I have read that XeonBD has mod_security is installed. What are the benefits? How might it affect me?
After months of extensive testing and tuning, we deployed the mod_security Apache Module on all of our shared servers beginning in November 2008 in a bid to improve overall system stability and security.
Before deploying mod_security we saw a lot of scripts (e.g. phpBB) being exploited through Cross Site Scripting (CSS) vulnerabilities. Hackers can exploit vulnerable scripts through CSS vulnerabilities by using carefully crafted URLs when hitting your scripts. E.g. script.php?post=hack-code-here etc. These exploited scripts can then be used to send Unsolicited Commercial Email (UCE) / SPAM or launch Denial of Service (DOS) attacks from your account. What mod_security does is filter incoming requests to Apache such as this and blocks them if the request contains a line of code which matches that in a rule list that we have defined. This means that when a vulnerability for a script such as phpBB is discovered then we can put in place a blocking rule to try and prevent installations on our servers being exploited.
One of the most common type of scripts we see getting exploited are form-to-email scripts containing the name "mail". E.g. formmail.pl, formmail.php etc. Therefore, we have configured mod_security to block access to files with the name "formmail" contained in them. For this reason we advise customers to rename any scripts which may contain the string "formmail" to an alternate name so that the script can continue to function. E.g. rename "formmail.php" to "contactus.php". At the same time as doing this we ask customers to check over their form-to-email script installations to ensure they are fully patched and secure.
While mod_security allows us to cut out most of the problems which arise from scripts being exploited, we are bound to see some problems arise with legitimate scripts. This is very easy for us to fix as we can simply amend the rule list to take account of your script and the system will no longer block the request to Apache. We have yet to see any widespread problems from our deployment of mod_security as we have managed to tune the rule list on our servers pretty well, but if you do see any issues with your scripts arise as a result of mod_security, then please open a support ticket via XeonBD client's area at: https://www.xeonbd.com/clients and we will be happy to look into the matter for you. You will know that a problem has arisen if a script you have been running for a while suddenly begins to produce 400 or 500 type errors when executing it.
All of the above being said, while mod_security helps us to stop a lot of the attacks we are see against script installations on our servers it is still very important that you keep all of your scripts updated and running the latest available stable releases. This system is not able to stop all forms of attacks. It is very much a two prong strategy the biggest part of which involves customers keeping script installations updated. We can not stress this highly enough.
You can read more about ModSecurity and the huge benefits it can bring to a shared hosting environment at: http://www.modsecurity.org
Where’s .NET 3.5 (on IIS) its only showing .NET 2.0.50727.1434
I just delivered a small 3.5 application to a customer in compiled form and told him to install the application on IIS. The company is one I've dealt with on a few occasions and they are .NET aware shop where I deal with developers and a .NET familiar IT department. But it wasn't long after I sent my email that I got a call back from the customer who - slightly embarrassed - mentioned that he couldn't figure out how to 'turn on' .NET 3.5 on his IIS 6 Web Server.
This is not the first time this has happened:Â It's slightly confusing given the funky version numbering that the .NET framework has gone through with versions 3.0 and 3.5.
The not so obvious 'problem' is that if you fire up a machine that has .NET 3.5 installed, you might be surprised to find that the IIS service panel's ASP.NET does not show an option to select the .NET Runtime of 3.5.
Instead you get the .NET runtime dropdown that looks like the one shown in the figure:
IIS6NoNet35
Where's my .NET 3.5?
IIS 6 (shown above) and prior tie the .NET runtime to a specific Virtual Directory or 'Application' which is actually problematic if you happen to have more than one version of the runtime configured for a given Application Pool. Because IIS 6 configures the .NET runtime at the vritual level it's possible for two virtuals in the same Application Pool to use different runtime versions - if you do, the one loading last will fail.
On IIS 7 the runtime configuration is tied to an IIS Application Pool rather than the Virtual/Web Application:
II7Versions
which avoids the above problem of multiple runtimes hosted in the same Application Pool by pre-loading the runtime at startup. But on IIS 7 too you won't see a .NET 3.5 runtime selection.
