19Jul/170

Analysing log files in Windows and Linux

Everyone knows the scenario, you want to analyze an issue of your server or local computer but where to find all those log files?

In the following tutorial we are going to analyze specific log files in Linux and logs in the Windows Event Viewer. An additional chapter will go through the log analysis via Systemd.

Linux log files

Unfortunately, it is quite different from distribution to distribution, which information can be extracted from specific log files. In the following we will analyze the log file structure of Debian 8 and CentOS 7.2. The first location to look for log files should always be /var/log/. Depending on their configuration, Apache, Nginx or similar applications write log files to this folder too. System log specifications and locations can be found in the file /etc/rsyslog.conf.

Debian 8:

  • /var/log/auth.log

Logs of successful and failed authentications to your system can be found in this log file. It is also logged when a user invokes commands via sudo.

  • /var/log/messages

This file contains log entries of general system information, amongst others, you will also find the system upstart logs.

  • /var/log/dmesg or dmesg

The kernel ring buffer can be read with dmesg. You will find information about the system upstart, runtime kernel module messages and many further messages according to the hard and software of your system. By default, dmesg shows the full ring buffer. However, the output can be customized by adding specific parameters. A thorough documentation can be found on the manual page (man dmesg).

  • /var/log/syslog

This is one of the most important log files in general. Every Linux process is free to log to the syslog by implementing the syslog interface. It also logs the system upstart and executed cron-jobs.

CentOS 7.2:

As the log file structure is quite similar to the one of Debian 8, we will just mention the differences.

  • /var/log/secure

This log file is the equivalent to /var/log/auth.log in Debian systems. All kind of authentications are logged here.

  • /var/log/messages

There is no separation of /var/log/messages and /var/log/syslog in CentOS, all system logs of processes which implement the syslog interface can be found here.

  • /var/log/cron

Cron specific log files are not part of the syslog as in Debian. They can be found in the above mentioned file.

 

Log analysis via Systemd

Systemd is basically the standard Init system of nearly all major Linux distributions today. Since at least April 2015, when Debian and Ubuntu switched to Systemd, every Linux administrator or user has been in touch with Systemd. As Systemd is a complex system, we will only take a look into the log analysis functionality provided. Every process in Systemd is identified as a unit. All active units can be shown via the following command:

systemctl list-units

When appending the parameter --all, this command also shows all inactive units.

Logs being created by Systemd are managed in the so called Journal. These logs can be accessed via the journalctl binary. If journalctl is called without any parameter, it will print out the whole Journal. However, it is also possible to output the log entries of specific units only. In the following example, we are going to analyze the log files of the Apache web server.

journalctl -u httpd

It is also possible to restrict the output with the parameters --since and --until.

journalctl -u httpd --since "2016-11-01 20:00:00" --until "2016-11-03 20:00:00"

The above command will output the Apache log entries between 2016-11-01 20:00:00 and 2016-11-03 20:00:00. It is also possible to use keywords like "today" or "yesterday".

You can also output the log files of more than one unit at the same time. In the following example we will output all Apache and Nginx log entries which have been logged since yesterday.

journalctl -u httpd -u nginx --since yesterday

If the parameter -f is used, all desired log entries are shown in real time.

The above was only a slight view into the possibilities of journalctl, there are several other useful features which are described on the manual page (man journalctl).

 

Log analysis via Windows Event Viewer

Windows Event Viewer Overview

In the above picture in the left navigation you can see the entry "Windows Logs". The following entries are most important.

  • Application

This entry will show the events of locally installed applications.

  • Security

Here you can see successful and failed login attempts.

  • System

This entry logs operating system internal events and errors.

Via the entry "Custom Views" -> "Server Roles" -> "Remote Desktop Services" you can see RDP related events and errors.

Potential hardware issues can be identified via "Application and Service Logs" -> "Hardware Events".

Useful for error analysis can also be the overview which can be seen via "Overview and Summary" -> "Summary of Administrative Events", it provides a summarized overview of the system status in general.

7Jul/173

VPS: 100 Mbit/s – No limit, no throttling

Not long ago, the following rule regarding the internet connection of our VPS was in effect: 100 Mbit/s-port, when a certain traffic limit was exceeded, the port was limited to 10 Mbit/s.

As of now, we have removed this limitation to less than 100 Mbit/s for you and consequently, for all of our customers.

