Hosting

Cost for bulk uploading to Microsoft’s Exchange Hosted Archive

As part of our investigations into hosting mail online using Microsoft Exchange Hosted services I have spent several hours on the phone with several companies to obtain prices and quotes. A couple of companies are out of the running as they didn’t bother to return my calls and although Microsoft were helpful, they just did not get it.
One of their offerings is email archiving. Every email sent and received, both internally and internally is copied to the archive service which is then searchable for ediscovery or just in case you can’t find that one email you know you received way back when. The only downside with this is the old email currently sitting on the exchange server that would not be searchable. However according to the Buy Microsoft Exchange hosted Services, “”You may bring historical data into the archive for a one-time charge, which is priced per GB”
As you can purchase the standard archive service from Microsoft and the same page contains prices for this service, it makes sense that Microsoft would be able to provide costs for this data import. About 2 hours on the phone later I realised that Microsoft unfortunately do not have a clue and nobody was able to give me a straight answer or even a ballpark figure. I was bounced around to several departments until eventually someone said that this service is purchased through the reseller channel. This doesn’t really make sense as the BPOS service itself can basically be purchased direct so why not the data import?
Our reseller is Ingram Micro, but their price list is only available to people with an account – useless for a tech like me who is trying to get some data together. However, CDW came to the rescue and this service is available by purchasing the “Microsoft Exchange Hosted Archive Historical Data Load at a cost of $60 per user (not per GB as in the original Microsoft documentation). The part number is 74P-00053. If you have an Enterprise Select agreement the part number is 74P-0059 but the price is still the same.

I’m not sure why Microsoft can’t give this price in the original web page and say to contact your normal reseller for more information.
Once the order has been placed there are more hoops to go through to get the data sent to Microsoft. The data can apparently be ftp’d to Microsoft – I’m hoping this is actually secure ftp – but as most users are going to have many Mb’s or Gb’s of data the normal scenario is to put the data onto a USB drive. I was pleased and also surprised to see they support Truecrypt. For more details of the process, continue to read the rest of the entry.

Geocities recovered at reocities.com

I’ve talked before about geocities closing down but now most of the geocities content (about 2million accounts) has been backed up and restored at reocities.com. The making of webpage makes interesting reading – the guy doing the mirror obviously has some serious network bandwidth and hard disk space available (although the latter is cheap nowadays!).

My old website is there at Hollywood/1880

Thanks to jmattheij for doing all the hard work.

Retrieving Geocities data for local storage

Remember Geocities? Many years ago I had a website with geocities and that is how I first learnt to code html. I remember the days of trying to get the grey background just right – the white background used to be the default colour but all the cool pages had grey backgrounds – just shows how much has changed.

Anyway, Yahoo is now finally shutting down geocities – there’s about a week left before they pull the plug, so if you haven’t downloaded your site yet then hurry up.  Unfortunately they turned off ftp access to the server a long long time ago and the recommended (and painful) way is to visit each page and do a view source and save the file.

The much easier way is to download wget (if you don’t already have it) and then retrieve your files by running wget with a variety of switches.

The two syntax’s I’d recommend are

“wget –p –r http://www.geocities.com/Hollywood/1880 –include-directories=/Hollywood/1880 –k “

or without the –k option.

The –p option retrieves all files required to display the page, –r gets the specified page and everything in it, but we’re limiting to all files within the 1880 directory only – this way you don’t start downloading all the files from other sites that you linked to (and the whole internet).

The –k option changes the source of the web page so that links refer to pages on the local drive as opposed to linking to pages on the web.

I would recommend you download the site twice into different subdirectories – one with the –k and the other without so you have a record of your original code and a working directory locally too.

And yes, the Hollywood1880 site is mine from about 1994-1997

Also don’t forget that dreamhost are still doing their two years of free hosting  for former geocities customers so you can move your site to them for free but you have less than a week to get this done.

Comment searching disabled.

Unfortunately I’ve had to disable the ability to search the comments on this blog as apparently the script was using up too much memory. I ran a search this afternoon and ended up with the generic 500 Server error page. Looking through the error log (which can be found in ~/logs/errors/domain name/http/error.log for dreamhost users) I found that mt search page was being killed before completing but only if I used the SearchElement=both on the absoblogginlutely blog (the other blogs are fine). I must admit I am a bit surprised at that as I only have 3103 posts and 1446 comments so I wouldn’t have thought this would put *that* much strain on a server. Dreamhost just said that I was “using too much memory” and to check the MovableType forums for support 🙁 I did a quick search and that recommended fastsearch, but this doesn’t support searching comments either, so for the time being the search will only do the content (although interestingly I can search with no errors from the admin interface).

Hopefully this won’t be the same in MovableType4 which I might get around to upgrading too one day.

