What is a Service Mesh?

Reading Time: < 1 minute

What is a Service Mesh?

Here’s the bottom line, a service mesh is a layer of communication and control between apps or microservices and the network stack they typically communicate over. That’s it. Simple.

A service mesh controls communication and helps any microservice share data with another. This service-to-service chatter is governed by logic built into the service mesh layer.

(Whoa whoa whoa. Microservices? Network stack? You might be asking, “Where can I find out what those are?” Don’t worry, we’ll get to those in another post. For now, if you don’t know, assume that microservices are small apps, partial apps, or individual functions, and the network stack is the physical networking layer.)

How is a Service Mesh Achieved?

Typically a service mesh is implemented via ‘sidecars‘ attached to every microservice on your network. The service mesh abstracts communication between microservices into these sidecars and the sidecars communicate with one another in a mesh topology.

Modern apps are smaller than their predecessors; as they’ve shrunk communication logic has been written into each app, microservice, function, etc. With one or two microservices, or maybe even a dozen, the communication logic generally isn’t difficult to deal with. At scale, or when you have hundreds of such apps, a service mesh can be thought of as ‘required’.

So, a service mesh is…

  • a layer of communication control between apps or microservices
  • the network stack they typically communicate over
  • abstracts communication and implements ‘sidecars’ with every microservice

 

Enabling Let’s Encrypt for AutoSSL on WHM based Servers

Reading Time: 2 minutes

With the recent release of cPanel & WHM version 58 there has been the addition of an AutoSSL feature, this tool can be used to automatically provide Domain Validated SSLs for domains on your WHM & cPanel servers.

Initially this feature was released with support provided for only cPanel (powered by Comodo) based SSL certificates, with the plans to support more providers as things progressed. As of now, cPanel & WHM servers running version 58.0.17, and above, can now also use Let’s Encrypt as an SSL provider. More information on Let’s Encrypt can be found here. Continue reading “Enabling Let’s Encrypt for AutoSSL on WHM based Servers”

Malware – How to Detect and Remove

Reading Time: 2 minutes

Maldet, a free popular malware scanning software for Linux servers, can be used to scan an entire server for potentially malicious files. Properly configured and monitored, it can even be used to disable or fully remove malware when it is detected. However, the removal of files should only be configured once you are certain no false positives will be picked up in the scans.

 

How to Install Maldet

To Install Maldet on your linux server copy and paste the following into the command lines. Maldet will then be pre-scheduled to run daily.

pushd /usr/local/src/
rm -vrf /usr/local/src/maldetect-*
rm -vrf /usr/local/src/linux-malware-detect*
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -zxvf maldetect-current.tar.gz
cd maldetect-*
sh ./install.sh
maldet --update-ver
#sed patch - commands added to address current problem with maldet overriding values in the conf file
sed -i 's/quarantine_hits=\"1\"/quarantine_hits=\"0\"/' /usr/local/maldetect/conf.maldet
sed -i 's/quarantine_clean=\"1\"/quarantine_clean=\"0\"/' /usr/local/maldetect/conf.maldet
sed -i 's/email_alert=\"1\"/email_alert=\"0\"/' /usr/local/maldetect/conf.maldet
sed -i 's/email_addr=\"you@domain.com\"/email_addr=\"\"/' /usr/local/maldetect/conf.maldet
#end sed patch
maldet --update
if [ -e /usr/local/cpanel/3rdparty/bin/clamscan ] then
ln -s /usr/local/cpanel/3rdparty/bin/clamscan /usr/bin/clamscan
ln -s /usr/local/cpanel/3rdparty/bin/freshclam /usr/bin/freshclam
if [ ! -d /var/lib/clamav ] then mkdir /var/lib/clamav
fi
ln -s /usr/local/cpanel/3rdparty/share/clamav/main.cld /var/lib/clamav/main.cld
ln -s /usr/local/cpanel/3rdparty/share/clamav/daily.cld /var/lib/clamav/daily.cld
ln -s /usr/local/cpanel/3rdparty/share/clamav/bytecode.cld /var/lib/clamav/bytecode.cld
else
echo -e "\n\e[31mClamAV does not appear to be installed through cPanel.\nThe ClamAV definitions will not be used.\e[39m\n"
fi
Popd

Scanning for Malware

Once you have completed the installation you will want to configure the scanning process. The configuration for maldet is located /usr/local/maldetect/conf.maldet. You will want to open the file with your favorite text editor such as vim or nano:

vim /usr/local/maldetect/conf.maldet
Once you are editing the file you will want to add your email address between the “ “ on the line email_addr=,  like so email_addr=“myemail@mydomain.tld”

You can also set up the scan to quarantine the malicious files it finds by changing the line quarantine_hits= from “0” to “1”, it should look like quarantine_hits=“1”. I would advise against this option as it can pick up legitimate code mistakenly. If the scan does mistakenly place a legitimate file into quarantine, you will need to move it back into place by using the following command template, replacing SCANID with the proper scan ID reported by maldet:

Maldet --restore {SCANID}
Once you have run the scan with quarantines for some time and you are confident that no safe files are being picked up, you may want to turn on removal of quarantined files in the same configuration /usr/local/maldetect/conf.maldet at the line quarantine_clean= from “0” to “1” , it should look like quarantine_clean=”1”. I would personally avoid this configuration option as it can always pick up new edits mistakenly and destroy your hard work.

Looking for pre-configured protection for servers and websites? Check out our wide security offerings that are sure to fit any of your security concerns!

