I need to move servers, looking for suggestions

[alternadiv]

A2 hosting is great when it's good, but I have opened WAY too many tickets for my VPS being down for no reason. I was patient with them, but it's time to leave.

From what I see on this forum, KnownHost is great? I'm looking at them. I do have a few concerns:

-I am afraid of the move in general; I don't know how to do it and I wouldn't want to lose any data.

-A2 has Cloudflare, but I don't see that on KnownHost. Is it bad to lose Cloudflare?

-I don't know much about server administration or security. Do the guys at KnownHost help out with things like this?

-Is it expected for your host to do backups for you? A2 doesn't do that, I do them manually.

-My A2 speeds have never felt slow, but Google says they are. Is this as bad as it seems? I would assume a new host would be better?

 

[Max Taxable]

Have a PC talk with @MySiteGuy he will wisely advise you.

 

[BoostN]

I use Knownhost for my smaller sites for years now, and 0 complaints.. they have always responded quick and took care of any issues when I've filed a ticket.

They will migrate the site for you I'm pretty sure, just let your members know of a migration plan, and then once you migrate you should not have lost any data.

 

[JonathanW]

Thanks for considering us Going to address some of your concerns directly:

I am afraid of the move in general; I don't know how to do it and I wouldn't want to lose any data.

Assuming you're coming from cPanel or Directadmin we handle 95% of the work for you.

A2 has Cloudflare, but I don't see that on KnownHost. Is it bad to lose Cloudflare?

Cloudflare can be used with any host. A2 doesn't "offer" it per se. CLoudflare is an independent company and has nothing to do with the hosting itself. Tons of our customers use CF, and heck we even use them for our main site. You won't face any issues here.

I don't know much about server administration or security. Do the guys at KnownHost help out with things like this?

This is exactly what we built our company doing

Is it expected for your host to do backups for you? A2 doesn't do that, I do them manually.

Our VPS packages come with backups every other day of the whole VPS image.

Hope this helps

 

[alternadiv]

Thanks for considering us Going to address some of your concerns directly:



Assuming you're coming from cPanel or Directadmin we handle 95% of the work for you.



Cloudflare can be used with any host. A2 doesn't "offer" it per se. CLoudflare is an independent company and has nothing to do with the hosting itself. Tons of our customers use CF, and heck we even use them for our main site. You won't face any issues here.



This is exactly what we built our company doing



Our VPS packages come with backups every other day of the whole VPS image.

Hope this helps

I'm sold.

 

[djbaxter]

I just assisted in moving a forum to Knownhost.

The move was clean and smooth. The support was excellent and still is when we need it (not frequent).

We were having a major issue with DDoS (China) on the previous server and even Cloudflare with the Firewall addition wasn't helping much. After the move to Knownhost, we dispensed with Cloudflare entirely. They have other services on their managed VPSs that do a much better job and the site is now running smoothly with out the Chinese interference.

 

[alternadiv]

I just assisted in moving a forum to Knownhost.

The move was clean and smooth. The support was excellent and still is when we need it (not frequent).

We were having a major issue with DDoS (China) on the previous server and even Cloudflare with the Firewall addition wasn't helping much. After the move to Knownhost, we dispensed with Cloudflare entirely. They have other services on their managed VPSs that do a much better job and the site is now running smoothly with out the Chinese interference.

That is great to know. I thought Cloudflare is the best, but maybe not?

Are they able to block China (and other countries) from even getting to the site? Mine only needs to be seen by USA and Canada.

 

[djbaxter]

To be honest, I'm not sure. They have their own DDoS protection on the VPS servers but we didn't need to do anything to set that up.

We added LiteSpeed to the package and that seems to help as well.

Best to check with @JonathanW on how they did it but the important bottom line for us is it's no longer a problem since we switched to Knownhost.

 

[JustinHawk]

That is great to know. I thought Cloudflare is the best, but maybe not?

Cloudflare can't help if they are attacking on your server IP. Cloudflare hides your Origin Server IP, you can always use cloudflare firewall to completely block diff. countries.

 

[alternadiv]

Cloudflare can't help if they are attacking on your server IP. Cloudflare hides your Origin Server IP, you can always use cloudflare firewall to completely block diff. countries.

How do you secure your FTP access? It seems like a regular username and password is vulnerable to being cracked and then your files deleted and a hacked page uploaded.

 

[djbaxter]

Cloudflare can't help if they are attacking on your server IP. Cloudflare hides your Origin Server IP, you can always use cloudflare firewall to completely block diff. countries.

We did use Cloudflare and the Firewall upgrade. It helped a bit but China was still crippling the forum. Cloudflare took it down from thousand of hits at a time to hundreds of hits at a time. After we moved to Knownhost, they basically stopped.

