Category: VPS

Accessing and using the Xen virtual console

Requirements for accessing the Xen virtual console

Your Cruzio VPS is managed through the Xen virtual console. To access the virtual console for your Cruzio VPS, you will need:

Connecting to the Xen Shell

Open your SSH client of choice and connect to vps1.cruziohost.com (you may need to replace “vps1” with the vps server your VPS is hosted on.)

Using PuTTY on Windows to access the Xen Shell

  1. Open PuTTY and enter the following settings:

    Host Name: vps1.cruziohost.com (you may need to replace “vps1” with the vps server your VPS is hosted on)

    Port 22

    Connection Type: SSH

  2. Click Open.

    You may be shown this message: “The server’s host key is not cached in the registry…”

    Click Yes to accept the server’s RSA key and store it in your computer’s memory for future sessions.

  3. At the “login as” prompt, enter your username and press the Enter key.
  4. You’re now prompted for your password. Enter your password and press the Enter key. You’ll now be taken to the Xen Shell.

Using Terminal on Mac OSX to access the Xen Shell

  1. Open the Terminal application on your Mac (you can find it in the Applications -> Utilities folder).
  2. Type ssh [username]@vps1.cruziohost.com (you may need to replace “vps1” with the vps server your VPS is hosted on.)
  3. You may be shown this message: “The authenticity of host ‘vps1.cruziohost.com’ can’t be established. RSA key fingerprint is (…) Are you sure you want to continue connecting (yes/no)?”

    Type “yes” and press the Enter key. This permanently adds vps1.cruziohost.com to the list of known hosts on your computer.

  4. You’re now prompted for your password. Enter your password and press the Enter key. You’ll now be taken to the Xen Shell.

Using the Xen Shell commands

The following is a complete list of the commands available within the Xen shell. You can see this list at any time within the shell by entering the “help” command.

For command-specific help, run “help [name of command]”.

boot
Start the Xen guest, if it is not running.
console
Connect to the serial console of the Xen instance using GNU Screen.

To exit the serial prompt, type ‘Ctrl+]’

You may instead exit screen with ‘Ctrl+a k’, or ‘Ctrl+a d’.

exit
Exit the shell.
help [command]
Show help about the specified command, or all commands if no command is specified.
passwd
Change your login password (this will only change the Xen Shell password, not the VPS root password).
pause
Pause your instance. This will pause the Xen guest (your VPS).
quit
Exit this shell.
rdns [ipaddress some.host.name]
Set up Reverse DNS for allocated IP addresses.

When called with no arguments, show current reverse DNS details.

reboot
Reboot the Xen guest.
serial
Connect to the serial console of the Xen instance using GNU Screen.

To exit the serial prompt, type ‘Ctrl+]’.

You may instead exit screen with ‘Ctrl+a k’, or ‘Ctrl+a d’.

shutdown [force]
Shut down the Xen guest.

If the ‘force’ parameter is used, then we’ll forcibly terminate.

status
Show whether the Xen guest is running or not.
sysreq [string]
Send a ‘sysreq’ keystroke to the guest.

This allows you to try to cleanly shut down a hung instance, for example.

unpause
Unpause your instance, and start it running again.
uptime
Show the uptime information of your guest system and this host.
version
Show the version of this shell, and of Xen.
whoami
Show the user you’re connected to the host system as.

Adding a Domain to your Cruzio VPS, Creating a Virtual Server

Requirements and Overview

Before following the steps in this procedure, you must complete the Post Installation Wizard procedure.

To begin hosting a domain name on your Cruzio VPS, you must:

  • Register a domain name, and configure its DNS (Domain Name System) settings;
  • Create and configure a virtual server for the domain name you’ve registered.

Registering and configuring DNS for a domain name

At a registrar of your choice, register a domain name. While still logged into your account at the registrar, configure the domain to use these DNS servers:

  • Primary DNS server: ns1.cruziohost.com
  • Secondary DNS server: ns2.cruziohost.com

Creating and configuring a virtual server

  1. Log in to your Virtualmin Control Panel at clientlogin.cruziohost.com:10000, replacing clientlogin with the login name you chose when you signed up.

  2. In the top left corner, click Create Virtual Server.

  3. On the Create Virtual Server screen, in the “New virtual server details” section, fill out the requested information:

    Domain name
    The domain name you registered.
    Description
    A simple description of the virtual server. This could be as simple as “domain.com”. If you’re running a server for a specific task, you may wish to identify it here for ease of tracking.
    Administration password
    A password specific to this domain.
    Server Configuration Template and Account Plan
    Your Virtualmin Control Panel comes with default settings configured. You can create custom templates and plans if you need them.
    Administration Username
    You can allow Virtualmin to auto-generate a username, or you can pick one yourself. (Auto-generated usernames are the domain name with the .com, .net etc. removed.)
  4. Look at the Enabled Features section and see if you need to change any settings in this section. However, for most installations, the default settings in these areas are fine.

