Tag: mediatemple.net

The downsides of virtual private servers

On: By: Mark

Virtual private servers (VPS) are neat inventions: they give you a guaranteed slice of resources on a real server, which means you generally have plenty of CPU, disk space and memory to run your bulletin board. Usually things run spiffy on a VPS. Limitations like outgoing email quotas generally aren’t a problem. A VPS is generally completely configurable, letting you control and install pretty much anything. It’s all this and they don’t have the cost of renting a dedicated server. The technical overhead is usually less too.

Working with a client yesterday though reinforced in my mind that a VPS is not for everyone. I’ve had a VPS for this site and my other domains over the years. I eventually discovered I didn’t need one. Shared hosting was fine for my needs (and budget), providing I could find the right shared host. Even though I am a techie at heart, doing this stuff is not where I wanted to spend my time. I could usually work around shared hosting issues and if I couldn’t, I could usually find a better shared host and move my stuff there.

VPS Pitfalls

What are some of the pitfalls of a VPS? Here are some:

  • Generally you don’t get much handholding. You usually get a web host control panel like Plesk to take a lot of the grunt work out of managing a VPS, but you can’t get rid of the technical behind the scenes work altogether. For example, the client I worked with yesterday abruptly ran out of virtual disk space. He likes to keep tons of images that are attached to posts on his VPS. He got no warning emails that he was about to use up his quota. This resulted in a cascading series of failures that me and his web host got to clean up. In his case, it appears that abruptly running out of space corrupted his database. phpBB was trying to write to the phpbb_moderator_cache table and it failed. It corrupted this table, showing it in the list of tables but it wasn’t actually accessible. I got to clean up that issue while he got to figure out just how many system backups he could safely store in his virtual space. With 20GB of attachments and about 80GB of space, you can’t make too many backups without triggering problems.
  • You may be paying too much for file space on a VPS. Prices for a VPS generally start around $50/month. If you have a lot of static files like images and videos, a lot of these static files could be moved into the cloud, you could conceivably pay a lot less money rather than buying more virtual space on your server when you need it. Putting attachments in the cloud not easy to do in phpBB although there is a dated AWS S3 extension that could be used, if you have the technical skills to set it up and migrate the files.
  • You really need to have some intermediate or advanced Linux skills. Do you know how to check the size of your physical and logical volumes? Do you know how to give a volume more space? If you do, great, but if you don’t you’ll have to rely on your host’s tech support and probably pay for the special support. You need to know SSH, how to navigate around your VPS from the command line and change file and directory permissions. To install some software, you might have to know how to use a package manager. It’s up to you to monitor your server’s performance and troubleshoot issues like emails getting blocked from going out.
  • Good shared hosting may be cheaper and meet your needs. Finding good shared hosting can be hard and the market constantly changes. Although shared hosting has many downsides, it is considerably cheaper than a VPS and someone else manages the infrastructure for you, generally speaking.
  • Like with shared hosting, there are lots of VPS hosts out there that aren’t great. Generally, you won’t know how good an experience you will have until you try it.

For these reasons and others don’t assume a VPS is the solution to your problems, even if you are willing to pay $50/month or more. It’s nice to get fast response time and that can be very helpful for things like search engine optimization, where fast page loading is a critical factor for high placement in a search index. It’s nice to see things run smoothly and reliably, which is generally what happens when you are on a VPS. When things go awry though, it’s likely to be a painful experience, unless you have the skillset for managing these sorts of problems.

VPS host recommendations

I am usually asked for recommendations for shared hosting. For a VPS, the best I’ve seen so far has been MediaTemple’s VPS hosting. I’ve had a client on a MediaTemple VPS for twelve years and system problems have been virtually nonexistent. I don’t recommend their Grid service, although that experience is some years old. A self managed VPS plan with two virtual CPUs and Plesk, for about $50/month, has proven very reliable for this client. MediaTemple is now owned by GoDaddy, and some say things were better before they were bought out, so certainly things can change for the worse.

MediaTemple grid service no longer recommended

On: By: Mark

It’s sad for me to say this, but I can no longer recommend MediaTemple’s Grid service as a hosting option. For the last 18 months or so I’ve been using this service and have gotten increasing dissatisfied and exasperated by it. Today I started the process of moving my domains off of it to Siteground.com even though I have four and a half months left on that hosting contract. This domain should now be coming to you from siteground.com servers and hopefully in a reliable and maybe spiffy fashion.

MediaTemple.net was known as one of the premier providers of business-class hosting. It was acquired by GoDaddy with the promise that it would be separately managed. It appears from my experience with their Grid service that they broke that promise with their customers. Sometimes I have to wait a minute or more to retrieve pages from my own site. It sure looks like they are overloading their servers and/or managing them very badly.

I used UpTime Robot to test whether my domains are up. Pretty much every day I will get one or more emails telling me it is inaccessible. So it was likely costing me money, motivating me to move to Siteground.com instead.

I do have clients using MediaTemple’s virtual servers and they have no complaints about that service so far. Definitely avoid their Grid service now and if you have an option you might choose some other host for your virtual or private server needs. I don’t have experience with Siteground’s, but it’s likely fine. A company like Rackspace.com is likely doing it right.