 

[JustinHawk]

It seems like a regular username and password is vulnerable to being cracked and then your files deleted and a hacked page uploaded.

Configure server firewall, 1 fail login IP banned permanently. I mostly have configuration like that, but I don't use FTP at all. Or if you have static IP, only allow your IP to access that port.

If you wanna be secure keep updating username and password regularly, there is no other way.

We did use Cloudflare and the Firewall upgrade. It helped a bit but China was still crippling the forum. Cloudflare took it down from thousand of hits at a time to hundreds of hits at a time. After we moved to Knownhost, they basically stopped.

I thought china traffic was not at all required. So did you ever tried blocking the country completely off.

Also major question still here is, the requests were made to cloudflare or directly on server IP.

 

[alternadiv]

Configure server firewall, 1 fail login IP banned permanently. I mostly have configuration like that, but I don't use FTP at all. Or if you have static IP, only allow your IP to access that port.

If you wanna be secure keep updating username and password regularly, there is no other way.



I thought china traffic was not at all required. So did you ever tried blocking the country completely off.

Also major question still here is, the requests were made to cloudflare or directly on server IP.

If you fail your own login, what would you do? I don't know how to do the IP thing, but that sounds like it could never be hacked? I'm sure KnownHost can help with that. Also, if you don't use FTP, how do you do it?

 

[djbaxter]

How do you secure your FTP access? It seems like a regular username and password is vulnerable to being cracked and then your files deleted and a hacked page uploaded.

Use SFTP and a secure password.

 

[JustinHawk]

If you fail your own login, what would you do?

Switch your IP using vpn, log into control panel and unban yourself , you can also try switching your FTP port (21) to some different port.

I don't know how to do the IP thing, but that sounds like it could never be hacked

Most of the attacks are bruteforce based, I am not sure if they will have sufficient IPs to make such requests to keep going on with attacks.

Also, if you don't use FTP, how do you do it?

You using any panel to manage, or raw server ? I use plesk to manage my servers, it's comes with inbuilt file manager so convenient for me. Though I use SFTP access.

 

[djbaxter]

Configure server firewall, 1 fail login IP banned permanently.

Bad advice iff you have fat fingers. A time limited lockout after 5 attempts is better.

I thought china traffic was not at all required. So did you ever tried blocking the country completely off.

Of course. Both using cPanel CSF on the server and later using the Cloudserver firewall. Didn't work.

Also major question still here is, the requests were made to cloudflare or directly on server IP.

The domain had been switched to Cloudshare IPs.

 

[djbaxter]

Most of the attacks are bruteforce based, I am not sure if they will have sufficient IPs to make such requests to keep going on with attacks.

These appeared to be bots and they were using hundreds of different IPs or more. China is a very big country with a huge population and the Chinese government is quite good at cyberattacks.

 

[alternadiv]

Switch your IP using vpn, log into control panel and unban yourself , you can also try switching your FTP port (21) to some different port.


Most of the attacks are bruteforce based, I am not sure if they will have sufficient IPs to make such requests to keep going on with attacks.


You using any panel to manage, or raw server ? I use plesk to manage my servers, it's comes with inbuilt file manager so convenient for me. Though I use SFTP access.

Thanks. I don't use raw server, I use cPanel. I figured an FTP client was a better way to do it. Should I just manage files in cPanel? Isn't there an FTP account regardless? Can that be deleted then?

Also, speaking of cPanel, it also donesn't seem so secure. Just a username and password again. No 2FA? I like getting a code texted to my phone, that seems secure.

 

[JustinHawk]

Both using cPanel CSF on the server and later using the Cloudserver firewall. Didn't work.

If you ask me I had bad experience with cpanel itself. It's just good for shared hosting environment but when its dedicated website scenario I prefer plesk. Cpanel failed for me to properly handle load. Or maybe I failed with cpanel configuration .

These appeared to be bots and they were using hundreds of different IPs or more. China is a very big country with a huge population and the

These are automated software, designed to halt a process when there are too many errors. I have faced many such attacks and even changing port isn't much usefull than blocking IP. Though now my website are more hidden behind reverse proxy servers.
Securing a website never ends, everyday there is some new way.

 

[JustinHawk]

I figured an FTP client was a better way to do it. Should I just manage files in cPanel? Isn't there an FTP account regardless? Can that be deleted then?

Yes the accounts can be removed.

But if you still wanna use FTP.

1. Configure firewall on FTP port.
2. Whitelist your IP if you have static IP and disallow others.
3. Change FTP port.

Also, speaking of cPanel, it also donesn't seem so secure. Just a username and password again. No 2FA? I like getting a code texted to my phone, that seems secure.

Cpanel once failed for me and I never looked back to it. Sadly I am not much aware about cpanel these days. Though I use plesk and it has 2FA on logins but ofc cpanel firewall should also work on admin logins.