Visit our Movember team page to join our team, see our latest progress and donate to a great cause.

http://us.movember.com/team/1518917

At the end of the Challenge, we will collectively vote on the best Movember stache from our team and award a prize to the winner!

The post Xfernet is taking part in the Movember Challenge! appeared first on Xfernet.

Xfernet, a leading provider of cloud hosting and hosting services in Los Angeles, is proud to announce that they will be an exhibitor at the upcoming Los Angeles Small Business Expo on Thursday, November 6, 2014 at the California Market Center in Downtown Los Angeles. In addition to their ActiveGrid Cloud Services, Xfernet will be showcasing their innovative ActiveBC service, which brings affordable Business Continuity as a Service to the SMB market.

“We are excited to bring to market an innovative enterprise-level solution that is affordable for small and medium sized businesses,” says Aaron Faby, CTO of Xfernet. “By combining best of breed technologies into a multi-layered business continuity solution, ActiveBC can protect against a broader range of failures.”

The Los Angeles Small Business Expo is an event free to the public that focuses on the small and medium business community in the Los Angeles area. Xfernet will be exhibiting at booth #1716. Information and free registration can be found at the Small Business Expo website: http://www.thesmallbusinessexpo.com/los-angeles/

About Xfernet:
Founded in 1998 with headquarters in Los Angeles, California, Xfernet is a leading provider of cloud-based solutions, delivering enterprise level services to businesses of all sizes worldwide. Xfernet’s solutions include Cloud Servers, Private Clouds, Managed Hosting, Business Continuity Solutions and PremierCDN, an EdgeCast-powered premium Content Delivery Network (CDN) Service. Xfernet is also a veteran provider of traditional hosting solutions such as colocation, dedicated servers, and managed network infrastructure. Utilizing fully redundant network infrastructure across geographically dispersed data center facilities and leveraging best in class technologies, Xfernet delivers unmatched uptime and performance. For more information, visit www.xfernet.com.

The post Xfernet To Showcase Affordable Business Continuity Solutions At The Los Angeles Small Business Expo appeared first on Xfernet.

As a webhosting and website design specialist, I have been helping businesses run their websites using WordPress since 2005. With so many themes and plug-ins available, the possibilities for creating a unique website are endless. Even my 65 year old mother uses WordPress to blog about her latest recipe or vacation experience.

With the popularity of WordPress comes a darker side. WordPress is also one of the most vulnerable platforms to hacking and attacks. In most weeks, a new vulnerability is discovered and exploited, rendering websites and the servers they run on, unusable. More importantly, these vulnerabilities can also expose personal information about yourself and your websites visitors. This is why it’s so very important to diligently update your WordPress installation as new updates come available.

The Error
I recently had a customer come to me with an issue updating her install of WordPress to the latest and greatest version. She had recently changed to a new web hosting company, and like so many other WordPress Users, she was trying to use the “one-click update” tool available in the WordPress administration dashboard. The error she received was…

“The update cannot be installed because we will be unable to copy some files. This is usually due to inconsistent file permissions.: wp-admin/includes/update-core.php
Installation Failed”

She had three so-called “competent” WordPress consultants try to figure out why this error was being displayed. None could figure out a solution to get WordPress to update properly. Personally, I was shocked that so many years of combined experience couldn’t fix a simple WordPress update error. Or was it so simple?

The “Try This!” Mentality
With so many others using WordPress, you have to figure that this is not the first time someone has encountered this error. A quick Google search of this error returns over 100 results. Diving right in, it was apparent that this error had something to do with File and Directory permissions. As I read through the experiences of other WordPress users, it occurred to me that the “try this” mentality was not the best way to handle the issue. Sometimes the suggestion would fix the problem, but more often than not, it wouldn’t. And there was always another “try this” recommendation as another potential fix. I wondered, with each failed attempt to fix the issue was tried, did the user back out of the changes that he/she just made? Or maybe each attempt was compounded on top of the last? No wonder some WordPress installs have such screwed up permissions.

