Thursday, March 17, 2011

Welcome to !!

The soul intention of building this blog is to help most of the techies, non-techies or an individual who is been using open source applications like wordpress, drupal, joomla, mambo, phpBB, vbbulletin, b2evolution, xoops, php-nuke, zencart, oscommerce, magento and many more as their cms websites, blogs, forums, discusson board, shopping cart ..etc. If anyone wants to share their information globally, then there is no other better place than Internet. Internet, is only the cost effective medium than any other medium to share information, buy/sell products globally.

So, If you want to host a website, blog, forum or shopping cart then I'm sure that you all might have hosted one of these sites with the help of the web hosting company (there are many web hosting companys to list at this point of time). As we say 'WEB Hosting Company' there are many services that they might offer related to hosting itself like, shared hosting, VPS hosting, Dedicated hosting or just a blog hosting and various in-house products that they have to offer. So for personal/individual/small buisness/ organistation's shared hosting seems to be very cost effective. So most of us do a lot of research on the web hosting company before we purchase any of their hosting plans.

Once the web hosting company is chosen we tend to host our websites, blogs, forums, shopping carts ..etc. You'r websites/blogs/forums/shopping carts would be running fine and you might attract lot of visitors, members a day and one fine day you might be shocked so see an email under your administrative email address from the webhosting company stating that "TOS violation" an email some thing like below:

Hey Customer,

We're extremely sorry to say that your database is consuming excessive resources on our servers. Or your database is using too many mysql queries. Kindly take the desired action.

The Webhost team

So what next ??, If your'e a non-techie then it would be difficult to understand what it says. Few techie's might understand but it would be difficult for them to act upon as thier using open source applications and you will never know how the code works here. Most of us will be confused seeing these "Policy" or "TOS" emails from the web hosting companies and we start blaming the web hosting companies for the unlimited services they promised us. Please note that even un-limited contains 'limited' word within it. . This does not mean that the services are limited in terms of unlimited hosting plans. No web hosting company is ready to use their server resources to host spammers content or an hacked site for many different reason and they want their customers to be aware of and take necessary steps to avoid them in future. They can never allow the spammers to abuse their system. Please note that the web hosting company has all rights to terminate such type of clients who is abusing their system with or without informing the customers as this will affect their server performance for thousands of customers hosted on the same server. So here are few basic questions that arise:

1. How did my database or particular table grow in size ?
2. Who is generating excessive or too many mysql queries ? , as there is no huge traffic to the site/ blog.
3. why is my blog/ site is loading slow ?
4. who is posting the invalid/ abuse or porn contents to my site? ...etc

In fact there are many such questions that we need to think of and the answers for all these questions are "Spammers". So the next question would be, who are Spammers and why are they spamming me?, In fact, the spammers are the one who wants to advertise about themselves and want search engines to think or make their company or website listed at the top rank as this will definetly bring them profits ..etc. There are many types of spamming activities (which will not be discussed here) and one of the easy method would be to hack the older open source application as the code is open to all. So when the application are old there would be many bugs or loop holes or back doors in the application where the spammer or the hacker get into and inject,populate the contents links into the third party blogs/sites/forums as these sites too will be indexed by various search engines the more it create links to any of their site would consider that particular site as  important and mosted visited site and then it tags the site to have a better search engine rank. 

So this blog "" is all about that, the place where I'll be posting articles for various open source applications with as much as detailed information instructions, ideas, workaround for such type of hacks by the spammers that I've been worked with.

Tuesday, March 15, 2011

Basic guideline while using web hosting accounts for open source applications.

Now a days almost all the web hosting companies provide one step script installer, which means we need not download the required open source application and then unzip them, correct thier permissions, create database ..etc and install them. With a click of a button the required application will be installed within our web directory, we then just need to configure and use them. 

Its found to be a common habbit that we install many of these applications initially for testing purposes, different applications for personal, friends and relatives but once the testing is done we will either forget or neglect to delete these applications or databases which are not in use, couple of weeks or a month these application will be outdated and the new version will be released with the known bug fixes but the old version of these applications will be still existing in our web hosting accounts untouched as we do not need them. 

The spammers/ hackers created robots or bots will always look for such kinds of old version applications in the internet as they know their vulnerability and way to hack into these kind of applications for thier benfits, they then populate thier contents, advertisements into these application databases to  to increase their site's ranking or PageRank. This will not only grow in size of the database but also use extreme server resources by generating huge mysql queries in batches hogging the mysql server or an application server resources collectively causing slow loading of sites or a complete downtime for the accounts hosted on the same server. 

So here are few ticks and tips to use the web hosting account efficiently:

#1. Un-install/ Delete all of your open source applications like wordpress, joomla, phpBB, drupal, SMF or any custom built ..etc which are not in use along with thier files and databases.

#2. Keep yourself updated with corresponding applications main site or vendor for the updates, bug fixes and update your application accordingly to the latest stable version.

#3. I stress latest stable version because there might be few latest versions available on their site like alpha or beta version, this means the realease is still under development and there might a lot of changes to the applications once its released as stable version. So use the current stable version until the beta version gets released to be an stable version.

#4. Install only the themes, plugins, addons that is been supported by the current version of the application, also make a thorough investigation of an author, developer of these addon products before installing the same as there are few spammers who create their own themes, plugins or addons for free as to take control on your blog or websites. So its always better to verify about these factors before installing any of these addons. 

#5. Also read the documents provided by the authors on their addons and understand as what rows are being affected in the database table and the application. Because, it's found that few of these themes, plugins or addons will not remove their complete information from the files or databases and you might need to remove them manually.

#6. Even few themes, plugins or adddons will have their newer version or bug fixed version available. Update them to the latest stable version available but make sure the current version of your applicatin supports them.

#7. Never ever try all the addons available in the internet. Try only the ones which are popular and the one developed by the popular authors or the vendor suggested addons.

#8. Keep your admin login password as complex as possible inorder for anyone to easily guess your admin password.

#9. Do not provide full access on your web directory or application directories and keep them as low as possible access to the world.

#10. Monitor your application and database on daily basis like deleting the unwanted rows from the desired tables, truncating or archiving or clearing the entries from the log tables periodically. 

#11. It is always adviced to keep your databases tables Indexed and optimized. To optimizate your database tables,you may just login in to your phpMyAdmin and select the database whose tables you wish to optimize. A list with all the database's tables will appear. Check the tables you wish to optimize, or simply click [Check All] option to select all tables listed. From the [With selected:] drop-down menu choose Optimize table. This will execute the OPTIMIZE TABLE SQL query on the selected tables and the tables structures, indexes are updated and optimized.

Note: when I say 'your application' this always refers to the application that you have installed it may be wordpress, drupal, joomla.. etc.

So if you follow these basic steps there are very less number of chances of your database / application getting listed under the web hosting's system abuse monitor, which means your application is safe and you will not see their "TOS" email in your inbox and your website or blog will load faster, smoother, secured too.

So happy hosting!

Also, please share your thoughts on the same.