someone secure your server as much as possible AS SOON as the server is online and ready. I recommend doing the following as a minimum:

That doesn't help him, it's Greek. It's like splatting out *nix commands.

He needs sysadmin help, but unfortunately until he can investigate their plans and who's who and who he feels he can trust, TPs/SM's server admin services will do.

Too many go with recommendations and only find something lacking. With the cost of initial hardening, compared to server prices, he needs to shop around. Mine was nearly $100 for all that, and that's just $50 less than what the serveri costs a month. So it's not nickle and dime stuff.

Chris

Meaning the sysadmin that comes w/ the entry level management plan?
http://forums.servermatrix.com/

Search is your friend.

Chris