Another annoyance was revealed simply in moving my site. An old phpBB forum I have with about 50,000 posts could not be downloaded. I had to break it down into multiple downloads, including the posts table into two separate downloads. The Grid service simply cut me off when I hit some sort of resource limitation. The whole database is only 80MB or so. Shame!

Moving your bulletin board to https

On: By: Mark

Updated October 13, 2019 to add that cookie settings should be made secure and to use 443 for the server port.

Should your bulletin board transmit and receive data securely? Most boards don’t contain sensitive information, so you would think the answer would normally be “no”. A secure board encrypts all communications between server and client. This would be done by changing the URL of your board to use https (Secure HTTP) instead of http (insecure).

Once considered a nice-to-have feature, technology companies are nudging us content providers to use https. Google is primarily responsible for upping the ante. Back in 2014, Google announced that sites that send data securely would be ranked higher than those that did not, all things being equal. This is a pretty good incentive for site owners to respond, particularly if you are concerned about your site ranking. However, in 2014 moving to https was still a pain so lots of site owners decided to dodge the issue.

As with most things, going to https can be complicated and potentially expensive and/or time consuming. Fortunately, it’s less complicated than it was, and can even be free.

SSL vs. TLS encryption

To make https work, a digital certificate must be installed on your web server. Keys in the certificate are used to encrypt communications, by the server with a private key which is decrypted by the receiver with a public key provided when the connection is established. SSL (secure socket layer) or TLS (transport layer security) protocols are used to facilitate secure communications over HTTP. TLS is the newer technology and SSL is now seen less frequently because it is easier to hack. Whether using SSL or TLS though, it’s behind the scenes stuff. The user just sees https in the URL and assumes data going to and from your board will be transmitted securely.

Shared certificates

Hosts often provide a shared certificate you can use. As the name implies, the certificate is shared with others, generally all domains on the same server as the one that you are on. While this works, it is ugly. First, hosts will issue “self signed” certificates. Browsers will not trust self signed certificates and will ask users if they want to trust the certificate. You generally pick an “advanced” link in the browser and give your browser permission to trust the certificate. This obviously will not inspire confidence in users coming to your site. New users may simply opt out of coming to your board altogether, feeling it is untrustworthy.

Paid certificates

Web hosts will usually offer to sell you a certificate, generally for around $75/year. This is a convenient way to go if cost is not a concern. Some hosts will handle the logistics of integrating the certificate for you. Also, these certificates will be trusted by the browser, as they will come from a certificate authority the browser will recognize as trusted.

As you might expect there are various levels of certificates based on the level of trust you are willing to pay for. Higher class certificates require site owners to submit credentials to prove they own their domains and they are who they say they are. This is especially important in electronic commerce. Hence Amazon’s certificates will cost a lot more than any certificate you are likely to get. If you are doing electronic commerce on your site you might want to pay for a higher level certificate, which will require you providing credentials to the certificate authority. In most cases though boards simply need a low class certificate, enough so that the certificate is trusted by the browser by default.

Let’s Encrypt certificates

The hassle and cost of securing web traffic has become recognized as a general issue, leading to a project to make trusted certificates available for free. The Let’s Encrypt site will issue certificates for free that are recognized by all the major browsers. However, the certificates are only good for three months. Moreover, depending on your host, installing and renewing certificates can be a considerable hassle. For example, I use MediaTemple‘s Grid Service to host this site. It supports Let’s Encrypt, but it’s quite a pain to install and renew certificates. Other sites, like SiteGround, make it automatic. All things being equal, you might prefer a host that makes installing and renewing Let’s Encrypt certificates easy, especially if this is important to your site.

Configuring phpBB to use HTTPS

By default, phpBB assumes you will be using HTTP, not HTTPS. Once your certificate is installed and tested, it’s easy to change phpBB in the Administration Control Panel: ACP > General > Server configuration > Server settings. Then change server protocol from http:// to https:// and the server port from 80 to 443. What this does is change the links across the site.

Also, change your cookie settings to use a secure cookie: ACP  > General > Server configuration > Cookie settings.

Do you have a httpsdocs or ssl folder? You may want to move your web content into it.

It you normally place your web content into a httpdocs folder, check to see if there is also a httpsdocs folder. This is commonly set up for you if you use Plesk as a web host control panel. Content in the httpsdocs folder is served securely.

In some configurations, there is a public_html folder for web content and also a ssl folder for secure content. In this case you could move the content of the public_html folder into the ssl folder.

This is a one-time action. If you have lots of files, it may take a while to move all the content. If you have a file manager, this makes it easier, but be careful to get the paths just right! You might want to backup your site before attempting this.

Redirecting HTTP traffic to HTTPS

Even with a certificate installed it’s possible that you will get requests for board traffic using HTTP. You may want to make all HTTP traffic use HTTPS traffic instead. You can see what type of web server you are using the Administration Control Panel: ACP > General > Quick access > PHP Information. Scan for “Server API”.

These instructions will work if your web server is Apache. Edit your .htaccess file in your board (or to make it across the whole site, edit or create a .htaccess file in your web root) as follows. Place this code at or near the top of the file, changing mysite.com to your domain name:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.mysite.com/$1 [R,L]

If you use nginx, use these instructions. If you use Microsoft’s IIS, use these.