Hosting

I bought Godaddy hosting few years before and had no issues getting to FileManager.
Bought hosting package today…
Logging in, and avoiding the links to use their ‘site-builder on a 7 day trial’, I found there is no cpanel, and no access to Files!
After some time chatting to support, they set up a cpanel link, which is at mysitename /cpanel.
So its at the website domain; Its not part of godaddy login, and needs another username and password to access.
Is this how things are these days? Is different way of doing it than in past.

A core developer of Nginx, currently the world’s most popular web server, has quit the project, stating that he no longer sees it as “a free and open source project… for the public good.” His fork, freenginx, is “going to be run by developers, and not corporate entities,” writes Maxim Dounin, and will be “free from arbitrary corporate actions.”

Dounin is one of the earliest and still most active coders on the open source Nginx project and one of the first employees of Nginx, Inc., a company created in 2011 to commercially support the steadily growing web server. Nginx is now used on roughly one-third of the world’s web servers, ahead of Apache.

A tricky history of creation and ownership

Nginx Inc. was acquired by Seattle-based networking firm F5 in 2019. Later that year, two of Nginx’s leaders, Maxim Konovalov and Igor Sysoev, were detained and interrogated in their homes by armed Russian state agents. Sysoev’s former employer, Internet firm Rambler, claimed that it owned the rights to Nginx’s source code, as it was developed during Sysoev’s tenure at Rambler (where Dounin also worked). While the criminal charges and rights do not appear to have materialized, the implications of a Russian company’s intrusion into a popular open source piece of the web’s infrastructure caused some alarm.

Sysoev left F5 and the Nginx project in early 2022. Later that year, due to the Russian invasion of Ukraine, F5 discontinued all operations in Russia. Some Nginx developers still in Russia formed Angie, developed in large part to support Nginx users in Russia. Dounin technically stopped working for F5 at that point, too, but maintained his role in Nginx “as a volunteer,” according to Dounin’s mailing list post.

Dounin writes in his announcement that “new non-technical management” at F5 “recently decided that they know better how to run open source projects. In particular, they decided to interfere with security policy nginx uses for years, ignoring both the policy and developers’ position.” While it was “quite understandable,” given their ownership, Dounin wrote that it means he was “no longer able to control which changes are made in nginx,” hence his departure and fork.

The CVEs at the center of the split

Comments on Hacker News, including one by a purported employee of F5, suggest Dounin opposed the assigning of published CVEs (Common Vulnerabilities and Exposures) to bugs in aspects of QUIC. While QUIC is not enabled in the most default Nginx setup, it is included in the application’s “mainline” version, which, according to the Nginx documentation, contains “the latest features and bug fixes and is always up to date.”

The commenter from F5, MZMegaZone, seemingly the principal security engineer at F5, notes that “a number of customers/users have the code in production, experimental or not” and adds that F5 is a CVE Numbering Authority (CNA).

Dounin expanded on F5’s actions in a later mail response.

The most recent “security advisory” was released despite the fact that the particular bug in the experimental HTTP/3 code is expected to be fixed as a normal bug as per the existing security policy, and all the developers, including me, agree on this.

And, while the particular action isn’t exactly very bad, the approach in general is quite problematic.

Asked about the potential for name confusion and trademark issues, Dounin wrote in another response about trademark concerns:

I believe [they] do not apply here, but IANAL [I am not a lawyer]," and "the name aligns well with project goals.

MZMegaZone confirmed the relationship between security disclosures and Dounin’s departure.

All I know is he objected to our decision to assign CVEs, was not happy that we did, and the timing does not appear coincidental,"

MZMegaZone wrote on Hacker News. He later added,

I don’t think having the CVEs should reflect poorly on NGINX or Maxim. I’m sorry he feels the way he does, but I hold no ill will toward him and wish him success, seriously.

Dounin, reached by email, pointed to his mailing list responses for clarification. He added,

Essentially, F5 ignored both the project policy and joint developers’ position, without any discussion."

MegaZone wrote to Ars (noting that he only spoke for himself and not F5), stating, “It’s an unfortunate situation, but I think we did the right thing for the users in assigning CVEs and following public disclosure practices. Rational people can disagree and I respect Maxim has his own view on the matter, and hold no ill will toward him or the fork. I wish it hadn’t come to this, but I respect the choice was his to make.”

A representative for F5 wrote to Ars that:

F5 is committed to delivering successful open source projects that require a large and diverse community of contributors, as well as applying rigorous industry standards forassigning and scoring identified vulnerabilities. We believe this is the right approach for developing highly secure software for our customers and community, and we encourage the open source community to join us in this effort.

– Source :

https://arstechnica.com/information-technology/2024/02/nginx-key-developer-starts-a-freenginx-fork-after-dispute-with-parent-firm/

Its 2023 but lots of hostings still cant run nodejs.
After a not good hosting experience with Ionos (looks cheap at first, but requires add-on ££ packages) Im wondering what realistically is cheapest monthly hosting, that can run nodejs and Nodebb.
Many offer 70% discount for first 3-12 months, which then reverts to a higher price.
It is one advantage of PhP code that its more universal.
@phenomlab may I ask which host you use, and how much per month roughly to host Sudonix?