The “One-Click Update” Skinny
My search finally lead me to a document in the WordPress codex that finally explained why “one-click updates” was encountering errors. Combined with some of the other interesting experiences I read about, things finally made sense. According to WordPress documentation…

“One-click updates work on most servers. Here’s the technical criteria for what must be satisfied:

(b) file permissions: all of your WordPress files must be either owner writable by, or group writable by, the user under which your Apache server executes.

If you are not a technical person, let me break this down in a way that will hopefully make sense. Basically, it has to do with permissions (who can read and write to these files) and who “owns” the files.

Most people host their WordPress blogs and websites with a web host in a shared environment, or also called shared hosting. This means your website and as many a few hundred other websites are all hosted on the same server. In order to help keep each website secure from the others, the files and directories for each site are owned by the Admin user of the site. When you upload files to your website using FTP, it’s typically done using this user account. For example purposes, we’ll use “wpuser1”.

Each server runs a Web Server application. For example, Apache is used for Linux-based Servers. Apache is just one component running on this server, along with maybe a Database and Mail application, amongst others. Each one of these applications needs a User Account to interact with the rest of the system. In the case of the Apache application, this user is commonly named “apache”, “web”, “www”, “nobody”, or anything else. The most common is “Apache”.

The “one-click update” for WordPress relies on the web server user (In our case: Apache) to handle the file updates. This is where the problem resides. The Apache user is trying to update, or write to, files that it does not own. You could change the ownership of the WordPress files to the same User that the web server uses, but this is not recommended. According to WordPress…

On shared hosts, WordPress files should specifically NOT be owned by the web server.

Allowing a general User such as Apache to have write capability to YOUR files gives someone who knows what they are doing the ability to potentially access your site with nefarious intentions. Most successful hacks attempts are done through the vulnerabilities between the application (WordPress) and/or the web server/web server user. There’s a reason why your files are owned by your User account with specific permissions.

Additionally, you could change the permission level of the WordPress files and directory structure to a level that is writable by the Apache user, but this also creates major security concerns.

If you can update your WordPress with the “One-click Update” feature, be aware that your file and directory permissions and/or ownership may be inconsistent. Your permissions and ownership should be checked immediately to confirm you do not have potential vulnerabilities.

So you ask, What is the answer?
The answer is doing a Manual Update. This is by far the safest and most secure way to update your WordPress. Is it the easiest or fastest way? No. But it will make sure that WordPress gets updated without having to change the permissions or the ownership of files and directories.

Manual updates should always be done by a competent person that knows what they are doing.

**NOTE** Always remember to make a current backup of your site before doing any major WordPress updates. Just in case something goes wrong, you will be able to restore your site to a point prior to the failed update.

The following WordPress article explains everything about updating WordPress. It also includes the steps for manual updating. http://codex.wordpress.org/Updating_WordPress

If you need a competent person to design, update, support, maintain, install or host WordPress for you, contact me, randyn@xfernet.net. I’ll be happy to work with you.

The post WordPress One-Click Updates – Potentially Disastrous! appeared first on Xfernet.

http://xfernet.net/files/onapp/export-roles.sh.gz

How To Use The Script

Note: It is recommended that you perform this import before adding any additional roles through the web interface on the new OnApp Control Panel Server to avoid any conflicting role IDs.

The script is completely menu driven, so all you need to do is execute the script and answer the questions. After executing the script, it will display the database connection information that it will be using. This is read from /onapp/interface/config/database.yml:

sh export-roles.sh 
Using database configuration:
Database: onapp
Username: *****
Password: **********

Continue (y/n)? y

The script will now iterate through the roles in the database table and prompt if you would like to export each one:

Export role Administrator? n
Skipping Administrator

Export role User? n
Skipping User

Export role Customer? y
Adding Customer to export list

Next, the script will display which roles are to be exported. You will be asked to supply a filename to dump the SQL to. If you enter a filename that already exists, the script will exit.

