Posted on

What is an Outlet (Clearance) Dedicated server?

What exactly is an Outlet Server?

Outlet Servers are previously-used generation servers offered at a discounted price. Since the hardware has already been fully paid for, Outlet Servers present an economically and environmentally advantageous solution. These servers are robust and well-equipped, located in the PhoenixNAP datacenter. They come with set configurations, allowing you to choose your preferred operating system, web panel, and billing platforms. It’s important to note that Outlet Servers do not come with a 100% uptime guarantee due to their prior usage.

What does User-Responsible Server Management refer to?

User-Responsible Server Management, as the name suggests, places the responsibility for managing a server squarely on the user. This means that users are expected to have a solid understanding of Linux and command-line operations to ensure the server functions correctly. The responsibilities under this management type typically include:

1. Initial server setup and configuration
2. Detection and resolution of hardware issues
3. Server reboot (upon request)
4. Full root access

What type of Server Management applies to Outlet Servers?

Outlet Servers are only available with User-Responsible Server Management. This means that users are required to take on all aspects of managing these servers themselves, except in the case of hardware replacement where some support may be provided.

How do I know my Outlet Server is in operating condition?

All our Outlet Servers are rigorously tested to ensure they are in perfect working order. However, like any older servers, occasional malfunctions can occur. In the unlikely event of such issues, we are more than willing to offer a replacement for any affected parts or the entire server.

If you’re not entirely satisfied with your Outlet Server, you have the option to cancel and receive a refund (excluding license costs) within one week from the initial delivery date.

Posted on

A Handy Guide to Resource Limits or What is LVE?

All hosting accounts on Sunserver shared, business and reseller platforms have resource limits in place. These resource limits are designed to safeguard your account. In the past, other users on the server could consume all of the available resources (CPU/Processor, RAM/Memory or Disk Access) and cause a slow down for other websites hosted on the same server.

Sunserver use the CloudLinux operating system that has resource limits set by a LVE system; kernel-level technology embedded in the server to ensure all websites on the server get full access to a fair share of resources.

Sunserver’s resource limits are generous. Typically, our limits are much higher than that of other hosting companies giving every website a lot more space to grow. We can offer higher limits for two main reasons:

1. We use faster, more powerful servers. A typical server uses the latest Intel Xeon E5 processors, up to 128GB of DDR3 RAM and fast hard disks with SSD technology.
2. We place fewer accounts per server than that of our competitors. ‘Overcrowding’ of servers is a common technique used by competitors to try and squeeze more money from customers. Sunserver load our servers with fewer accounts to deliver a better quality of service.

Any shared/reseller account may use no more resources than outlined below:
Shared accounts
Resource Type Any Shared Stellar Plus/Ultimate Stellar Business/Business SSD
CPU Limit, % 50 50 100
Physical Memory Limit, GB 1 2 2
maxEntryProc limit, N 20 30 40
IO, MB/s 50 50 50
We may allow any shared account to burst up to*
CPU Limit, % 200 200 400
Physical Memory Limit, GB 4 6 8
 
NOTE: The burst allowance is used to stabilize the operation of the website during peak intervals. If your account/server employs the higher burstable resources on a consistent basis, an upgrade to a package with higher resource availability should be considered.
Reseller accounts

 

Resource Type Nebula/Level 1 Reseller Galaxy Expert/Level 2 Reseller Universe Pro/Level 3 Reseller Level 4 Reseller One Resold Account
CPU Limit, % 800 1600 2400 3200 20
Physical Memory Limit, GB 4 8 12 16 1
maxEntryProc limit, N 80 160 240 320 20
IO, MB/s 2048 4096 6144 8192 50

As you can see, more expensive packages come with more resources and are designed for busier websites. You can upgrade your hosting account at any time to a higher resource package if you run into any of the limits we have in place. Just contact our team who will be happy to assist.

Checking your current usage

It is possible to check your current resource Usage via cPanel account. Log into your hosting panel and navigate to Stats widget on the left:

CPU Usage specifies how much of the allocated CPU resources you are currently using. The amount of CPU resources we provide to each account is the percentage of the server’s resources.

