Heartbleed OpenSSL Vulnerability (CVE-2014-0160)

Posted by & filed under Security.

On April 7, 2014 a vulnerability was discovered in OpenSSL that could allow attackers to view sensitive information stored in memory. Given the severity of this vulnerability we are encouraging all customers to take the necessary steps to verify their OpenSSL installations are patched and not vulnerable. Most Linux distributions these days come with a package manager (ex: yum, apt).  If you are running a supported Linux distribution (one that is not End-of-Life) you can simply use the provided package manager to update your OpenSSL installation.  If you have built OpenSSL from source, or built any other applications that use OpenSSL from source (ex: Apache) you will need to first upgrade OpenSSL, and then recompile those applications.  If you are running the cPanel/WHM software on your server and are running RHEL/CentOS 6.5 chances are you are vulnerable!  You should first run a “yum update” and then rebuild Apache using Easy Apache in the WHM under WHM > Software > EasyApache or from the CLI using /scripts/easyapache.

 

If you have any questions, concerns, or need assistance please open a support ticket at https://helpdesk.ndchost.com/


Public CentOS Mirror

Posted by & filed under Announcements.

For a long time now we’ve had a private CentOS mirror, this mirror was really only used internally for new deploys. Today that mirror has been made public and is now accessible to the world! The main problem with a private mirror was that servers would only use it if told to do so. Since we did not want to mess with CentOS’s default yum configuration we would leave them untouched and this private mirror would remain mostly idle. Now that our mirror is public your servers might actually start using our internal mirror. Unfortunately the CentOS mirror list when queried only provides 10-20 mirrors located in the same country the IP space is located in. This means that your server will only use the local mirror by luck of the draw. Karanbir from CentOS has told us that this will eventually change, the plans are to have a system that’s smart and will choose the closest mirror based on the ASN. Until then, your servers will continue to choose whatever mirrors they are dealt!


Connectivity Issues

Posted by & filed under Announcements.

At 20:04 (PST) we started receiving alarms showing saturation of the Time Warner Telecom peer.  Further investigation showed that a DDOS attack was aimed at our network and was mainly flowing down the TWTC path.  After analyzing the traffic filters where put in place and traffic coming down TWTC returned to normal.


New linux distributions available in the VPS manager!

Posted by & filed under Announcements, Products and Services.

We’ve added a few more Linux distributions to our arsenal!

CentOS 5.6 – This is a maintenance release upgrading our previous image to the latest version of the CentOS 5 tree. In addition we also added the yum-fastestmirror and perl packages to this image. For more information about this Linux distribution go to http://www.centos.org

Scientific Linux 6.0 – For more information about this Linux distribution go to http://www.scientificlinux.org

Mandriva 2010.1 – For more information about this Linux distribution go to http://www.mandriva.com

Fedora Core 15 - For more information about this Linux distribution go to http://fedoraproject.org


New Customer Billing System

Posted by & filed under Announcements.

When NDCHost was started back in 2002, we searched high and low for a customer billing solution that would fit all of our needs.  Nine years later and we are still using that same billing solution; but times are changing and we have out-grown the current system.  We set out again to find a new solution but were not really happy with anything the industry offered.  The decision in the end was to go with a pre-built solution but to also write our own front-end that would provide our customers with a central location to manage all of their services with the added flexibility that only a custom solution can provide!

This Sunday, April 17th 2011, we will be migrating our current billing system data into our new system.  We ask all of our customers to please be patient while we under go this major change.  We have ran this in our test environment many times and we are confident that we have worked out all the bugs. However if you do experience any problems, have any questions, or think something is not correct, please contact us immediately.

On initial release the customer portal will be limited to managing services much in the same capacity that is done now.  As time goes on more and more services will be integrated ultimately providing a single cohesive interface across all of our product lines.  Below you will find the information you need on how to manage your current services.

cPanel Licensing – Currently customers are able to activate, cancel, or modify their license through our current billing solution.  These features will also be available in our new customer portal.  Simply log into the portal, click manage products > cPanel Licenses, and start doing what you would normally do.  One new feature is the ability to see information about your license that you could not see before like  License ID, Server Hostname, OS, cPanel/WHM Ver, Kernel Version, etc..  Other new features coming soon are the ability to add, remove, and modify add-on products for your licenses.

Dedicated Servers – In our old system customers had the ability to manage their dedicated server through the billing interface.  Customers were able to view bandwidth graphs, IP Address details, and physically reboot the server.  Our new system does not support this yet, but it’s coming very soon!  Any customer who needs to physically reboot their server will need to call into our support department and ask for a reboot.  We understand this may inconvenience you but a new more advanced server management system is current being written.  It will be integrated very soon!

