Jump to content


Photo

what do I need to do to prep for site relocation to MDD ?


  • Please log in to reply
16 replies to this topic

#1 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 04 April 2012 - 04:14 PM

hi again

I've been working on reducing http requests and reducing bot hits etc, at my sites at another webhost. It's a bit of a learning curve but I thought I was getting there. I also have set up a CDN for the sites at rackspace UK, which seems to be working too. All in the last 10 days, after they shut me down, without any warning or communication.

I got access again while I worked at improving things ( I don't really know if indeed the situation is THAT bad comparatively really ). I also suspect that server overcrowding is also probably a factor too.

But I just got shutdown again without notice, despite all this effort, and despite zero support form their system admins ( who I'm thinking may not be there anymore ). I've been there 5 or 6 years without major issue until now. I'm not a coder and my sites are all joomla sites, so I mostly need access to the site to tweak or add apps that help reduce server loa. General user traffic is quite low as the sites haven't really been promoted or developed properly ( despite their longish existence.)

I've just learnt about xml sitemaps and sprites but I need to use online generators for those, and I need site access to do that, for the generators to work. So I'm in a very trying spot. I'm desperately trying to make things work efficiently.

I'm currentlty waiting on a reply from them, so I can get more access to work on them.

BUT, what do I need to do to prepare for a relocation to MDD ? There is one account, it has what you call a few addon domains. Do I need to wait till I get access again to make a transfer possible ?

I'm happy to send you some site stats to check over, as I egt some new current ones, if you like, so you can see how they look and function, server wise etc.

I'm keen to move. I like what I've read about you guys there. I want support that understands english and is more experienced and tech savvy than what I have now. I want to have low server usage sites too and am doing everything I can to improve things. ( now learning about sprites, which I think would help my sites a lot ).

The issue with my sites seems mostly to be spambots ( my robots.txt files were approved and checked by the webhost support person ) and recently the frequent manually instanced browser cron jobs I was making to learn and get the CDN app working properly.

Hopefully I haven't put you off hosting my sites, and I am still welcome.....

paul

PS just to sum up : what do I need to do to prep for the move - technically and with the current webhost, and with MDD ( assuming you'll take me ) ? The domains are registered elsewhere, by the way.
  • 0

#2 MikeDVB

MikeDVB

    Forum Administrator

  • Staff Administrator
  • PipPipPipPipPip
  • 2,900 posts
  • Gender:Male
  • Location:Central Indiana, USA

Posted 04 April 2012 - 04:42 PM

I've been working on reducing http requests and reducing bot hits etc, at my sites at another webhost. It's a bit of a learning curve but I thought I was getting there. I also have set up a CDN for the sites at rackspace UK, which seems to be working too. All in the last 10 days, after they shut me down, without any warning or communication.

Ok.

I got access again while I worked at improving things ( I don't really know if indeed the situation is THAT bad comparatively really ). I also suspect that server overcrowding is also probably a factor too.

I have no way of knowing as I do not work for them, and would hate to speculate without evidence/information to back it up.

But I just got shutdown again without notice, despite all this effort, and despite zero support form their system admins ( who I'm thinking may not be there anymore ). I've been there 5 or 6 years without major issue until now. I'm not a coder and my sites are all joomla sites, so I mostly need access to the site to tweak or add apps that help reduce server loa. General user traffic is quite low as the sites haven't really been promoted or developed properly ( despite their longish existence.)

Ok. I'd venture to guess you likely have a plugin that is causing issues, or something similar. Hard to know without running the server you're on.

I've just learnt about xml sitemaps and sprites but I need to use online generators for those, and I need site access to do that, for the generators to work. So I'm in a very trying spot. I'm desperately trying to make things work efficiently.

Neither of those will have an impact on the server.

BUT, what do I need to do to prepare for a relocation to MDD ? There is one account, it has what you call a few addon domains. Do I need to wait till I get access again to make a transfer possible ?

It depends on whether you're on a cPanel provider now or some other sort of panel, how many domains you need to move, etc. It's hard to tell you what you need to do without knowing more about your account/server.

I'm happy to send you some site stats to check over, as I egt some new current ones, if you like, so you can see how they look and function, server wise etc.

Not worried about stats.

I'm keen to move. I like what I've read about you guys there. I want support that understands english and is more experienced and tech savvy than what I have now. I want to have low server usage sites too and am doing everything I can to improve things. ( now learning about sprites, which I think would help my sites a lot ).

Sprites will help with static requests/second and page load time on the browser end, but won't have a meaningful impact on server resource usage. Most servers can do upwards of 20,000 static requests/second or so.