  5. If you have specific IP addressing needs, configure the options in the “IP address and forwarding” section.

  6. Click “Create Server.” This process may take a minute or so. Once this process is complete, you should see a drop-down menu in the top left corner with your domain(s) as selectable options.

  7. If you wish to set up email for this domain, please visit our VPS email setup instructions.

For some tips on securing your virtual server, check out this helpful post by Cruzio Consultant Bryan Zimmer: Securing your VPS

Backing Up Your Cruzio VPS

Cruzio strongly recommends that you keep backups of everything, including your Cruzio VPS. The Virtualmin Control Panel on your Cruzio VPS has a backup system built-in to make this easy. Backups can be done as one-time backups or can be scheduled to run regularly.

To perform a one-time backup immediately

  1. Log in to your Virtualmin Control Panel at clientlogin.cruziohost.com:10000, replacing clientlogin with the login name you chose when you signed up.
  2. In the left-hand menu toward the bottom of the list, click “Backup and Restore”.
  3. Click “Backup Virtual Servers”.
  4. Under “Virtual servers”, choose which servers are to be included in this backup. The default is to back up all your servers.
  5. You can specify which elements to back up under “Features and Settings”. The default option is to back up everything.
  6. Under “Destination and format”, specify the name and location of the backup file and the format of the backup (single archive file for your whole VPS, or an individual file for each server). By default, the backup process will create a single file for each server, containing a backup of all files on that server, and will create these files in your storage space on your Cruzio VPS.

    You may also specify a remote FTP or SSH server to transfer the file(s) to, or you can opt to download the archive file(s) in your browser.

  7. Click “Backup Now”.

To schedule backups

  1. Log in to your Virtualmin Control Panel at clientlogin.cruziohost.com:10000, replacing clientlogin with the login name you chose when you signed up.
  2. In the left-hand menu toward the bottom of the list, click “Backup and Restore”.
  3. Click “Scheduled Backups”.
  4. Click “Add a new backup schedule”.
  5. Under “Virtual servers”, choose which servers are to be included in this schedule. The default is to back up all your servers.
  6. You can specify which elements to back up under “Features and Settings”. The default option is to back up everything.
  7. Under “Destination and format”, specify the name and location of the backup file and the format of the backup (single archive file for your whole VPS, or an individual file for each server). By default, the backup process will create a single file for each server, containing a backup of all files on that server, and will create these files in your storage space on your Cruzio VPS.

    You may also specify a remote FTP or SSH server to transfer the file(s) to.

  8. Under “Schedule and reporting”, select “Simple Schedule”, then choose the frequency of backups, depending on the frequency of changes to your site.

    You may also specify an email address to receive reports of backup activity.

  9. Click “Create Schedule”.

To restore from a backup

  1. Log in to your Virtualmin Control Panel at clientlogin.cruziohost.com:10000, replacing clientlogin with the login name you chose when you signed up.
  2. In the left-hand menu toward the bottom of the list, click “Backup and Restore”.
  3. Click “Restore Backup”.
  4. Specify the source file to restore from. You can also specify which elements to restore or not restore.
  5. Click “Show What Will Be Restored”.
  6. Review the proposed restore, and if satisfied, click “Restore Now”.

Connecting to your Cruzio VPS via SSH

Requirements for accessing your Cruzio VPS via SSH

To access your Cruzio VPS with SSH, you will need SSH client software, such as Mac OS X’s built-in Terminal application, or PuTTY for Windows (click this link to get PuTTY).

Connecting to your Cruzio VPS

Open your SSH client of choice and connect to clientlogin.cruziohost.com (replace “clientlogin” with the login name you selected for your VPS when you signed up).

Using PuTTY on Windows to access your Cruzio VPS

  1. Open PuTTY and enter the following settings:

    Host Name: clientlogin.cruziohost.com (replace “clientlogin” with the login name you selected for your VPS when you signed up)

    Port 22

    Connection Type: SSH

  2. Click Open.

    You may be shown this message:

    The server's host key is not cached in the registry…

    Click Yes to accept the server’s RSA key and store it in your computer’s memory for future sessions.

  3. At the “login as” prompt, enter root as your username and press the Enter key.
  4. You’re now prompted for your password. Enter your password and press the Enter key. You’ll now be logged into your VPS as root.

