I have been administering Windows hosting servers for over 7 years now and one thing that really made me angry is the lack of BASIC security features in Microsoft’s FTP server.
Blocking the IP addresses based on the number of failed login is an ESSENTIAL feature for any FTP server, but it seems Microsoft doesn’t care about that ( until IIS 8 )
I swear, when I come to power, I will make that feature obligatory to every FTP server on the market, so…when it comes to that, vote for me!
Since I am seeing increasing numbers of brute force attacks in general ( FTP, email servers, application logins, etc… ) we had to come up with some solution that would harden our FTP servers.
I wrote a Powershell script that processes the FTP log file and if it detects over 50 failed logins from a particular IP address, it adds an “Deny” entry it in “FTP IPv4 Address and Domain Restrictions” . (Read More »)
First of all, you need to know that this project will be described in two or three posts, since there is a lot of stuff to cover.
In this first, introductory post, I will only give you rough details of the modifications we did, and most important, why we did them in the first place.
Since the new version of Websitepanel 2.0 has been crippled ( specifying the number of domain aliases and the drop of support for Windows Server 2003 /IIS6/SQL 2005 ) we have decided to implement the support for Windows 2012 and SQL 2012 into the currently avaiable 1.2.1 version.
I am aware that this change puts us out of WebsitePanel’s update roadmap, but since I honestly don’t like where the project is going, I don’t see it as a big problem since we are using it only for our shared hosting customers which only user IIS, SQL, FTP and email services. We have no need for OCS, Dynamics, Sharepoint, etc…
This modification is something we just had to do in order to give our customers features they are already used to have, but at the same time giving us and our customers access to the newest features of IIS8 and MSSQL 2012 while still maintaining a single control point, aka central management system for all of your Windows 2003/R2, Windows 2008/R2 and Windows 2012 servers.
To get the idea of what exactly I am talking about, have a look at these posts:
This is a rough list of modifications we had to do:
1. Modify the operating system provider
2. Modifying the web server provider
3. Modifying the FTP server provider
4. Modifying the MSSQL server provider
Second layer is adding the new providers to the Websitepanel database
Third and the most complicated layer( atleast for me ) is the modification of the Websitepanel Portal in order to have SQL server 2012 listed. Please note that we didn’t ADD the new entries for SQL Server 2012, but we have just modified the SQL server 2000 entries. We could do that because we were not using SQL server 2000. If you are using it, you will need to add new entries to the Websitepanel Portal code.
Since we were adding new entries to the database manually, through SQL Server Management Studio, I don’t have the “magic” query you could just run on your database and have everything installed. Sorry for that :/
Please note that we have our modified version of Websitepanel 1.2.1 already in production and it is being used by our shared hosting users.( Plus hosting – www.plus.hr )
Bye bye for now, see you again in a couple of days with the post nr.2
If you need the modified DLL files right now, feel free to drop me an email using the contact form on the top left corner of the website.
Here you can download the files for fixing mysql issues ( deleting database ) on WSP 188.8.131.52, 1.0.2 , 1.1.0, 1.1.2, 1.2.0 AND 1.2.1
Replace “websitepanel.providers.database.mysql.dll” file in “server\bin” folder with the one you downloaded. These fixes fixed my problem on all servers EXCEPT the one running mysql 5.0.27 version….ones runing 5.1 and 5.0.77 works fine. I Will update if I get this solved too…
Currently I am getting this error on 5.0.27 server: ERROR: ‘MySQL Server 5.0′ DeleteDatabase System.Data.EvaluateException: Cannot perform ‘=’ operation on System.Byte and System.String.
Yeah yeah, I know you can do snapshots using HyperV,but…snapshots suck! Why? Machine performance degrades with every snapshot you add and snapshots ARE NOT backups!!! Dont make me start talking about the time when you need to turn off that machine; does “Merging…” sound familiar? Yeah, I hate Merging too!
Recently I was given a chance to test the new beta version of Altaro Hyper-V backup. I downloaded the BETA 1 version and installed it on one of my HyperV machines.
Installation was pretty straight forward and I am sure that anyone can do it! It basically consists of typical “Next”, “Next” and “Finish” steps.
New features, compared to the old version ( more details about the old version can be seen here) are:
- Windows Server 2012 Support, including support for VHDX files.
- Windows 2012: support for backup and restore of VMs located on network paths.
- Windows 2012: support for Volume Shadow Copies of SMB3.0 network paths.
- Windows 2012: support for CSV3.0 and scale-out CSV file shares.
- New and improved Metro-Style Interface ( maybe we need to call it “Windows 8 style UI” )
Among the new stuff, there was room for some other fixes and improvements:
- Link to error reporter from Management Console.
- Extra verification checks in Reverse Delta algorithm.
- Improved free-space calculation (Backup no longer checks for full size of VM in free space).
- Many more improvements and bug fixes under the hood.
After starting the software we are greeted with a slick dashboard that provides almost all neccesary information you need to know about your backups. List of most latest backups, Restore history, Error log, and a graph showing your disk space usage.
For me, most amazing features that I need to point out are:
Restore Clones – restore VMs to the same Hyper-V Host but with a different name. Restore to different Hyper-V host File Level Restore ( one of my favourite features! ) Mount backed up VHDs & restore files without having to restore a whole VM. Back up crash consistent Linux VMs without shutting down the machine. FireDrill Restore Tests ( safety first!)
Altaro Hyper-V backup comes in three editions: a free edition that can backup two virtual machines, standard edition that supports five virtual machines and unlocks some of advanced features, and an ultimate edition that protects an unlimited number of virtual machines on a host and adds centralized support for a cluster.
I must admit that I had some skepticism in the beginning ( I think all sys-admins are sceptics by design :) ), so I scheduled every possible notification to be sent to my email address. After a week or so, I turned off all notifications beside the one that sends an email if a backup fails. WHY? Lets me put it this way: Fire and forget!This thing just works!
Even though Altaro is a relatively young company ( founded in 2009 ), list od their clients is pretty impressive (over 8000 of them!): University of Harvard, New Zealand Defence Force, Mitsubishi Polyester Film, Swedish Defence Research Agency and many, many others.
At the moment of writing this post, I have the software running for 2 months now and there was no single glitch at all! I wish I could say that for other software we normally use…I cant say its name, but it starts with “R1″ and ends with “Soft”
Another thing that impressed me is the speed that the backups are being made! Initial replica of 30,22 GB virtual machine took only 24 minutes! I didnt get that speed with any other backup solutions!
Enough talk, lets see this thing in action, shall we!?
Like I said, the speed of backup is amazing! 4 minutes for 700 MB of data!
As a system administrator, there are some features that I would like to have in next version:
- web based interface where users can restore their VM on their own ( without bothering the system administrator )
- multiple user roles ( Administrator, operator and user )
- backups of physical machines ( I know the software is called HYPER-V backup, but adding this new feature could really transform it in the perfect backup solution for Windows )
- integration with Websitepanel or some other control panel ( primary for File Level restore )
With those aditions, I would seriously consider ditching our existing backup solution and replacing it with Altaro Hyper-V backup.
Altaro are also giving away two free Nexus 7’s to testers of their Hyper-V backup for Win 2012 beta. Check out all the details here.
Final verdict : 9/10 ( I got annoyed by the popup screen when you click on an option that isn’t avaiable in the currently registered version )