If CPU reaches 100% it means that your account is using all of the CPU resources allocated, and any new processes will be put to sleep until existing processes complete. This can cause your website to slow down dramatically and in extreme cases even time out.

Virtual Memory Usage corresponds to the amount of memory, processes can allocate within LVE. When the process tries to allocate memory, CloudLinux checks if the new total virtual memory used by all processes in LVE is within the limit set. If it is not, CloudLinux will prevent memory from being allocated and in most cases this causes the process to fail.

Physical Memory Usage (RAM) is the actual memory allocated for your account. Virtual memory is usually a file on a disk drive that the operating system uses to store information (swap-to-from) when the real memory becomes full, for instance, the page (swap) file on a Linux system. Therefore, if you try to publish a big post, it might take all physical memory to do so, but after some time it will be normalized.

If this value reaches the limit you may begin to experience PHP errors (if applicable) on your website, or in very extreme cases may see a CloudLinux error page. These errors are typically only brief and once the usage has reduced to below the limit, will automatically clear.

Entry Processes is the number of processes that enter your account. It is also known as “Apache concurrent connections”. This value defines how many PHP or CGI scripts you can run at a single time. For example, every PHP page that is accessed by a user will usually generate a single entry process. Many people misinterpret this value as “number of visitors you can have on your website at once”. Whilst it is true that each visitor accessing a PHP page will spawn an entry process, these processes usually end so quickly that it is extremely unlikely that 10 will be spawned concurrently and at a single moment unless you had a significantly large number of simultaneous visitors on your website at once.

Number of Processes is the limit similar to the above but includes all processes generated by the account rather than the specific PHP, SSH, or cron jobs. This number is typically very low, even under high activity, as non-PHP tasks execute and complete even more quickly.

I/O Usage (input/output) represents how much I/O (or disk activity) your account is using. Any task which makes use of the servers disk drive (such as reading or writing to the server) will consume I/O. We limit the maximum disk speed of each account to ensure that no single account can saturate the disk drives which will reduce performance for everyone.

Reaching this limit will cause all processes to slow down (to within this limit) and take much longer to complete. Typically you won’t notice this setting ever increase unless you perform something disk intensive like generating a large backup of your account.

Reasons for ‘Resource Limit is Reached’ errors

When your website is hitting one or more of its hosting account resource limits, it can result in ‘Resource Limit Reached’ errors or slow down the website. What error will appear depends on the resource limit the account is hitting.

The error 508 appears when entry processes hit the limit. If this limit is reached, mod_hostinglimits will not be able to place Apache process into LVE and will return error code 508. This way a very heavy site start returning 508 errors without affecting other users on the server.

However, if the site is limited by CPU or IO – the site will start responding slower.

If the site is limited by memory or number of processes limits – the user will see 500 or 503 errors that server cannot execute the script.

Everything you do on your website, from uploading files, installing plugins to having visitors, uses server resources. Most common causes of the resource overusage are:

  • increased legitimate website traffic: your website may suddenly receive a high amount of visitors and the error will be shown until the number of the visitors is reduced or the resource limits are increased;
  • backend scripts or cron jobs: scripts running in the background, including automatic backups and demanding cron jobs can create significant load, which in addition to normal traffic can affect the website performance and cause the overusage;
  • web crawlers or search engines indexing your website too often;
  • badly written scripts: scripts and plugins that are outdated or incorrectly coded can malfunction and cause loops. Even a few concurrent requests to such scripts can push the website over its resource limits;
  • DDOS: Denial of service attack overloads the server, making it unavailable for normal use.

It is possible to check resource usage of your account in more details through another menu:

for cPanel paper_lantern theme
for cPanel x3 theme

for cPanel paper_lantern theme:

Navigate to Metrics section and click on Resource Usage menu:

NOTE: If your resource usage limits are being frequently hit, you will see a corresponding warning message on the top of the page with the reference to the exact limits.

Choose the desired period in Timeframe drop-down and click SubmitQuery:

You will see diagrams and tables showing detailed statistics:

CPU – CPU limits
vMEM/vM – Virtual Memory limits
pMEM/pM – Physical Memory limits
EP – Entry Processes
nPROC/nP – Number of Processes
IO – Input/Output limits

a – average used
l – limit set for account
m – maximal used
f – failure

for cPanel x3 theme:

Navigate to Metrics section and click on Resource Usage:

NOTE: If your resource usage limits are being frequently hit, you will see a corresponding warning message on the top of the page with the reference to the exact limits.