Using Terminal on Mac OSX to access your Cruzio VPS

  1. Open the Terminal application on your Mac (you can find it in the Applications -> Utilities folder).
  2. Type

    ssh root@clientlogin.cruziohost.com

    (replace “clientlogin” with the login name you selected for your VPS when you signed up).

  3. You may be shown this message:

    The authenticity of host 'clientlogin.cruziohost.com' can't be established. RSA key fingerprint is (…) Are you sure you want to continue connecting (yes/no)?

    Type “yes” and press the Enter key. This permanently adds clientlogin.cruziohost.com to the list of known hosts on your computer.

  4. You’re now prompted for your password. Enter your password and press the Enter key. You’ll now be logged into your VPS as root.

Remember, being logged in as root gives you total control over your VPS, but also the power to make detrimental changes.

Cruzio VPS FAQ

What is VPS?

VPS stands for Virtual Private Server. It’s a method of dividing up a server so that each virtual server can run its own full-fledged operating system, and each virtual server can be independently rebooted.

What can VPS be used for?

Just about anything you could do with your own server, you can do with Cruzio VPS, but without the expense and the hassle of maintaining hardware.

Running your own web server, hosting multiple domains, serious web development and testing. And that’s just the tip of the iceberg.

Is VPS for me?

You’ll have a lot more control, but with great power comes great responsibility! With full root access you can definitely mess up your stuff. Then again, you have to start somewhere, and you can always reboot. At $30, our intro-level package is great for anyone wanting to get their geek on.

Where are your servers located?

Our VPS servers reside in our state-of-the-art data center in Santa Cruz, featuring redundant power and Internet connectivity.

If I go over my bandwidth cap, is all traffic blocked?

No, we won’t block any traffic. All our limits are soft. If you go over the cap, we’ll contact you with your options. If you’re expecting a spike in traffic, call us ahead of time and we’ll figure something out. Pricing for additional bandwidth starts at $10.95/month for 500 GB.

What are the hardware specs for the physical server?

Pretty awesome:
Dual Quad-Core 2.5 Ghz CPUs
SAS RAID 10 disk array
24 GB RAM

What distributions do you offer?

Currently we offer the choice of Debian Lenny or CentOS 5.

Can I purchase additional IP addresses?

Yes. $5 per month per IP.

Do you offer backups?

We maintain snapshot backups of all slices taken nightly. These backups are intended to protect customer data against a catastrophic multiple point hardware failure that circumvents the existing redundancy measures in place. These backups may not fully protect certain volatile data groups, notably MySQL or postgreSQL databases. In general, any data that is cached before being written to a file may not be fully protected.

Cruzio strongly recommends that VPS customers take advantage of the backup features in the Virtualmin control panel, which will enable you to create backups on your own schedule and keep them for as long as you wish. See our documentation on backing up your Cruzio VPS.

If you need data restored from Cruzio’s backups, there will be a minimum single charge of $100 for up to 1 hour of our engineer’s time and $49 for each half-hour thereafter.

Do you have redundant Internet connections?

Yes.

Can the VPS be failed over to another physical server or location in case of problems?

This feature will be available soon.

Can I upgrade sometime down the road?

Absolutely. No need to reinstall everything either.

How many domains can I host?

That’s a very “shared hosting” question. No limit. It’s all yours, do whatever you like!

How to Modify the Hostname and Reverse Record for Your Cruzio VPS

Cruzio, by default, sets up your VPS under our domain, in the form yourusername.cruziohost.com, where yourusername is your actual user name.

If you’re using Virtualmin, there is no real reason to change this, but if you’re planning to use your Cruzio VPS for Zimbra hosting, or some other reason where you’d rather have the name of the VPS be yourhostname.yourdomain.com, or even yourdomain.com, here are the steps to take to make it so.

To change the hostname

On Debian:

  1. Edit /etc/hostname
  2. Edit /etc/hosts
  3. Reboot.

On Centos:

  1. Edit /etc/sysconfig/network
  2. Edit /etc/hosts
  3. Reboot.

To change the reverse record

  1. Log into the Xen shell.
  2. Issue the command

    rdns
    

    to view your current entry and find your IP address.

  3. Issue the command

    rdns IP_address yourhostname.yourdomain.com
    
  4. Reverse DNS entries can take a couple of hours to propagate.

Restarting Virtualmin on Your VPS

This article is designed to help Cruzio VPS customers who are unable to reach their Virtualmin control panel at http://clientlogin.cruziohost.com:10000, where clientlogin is the login name you chose when you signed up.