Enter dump file name: test.sql
Dumping SQL to test.sql
Dumping SQL for Customer
Dumping SQL for Customer permissions
Export complete.

Lastly, you need to transfer the dump file to the new CP server and import with the mysql command:

mysql -u user -p onapp < test.sql

The roles should now be visible on the new OnApp Control Panel Server.

The post Transferring Roles Between OnApp Clouds appeared first on Xfernet.

While very few things last 18 years in technology, the relics that we still use from those bygone eras are very well defined and leave little room for interpretation. Sure, things can change and slight modifications can be made over time as we discover new and better ways of implementing technology. However, cloud computing is still suffering from an identity crisis after all these years and if you ask 10 different people what it means you can (and usually will) get 10 different answers.

The type of cloud computing that seems to suffer the most from this confusion is infrastructure as-a-service (IaaS). IaaS is simply a large pool of computing resources with which users can dynamically provision virtual machines to host their applications. Seems simple enough, right? So where does all the confusion come from?

Blame the hosting industry.

When it comes to cloud computing, there are literally dozens of different platforms that hosting providers can choose to implement. Some of the more well known are VMWare, OpenStack, and OnApp. While most of these cloud computing platforms are very similar with regards to core functionality, they can have wildly different feature sets. Since everyone wants to be a “cloud” provider these days, they have to create their own definition of cloud that conforms to the features of the platform that they chose to implement. You can probably begin to see how this becomes problematic. Add to this the fact that there is no standard definition that specifies which features must be included to be considered a true cloud computing platform, and we start to have a real mess on our hands.

I won’t be analyzing the entire list of possible cloud features in this article. Instead I want to focus on one feature that I think should be required for any cloud platform: redundancy.

One of the compelling things about cloud computing is that it abstracts the physical hardware to the point where it becomes almost irrelevant. The user doesn’t know anything about the physical hardware that powers the cloud platform they are using, and they shouldn’t need to. From the service provider’s perspective, we can forgo having to spend exorbitant amounts of money on expensive and specialized hardware and can build well-performing and redundant clouds using cheaper commodity hardware. It’s a win-win for everybody.

In a redundant environment, the cloud platform insulates the user from downtime by automatically detecting the failure of a physical machine and migrating the virtual machines that were running on it to another healthy server in that cloud. The user’s website continues to sell autographed Justin Bieber memorabilia and the service provider receives a friendly alert that one of their servers has failed and needs to be replaced.

Many so-called cloud providers currently do not have redundancy built into their platforms. The user’s virtual machine and its data exist on a single physical server within the provider’s infrastructure. This is typically marketed as a VPS (virtual private server). When that single server experiences a failure, all of the virtual machines on that server experience downtime. In some cases this can be several hours or days depending on the type of failure and if the provider has spare servers or parts to repair it in a timely manner. This also means that there is no data redundancy in the cloud platform either. If there is a catastrophic failure of that server’s storage system, all of Grandma’s digital photos and blog posts about her trip to Alaska are gone forever (I hope you reminded Grandma to make backups).

So while that $4 a month VPS package from “Super Cheap Cloud Host USA” may seem like a good deal now, how much would you lose if your website was down for a few hours? How about a few days? What if your data was completely lost, never to return?

If you think you are safe by going with one of the 800-pound gorillas of the cloud hosting market, you may want to think again. It won’t take much time with your preferred search engine to find horror stories of customers having long outages with many of the major cloud providers, some of which made no attempt to hide the fact that their customer’s “cloud” server exists only on a single physical machine.

At Xfernet, our ActiveGrid cloud services are based on the OnApp cloud platform which includes both failover and data redundancy as standard features. Virtual machines are automatically restarted on healthy physical servers in the event of a hardware failure or server crash, and all data volumes are mirrored across multiple machines to ensure that there will always be a good copy of the user’s data available. We believe that these key features are at the core of what defines a true cloud computing platform.

The post The Cloud Computing Identity Crisis appeared first on Xfernet.