The issue with my sites seems mostly to be spambots ( my robots.txt files were approved and checked by the webhost support person ) and recently the frequent manually instanced browser cron jobs I was making to learn and get the CDN app working properly.

The issue with spam bots is that they are inherently malicious. Think about it this way - if a spambot is a robber - simply putting a sign on your window "No robbers, do not go to the back room where the safe is located." isn't going to stop them. Robots.txt can, in essence, tell a malicious bot EXACTLY where to find information you don't want them to see.

Hopefully I haven't put you off hosting my sites, and I am still welcome.....

Hard to make a judgement based upon what you've posted.
  • 0
Michael Denney - MDDHosting LLC - Providing Hosting since 2007
Scalable shared hosting plans in the cloud! Check them out!
Highly Available Cloud Shared, Reseller, and VPS
http://www.mddhosting.com/

#3 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 04 April 2012 - 05:00 PM

Ok.

I have no way of knowing as I do not work for them, and would hate to speculate without evidence/information to back it up.

Ok. I'd venture to guess you likely have a plugin that is causing issues, or something similar. Hard to know without running the server you're on.

Neither of those will have an impact on the server.

It depends on whether you're on a cPanel provider now or some other sort of panel, how many domains you need to move, etc. It's hard to tell you what you need to do without knowing more about your account/server.

Not worried about stats.

Sprites will help with static requests/second and page load time on the browser end, but won't have a meaningful impact on server resource usage. Most servers can do upwards of 20,000 static requests/second or so.

The issue with spam bots is that they are inherently malicious. Think about it this way - if a spambot is a robber - simply putting a sign on your window "No robbers, do not go to the back room where the safe is located." isn't going to stop them. Robots.txt can, in essence, tell a malicious bot EXACTLY where to find information you don't want them to see.

Hard to make a judgement based upon what you've posted.


Hi nike,

Thanks for the response.

I thought I WAS giving you some idea of things, but if not, please tell me what info would be helpful and I'll get it to you.

There are about 5 domains totalling about 10gb in size. Most of that is weighted in one of those domains, while th eother 4 have much much smaller sizes, to almost nothing.

The servers and account is with IXwebhosting.com. I can't be sure what type of cpanel is used, I'd have to go check ( assuming it will tell me somewhere there ).

paul
  • 0

#4 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 04 April 2012 - 05:17 PM

Here's a link to their demo cpanel page ( You may be able to identify it by its appearance that you're probably familiar with - or not, I guess ):

iX demo cpanel

And it's an unlimited pro account - plan details here

Hope that helps a bit. Please let me know if not and actually what specific info you need or would like, and I'll get it to you.

P

PS The thing about the account is that the sites have mostly been sitting there, no traffic, virtually unused with the same configurations and content for more than a year, and only now there is an issue.
  • 0

#5 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 04 April 2012 - 05:37 PM

btw - I use the term cpanel as a generic term for all control panels. Not specifically the cpanel brand product.

And when I mentioned stats I was referring to cpu usage and bot hits - I don't know if that would be of any useful or relevant info for you re my sites coming over to MDD.

P
  • 0

#6 fshagan

fshagan

    Member

  • Members
  • PipPip
  • 145 posts

Posted 06 April 2012 - 08:23 AM

From the page source on the demo, the control panel appears to be Hsphere.

PS The thing about the account is that the sites have mostly been sitting there, no traffic, virtually unused with the same configurations and content for more than a year, and only now there is an issue.


MDD is a great host, and they do try to help, but "fixing" a site sending out spam, hosting phishing pages, etc. is out of their scope as a web host. They may do it at extra charge, or know someone who will do it. If you haven't been doing updates regularly on the Joomla sites, you probably have more issues than just a web host that is shutting you down. (Updates on Joomla ... until recently ... required you to download a zip archive of the program, unzip it locally, then upload it to your site via FTP). If your sites were not updated, and need to be "sanitized", it can be a long and involved process, and costly if you don't do it yourself.

Can you tell us what the issue is, exactly? What was the specific reason they gave for suspending the account? It should be 10 words or less.
  • 0

#7 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 06 April 2012 - 02:20 PM

hi fshagan

When I say unused or left idle ( while I worked on other sites of mine ) I'm referring to content and design. I always kept them up to date with joomla updates and am quite au fait with using update manager or ftp to update. I always kept third party apps up to date as well. I'm very security conscious as well, careful with things like directory permissions htaccess file set up. ( though the benefit is that I've had to learn about site performance - bots, xml sitemapping, page speed testing, setting up a CDN ( content delivery network using cloud technology ) and so on. So it's been a bonus in that way )

One of the reasons I'm relocating is that I want to make use of a third party app designed for site migration with joomla, so I can upgrade from 1.5 to 2.5, which would be no easy or short task without it. It needs PHP5.3, and I currently only have 5.2.17 ( I did ask them about any future php ugrades by the way ). J1.5 is still supported till this month I think anyway, and I've been waiting for all the third party dvelopers to bring their apps up to speed for 2.5 before I made across the board changes. J1.5.26 is still pretty solid though.