Update The feature is back – after clearing out the junk comments the feature started working again.

The dangers of shared hosting!

I received the following email from dreamhost this morning which is not good news. Although I was one of the account affected, I’ve been able to login ok and it looks like everything was untouched on my account.

This email is regarding a potential security concern related to your
‘xxxxxxx’ FTP account.
We have detected what appears to be the exploit of a number of accounts belonging to DreamHost customers, and it appears that your account was one of those affected.
We’re still working to determine how this occurred, but it appears that a 3rd party found a way to obtain the password information associated with approximately 3,500 separate FTP accounts and has used that information to append data to the index files of customer sites using automated scripts (primarily for search engine optimization purposes).
Our records indicate that only roughly 20% of the accounts accessed – less than 0.15% of the total accounts that we host – actually had any changes made to them. Most accounts were untouched.
We ask that you do the following as soon as possible:
1. Immediately change your FTP password, as well as that of any other accounts that may share the same password. We recommend the use of passwords containing 8 or more random letters and numbers. You may change your FTP password from the web panel (“Users” section, “Manage Users” sub-section).
2. Review your hosted accounts/sites and ensure that nothing has been uploaded or changed that you did not do yourself. Many of the unauthorized logins did not result in changes at all (the intruder logged in, obtained a directory listing and quickly logged back out) but to be sure you should carefully review the full contents of your account.
Again, only about 20% of the exploited accounts showed any modifications, and of those the only known changes have been to site index documents (ie. ‘index.php’, ‘index.html’, etc – though we recommend looking for other changes as well).
It appears that the same intruder also attempted to gain direct access to our internal customer information database, but this was thwarted by protections we have in place to prevent such access.Similarly, we have seen no indication that the intruder accessed other customer account services such as email or MySQL databases.In the last 24 hours we have made numerous significant behind-the-scenes changes to improve internal security, including the discovery and patching to prevent a handful of possible exploits.
We will, of course, continue to investigate the source of this particular security breach and keep customers apprised of what we find. Once we learn more, we will be sure to post updates as they become available to our status weblog: http://www.dreamhoststatus.com/
Thank you for your patience. If you have any questions or concerns, please let us know.
– DreamHost Security Team

Website has now moved

If you can read this, then absoblogginlutely.net (and all my other domains) are now moved to a different host. It’s taken a while with each host being moved across at a time, with the last one being absoblogginlutely.net I wasn’t looking forward to it as there is a lot of customisation and tweaks in the background that I’ve done to the site. The actual process wasn’t too bad, the complicated bit is the testing to ensure that the new site works whilst keeping the old site active at the same time AND remembering what changes have been made to the old site and replicating them on the new one. MT posts, were simple enough, I just reposted them back to this blog again. I did testing by setting the dns on one pc to the new dns servers on the new hosting company and used that to test whilst keeping another pc on the standard dns to ensure normal internet connectivity. Hopefully it all moved across ok. For those people that are hosting stuff on my site, give me a shout if you can’t get anything to work and for those of you who have read this far, let me know too if there is anything you find that is broken.

funky mail and hosting?

If you notice anything funky with emails or hosting, please let me know via a comment on this site (or at my flickr account as I am moving hosts this week. First up is the helsby.net domain. The website (what little there is) was moved yesterday and emails setup on the main server for the appropriate mail forwarding and I flicked the dns switch just now. This should really only affect emails to Kristen and I as the website is not really used (at the moment)
After that I will be moving this absoblogginlutely.net domain – that is going to be a lot more complicated due to sql servers, MovableType installations, redirection of subdomains, ftp accounts and what not. The good news is that I won’t need to pay more for hosting for the next two years and by this switch of hosts I’ll be consolidating the various payments made to various companies for hosting and domain registration.

AWstats access without using hosting login

Danny wanted the ability to have stats for his subdomain so he can see where visitors were coming from. However the stats program that he used to use started to generate popups when the website was visited. I was not happy with this so the script was disabled. By following the instructions at AWStats Access I was able to provide him a url, username and password so that he could access stats for his website without having to provide him the control panel username and password. As he doesn’t have ftp access to the directory the stats program is loaded, it is secure from the end user downloading the control panel password. (I hope!). I’ve also renamed and edited the couple of files to ensure that the filenames are not common to avoid any guesswork and file inclusion via any vulnerable xss scripts that could occur.

Back at last!

We’re back! My site was closed sometime last week as the server it was hosted on was having resource issues. I was offered a move to a new server and unfortunately the flat web pages got moved across but the sql database backend didn’t. It’s now been fixed and we’re live again. Expect a couple of posts from me as I catch up on my blogging from the past couple of days.
Now I’m off to ensure I have a REALLY good sql backup of my data – for some reason my control panel backup didn’t include a valid copy of my mysql databases.