The same rule that applies to our dedicated servers is now also in effect for all of our VPS:
100 Mbit/s are available at all times – without any limitation, without port throttling, no matter how much traffic you generate.

This new rule is active for all new and existing customers at Contabo and you do not have to take any further action in order to benefit from this. Simply put, we have permanently removed the limitation for all of our customers.

Posted by: Markus | Tagged as: , , 3 Comments
3Jul/170

Now available : Configuring the latest available PHP Version on your Webspace package

Today we performed some great update on our Webspace hosts, you are now able to choose between the following PHP Versions for your Website:

  • PHP 5.6 (oldstable)
  • PHP 7.0 (stable)
  • PHP 7.1 (testing)

To configure your desired PHP Version just login to your cPanel interface and navigate to "Software" -> "Multi PHP Manager".

To configure the PHP.INI and add additional configuration just open the "MultiPHP INI Editor".

Click here for an overview of our webspace offers.

Posted by: Gianni-Donato | Tagged as: , , , , No Comments
29Jun/171

Plesk Onyx basics: The first steps

Plesk is a commercial web hosting platform developed by Parallels. It is available for Linux and Windows based operating systems and therefore for any operating systems offered by us.

Together with our partner Plesk, we are currently offering you Plesk Onyx one month for free. Simply select one of the below listed editions of Plesk Onyx and try it, before you buy and pay for it! Only available in combination with our VPS. Further information can be found in our news section: Plesk Onyx now one month for free.

The current version of Plesk is version 17 (Onyx) which we offer in three different editions:

  • Web Admin Edition: This edition is targeted at users who only want to administrate their own websites. Unnecessary features such as customer/reseller management are not included in this edition.
  • Web Pro Edition: With this edition, you can host up to 30 different domains. Also, all features apart from the reseller management are available in this edition.
  • Web Host Edition: With this edition, you can host an unlimited amount of domains. There are no restrictions on behalf of Plesk. The Web Host Edition is the most extensive of all Plesk editions. It includes every feature - from reseller management over security core features until automatic outbound spam protection.

This tutorial, however, is restricted to the basics you need to know. We will show you how to add domains, FTP accounts, databases and e-mail accounts.

At first, we log in at our Plesk webinterface. In order to do so, we use the browser and type in our IP address and port 8443 (e.g. https://198.51.100.3:8443).

We login with the login credentials we received via e-mail...

... and land directly on the main page of the Plesk webinterface. In our case there is already a domain added, in your webinterface the main page might look a little different.

Add a domain:

We click on "Add domain" on the main page and land on the following page:

We fill in all the text boxes. In the box "Domain name", we fill in our domain (without "www"). Our example domain is "example.com". As location for our new website we choose "Create a new webspace".

When choosing IPv4/IPv6 addresses, we choose the IP addresses which we want to use for our newly created domain. Choosing the username and the password are, of course, completely up to you.

The first step is already done now. After clicking on "OK", the new domain is added on our server.

Now we can upload the data for our homepage to the server. Usually, this is done via FTP. Luckily, Plesk already created an FTP account for us when creating the new domain. So all we have to do is opening an FTP client of our choice (e.g. FileZilla) and connect with the login credentials we just set for our new domain.

What is missing now is a database for our website. By clicking on "Databases" and "Add database", we can create a new database:

Again, we fill in all text boxes. In order to connect to that database, we have to create a new database user. Please note down its username and password, you will need it for your website later! When asked about access control, we choose "Allow local connections only".

After we created the database, the following screen will pop up:

Here, we could also import a dump of an already existing database. However, this tutorial is limited to the basics only.

Create an e-mail account:

What we need now is an e-mail account for our domain we just added. Plesk offers a comfortable way to do so as well. We click on "Mail" on the left side of the main menu and then choose "Create Email address":

After we filled in all the text boxes we click on "OK" in order to create the new mail account. Please remember to note down the access data, you will need them later!
Once the mail account is created, we can login on our mail webinterface on "webmail.example.com" for sending and receiving e-mails.

Sounds good to you? Great 🙂

If you are ready to try Plesk Onyx now, we would like to mention our current campaign with Plesk Onyx one more time. Get Plesk Onyx one month for free, in combination with one of our VPS. Select the model of your choice in our VPS overview and opt for your preferred Plesk Onyx edition during the configuration process.

Posted by: Florian | Tagged as: , , , , 1 Comment
20Jun/172

New OS: Debian 9 available now!

