Installing Wordpress on NullShells Networks

I'm migrating my external Blogger-Blog at NullShells Networks; Google/Blogger is dropping FTP support for external blogs. I've decided on switching to Wordpress here for my blog. I will briefly chronicle my journey, and start with a set of shell commands on our servers below:

[user@server] [~]$ cd ./www/website.tld
[user@server] [~/www/website.tld]$mkdir wordpress-dl
[user@server] [~/www/website.tld/wordpress-dl]$wget http://wordpress.org/latest.tar.gz
[user@server] [~/www/website.tld/wordpress-dl]$tar -xzvf latest.tar.gz
[user@server] [~/www/website.tld/wordpress-dl]$mv wordpress ..
[user@server] [~/www/website.tld/wordpress-dl]$cd ../wordpress

Ok, now I'm going to login to our hosting control panel and create a database. I click "Databases" under the Tools navigation menu below:





This brings up the Databases window, I click the Green '+' and then it the Add Database window pops up.



I reference my personal settings in order to enter the correct info here in the "Add Database" window to create my database for my wordpress installation.

Database name: wordpress_db
Database type: MySQL
Database user: --Create a new user--
New user name: wordpress-user
Password: wordpressPassword
Re-enter password: wordpressPassword
Allow remote access: UNCHECKED!

Now I need to enter this information into my wp-config.php file, but I haven't created that yet. I'm going to copy wp-config-sample.php inside the control panel file manager to wp-config.php. I do not wish to go back to the shell now that I've got the control panel open, so I'm going to use the built-in editor of the control panel!

I go to click the File Manager on the tools navigation menu provided previously. I find my ~/www/website.tld/wordpress dir and create-copy then edit wp-config.php. Now, I'm going to get started and get my admin login password generated at http://www.website.tld/wordpress/ so I can begin migrating my site! :)

Scheduled Outages

We've created an area for scheduled maintenance listed on the front page, as well as a separate page for outages. In the future you will be able to subscribe via RSS to our outages page so you can subscribe to this feed, and receive a notification anytime we post an outage. We will do our best to keep unscheduled outages to a minimum, but as you know at times this is unavoidable.

Any network events which we are aware of that may affect the operability of our network are evaluated by our staff. When we evaluate whether an event constitutes an outage we will take the following criterion into consideration: point(s) of failure, status of our network monitors, whether or not it is customer affecting (if yes, then the number affected), duration of event, and the cause of the event. The Internet does have minor issues now and again for short periods of time (less than 15 minutes), especially during periods of high network congestion. We will not post any network event which we feel does not satisfy sufficient concern on our outages page. If you feel that there may be an outage then please contact us at contact@nullshells.net.

FreeBSD "local r00t zeroday" exploit patched

The FreeBSD security team has released a patch to correct a critical security flaw which has been confirmed to be present in the FreeBSD 8.0-RELEASE, FreeBSD 7.2-RELEASE, and FreeBSD 7.1-RELEASE operating systems. NullShells Networks has two DDoS Protected shell servers which run FreeBSD 7.2-STABLE; and these may have been vulnerable to this security flaw. However, both machines were immediately patched within 24 hours of the release of this exploit code.

The exploit code for the flaw was published on the Full Disclosure security mailing list, to which we are subscribed. This code allowed restricted users on a machine to circumvent standard security conventions present in the aforementioned operating systems. The problem was caused by a bug in rtld (run-time link editor), under which the LD_PRELOAD environment variable could be manipulated to load libraries which would normally require root privileges. In this case, rtld could be tricked into executing binaries with root privileges.

Fortunately, our 6.3-STABLE machines with our web hosting customers are not vulnerable to this exploit. All of our customers can be confident that we are doing our best to stay up to date with the latest versions and patches, while maintaining the security and integrity of our systems.

If you have a server running FreeBSD 8.0-RELEASE, FreeBSD 7.2-RELEASE, or FreeBSD 7.1-RELEASE then we recommend you patch your systems immediately. A restricted user on your machine could exploit this hole to compromise your entire server. You can find the FreeBSD security team's notice and a link to the temporary patch in their mail archives at http://docs.FreeBSD.org/cgi/mid.cgi?200912010120.nB11KeaW086655.

Special offer ending Cyber Monday

Did you know we recently introduced our VPS services? NullShells is offering customers VPS at rock bottom prices; there is no setup fee, no contract, and the standard technical support we offer comes with no additional charges. With our VPS you have full root access and control over your server, you can install what you want to install. We recommend these VPS for more experienced users, who want to administrate their own server. If you would like we can offer you managed VPS with the Premium Support Package which includes 10 hours of "hands on" administration from our staff.

In addition to the above, I am able to extend a special offer to include free Secondary DNS, or Primary DNS (with your VPS as a hidden primary) on any Copper VPS until Monday, November, 30th 2009. Our DNS service allows you to create unlimited sub-domains. Our DNS network has name servers geographically distributed and ready to handle all your domains without problems. For customers who wish to use only our DNS, we will be introducing a DNS service in the near future which is based on our DNS network.

Our Copper VPS is a great service for organizations and individuals: web hosting, development, and even casual IRC usage. The competitive prices and these offers we for our Cyber Monday sale will not last. Our Copper VPS with the ISPManager Lite control panel which is also being thrown in for free is a $588/yr. value for only $200/yr.