The auto shutdown comes from server overload ( well their settings for it at least ) - lots of spambot hits - which is why I've spent the last two weeks learning about and setting up various things to improve site performance and control bot hits ( hopefully ). I also suspect that there may be a little account overcrowding of the server, something that some webhosts are guilty of ( which is one reason I'm attracted to and like MDD ).

My sites' peformance, in many areas, has actually seemingly genuinely improved ( testing with various site performance and page speed testers online ).

You have to remember I couldn't actually get to deal with system admins directly, to get more information or advice, the way that I used to be able to with this webhost. Seems I only got to deal with 'customer service' who weren't so great with either their expertise or communication skills. And I want better than that.

Only about 10 hours ago I discovered 3 sites on my account had been hacked, and I'm thinking this may have been the primary source of the server overload issue ( I'm hoping ). I'm still waiting for their security team to address the issue - and am not doing anything with the sites till they clean it and report to me. ( seems again a long wait to get security attention though ). After that I'll double check, and begin my own backups after I finish adding and tweaking further performance enhancements. When it's all in good shape, I'll start the process of moving. Not before.

This webhost, whom I won't mention here, has a history of DNS attacks and poor support ( for some others ), though I always had what seemed pretty good tech support and response time, and reasonably good uptime and performance over the 5 or 6 years I've been with them, with no serious issues or anything like this happening before.

I didn't like being shutdown without notice or warning, and also again in the middle of an arranged site enabled time and monitoring period to work on things. Mostly I didn't like the 4 day response time I had to initially wait for with them to even tell me what was going on - that was the worst thing really. They used to be much better than this and I suspect they have lost tech staff over the past period leading up to this, leaving them understaffed, but I can only guess. Even now the response times are less than I expect, especially for what now looks like a hacking issue.

So I'm moving ( Plus litespeed servers might be faster for my sites than apache, which I'm looking forward to ).

I don't expect a host to 'fix' things, especially and obviously not for site side related issues, unless it's their fault or responsibility. But I do expect some general advice or support or information if I really need it, if they have it, or more tech info as to what any issue may be coming from etc, to point me in the right direction. That is what support is supposed to do and be, isn't it ?

I did a lot of backgrounding looking for a good webhost to get to MDD, and they seem to actually have genuinely good and real praise in their reviews. Trying to discern the real from the manufactured webhost ratings and reviews is the hardest thing, as you'd probably know.

So, sorry to gab on a bit here, hope you don't mind. And I hope I can be a part of MDD Hosting sometime soon. I AM genuinely looking forward to it.
  • 0

#8 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 06 April 2012 - 02:55 PM

PS I mentioned upgrading from joomla1.5 to 2.5, but it's not an upgrade, it's a migration, which is a much bigger deal than a standard upgrade.

J2.5 is a totally new rewrite of the platform and as such, a standard upgrade is not possible.( JFYI - though you probably know anyway - and for others who aren't familier with joomla )
  • 0

#9 fshagan

fshagan

    Member

  • Members
  • PipPip
  • 145 posts

Posted 06 April 2012 - 07:53 PM

Only about 10 hours ago I discovered 3 sites on my account had been hacked, and I'm thinking this may have been the primary source of the server overload issue ( I'm hoping ).


That makes sense, and was what I suspected. You may not get much help from the tech guys. Web hosts are not responsible for your site's security, and it's rare that they can devote the time to fixing things. You can hire it done, of course.

You might check to see if the migration tools care if the old site is hacked. Often, migration involves reading from one database and then populating the mapped fields in the new database. That's bad if the hacking affected your old database, but its more common that the hacking injects code into .php files, or adds pages to a site that are NOT in the database (as you probably know, the .php files in a database driven site form a kind of template that then has data inserted into specific places. Most hacking attempts are of the .php files, or "template" itself, and not the database.)
  • 0

#10 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 06 April 2012 - 08:23 PM

That makes sense, and was what I suspected. You may not get much help from the tech guys. Web hosts are not responsible for your site's security, and it's rare that they can devote the time to fixing things. You can hire it done, of course.

