New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
This is the page that got me to spend 5mins on running the gpg verified install script :
https://docs.sandstorm.io/en/latest/using/security-non-events/
Sometimes you just don't feel like babysitting a hundred poorly coded apps. (php, looking at you)
It wouldn't have occurred to me that "app store" meant anything to do with "automated installer/ecosystem for FLOSS web stuff". I thought of it as "place where evil hucksters upload binary-only programs that you generally pay for, that trick you into making in-app purchases and silently upload your personal data to the Death Star".
If it's all FLOSS then I wish they'd pick different terminology and make the web site less slick. OK though, I'll take a closer look.
haha Yes, the marketing lingo around the use of 'Operating System' has already been torn to shreds elsewhere
https://news.ycombinator.com/item?id=12104361
TLDR: It's an OS in the sense that Android is an 'OS'
Thanks, that HN thread was informative, though a lot of it was about another wacky desire (seamless, separate movement of servers and data through the interwebz). The net is nowhere near fast or reliable enough for that. I don't mind using a SAN in the same data center as the server, though as we saw with the OVH Ceph clusters, even that can be asking for trouble.
Worked at HostGator as a sysadmin. During my time there one could say many things about the company but one that I would disagree with at any point would be that we lacked strong sysadmin teams.
My problem with the logical path you have to go down to assume that this means all shared hosting servers are compromised also means that you have to assume that all Linux servers with privileged accounts are also compromised. At this point you're basically assuming that all servers are compromised. I mean how do you work from the notion that everything is already broken and that you can never know because you can never prove that it's not all broken because a broken system can be made to look not broken. Therefore everything is to be assumed unknowable and broken at all times. That's an unworkable position, and I don't think its healthy or true.
The reason I say that is because you have to assume that people are breaking out of these privileged user positions at all times, simply because they're there. You don't even need cloudlinux. Cpanel has jailshell and suPHP. But if we're assuming that everything is abused by currently unknown privilege escalation vulnerabilities at all times then every server is rooted and nothing is secure anywhere, ever.
We would then conclude that nothing is safe which is connected to the internet: not your shared hosting account, not your VPS, not your dedi. At that point we're well beyond simply the idea that shared hosting is insecure by default, and we would end up in the territory of unhealthy paranoia, in my opinion. This is what I've often called the "security rabbit hole" which is a place that some security experts will lead others down, a place of endless accusation of physical inability to ever be secure, to a place where there is no valid solution beyond unplugging everything and disappearing.
Certainly it's true that shared hosting is not any more safe at the single user/application layer. I do propose that most are reasonably safe from one user infecting another, at least to the point that I would suggest that any server could ever be safe. I don't go down the rabbit hole though, there's nothing for you there.
I've had an account with a largish shared hosting company for almost 10 years now. They're on it. They know what they're doing. And if I have an infection (it happened once), they're right on my case but also work with me.
I worked at a hosting company (not VPS) a while back and we were quite on the ball about security. Despite that we had a major break-in because there was one little place that somebody had made a mistake, and some attacker did a lot of work using that as a lever. Better processes can help, but it can happen anywhere whatever you do. The security rabbit hole is a real thing, but people do it for good reasons, depending on what's at stake.
Shared hosting at DreamHost looks pretty good ( https://www.dreamhost.com/hosting/shared/ ), and at that price point it would be hard to be believe that they're not maintaining their servers well (not to mention that they would want to maintain their good reputation).
Things may look somewhat different at some low end shared hosting providers, but it's hard to know.
(So I agree with jarland's remarks.)
What Jarland said, plus each type of server has their own advantages. VPS servers are mainly good for having root access and self sufficiency at a lower end price.
Though there are great dedi deals out there, common sense would seem to indicate that at least on a dollar for dollar level, VPS will always be cheaper.
I have uses for all 3 kinds. For more tech savvy people, shared hosting is probably the least attractive due to lack of control.
I totally forgot Cloud hosting...have had my share of cloud hosting. I see the benefit with cloud hosting, but still, it's just a advanced form for shared hosting there your neighbors can abuse the resources and impact your service. With dedicated servers you have no neighbors.
I used to use DH, but I had a cron job that ran for 5 minutes every 4 hours that went up to taking 1 hour to complete. Moved it to a RamNode KVM that cost 1/3 the price and it finishes in less than a minute.
Even my static pages were sloooooow on DH; they oversell way too much. The other issue they never fixed is that they blacklist their own servers for spam (spam issues being another big downside of shared hosting), so I sometimes wouldn't even get the cron results.
As for moving to dedicated, it all comes down to what's the cheapest and easiest solution to the problem I'm tackling, both in the short term and the long term. These days, though, I'm leaning more towards abstractions that are best served by VPSes or possibly containers. The less I have to worry about the hardware the better, but just like shared hosting, I'd have no problem rolling up my sleeves and moving on if providers started overselling like mad.
Yeah, shared hosting no doubt has downsides of this kind that aren't always made explicit in advance by the provider (though your experience seems pretty extreme).
By the way, I wasn't endorsing DH per se -- only saying that it seemed like a safe bet in the sense of security.