These instructions assume you have Cruzio VPS service and are able to connect to your VPS service via SSH. If you are unable to reach your Virtualmin control panel and unable to connect to your VPS service via SSH, you will not be able to run the commands supplied in this article, and should reboot your VPS service via the Xen virtual shell.

Overview

By default, Cruzio installs two major web-based control panels on each VPS service: Webmin and Virtualmin. Webmin allows Cruzio VPS customers to manage their VPS service via a graphical point-and-click interface, rather than the command line. Virtualmin is a module that works with Webmin to host and manage multiple websites on a single server. For more information, please visit the official Webmin and Virtualmin documentation.

Restarting Virtualmin

Since Virtualmin is a subcomponent of Webmin, you must restart Webmin in order to restart Virtualmin.

  1. Connect to your VPS service via SSH. You will need to log in as the root user in order to run the restart command.
  2. On the command line, type the command /etc/init.d/webmin stop and press Enter. Note that you may get an error message that says the Webmin service is already stopped. This is okay.
  3. On the command line, type the command /etc/init.d/webmin start and press Enter.
  4. Once your command window returns to the command prompt, try logging into your Virtualmin control panel again at http://clientlogin.cruziohost.com:10000, replacing clientlogin with the login name you chose when you signed up. When prompted, enter your root username and password. If you are still unable to get into the Virtualmin control panel at this time, we recommend you reboot your VPS service via the Xen virtual shell.

Securing your VPS

Here’s my quick list of best practices for securing your VPS. This list is the first of several I use in order to secure customers’ servers as well as my own, I hope you find it useful.

Turn on auto notification of security updates in Webmin or your package manager, and apply them as soon as possible. Attacks are coming out very quickly after vulnerabilities are found, so the sooner you plug the holes the better. Don’t forget to include updates for the applications you’re running in addition to the operating system itself. If you manually install any applications rather than using the package manager remember that you’ll need to manually check for updates on those applications.

Use strong passwords. Don’t use words found in the dictionary or words and dates people might be able to guess, like your spouse’s name or your birthday. Use letters, numbers, and symbols, and make it memorable so you won’t need to write it down.

Disable services and applications you don’t need. Hackers can’t attack a service that’s turned off. Why run a mail server or content management system if you only use your system for FTP?

Read your system and applications logs daily. Know what normal activity is for your system. You won’t know you’ve been broken into if you’re not looking.

Apply the CIS Benchmarks or DISA STIGs to your system. They’re detailed guidelines on how to secure your system. Be aware that they might recommend changing settings that could break your specific setup. Know your system and how the changes you make will affect it.

http://www.cisecurity.org/benchmarks.html
http://iase.disa.mil/stigs/stig/index.html

Make regular backups. If all else fails and your server is hacked you’ll need a safe copy of your data to start over. Test your backups to make sure you can restore from them, and encrypt them during transmission and storage. You don’t want someone sniffing your sensitive data as you make a backup across the Internet, or walking off with your unencrypted backup drive. If possible, store your backups in a fireproof and waterproof safe at a site other than where your server is located. This will help prevent your server and backups both being destroyed by theft, fire, or natural disaster.

Subscribe to your operating system and application vendors’ security or news lists. It will notify you of new security updates or temporary fixes to prevent a compromise until an official update is released.

Feel free to contact me for a more complete list of recommendations, or if you need help securing your VPS.

Bryan Zimmer
Zimmer and Associates LLC
www.zimmerandassociates.com

Setting up Email on a Cruzio VPS-Hosted Domain

Once you’ve added a domain to your Cruzio VPS, you may want to use that domain for email. This article describes how to create and connect to mailboxes for your domains.

To create a mailbox

  1. Log into your Virtualmin Control Panel at clientlogin.cruziohost.com:10000, replacing clientlogin with the login you chose when you signed up.
  2. Use the dropdown menu on the top left to select the domain you wish to create a mailbox for.
  3. Click “Edit Users”.
  4. Click “Add a user to this server”.
  5. Fill in the “Email address”, “Real name” and “Password” fields.
  6. You can configure advanced options in the other settings areas on this page. The defaults should be appropriate for most users.
  7. Click “Create”.

The user is now created.

To connect to a mailbox using POP or IMAP

Configure your POP or IMAP client, such as Mac OS X Mail or Microsoft Outlook, with these settings:

Incoming and outgoing Mailserver
The domain name you added (including the .com or other TLD).
Use SSL
Yes/Enabled
Username
Your username is listed in the “Edit Users” screen under the “IMAP / POP3 / FTP login” column.  If you haven’t changed the way usernames are created, it should take this form: login.domain

The first time you connect using this newly created account, you may be asked to accept a security certificate from the server.