You might check to see if the migration tools care if the old site is hacked. Often, migration involves reading from one database and then populating the mapped fields in the new database. That's bad if the hacking affected your old database, but its more common that the hacking injects code into .php files, or adds pages to a site that are NOT in the database (as you probably know, the .php files in a database driven site form a kind of template that then has data inserted into specific places. Most hacking attempts are of the .php files, or "template" itself, and not the database.)


I actually now do remember a small but similar incident a few years back now, and it was dealt with by the system admins - they investigate and 'clean' everything and give it a safety pass before they let you have it back ( or at least this is what they said was done, and they provide a tech report on the whole thing. So I'm assuming this is what will or should be happening now. I think either understaffing or the Good Friday holidays ( if they have them ) may be interferring with progress. IXwebhosting apparently has their own 'Hacking Department ' ( by title ).

And Hsphere does sound familiar as the control panel. I've used cPanel before at another host, a bit, but find the Hsphere panel more pleasing and easier on the eye, designwise. CPanel has always seemed like a Windows 2000 era design and layout type. Everything small and boxed in, old style icons etc. It could use a makeover.

Thanks for the feedback, by the way.

PS I also don't want to bring a hacked site to MDD. And I'd like a clean start ( even psychologically ).
  • 0

#11 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 08 April 2012 - 05:39 AM

That makes sense, and was what I suspected. You may not get much help from the tech guys. Web hosts are not responsible for your site's security, and it's rare that they can devote the time to fixing things. You can hire it done, of course.

You might check to see if the migration tools care if the old site is hacked. Often, migration involves reading from one database and then populating the mapped fields in the new database. That's bad if the hacking affected your old database, but its more common that the hacking injects code into .php files, or adds pages to a site that are NOT in the database (as you probably know, the .php files in a database driven site form a kind of template that then has data inserted into specific places. Most hacking attempts are of the .php files, or "template" itself, and not the database.)


hi fshagan - it's now into the 3rd day since I notified the webhost about the hacked / installed files I found. I left them there for them to see, investigate and clean. They had done this a few years ago, and even in the recent post exchanges with them they said that's what they would be doing. I had just posted again to them, in a friendly tone at that, asking them what was happening. Within minutes a return post came back that they were unable to complete an invetsigation as I had removed all the hacked files ( which I specifically hadn't ). I went to check and the files were all still there, despite what they'd said.

Something has really gone bad at that host. This is not how I've experienced their support before. Fancy telling me I'd removed the suspicious files and even leaving them there after saying that ??!!! Unbelievable really. Makes me want to run far away from them as fast as possible.

I won't go into any more of what's happening there, but I was wondering if you could advise me at all with where and how to look for anything suspicios in the dbs ? ( and then I'll delete the folders myself, do backups of sites and data, and sign up here ) I had a look and couldn't see any unusual items ( but maybe I wasn't lookig deep enough ? ). It appears that there is a small 'subwebsite' installed, going by the folders observed at site via ftp viewing. Possibly just pages installed outside of the db, as you mentioned ? ( I didn't want to go opening any active type files - I had a look at some txt files I downloaded, and changed the file types of some js files, before downloading, to look at them as a txt file, and they were pretty suss and incriminating. )

I don't know anyone else I could ask - except google I guess ( which I'll start on ) If you can throw any suggestions at me I'd appreciate it. If not, no worries, I understand. It's not your prob, I know.

I hope I can get out of there cleanly and without loss of data. I'm in a bit of shock really, as to how they responded....oh well, best get to it. It's going to be a long night.

( and thanks, in advance, should you be able to advise at all )
  • 0

#12 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 08 April 2012 - 06:06 AM

Just an update - now they're saying they made a mistake, "looked at the wrong folders" ( sure they did ), double checked and that the folders seem to be leftovers from an old server incident in 2010 ( when they were uploaded ), that was fixed at that time, and that there has been no recent activity from the files in question ( via the logs ). I do remember a server wide issue over something back about then.

So, I'm deleting all the files, and gearing up to move.

Is there a standard procedure for changing hosts ? How does it work usually ? sign up with MDD first, then I contact my current host or does MDD make all the communication ? I've never changed hosts before...

thanks, paul
  • 0

#13 fshagan

fshagan

    Member

  • Members
  • PipPip
  • 145 posts

Posted 08 April 2012 - 10:05 AM

Just an update - now they're saying they made a mistake, "looked at the wrong folders" ( sure they did ), double checked and that the folders seem to be leftovers from an old server incident in 2010 ( when they were uploaded ), that was fixed at that time, and that there has been no recent activity from the files in question ( via the logs ). I do remember a server wide issue over something back about then.

So, I'm deleting all the files, and gearing up to move.