Just released a few days ago, already available at Contabo: Debian 9, codename Stretch. You can order the operating system with your new VPS or dedicated server. Existing customers can upgrade to Debian 9 through their customer control panel.

You can combine Debian 9 with Webmin, Lamp, Webmin+LAMP and the Software Raid 1.

In its latest version, the developers have replaced MySQL with MariaDB, and a new Kernel version 4.9 is available as well.

Apart from Debian 9, we offer you a large number of Linux distributions, as well as Windows Server 2012 and 2016. Simply click on "Customize & Order" on our VPS and dedicated servers overview sites and select the operating system that matches your requirements - further details can be found on our website!

Posted by: Markus | Tagged as: , , , , 2 Comments
14Jun/174

The SSL certificate

Some of you might wonder in which situations an SSL certificate should be used. This tutorial will help you to find an answer whether or not you should upgrade your website or anything else by adding encryption.

The most important parts of a certificate are the public key and the private key.
The following image shows you what is happening when a client tries to establish an encrypted connection to some webserver.

 

ssl

First the client contacts the server and offers available encryption types, the server and the client come to an agreement on which type to use.
The web server sends the public key to the client so the client will be able to encrypt its requests. The webserver got his private key to decrypt all encrypted client requests. With the private key you are able to decrypt all client requests which were encrypted with the public key, that is why you should never hand out your private key to any third party.

To show you the advantage of using encryption, we created an HTML page containing a simple form which can be found on many websites. In the textfields we entered a username and password.

The username we chose: test@contabo.de

The password we entered: "unencryptedpassword"

To show the difference between encrypted messages and not encrypted messages, we captured some packets using a networking-tool.

Without any encryption we could easily extract the username and password used, we could also see which sites we visit.

pw_unencrypted

With encryption enabled we could not find neither username nor password.
It just shows a packet containing some encrypted data, without the private key we cannot determine which data was actually sent.
pw_encrypted

If you are running a website, an email server or just an FTP server, it is always up to you to offer encryption or not. Offering encryption to your customers is the best way to act professionally.

There are many types of encryption, this post just handles certificates. Usually encryption algorithms have not changed for years, if you are going to optimize your server you will of course have to think about encryption types, etc.

 


The real meaning of those connection warnings:

If you are running a web interface (cPanel, Plesk, Webmin etc.) you probably encountered a warning as follows:

ssl_err_en

"The connection is not private", usually you should rethink if you really want to proceed. There is the possibility that some server got hijacked and you are redirected to the wrong website. In this case the warning pops up because the certificate is not valid for the domain we entered. On a web interface you will get a similar warning when using a so called "self signed certificate". Your browser got a list of authorities which it will trust, signed certificates by one of those authorities will not show any warning.

It can be really unwanted if that warning is showing to all of your customers, sometimes this warning is misinterpreted and the website will be left.

There is only one way to remove this warning, you need to get a certificate signed by some official authority.

Some official authorities, such as "Lets Encrypt", will sign your certificate for free, this is a nice option but not really recommended on a production environment. Usually the domain validated certificate or wildcard  certificate is being used for production environment, those certificates usually are valid for 365 days (1 year).

There are some differences between single domain, multi domain and wildcard certificates. Usually you would want a certificate for "yourdomain.tld" or "www.yourdomain.tld". A single domain certificate will be valid only for one of those domains, a multi domain certificate alias UCC (Unified Communications Certificate) is valid for all domains included within that certificate. In case you want "www.yourdomain.tld", "yourdomain.tld" and "subdomain.yourdomain.tld" within a single certificate, a UCC should fit your needs.

There is also some extended validation available, some bigger companies take advantage of this (e.g. PayPal pp_ev). At this point I want to mention that the private key and certificate will always remain the same, there is no encryption change, the certificate will just get signed.

Right after you got your certificate signed by some official authority, everyone will be able to access your encrypted website without any warning.

ssl_ok_en

Important:
Encryption is important, all services (email server, FTP server, web server, etc.) running on your server should offer a way to establish an encrypted connection. There is no need of installing a signed certificate on each service, for most services self-signed certificates are fine.

 

Posted by: Gianni-Donato | Tagged as: , , , , 4 Comments
1Jun/172

Using your nameservers in cPanel and Plesk

To use your domain in the Internet, you need to configure nameservers. The nameservers are needed to resolve the domain names into IP addresses. We recommend to use our nameservers (ns1.contabo.net, ns2.contabo.net, ns3.contabo.net) for your domains. We provide redundant servers in different data centers and you can easily manage your DNS zones over the customer control panel. But for several reasons it can be necessary to use your own nameservers.