Virtual Private Servers – Virtual Servers are still managed by logging into http://manager.provps.com and using the VPS username and password.  However soon this will no longer be the case and you will manage all of your virtual servers through the customer portal!  For now continue to manage your virtual servers through the ProvVPS Manage interface.

Shared Hosting – Shared Hosting customers will continue to manage their hosting accounts as they did before by logging into the cPanel control interface.  Our plans are to make it easier for you to log into this interface through the portal.

Shared Co-location – Please read the dedicated server section above as all of the information is the same.

We have a lot planned for this new portal and our plan is to integrate everything into it.  Customers will no longer have to log into multiple interfaces to manage their services.

If you experience any problems, have any questions, or think something is not correct please contact us immediately.  It is best to first open a ticket by either going to https://helpdesk.ndchost.com/ or by emailing support@ndchost.com.  Once you have a ticket open you can either wait for a support representative to respond or if the matter is urgent you can call our support department at (949) 388-8169 and reference your ticket number!


64bit CentOS 5 Virtual Servers Are Now Available!

Posted by & filed under Announcements.

VPS customers now have the ability to deploy 64bit CentOS 5 virtual servers!  Look for more 64bit Linux distributions to come!

- Note – Customers should only choose a 64bit install if they truly require a 64bit OS.  Using a 64bit version will result in your VPS using more memory/resources than it would have as a 32bit deploy!



Manage Your Own cPanel Licenses!

Posted by & filed under Announcements.

That’s right!  Just one more reason to choose NDCHost.com as your cPanel license provider!  Until today customers needed to contact support any time they wanted to add, remove, cancel or change the IP of a cPanel license.  This is no longer the case, and customers can now easily manage their own cPanel licenses by logging into the billing portal and clicking the cPanel Management tab. With our new management system license additions and modifications are done instantly with no need to wait for an approval process! This will significantly increase the speed at which customers can deploy new cPanel servers.

As a customer, you can now instantly do any of these tasks:

  • Add new cPanel license for Standard and Virtual Servers (VPS)
  • Cancel an existing license
  • Change IP address of an existing license
  • Re-activate licenses that are canceled

If you have any questions, please do not hesitate to contact us or if you are not an existing customer, place an order!


*NEW* CleanBackups cPanel/WHM Plugin Released!

Posted by & filed under Announcements.

Some of you reading this may be familiar with a script we wrote a few years back called cleanbackups.  For those of you who are not, the basic principle of this script was to clean your cPanel backup directory by removing backups that were still hanging around for accounts that had been removed.  The previous version of cleanbackups was a script that had to be run through the command line, or if an administrator wanted to automate the process, had to configured to run via a cron job.  The previous version was basic and lacked many of the features our customers wanted to see! So we took all the feedback we received from the previous version and started fresh.  Our main goal was to make it easier to use and more feature rich, and the result is this brand-new WHM plugin!

A few key features:

  • WHM Plugin — This allows administrators/staff who are not comfortable working on the command line to use the plugin through a simple web interface.
  • Auto Cleaning — You can now enable or disable the auto cleaning job through the WHM.
  • BackupTTL — Specify how many days you want to keep backups of non-existent users before they are removed; defaults to 60 days.
  • Log View — Easily see what backups where removed and when by looking at the recent activity monitor in the WHM.

To learn more about the cleanbackups plugin, please visit our plugins section.


Hosted and Self-Hosted PluginSMX

Posted by & filed under Announcements.

A few years ago we wrote a cPanel/WHM plugin that would turn a DNS-Only install of cPanel into a backup mailserver. This plugin was never advertised on our web site and was mainly sold to customers looking for a high-availability mail solution. Well, that’s no longer the case! We now have hosted and self-hosted packages on our site! The SMX plugin added a extra level of redundancy to your current cPanel/WHM solution by creating another channel for mail to be delivered. If your primary server is ever down or unreachable mail will then be routed to the SMX server. The SMX server will accept the message and then attempt to deliver it to the primary server. If the primary server is still down or unreachable the SMX server will hold onto the message and re-attempt delivery every 4 hours until the message is delivered.

Few Key Features

  • Never lose another email because of an unreachable server!
  • Supports multiple cPanel/WHM servers
  • Verifies either by domain or by recipient   *NEW FEATURE*
  • Server can also be configured as a redundant nameserver (DNS clustering)

Click Here to learn more about our SMX servers or the SMX Plugin.