Choose the desired period in Timeframe drop-down and click Submit:

You will see diagrams and tables showing detailed statistics.

CPU – CPU limits
vMEM/vM – Virtual Memory limits
pMEM/pM – Physical Memory limits
EP – Entry Processes
nPROC/nP – Number of Processes
IO – Input/Output limits

a – average used
l – limit set for account
m – maximal used
f – failure

That’s it!

Posted on

How to create separate user accounts in Webuzo Admin panel

To create separate user accounts with limited management rights and specific access to certain options and settings in your Webuzo Admin control panel, follow these steps:

1. Begin by logging into your Webuzo Admin account, and navigate to the “Create New Account” menu under the Users section.

2. You’ll be directed to the “Add User” page, where you’ll need to fill in various tabs with information about the user and their resource allocation preferences. For example:

– If you have predefined plans, you can select a plan.


– If not, you can manually configure options by checking the relevant checkboxes to customize the resource allocation based on your requirements.

In the “Settings” tab, you have the option to assign a Dedicated IP (if available) to the user’s domains, grant shell access, and restrict the creation of cron jobs by selecting the “Deny Cron” option.

If you want to grant the account reseller status, you can check the “Make reseller” checkbox.

You can leave the “Feature Set” as it is, or if you’ve created customized feature sets, you’ll see a dropdown list with your feature sets to choose from and grant those features to the user.

3. Once you are satisfied with the account setup, simply click on “Save User.”

That’s all there is to it!

Posted on

Advanced guide for the hacked WordPress troubleshooting

This advanced guide offers additional information for scenarios not covered in our basic guide on dealing with a hacked WordPress website. We strongly recommend following the basic guide first to avoid making unnecessary changes to your site.

If you possess a backup of your website, you have the option to replace the compromised version with a clean one. While this is usually effective, it might not always be a perfect solution, as the attack could be triggered remotely from another file or folder located elsewhere within your hosting space.

Let’s begin by understanding the challenges in recovering hacked WordPress sites. If you’ve already attempted to resolve the issue using basic steps, you might have a scan report from our Support Team in your cPanel or from the Virus Scanner.

Perhaps you’ve already tried actions like editing the .htaccess file, deactivating themes and plugins, or replacing the WordPress core files, only to find that these measures were ineffective.

In such cases, the presence of malware is likely within your account or a specific website directory. Thus, your initial step should be to rid the account or website of this malware.

Dealing with Malware

If the Virus Scanner detects viruses in your account, proceed with the cleanup process in the Virus Scanner menu. You’ll find a table listing the infected files and the names of corresponding viruses. Below this table, you’ll have three options:

1. **Destroy**: This will completely remove the file from your hosting panel.
2. **Quarantine**: The file will be isolated from other files, but you can still access it in your account and review its content.
3. **Ignore**: The infected file remains in its current location with the malware.

However, if the Virus Scanner is ineffective and doesn’t find any viruses in your hosting cPanel, our support team can conduct an internal scan and provide you with a comprehensive report containing information about each file in your hosting panel, including viruses and any suspicious matches. For more details, please refer to our guide on how to work with your scan report.

A quick tip: If the scan report indicates something like “[Virus Found]: The_name_of_virus,” it’s imperative to promptly remove the file.

As cleaning viruses and removing malicious files and databases can potentially impact your website structure, ensure that you have a backup of your website files before you proceed. Keep in mind that Google and other search engines may block websites for malicious content at their discretion to protect users, and your host may not be able to unblock your site in such cases.

In your scan report, a “Webshell” is a file that provides remote access to a malicious actor within your website’s directory or hosting account. A “Worldwriteable directory” signifies that the file or directory has special permissions for external users, allowing attackers to manipulate malicious scripts from such a directory. You can learn more about this in our guide to file permissions.

Removing Malicious Cron Jobs

Imagine you’ve successfully cleared your website of malicious content and viruses, but these files keep reappearing after removal. This is often because viruses create cron jobs in cPanel to recreate themselves or execute other malicious tasks on the server. If you notice files reappearing, check the “Cron Jobs” menu in your cPanel account, and remove any cron jobs that you didn’t set up.