It's all 2.0
So, no the customer didn't do anything wrong during installation of .NET 3.5. In fact that'd be hard to do given that .NET 3.5 installs .NET 2.0, 3.0 and 3.5 in one pass (and which makes for the rather much, much bigger 120meg footprint of the 3.5 runtime install!).
The key to understanding why .NET 3.0 or 3.5 aren't showing up is that both of those .NET versions are running on the core .NET 2.0 runtime. So the core runtime is .NET 2.0 (or 1.0 or 1.1 which are all core runtime versions), while .NET 3.0 and .NET 3.5 are essentially library updates.
You can verify this for yourself if you run a .NET 3.5 application on your machine and you echo back inside of an ASP.NET page:
<%= System.Environment.Version %>
which on my machine with .NET 3.5 installed shows:
2.0.50727.1434
So you can see that indeed the .NET 2.0 runtime is what's driving the show. .NET 3.5 is merely a set of additional system libraries that extend the 2.0 runtime. And a bunch of tools and infrastructure, but all built on the premise of the 2.0 version of the runtime. In theory you can take the new DLLs in the .NET 3.5 runtime and distribute them with your application without installing .NET 3.5. In theory... this is probably not a good idea as certain pieces of .NET 3.5 require installation and system component support. But it demonstrates the point.
No Problem - or is it?
The version numberings certainly are confusing and while it's probably nothing new to most .NET developers who keep up with the latest frameworks and news, it's an easy thing to miss if you're new or are to busy to follow Microsoft's latest follies in naming and versioning. Certainly if you are just starting out coding with .NET 3.5 without having followed the versioning history of .NET you're not likely to know that .NET 3.5 is not an actual runtime version, but essentially a library revision.
This is especially true for IT folks who are even less likely know about the funky nuances of .NET versioning. It's one of those issues you run into once and remember from thereon forward, but the first time it might still be a headscratcher that wastes a few minutes of time.
Reference : Rick Strahl's Web Log
Difference between Linux or Windows Hosting?
The choice between Windows and Linux hosting has always been a very complicated decision for potential customers who are seeking web hosting services. In terms of pricing, Microsoft develops and owns its Windows operating system; therefore hosting a website on the Windows platform is more costly.
On the other hand, Linux is an open-source operating system. In other words, in the majority of cases, Linux is a free operating system; reducing the costs of utilizing this platform. Contrary to popular belief, it is important to clarify the fact that even if a customer is running a Windows operating system on his computer, he is still eligible to use Linux as a hosting platform.
It is imperative to understand that the most important factor in making a choice between both platforms is to know what functions a customer requires from his web hosting service. A large amount of web features such as MySQL and PHP are provided by both platforms. If a customer is seeking Microsoft's proprietary features such as ASP, ASP.NET, Microsoft Access, Microsoft SQL Server and FrontPage, then the Windows platform is an obvious choice.
In terms of stability, security and performance, both platforms are relatively equal. For this reason, it is important to rely mostly on the web hosting company's server reliability. At XeonBD, we offer state-of-the-art web hosting servers colocated in a relibale and secure datacenter.
September 2009 Uptime Record for XeonBD
Linux Dedicated Server Up time Record
| Service | % OK | % Critical |
| FTP | 100.000% | 0.000% |
| HTTP | 100.000% | 0.000% |
| MySQL | 100.000% | 0.000% |
| SMTP | 100.000% | 0.000% |
| POP | 100.000% | 0.000% |
As you can review in the table above, our cPanel next generation advanced Premium Hosting server performance for all services reached out 100% up time during the month of September. Based on this report, we believe that we have proven that we have given premium service in our next generation advanced Premium cPanel Hosting plans.
Our premium hosting performance reached 100.00% up time in August 2009 and there is no critical/down time.
So, what you think isn't XeonBD is providing the best platform for web hosting on the web !!!