To connect to a mailbox using Webmail

Virtualmin has a user-level control panel called “Usermin”.

You can reach the Usermin control panel directly by visiting domain:20000.

When logging in to the Usermin interface, your username is just the login name (not login.domain).

Virtualmin Post-Installation Wizard Guide

This guide will walk you through the initial setup of your Virtualmin control panel on your Cruzio VPS.

Connecting to the Virtualmin Wizard

  1. Browse to clientlogin.cruziohost.com:10000, replacing clientlogin with the login name you picked when you signed up.
  2. When prompted for your username and password, type root as the username and enter the password you selected when you signed up.

Using the Virtualmin Wizard

For each Virtualmin Wizard screen quoted below, follow the instructions.

Introduction screen

This post-installation wizard allows you to configure Virtualmin optimally for your system. You can make selections depending on whether you want to host websites, email or databases, and based on your system’s memory and CPU power.

Action to take: Click Next.
Memory Use screen

Virtualmin can be tuned to improve performance in its user interface and email processing, but at the cost of increased memory use. The best choice depends on how your system will be used.

Preload Virtualmin libraries?
Yes (more RAM used, faster Virtualmin UI – approximately 20M)
No (less RAM used, slower UI and more CPU load)

Run email domain lookup server?
Yes (more RAM used, faster mail processing – approximately 35M)
No (less RAM used, slower mail and more CPU load)

Action to take:

Make your selections based on your needs and the intended use of your virtual server. The default options should be appropriate for most users.

Click Next.

Virus Scanning screen

If your system is going to host domains that will receive a large amount of email, scanning incoming messages for viruses can generate high CPU load. This is due to CPU use by the ClamAV virus scanner when it is started, which can be avoided by running the ClamAV scanning server clamd in the background. This consumes RAM, but reduces CPU load and makes mail processing faster.

Run ClamAV server scanner?
Yes (more RAM used, faster mail processing – approximately 100M)
No (less RAM used, slower mail processing)

Action to take:

Make your selections based on your needs and the intended use of your virtual server. The default options should be appropriate for most users.

Click Next.

Spam Filtering screen

If your system is going to host domains that will receive a large amount of email, filtering incoming messages for spam can generate significant CPU load. This is due to CPU use by the SpamAssassin mail filter when it is started, which can be avoided by running the SpamAssassin filter server spamd in the background. This consumes RAM, but reduces CPU load and makes mail processing faster.

Run SpamAssassin server filter?
Yes (more RAM used, faster mail processing – approximately 30M)
No (less RAM used, slower mail processing)

Action to take:

Make your selections based on your needs and the intended use of your virtual server. The default options should be appropriate for most users.

Click Next.

Database servers screen

Virtualmin supports both the MySQL and PostgreSQL database servers, but you might want to run only one (or neither) on your system. Each consumes RAM when running, even if they are not being used.

Depending on the websites and applications you plan to host, running MySQL only may be enough, as most web applications do not support or require PostgreSQL. If your system will only be used for mail or DNS hosting, there is no need to run either.

Run MySQL database server?
Yes (more RAM used, needed for most non-static websites)
No (less RAM used)

Run PostgreSQL database server?
Yes (more RAM used, needed for some web applications)
No (less RAM used)

Action to take:

Make your selections based on your needs and the intended use of your virtual server. The default options should be appropriate for most users.

Click Next.

MySQL password screen
(only shown if you selected “Yes” for MySQL Server)

To prevent other users on your system from managing the MySQL database, a password for the root user should be set. Currently the MySQL password is not set, which is highly insecure. Set MySQL password (Enter a Password in the text box)

Action to take:

Enter a password. Click Next.

All done screen

Virtualmin post-installation configuration is now complete!
You can adjust the settings you just made on the Features and Plugins and Spam and Virus Scanning pages.

Action to take: Click Next.

Verifying the Virtualmin configuration

You’ll see a yellow box at the top of the screen with the message “Virtualmin’s configuration has not been checked since it was last updated. Click the button below to verify it now.”

Action to take: Click “Re-check and refresh configuration”.

Virtualmin will now check your server configuration. This can take a few seconds. When finished, the following message should display:

.. your system is ready for use by Virtualmin.
Updating all Webmin users with new settings..
.. done

Updating status collection job ..
.. done

Adding your first domain

You have now completed the post-installation wizard and your Virtual Server is set up.

Next, you may want to follow these instructions to add your first domain to your Cruzio VPS.