Is there a standard procedure for changing hosts ? How does it work usually ? sign up with MDD first, then I contact my current host or does MDD make all the communication ? I've never changed hosts before...

thanks, paul


I'm a bit paranoid, so I don't usually tell my current host that I'm moving until I am ready to move. There are some hosts who cut off access immediately.

The usual process is to find a good host, buy the account there, and ask them to do the migration. They get your log in password and do a server-to-server transfer. Once you are satisfied that the new host has done the transfer, you change your name servers at your domain registrar to point to the new host's server (the new host will give you the name servers to use).

However, in your case, you are moving from a Hsphere control panel to a CPanel control panel. You'll have to ask if MDD will do that migration; it all depends on if there are tools to do it easily.

Check with the Joomla community; there may be an easier way. Many of the CMS programs have a database export function. I use Wordpress a lot, and Wordpress does have this. I export the database on the old server, import it into a brand new, unadulterated installation of Wordpress on the new server, and then change the name servers at the registrar. The end result is a brand new installation with the old data. Wordpress handles the change from the new server's "temporary" URL (usually the IP address and the username in the format "http://192.168.1.0/~username" on a cPanel server) to the domain name after the name server update happens. I don't know if it's possible to do this with Joomla.
  • 0

#14 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 08 April 2012 - 11:05 AM

I'm a bit paranoid, so I don't usually tell my current host that I'm moving until I am ready to move. There are some hosts who cut off access immediately.


So am I. Especially as I'm no longer sure of who or what kind of service I'm dealing with there. It's definitely changed there.

Thanks for the tips. Think I'll follow that approach, makes sense. ( about doing the migration first )

Joomla has a third party backup and restore app that's pretty good ( usually ). Gets used for backing up everything, inlcuding dbs, making any changes necessary if the url is a different one to the original, and reinstalling entire sites at a different url. It's called Akeeba. I'll check on its suitability in this instance, and also for best options if that isn't it. And run it by MDD too of course.

I appreciate the heads up, by the way.
  • 0

#15 fshagan

fshagan

    Member

  • Members
  • PipPip
  • 145 posts

Posted 08 April 2012 - 10:28 PM

So am I. Especially as I'm no longer sure of who or what kind of service I'm dealing with there. It's definitely changed there.

Thanks for the tips. Think I'll follow that approach, makes sense. ( about doing the migration first )

Joomla has a third party backup and restore app that's pretty good ( usually ). Gets used for backing up everything, inlcuding dbs, making any changes necessary if the url is a different one to the original, and reinstalling entire sites at a different url. It's called Akeeba. I'll check on its suitability in this instance, and also for best options if that isn't it. And run it by MDD too of course.


Some people like to move the site, then upgrade in place. I prefer to do migrate to a brand new installation rather than move the site. But there are probably a lot of pros and cons to each method that I haven't thought of, so someone with more Joomla experience would be the best to ask!
  • 0

#16 pabs11

pabs11

    Newbie

  • Members
  • Pip
  • 21 posts

Posted 08 April 2012 - 10:41 PM

Joomla is currently in a transitional period of versions. Versions that are total rewrites of the platform so it's a migration rather than an upgrade. I don't want to risk complicating things with a migration of versions along with a migration of sites ( as well as the control panel differences that may or may not mean extra care ).

Firstly, I would like to get away from the current webhost, especially given recent circumstances. Move to somewhere I feel I might be able to trust more ( like MDD ! ).

I'd like to be able to do it your way but I think I'm going to take smaller, ( simpler, less risky ? ) steps, one thing at a time.
  • 0

#17 fshagan

fshagan

    Member

  • Members
  • PipPip
  • 145 posts

Posted 10 April 2012 - 04:06 AM

Joomla is currently in a transitional period of versions. Versions that are total rewrites of the platform so it's a migration rather than an upgrade. I don't want to risk complicating things with a migration of versions along with a migration of sites ( as well as the control panel differences that may or may not mean extra care ).

Firstly, I would like to get away from the current webhost, especially given recent circumstances. Move to somewhere I feel I might be able to trust more ( like MDD ! ).

I'd like to be able to do it your way but I think I'm going to take smaller, ( simpler, less risky ? ) steps, one thing at a time.


I had heard they were going to a more-Wordpress like model for updates; rather than FTP the files to the server, you just click a link in the Admin section when there's an update available. Joomla and Drupal are both pretty secure when kept updated, but only about 25% of the sites are updated, and the "difficultly" in upgrading them is cited as a reason for that (in contast, Wordpress with it's single click to update has about 90% of the sites up to date).

Small steps are the right way to do it, I think. And maybe having someone very experienced with Joomla you can have help you.
  • 0




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users