Cron jobs that recreate malicious files often use the “wget” command in their cron command. “wget” is a non-interactive network downloader that enables sending GET requests to the attacker’s server or computer for constant updates or reinstallation of malicious files.

Regarding server processes, you can request our support team to reset your lightweight virtual environment (cage) to halt the scripts intercepted by viruses. To view the list of active processes on the server, use the following command in cPanel > Terminal:
“`
ps axu
“`
This command will provide a report of current processes on the server. If you notice anything unfamiliar or any suspicious-looking processes that need to be stopped, please contact our Help Center.

Permissions and Owners

You might encounter a scenario where a directory cannot be removed and returns the error message:
“`
FileOp Failure on: /path/directory/file: Directory not empty:

“`
This error suggests that you lack the permission to remove the content within the directory due to non-writable files. You can find detailed information about file and folder permissions in our file permissions guide. Note that the correct permissions for website files are 0644, and for folders, they are 0755. While you may not have the necessary permissions to modify these, you can attempt to change the permissions for the entire directory before trying to delete the folder or file again. Please consult our guide for more details.

Keep in mind that a #WorldReadable file or folder in your scan report may indicate that an attacker has elevated permissions on that file or folder. It’s advisable to verify before altering permissions and removing them. We do not recommend removing all files/folders identified as #WorldReadable because a file may be safe, but the script developer chose to allow easy access for various reasons. In such cases, we recommend reinstalling files from trusted sources and comparing the content in the directory with the original.

**Final Steps**

After successfully removing viruses, eradicating malicious cron jobs and processes, and configuring appropriate permissions for safe files and folders, follow these steps to restore your website to a working condition:

1. Follow our guide on replacing core WordPress files.
2. Clear the LiteSpeed Cache and flush your caching plugins.
3. Re-scan your hosting account to ensure no malicious files remain.
4. Follow the steps to enhance WordPress security, taking into account your scan report. For instance, if a PHP exploit was found through a plugin, inform the developers or consider using an alternative plugin with similar functionality. If a malicious script was discovered in a website database, change the database password in the MySQL Databases menu and in the wp-config.php file, following our provided guide.

If these steps do not yield the desired results, you can request a backup restoration. Please note that we are unable to monitor or maintain websites to detect when or how they are attacked or how long malicious files have been present in website directories.

Posted on

How to configure SiteLock on Shared hosting

To configure SiteLock on shared hosting, you’ll need to grant it access to your website files. Here are the steps to do so:

1. Begin by creating an FTP account. This account should include your username, password, and hostname. Ensure that the Directory field in this FTP account is empty.

2. Once FTP access is enabled, follow these instructions:

a. Log in to your SiteLock dashboard and click on the SMART card. Then, click the Configure button.

b. Note that the free Scan plan does not include the Smart Wizard option.

c. Fill in the configuration form with your FTP details as follows:
– Method for File Transfers: FTP
– FTP Host or IP address: Use your FTP account hostname (servername or ftp.domain.com) or your hosting account’s IP address.
– (S)FTP Port Number: 21
– User ID: Your FTP account’s username
– Password: Your FTP account’s password

d. Select “Test Connection” and proceed to Step 2. You’ll see a list of folders on your hosting account. Enter “./public_html” in the Root Directory field and click “This is it.”

e. In case you accidentally reload the page and can’t proceed to the “This is it” button, you can complete the setup by going to the Settings menu, choosing Smart Settings, and clicking the “Show me the wizard” button.

f. In the pop-up window, select “SMART Settings” and navigate to the SMART Database (SMART/DB) Settings to update platform access settings. Ensure all fields on the page are correctly filled, then click “Next.”

3. On Step 2, verify the FTP details by clicking “Test Connection.”

4. In Step 3, select the folder where your website is located, which should be “./public_html.” Click “This is it.”

5. A confirmation window for Feature Status will appear. Click “Continue” to proceed further.

6. Congratulations, you’ve completed the configuration!

By following these steps, you’ve granted SiteLock access to your shared hosting environment, enhancing the security and monitoring of your website without altering the original instructions.