This tutorial provides short instructions how to manage your own nameservers with cPanel and Plesk. For most domains extensions (TLD), it is necessary to use at least two different IP addresses for two different nameservers.

In this tutorial we are going to use the domain "yourdomain.com" and want to use the nameservers "ns1.yourdomain.com" and "ns2.yourdomain.com" with the IP addresses "1.1.1.1" and "2.2.2.2".

cPanel

To use an additional IP address for a second nameserver, you will need to add the IP address in WHM at "IP Functions" - "Add a New IP Address". The DNS server will be accessible on all configured IP addresses on your server. You can use different IP addresses for the nameservers than for your website.

To use the nameservers with your domains, you will need to add them in WHM at "Server Configuration" - "Basic Webhost Manager® Setup". At the end of the page you can enter the nameserver you would like to use. After you entered the nameserver, you need to select "Configure Address Records". Please enter the IP address you want to use for this nameserver and press "Configure Address Record". After this is finished you can close the windows using "Close". Please note, that in some conditions -- for example if the nameservers are currently configured on a different server -- the entries for the nameserver will not be updated immediately. After you have finished, please press "Save changes".

Now you can "Create a New Account" with your domain at WHM - "Account functions". The configured nameserver will be used in the configuration of your new account and the DNS zone will be created with default values. You can see all DNS entries at WHM - "Edit DNS Zone".

On this page you can manage all DNS entries of your domain. Most entries are for internal usage and should not be changed. To manage user defined values, we recommend to use the "Zone Editor" at "Domains" in the cPanel account.

At last, you will need to configure your domain settings at your domain registrar. You need to change the nameserver entries. If you want to use subdomains of your domain, for example "ns1.yourdomain.com" for your domain "yourdomain.com", you will need to configure so called "Glue Records". This means, the domain registrar does not only save the name of your nameservers, but also the IP address. In some cases it is required to configure the new IP addresses for the nameservers at the current DNS zone of your domain.

After you have finished the configuration, it can take up to 24 hours until the new settings are propagated correctly. To test your nameservers and the name resolution for your domain, you can use tools like intoDNS. This tool will test the settings at your DNS provider and of your nameservers.

Plesk

At first you will need to create your domain in Plesk. At "Websites & Domains" you can see an overview of your domains.

To use a second IP address for your nameservers, the IP address needs to be configured at "Tools & Settings" - "Tools & Resources" - "IP Addresses". The DNS server responds to all configured IPv4 and IPv6 addresses. You can use different IP addresses for your nameservers than for your websites.

All DNS zones in Plesk will be configured based on a DNS template. You can find the settings at "Tools & Settings" - "General Settings" - "DNS Template". In the DNS template you can configure all entries you need for all domains on your server. Beside some default entries and entries for internal services like webmail, the settings for the nameservers can be found here. By default Plesk creates two nameserver entries "ns1.yourdomain.com" and "ns2.yourdomain.com", but with the IP address of your domain. If you want to use the same nameservers for all your domains, we recommend to change the NS entries and the IP addresses of your nameservers in the template. If you want to use different nameservers, you can also change these settings later in the DNS zone of your domain. After you have finished the configuration of the DNS template, you will need to apply the DNS template to all domains.

Now you can see the new settings also in the DNS zone of your domain. You can manage the DNS zone at "Websites & Domains" - "yourdomain.com" - "DNS Settings". There you can add, edit and delete DNS entries.

At last, you will need to configure your domain settings at your domain registrar. You need to change the nameserver entries. If you want to use subdomains of your domain, for example "ns1.yourdomain.com" for your domain "yourdomain.com" as your nameservers, you will need to configure so called "Glue Records". This means, the domain registrar does not only save the name of your nameservers, but also the IP address. In some cases it is required to configure the new IP addresses at your current DNS zone of your domain.

After you have finished the configuration, it can take up to 24 hours until the new settings are propagated correctly. To test your nameservers and the name resolution for your domain, you can use tools like intoDNS. This tool will test the settings at your DNS provider and your nameservers.

Posted by: Torsten | Tagged as: , , , 2 Comments
8May/178

Contabo data center uplinks: Now 100 Gbit/s available!

We have great news for you, once again 🙂 We have enhanced our data center connectivity with two additional high-quality uplinks.