In the old days, I had a shell account with a provider, and I remember that the IP address got temporarily blacklisted a couple of times due to a malicious user. Happily, the provider was always quick to act to get the IP address clean again and to ban the malicious user.
The nice thing about old shell accounts is that you were part of a small community of users (like a local neighborhood), you immediately felt less lonely when logged on, you could see who was on-line, chat, work, do email, etc., all from a terminal. There was something comforting about the experience.
As much as I like my various VPSes, I sometimes feel like I'm living alone in a mansion surrounded by high walls by comparison.
Shared Hosting is the semi old shared hosting if a dedicated ip is an option
You're right, 100% of all mobile apps are shitty. There are no good mobile apps out there.
OK, you don't like it. Fair enough. But you didn't share any specifics on why other than it's slick and your nervous system reacts badly to the phrase "app store".
Maybe you're having a bad day.
You probably wouldn't like Softaculous or Fantastico or Installatron either, and that's what I got from a cursory look at Sandstorm. Control panel for easy software installs. Not my thing but Softaculous, et al. are quite popular so there's a demand.
I constantly ask this very question.
I never got the shell account experience. When I first started to use VPS hosting I always used Windows VPS with Plesk control panel. Some years ago I started to use CentOS on my webservers and I have never looked back.
Still use Windows and/or Hyper-V on my main servers to create VMs (with both Linux and Windows)
There are good ones out there, but there's also a ton of sleaze (not merely crap in the sense of having low technical quality, but sleaze in that it's marketed dishonestly, tries to trick the user etc.). So you have to approach mobile app stores with a vigilant/paranoid attitude. That is different from the FLOSS world, where there's plenty of stuff of low quality but it's generally all offered in good faith. FLOSS software depots are usually called "repositories" or the like. So when someone tries to introduce the term "app store" that sounds like they're trying to turn the FLOSS ecosystem into Mobile 2.0, which gives me a poor impression to say the least. Mobile is the successor to AOL as far as I'm concerned.
I actually like Softaculous (and cPanel). But, they don't dress themselves up as FLOSS programs. They look like Windows programs, you have to pay for them(?), and I'm cool with dealing with them on that basis.
Essentially true in my experience, but you never know what is going on behind the scenes. Who knows many of those spam runs that got them blacklisted were caused by PHP exploits? Or any other security issues that come into play when you admin your own server. It's all just part of the trade-offs that come with the choice of VPS over shared hosting.
Yeah, and beyond the local system there was always IRC. And Usenet. It's all still out there, but everything has taken a second fiddle to web sites and social networks.
shared vps! :O
It's a combination of a number of things:
All this together creates the perfect storm; massive attack surface, uniform internet-exposed environments, and a big incentive to compromise the servers. These traits are not commonly seen together in other scenarios. It usually only takes a single kernel/panel vulnerability or misconfiguration to essentially pwn an entire provider and add 10-100gbps of bandwidth (and considerable other resources) to your collection of compromised systems.
Empirical (non-public) evidence confirms this scenario. I've spoken to quite a few people who primarily target shared hosting servers for precisely all of the above reasons, and in several cases this included providers whose staff had at some point publicly stated that they had a competent security team.
When it comes to security, is a VPS as safe as a dedicated server? Or is a dedicated server the safest?
All depends on the knowledge and skill level of the person running the metal. If you aren't square on security practice, the VPS is probably better for you. If you know what you're doing, the dedi is probably better security. It also depends on the virtualization; ovz scares me with its ancient kernel.
My instinct is that dedicated would always be potentially more secure than VPS in that it has at least one less layer for compromise. A VM has two operating systems that can be attacked, host and VM.
VPS was born because shared hosting was heavily oversold and dedicated was out of reach! Things are changing fast now. Hopefully some kind of premium shared hosting can make a come back for those who does not want to waste time on managing server /vps or don`t want to hire a system admin for that job.
So you think shared hosting still have a future? Or will the knowledge of people using hosting go up, so people gets good at managing a VPS or a dedicated server?
It's really not that hard.
I don't think that's factual. VPS will likely always be more efficient for dynamic scaling, migration, and replication. No matter how efficient it becomes with bare metal, virtualization will likely be ahead of it in that way.
Private cloud is the dedicated equivalent for dynamic scaling and you'll note that it's still VPS, that's just on dedicated hypervisors.
Not to mention you can't even start with shared hosting on everything. Website hosting is only one market segment for VPS/dedicated.
Different people find different things easy. There are a ton of people who will never go beyond templates and web builders. Even I would switch back to shared hosting if there were providers that offered better turnkey solutions that fit my needs.
Virtualization allows for more efficient use of dedicated resources. I can afford dedicated servers and nearly all of them (aside from the dirt cheap atoms and other low power boxes) use virtualization so I can get the most out of the resources I pay for.
There are more reasons than just affordability, and a VPS isn't immune from becoming oversold garbage - we see those complaints around here daily about overloaded nodes.
How does it do that? I can understand that it makes management easier in some ways, but you can max out your dedi with or without virtualization.