With the free DNS and free ISPManager any customer who purchases Copper VPS will be receiving a $888/yr. value for only $200/yr; this DNS service included for free will work for up to 100 domains. An additional 100 domains is $300/yr.

Offer ends with Sale on 11/30/09 11:59 EST.
Order Now on our page before the sale is over!

Black Friday through Cyber Monday Bonanza

Our Black Friday through Cyber Monday Bonanza includes former, current, and new customers and can be applied on any new order through Monday, November, 30th 2009; details are as follows: Okay our Black Friday through Cyber Monday sale is as follows:

Micro Shell Hosting
1 Back Ground Process
25 MB Storage
Crontab, GCC, JDK
IRC Allowed
Bots/BNCs Allowed
SSH Access
SALE: 12/yr.
50% Off!

Advanced Shell Hosting
8 Back Ground Process
300 MB Storage
Crontab, GCC, JDK
IRC Allowed
Bots/BNCs Allowed
SSH Access
SSH Tunneling
SALE: $96/yr.
Save $24/yr.

Premier Web Hosting
5 GB Storage
50 GB Bandwidth
100 FTP Accounts
500 EMail Addresses
100 MySQL Databases
50 Domains
SALE: $168/yr.
50% Off!

Copper VPS Hosting
10 GB Storage
256MB RAM
100 GB Bandwidth
1 IP Address
Root Access
SSH Access
SALE: $200/yr.
Save $28/yr.

Add On to Copper VPS for Web Hosting only:
ISPManager Lite
PRICE: $255 SALE: FREE
Save $360/yr. (discount applies to non-IRC customers only).

One item per customer.
All features are not listed.
Sale ends 11/30/09 11:59 EST.
Order Now on our page before the sale is over!

Happy Thanksgiving!

For those of you who celebrate it, we're wishing you a Happy Thanksgiving! You are probably already getting excited for some turkey, stuffing, gravy, cranberry sauce, and the rest of the holiday feast this Thursday - don't forget to save room for dessert! We're very grateful for you all and we hope you'll get to spend a wonderful time visiting with friends and family, sharing your gratitude, and eating lots of great food.

We know that immediately after Thanksgiving, the holidays are only a short while ahead and everyone is ready to start their holiday shopping. Our 4 year anniversary just went by, and we wanted to give you something special this year to look forward to... we're going to kick off the holiday season here at NullShells Networks with a 4 day sale. I'm not able to divulge all the details of the sale yet, but I can tell you that the sale is going to start on Black Friday and end the night of Cyber Monday.

If you don't know already, Black Friday is the day after Thanksgiving. Many retailers across the U.S.A. open their doors at 5AM with long lines of patrons waiting to partake in their special one-time a year sale prices. You can really get amazing prices on some quality products. Cyber Monday is the Monday after Black Friday; it's the online equivalent of Black Friday when many online retailers begin their special one-time holiday sales where you can often find the lowest prices throughout the year.

Check back on Black Friday, and tell your friends to also; we will be posting our special sale prices early on that day.

SSL Encryption is in at Nullshells Networks - Part 3

SSL Encryption is totally in at Nullshells Networks!

It's been almost a year since our first post about SSL Encryption here at NullShells and it's amazing how much changes in a year. Now we've decided on an SSL certificate authority for the main site... even though we do have some reservations. I still believe that browsers generally distort the user experience by labeling self-signed certificates as untrusted, and trusting corporate certificates from authorities. I think that this is all steeped in greed and the desire to manipulate people into paying for something that they can create themselves for free. Anyone can setup their own CA, when they don't want to make a self-signed certificate, they can do it the same way the trusted CAs do, and it still won't recognize your certificate as trusted in a browser.

The authority we decided on was AlphaSSL; we purchased an SSL certificate through Dynadot for only $12, that's $53 off the price through AlphaSSL directly. All in all this is a pretty reasonable price to allow our customers to avoid the annoyance of having to trust a self-signed certificate. In my opinion, this is a fair price considering the costs that are involved with creating a certificate authority and distributing certificates through the web. Overall this is a good value for both us and you. In addition to that, we found that the AlphaSSL certificates support many mobile devices that aren't supported through other websites!

If you've got your own website, you have web hosting with us, and you want SSL then we recommend you get one of these $12 certificates on your website too. Otherwise, you are still welcome to use our systems to generate a free self-signed certificate for your website. However, please note that in order to take advantage of your certificate on our hosting servers, you do need to purchase an IP for $2/mo. for your domain name. Once you purchase an IP you can use your self-signed or purchased SSL certificate on your website. You only need to contact us to have us add it to our our apache configuration file, or we request access to this file yourself.

Alternately, you also can use our shared certificate (self-signed) simply by enabling SSL through the checkbox in our control panel. Once you enable this you will have the shared SSL certificate we offer on the main IP for all of our websites on that server. As an example, below you can see what an SSL dialog looks like in the control panel for our main website at nullshells.net.



Our AlphaSSL SSL certificate should be supported as trusted by pretty much all browsers. If you have problems then we definitely want to know! So in the rare case that this happens, write us a detailed report of the problem (please include a screenshot) and mail it to contact@nullshells.net.