Basic question again, is nginx necessary to use?

Heres the senario, a server on say 192.1.2.3, hosts two websites
in ubuntu directories www/one.uk and www/two.uk there are index.html files

The DNS record on cloudflare for one.uk has this record:

A one.uk 192.1.2.3 DNS only CNAME www one.uk DNS only

Do these two sites need to be attached to different ports, and the ports put in the DNS record?
Its not currently working, but how would the domain name know which of the two sites to resolve to without more info?
Currently it only says the IP of the whole server.

Hello,
It has been awhile since I have been here. I hope everyone is doing well. I was wondering what hosting service people recommend. I am currently using Digitalocean and am wondering if I should be using a different provider that cares more about not giving out any data or private information to say anyone, government or otherwise. Not that I have anything to hide, just more privacy the better in my opinion.

I have been looking at Linode but not sure about them. I saw a previous post where Mark and some others were using Hertner or something like that.

I am located in the US and am curious as if there is a better provider I should be going with for VPS for hosting websites.

Thanks for everyones’ time and I look forward to hearing what everyone thinks.

Any fellow Hetzner users here ? I’ve been using Hetzner for the VPS that this platform runs on for some time now. Performance-wise, it’s perfect. I have a 4 x CPU, 160Gb SSD disk, and 16Gb RAM server running and it’s pretty stable - apart from the server suddenly going offline every x days due to a bug in the IPv6 DHCP package. The workaround for this was to set a static IP instead - see this

https://docs.hetzner.com/de/cloud/servers/static-configuration/

Essentially, it means I had to configure this server as below

Existing netplan # This file is generated from information provided by the datasource. Changes # to it will not persist across an instance reboot. To disable cloud-init's # network configuration capabilities, write a file # /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following: # network: {config: disabled} network: version: 2 ethernets: eth0: dhcp4: true addresses: ['ipv6 address'] gateway6: fe80::1 nameservers: addresses: [127.0.0.53, 127.0.0.1] match: macaddress: macaddress set-name: eth0 Proposed change network: version: 2 renderer: networkd ethernets: eth0: addresses: - ip address/32 - ipv6 address/64 routes: - to: 0.0.0.0/0 via: gateway on-link: true gateway6: fe80::1 match: macaddress: macaddress set-name: eth0

Then create file /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg

Add the below

network: config: disabled

Save, and then reboot (or at the very least, stop and restart netplan)

The point here is that those unfamiliar with the inner workings of Linux will have absolutely NO CLUE what to modify here. This is one of the downsides of having an unmanaged VPS - there is ZERO support (I’m going to be writing an independant blog article about this soon). For me, this isn’t the end of the world, but it could well mean disaster for anyone else just starting out. Then, there’s the total lack of support when I asked them about unexpectedly high TTFB (Time To First Byte), which is around 200ms for a flat HTML file - it should ideally be less than 50. In addition, this platform hits anywhere between 400-600ms for TTFB. This isn’t great, but there isn’t much I can do to reduce it (there’s another article I’m going to write about that as well). Hetzner’s response ?

First, they asked me to use mtr to conduct 1000 traces from my PC to the VPS and vice-versa. Not only does each run take around 18 minutes to complete, but you have to copy the results, and email them back to the support desk. Once these were “reviewed” (I’m using quotes here as there really isn’t any useful information as such), they reverted with

Dear Client,
the MTR does not show any issue, so we can’t see any network issue on our side. Also we’ve checked the hostsystem and can’t see any issue with it as well. Please check your server logs.

No sh*t, Sherlock. I could have told you that myself. Check my server logs ? You don’t think I’ve already done that ?

And so here’s the lesson. Hetzner absolutely EXCEL when it comes to a stable machine, cost to run, backups, and everything else - until you need support, and that’s where it all falls apart sadly.

You’re on your own there… Be warned 🙂

How to check my website is opening in all countries or not?

Which is the best tool?

The last domain name I had was getting a lot more views and members, despite the new one having the football club name in the domain name.

I’ve not advertised either of them so I’m just wondering if it’s down to pure luck that the last one had more users and views or if it was a case of the domain name being shorter that people liked.

I still own it, it’s here(not active)

Morning Mark,

It appears my site has gone down and is unable to load / unreachable.

Just setting off for work so I don’t have anything handy to check anything out log wise etc.

Sorry to be a pain, would you be ok to take a look at all?

Many thanks

I have a main domain chadjessen.com. I have a subdomain publicapi.chadjessen.com. Letsencrypt renewed the certificate for chadjessen.com just fine but I have been trying and pulling my hair out to try and figure out why it won’t renew for publicapi.chadjessen.com. I can ping it, I can go to dns lookup and everything goes through just fine. Below is the message that comes up after requesting the certificates. This was working before, so not sure what happened.

Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None Renewing an existing certificate Performing the following challenges: http-01 challenge for publicapi.chadjessen.com http-01 challenge for www.publicapi.chadjessen.com Using the webroot path /home/chadjessen/domains/publicapi.chadjessen.com/public_html for all unmatched domains. Waiting for verification... Challenge failed for domain publicapi.chadjessen.com Challenge failed for domain www.publicapi.chadjessen.com http-01 challenge for publicapi.chadjessen.com http-01 challenge for www.publicapi.chadjessen.com Cleaning up challenges Some challenges have failed. IMPORTANT NOTES: - The following errors were reported by the server: Domain: publicapi.chadjessen.com Type: unauthorized Detail: Invalid response from http://publicapi.chadjessen.com/.well-known/acme-challenge/SvIpe5TGPgHACfcYg_ezswBJJso7CAT4S2ZoW4EHLGE [143.244.152.107]: "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\">\n<title>Error</title>\n</head>\n<body>\n<pre>Cannot GET /.well-known/" Domain: www.publicapi.chadjessen.com Type: unauthorized Detail: Invalid response from http://www.publicapi.chadjessen.com/.well-known/acme-challenge/_zWHJoOZf3szsMh36hmhV5O-iqQtZp60jePqgL9KH94 [143.244.152.107]: "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\">\n<title>Error</title>\n</head>\n<body>\n<pre>Cannot GET /.well-known/" To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. DNS-based validation failed : Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator manual, Installer None Renewing an existing certificate Performing the following challenges: dns-01 challenge for publicapi.chadjessen.com dns-01 challenge for www.publicapi.chadjessen.com Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl Waiting for verification... Challenge failed for domain publicapi.chadjessen.com Challenge failed for domain www.publicapi.chadjessen.com dns-01 challenge for publicapi.chadjessen.com dns-01 challenge for www.publicapi.chadjessen.com Cleaning up challenges Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl Some challenges have failed. IMPORTANT NOTES: - The following errors were reported by the server: Domain: publicapi.chadjessen.com Type: dns Detail: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.publicapi.chadjessen.com - check that a DNS record exists for this domain Domain: www.publicapi.chadjessen.com Type: dns Detail: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.www.publicapi.chadjessen.com - check that a DNS record exists for this domain

I’m trying to submit the sitemap to Google and have created a TXT record in the DNS settings, it’s not accepting it for some reason, I keep getting the error as shown below.

Many thanks

IMG_20211010_221129.jpg

Just logged into Virtualmin and the following message is displayed:
“Warning! Warning - errors were found in this domain’s DNS records : This domain has email enabled, but none of the MX records point to it. Either the MX records should be corrected, or the email feature disabled if mail is hosted externally.”

This probably points to why my forum new account went to spam?

Will enabling php zip extension cause a server (System: Centos 7, Apache server) http down?
That’s what happened the other day.

Hi, I am using virtualmin and I have obtained new SSL certificate from Let’s Encrypt. And checked the folder, where my domain.conf under the folder “/etc/nginx/sites-enabled”

ssl_certificate /home/user/ssl.combined; ssl_certificate_key /home/user/ssl.key;

They are in the folder listed above. I am not sure what else I shall do to my connection secured.

Also, I am not sure if I shall open another post or I can ask another question:

I tried to follow this configuration to deploy my Nginx server. However, the folder is different, my server is not using “/var/www/flarum/public”, rather is “home/user”, when I run, “sudo nginx -t”,

I believe I should use relative path, but I don’t know how.

nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/sites-enabled/flarum.conf:51 nginx: [emerg] directive "ssl_certificate" is not terminated by ";" in /etc/nginx/sites-enabled/flarum.conf:52 nginx: configuration file /etc/nginx/nginx.conf test failed

And this is the customized the flarum.conf file, I came up with:

server { listen [::]:80; listen 80; server_name domain.net; return 301 https://$host$request_uri; root /var/www/flarum/public; index index.php; location / { try_files $uri $uri/ /index.php?$query_string; } location ~* \.php$ { fastcgi_pass unix:/run/php/php7.4-fpm.sock; include fastcgi_params; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } location ~* \.(jpg|jpeg|png|gif|ico|css|js|woff2)$ { expires 365d; } } server { listen 443 ssl; server_name domain.net; root /var/www/flarum/public; index index.php; location / { try_files $uri $uri/ /index.php?$query_string; } location ~* \.php$ { fastcgi_pass unix:/run/php/php7.4-fpm.sock; include fastcgi_params; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } ssl_certificate /etc/nginx/ssl/forum_acehsc_net.pem; ssl_certificate_key /etc/nginx/ssl/forum_blank_net.key; ssl_prefer_server_ciphers on; ssl_buffer_size 4k; ssl_ecdh_curve auto; ## OCSP Stapling ssl_stapling on; ssl_stapling_verify on; resolver 1.1.1.1 valid=300s; resolver_timeout 5s; ssl_trusted_certificate /etc/nginx/ssl/forum_blank_net.pem; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_session_timeout 10m; ssl_session_tickets off; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; add_header Content-Security-Policy "upgrade-insecure-requests" always; ssl_dhparam /etc/nginx/ssl/dhparam-2048.pem; location ~* \.(jpg|jpeg|png|gif|ico|css|js|woff2)$ { expires 365d; } }

I’m looking to redirect my old domain that still has a few months left.

It’s a Google domain. Any help greatly appreciated. 😁