The two carriers Level 3 and Telia have been connected with additional 2 x 10 Gbit/s to our backbone.

With regard to the internet connection of our data centers, we don't accept any compromises at all. Quite the contrary, we continue to focus on highest quality and best availability possible for you, our customers. It deserves to be mentioned: With Telia Carrier and Level 3 we chose the number 1 and number 2 of the world's biggest internet carriers for the upgrade of our upstreams - there is no other carrier who operates such huge networks worldwide.

The result? Quite some advantages for you: Now you receive an even better redundancy in case of a malfunction of any data center uplink. Besides, the additional upstreams increase the available bandwidth and provide you with an even better global routing and with a better price of traffic.

The Contabo data centers now are connected to the internet with 100 Gbit/s:

  • Telia Carrier: 30 Gbit/s
  • Level 3: 30 Gbit/s
  • DE-CIX: 20 Gbit/s
  • Versatel: 10 Gbit/s
  • M-Net: 10 Gbit/s
5May/172

Contabo wins German Data Center Award

We have some great news for you from "Inside Contabo": During a ceremony on the evening of April 25th 2017, the winners of the “Deutscher Rechenzentrumspreis 2017” (German Data Center Award 2017) were honored. Prior to the award presentation ceremony, an independent expert panel selected the award winners among 65 data center projects which had been handed in by data center operators from all over Germany. The jury focused especially on the cutting-edge and visionary character of the data center projects as well as the achievable (energy-)efficiency in the data center services.

Contabo has won the first place in category 6 – “Increase in energy efficiency through reconstruction in an existing data center” – with its data center in Nuremberg and consequently received the German Data Center Award 2017.

 

This award is a huge acknowledgement of the efforts we have carried out in the past years with the ultimate goal to make the operation of the Contabo data centers as energy efficient and stable as possible – and at the same time even more attractive for you, our customers. In the course of the energetic optimization of the prize-winning data center in Nuremberg we have, for instance, replaced many installations of the electric and air conditioning supply with new and high-efficient machines. By doing so, we have replaced dozens of ventilators and all of our UPS and air conditioning systems. Additionally, we have built a new room for a thermal separation of our UPS batteries. On the basis of extensive planning and project scheduling as well as precautionary activities, all these measures were implemented without any interruption of the operation of your servers.

For you, our valued customers, for whom we have thousands of servers online in our data center, all these actions were performed noiseless.

 


As a result the PUE value (PUE = “Power Usage Effectiveness”) of the data center in Nuremberg could be reduced from 2.0 to almost 1.2 within one year. With full use of the data center capacity, the electricity costs of all data center services will be reduced by more than 1 million Euros every year. This is a huge increase in the efficiency of our services, which Contabo passes on to its customers 1:1 – in the form of an excellent price-performance-ratio of all offered hosting products.

Receiving the German Data Center Award is a big honor for us; in addition, it encourages us to continue our path of permanently searching for and implementing technological improvements for our products and data centers. For the future, our goal is to continue to offer you the same as today: Premium products and an excellent customer service combined with an unbeatable price-performance-ratio.

Posted by: Markus | Tagged as: , , 2 Comments
2May/170

Plesk Onyx: One month for free now!

We are happy to inform you that we, in cooperation with our partner Plesk, are now offering you the popular administration panel Plesk Onyx one month for free. This offer is available for all our VPS - exclusively at Contabo - and applies for new orders.

You are free to choose which one of the three Plesk Onyx editions on offer you would like to try for free with one of our VPS:

Plesk Onyx Web Admin Edition (Price after the free month: 2.99 € / month)
Plesk Onyx Web Pro Edition: (Price after the free month: 4.99 € / month)
Plesk Onyx Web Host Edition: (Price after the free month: 8.99 € / month)

If you are convinced of Plesk after the free month, you do not have to do anything: The license renews automatically, if you haven't cancelled the Plesk license with us during the free month; however, the regular monthly price applies then, which you can find in the overview above.

Being a Gold-Partner of Plesk we have worked hard in order to present you with this exceptional offer, which is only available at Contabo.com. In addition to that, we provide you with an excellent support for Plesk Onyx, just get in touch with us in case you have any detailed inquiries.

Please note that this offer is valid for a limited period of time only. So what are you waiting for? Just give it a try and opt for the edition which suits your needs and order it in combination with one of our VPS.

Posted by: Markus | Tagged as: , , , , No Comments