Migrating Your DNS to Liquid Web

Reading Time: 2 minutes

In order to simplify your website management and to receive speedy DNS support, including restoration of website service during DDoS attacks, we recommend you move your website DNS name server records to Liquid Web. You will still have full control to add and modify your DNS records at any time.

There are two critical steps needed to move your DNS to Liquid Web.

Continue reading “Migrating Your DNS to Liquid Web”

Remove a Domain from our Email Hosting Service

Reading Time: 2 minutes

Our email hosting service takes the pain out of setting up email within a VPS.  You get your own space, separate from your VPS to do simple tasks like setting up a domain to have email.  If you haven’t already explored the features of our Premium Business Email, we offer robust services like Microsoft Exchange that over up to 1TB worth of space!  Alternatively, if you are looking for something smaller, our Standard and Plus mail service may fit your needs with 25 GB worth of space. Check out how straightforward it is to delete a domain from our user-friendly control panel.

Continue reading “Remove a Domain from our Email Hosting Service”

What is mod_deflate?

Reading Time: 3 minutes

How mod_deflate works

When a visitor accesses a website, a request is made to the web server for a specific kind of data. An example might be a home page of a site. Next, the web server locates that data and delivers it to the client who is requesting that data – basically back to the web browser.

In this example, the speed at which the home page loads can depend on a variety of factors. One of them could be how long it takes to find and deliver the data for that page. This is just one example.

Some of that data – such as javascript files, css files, and php files – can actually be compressed into smaller sizes before they are delivered back to the visiting client or browser at the smaller size. The visitor can now have a more optimized browsing experience.

This is where mod_deflate comes in.

Continue reading “What is mod_deflate?”

Liquid Web Reseller Criteria

Reading Time: 2 minutes

Our Resellers are required to:

  • Maintain the Billing and Support Relationship with their Customer
  • Comply with Liquid Web ToS

A Reseller is required to provide customer service and technical support to each of the end customers procured by the Reseller (including Sub-Resellers). The Reseller may escalate to technical support only if the Reseller is unable to resolve the matter through Reseller’s own technical support, Liquid Web’s Manage Portal, the Control Panel(s) or other online capabilities provided by Liquid Web to Reseller (help desk, etc.).

Technical support provided by the Reseller includes the handling of common tasks around creation, removal and modification options in the control panel(s); including but not limited to:

  • Account Management
  • FTP Users Management
  • Email Support
  • SSL Support
  • DNS Support
  • Databases, and Database Users Support
  • Basic firewall management including removing IP blocks and individual client side FTP or mail client issues

Liquid Web is happy to provide our Resellers a walkthrough of more advanced capabilities of our Manage Portal and/or Control Panel(s) as needed. Liquid Web does not provide support for website development or maintenance. For our Resellers using cPanel, we also provide WHMCS at no additional cost to provide you with tools that assist in account creation/management, billing, and even support for your clients. This will include a free unbranded WHMCS license as well as access to our Liquid Web Plugin for easy reselling of our Cloud Products. Our team will be happy to help with the base installation of WHMCS as well as the plugin and upon request can provide a one on one session to go through initial setup questions to enable you to provide your clients with the best experience possible.

Liquid Web is under no obligation to provide support to the Reseller end customer (customer procured by Reseller). If Liquid Web receives communications from Customers or from third parties regarding any Services procured through the Reseller, Liquid Web may forward such communications to Reseller without taking any other action. However, Liquid Web reserves the right to respond to such communications directly and to take any action Liquid Web deems necessary. If Liquid Web determines that Reseller is providing inadequate support to Customers or Sub-Resellers (including, but not limited to, situations resulting in excessive numbers of support calls directly from Customers or Sub-Resellers to Liquid Web), then Liquid Web may, at its sole discretion, terminate this Agreement for cause or charge Reseller for said services at market rates.

A Customer will remain at all times the customer of Reseller unless the Customer subscribes for or otherwise approaches Liquid Web, or anyone of Liquid Web’s other resellers, for Services without any solicitation from Liquid Web. Upon such subscription for Services, the Customer will become a customer of Liquid Web or one of Liquid Web’s other resellers, as applicable. Under no circumstances will Liquid Web be obligated to intervene in any dispute of any nature between Reseller and a Customer.

How to Use a Remote Desktop

Reading Time: 2 minutes

Remote Desktop Protocol or RDP provides access to your Windows Server’s operating system from your desktop, workstation machine, mobile device or laptop. The connection to your server will be encrypted and it offers some enhancements that allow you to attach local drives and devices.

Most modern Operating Systems have support for Remote Desktop. A Remote Desktop Client made by Microsoft is available in the Apple Appstore, the MacOS store, Google Play, the Chrome Web Store for ChromeOS and of course in the Windows Store. On Linux you may need to download a 3rd party option such as RDesktop or FreeRDP which you can get through a repository or it will be pre-installed on some distro’s.

Continue reading “How to Use a Remote Desktop”

Configuring and Troubleshooting WHMCS Crons

Reading Time: 3 minutes

Over the years WHMCS has made some changes to where it stores certain directories, specifically directories outside of public_html. The goal of this is to increase overall security by moving sensitive files to a more protected location. While this change does help to improve WHMCS security, it also adds a few steps of complexity.

This article is meant to help simplify this complexity, or at least provide a reference configuration that you can use to troubleshoot cron issues, or gain a better understanding of WHMCS crons in general. I used WHMCS 7.3 for this article, but the general concept and instructions should apply for any 7.0 version of WHMCS.
Continue reading “Configuring and Troubleshooting WHMCS Crons”