Hosting FAQ

Started by praktik_man, Sep 13, 2022, 08:48 AM

Previous topic - Next topic

praktik_manTopic starter

 Is it possible to DDoS yourself from your VDS hosting?

Five minutes is possible, and then the protection will work and isolate the server. Basic protection is configured simply for atypical activity, more complex DDoS protection is an additional option for us. Basic protection does not save you, it saves the others on the web hosting, who could be affected by an attack on you.

— And how will you understand that that is DDoS if you don't have to climb inside the virtual machine?

We don't see anything beyond the guest OS, except for one exception. Well, an experienced user can completely encrypt his VM and not store keys on it if he does not believe that statement. Therefore, the wording "do not drown the rest of the web  hosting clients in our communal apartment" in the offer is quite broad and with obvious reinsurance. In practice, mining protection can block heavy computing, spam protection — mailing to the client base, DDoS protection — some kind of heavy parsing. If you know that this can happen or if it has already happened, the support responds within 15 minutes. Please note that sometimes that requires an explanation of the purpose of the activity or its technical implementation, which may not be very consistent with the desired privacy. But these are the features of all VDS-ball.

— And what is the exception when you can climb inside the client's VM?

This is a direct authorized appeal to support with a request to fix something inside the VM and an explicit transfer of the right to look inside at the time of solving the problem. This is often used by not very experienced users (not admins).

— Can there be other reasons to get on the client's VM?

Can: that is a Microsoft audit, but again through an access request from us from the client. Under the license agreement with MS, she has the right to have access to all the machines where her products are located at any time. In the case of the US jurisdiction, we are talking about permanent online access without a request. In our case, that is implemented through a system of on-demand audits.
That is, someone knocks on you that you have a pirate office, MS sends a request to us, we send a request to you, you have a couple of days to delete confidential data from the VM, then transfer accesses, then an audit is conducted there in search of a pirate office and other pirated MS software. Given that we live in the real world, MS usually find a pristine car there. Everyone understands everything, but sometimes there are users who did not know that it is impossible to use desktop keys on a VM without special SPLA conversion. The alternative to audit is denial of service.

— Is it possible to encrypt a VM in such a way that, having access to the memory of a virtual machine, it was impossible to get the encryption key?

The short answer is: it is practically possible. A more complex answer: as everywhere in law or information security, there is no 100% probability in principle. There is a question of effort expended and skill versus effort expended to obtain data. In practice, to access the RAM of the machine and listen to all its traffic, you need to install a special device in the gap between the server and the rack switch.
Obtaining permission for such a device is a very long and unpleasant procedure for the authorities. We had that once, and there was talk about the possible mass distribution of drugs on a particularly large scale. In smaller cases, the authorities prefer other, let's say, non-traditional methods. A post with this story.

— Are they trying to mine Chia or other crypts tied not to the CPU, but to disks, for instance? Do you also detect and stop this automatically?

Yes. Usually, atypical disk activity is associated with incoming or outgoing DDoS, so mining of that type of crypt will fall under basic protection.

— If you rent a server with a large disk and immediately start pouring a large backup there, will this be a regular use, or will the security systems strigger on it and limit everything?

Strigger not immediately. For instance, the first 20 GB will pass normally, then the strip will be cut, and if the aggressive w/r 90/10 continues, then it will already be cut. If you warn support in advance or after applying protection, you can continue. I remind you that the point of all these actions is not to not give the hosting client resources, but to ensure that web hosting client does not affect the rest. Since we can only focus on indirect signs, that is a rather difficult question.

— Is it even normal to compress patch cords with handles in data centers?

Yes, we compressed the first patch cords manually for our first data center, and then brought them to the second and third. In the photo from the data center in the bomb shelter, you saw them. Those golden days are long gone, and we don't do that anymore.

The logic is that RCN-approved VPNs should maintain the same blacklist as providers without VPNs. If you connect from that VPN to another unknown RCN, then the logic of the whole action is unclear if you can immediately connect to an unknown VPN. Unless only not to burn down his addresses.

— Is it possible to watch pоrn with horses from work via VDS so that the admin does not notice?

The short answer is: you can. He will see traffic only before VDS web hosting, and that is one of the frequent reasons for renting VDS. Not necessarily with horses, but something that should not remain in the company logs. But at the same time, if you have a paranoid admin, there is a chance that there is a tool on your corporate computer that takes a screenshot every 10 minutes or even an interceptor of keystrokes. This happens rarely, but it happens.


Each client chooses for himself what is more convenient for him.
For instance, a miner has a bunch of asics, he has worked out all the energy limit available in the house, in the country, in the office, and any kettle (without quotes kettle) cuts down the wiring, with all the ensuing consequences. Such a client carries the equipment to the mining hotel in the data center, where there is enough electricity with a reserve for a hundred miners.

Further, there is a client and repair area in the DC, where engineers can come and do something with their own hands, which many companies actually use. Some hosting providers have round-the-clock access to their hardware, which is also appreciated. Therefore, a local data center is indispensable in some cases. Although in no case do I blame the foreign placement, since some countries are unfortunately not in the first place in the rating of the absence of risks in the field of data storage.


The average server uses a CPU of 5-10 percent or even lower. For a huge variety of load types, only the amount of RAM is a resource. It is logical to assume the existence of tariff plans and service providers with a 1:10 processor oversubscription at least, or even more.
In addition, if the cloud is dynamic, and supports automatic relocation of virtual machines, at least 1:100. Why write about it as a sin of some kind? It is logical, on the other hand, the existence of another type of (more expensive) tariff plans — without oversubscription. Actually, a special case will be renting a dedicated server — all the resources are yours, just pay.


As a colleague wrote to me, they say, consider it not as 2 cores, but 'up to 2 cores'. Well, if there was such a formulation, I would not have a question.
Well, the fact that the market is highly competitive, I agree, I disagree, which gives the moral right to deceive.
It is necessary to better describe the services offered - the market is not only highly competitive, but also large, it seems to me that there will be a buyer for any type of services. Of course, if the service is honestly told.

$7 a year is great, it's probably OpenVZ. It's more likely from $7 a month, plus an installation payment (and then a whiff of the past decade). In short, the prices are not dumping, the difference is an order of magnitude.
And in the case of a virtual machine for $1, I can still forgive this behavior, although I do not approve, then for $7 / month (1 core, 512 meters of RAM, 10 GB of storage) it seems to me that this is a squared-off rascality that cannot be justified.


I will share my top hosting sites that I use to this day:

Bluehost – hosting #1 in the world
Hostgator – powerful hosting for any websites – the best hosting for business websites