Rubénerd :)

For those of you subscribed to my blog through an aggregator using the old URL for the RSS feed instead of the new one, you may have noticed four recent posts with identical timestamps. You probably don’t care why this happened, but I’m so excited I just have to relay it!

When I moved from Servage to Segment Publishing because the former was absolutely awful and because I had so much success with the latter for other projects, I also took the opportunity to move the site back to Rubenerd.com which I had previously lost to domain squatters. RubenerdShow.com was still with Servage, but all it contained was a simple .htaccess script to redirect all requests to the new domain.

Well as of today, I finally got around to moving the domain off Servage and onto Segment Publishing including said text file. This means, FINALLY, I am completely, 110% off Servage. I don’t have anything hosted with them whatsoever. Clear as mud!

I’m putting the finishing touches on my post detailing what an awful webhost Servage is but it won’t be ready for a few days. Another post I’m positive you’re all anxiously awaiting ;-).

The flustered rent and webhost episode!

Fun with dealing with broken corrupt backups, misleadingly labelled auto rent payments and my former webhost Servage now that I’m safely typing this from Segment Publishing!

Am particularly flustered and fast talking which saves on file download times for your convenience. Thank you.

Download MP3 to listen 20:55 9.7MiB

You can also view previous episodes, subscribe via iTunes or another client, stream this episode and view its Internet Archive page.

As some of you would no doubt remember, with my previous webhost Servage it was quite normal for the database or web server backing this blog to go offline for anywhere between several hours to several days. For those who have only just stumbled upon my bizarre mix of whatnot here, I’m not exaggerating with those downtime figures!

My new webhost sent me this message this afternoon:

Dear Ruben,

On Sunday 19th April 2009 we will be performing scheduled maintenance on our shared hosting servers. The maintenance will be starting at 3:00PM and finishing at 5:00PM (GMT+10).

We expect minimal downtime, however you may notice your website unavailable for a period of 2-3 minutes during this time. No email will be affected, only your website.

Best Regards,
Segment Publishing Customer Support

You read that right… 2-3 minutes. My old webhost would have blamed an outage of 2-3 minutes on the fact I sneezed and subsequently closed my eyes for the duration of that time. Or worse still, they would have claimed it was the result of me setting my permissions wrong. That was their answer to everything. Hehe, sneeze.

Earlier today I talked about how the best way to treat an online visitor or customer is the same as with any other industry: with respect. I guess having lived without it for so long online, now having it feels weird.

I’m forming a theory that FreeBSD people not only have a better server OS than others, but that they’re cooler too. SegPub is a FreeBSD webhost… perhaps I’m onto something. Or perhaps I’m just on something. I wish I were witty, then I’d have wit.

It’s official ladies and gents, the Rubenerd Show and Rubenerd Blog are no longer being blocked by The Cathay wireless system and Starhub Internet in Singapore for hosting malware. I appealed the filtering and stated that my shared webserver was the victim of a very brief internal lax group permission enforcement code injection attack and that I had swiftly cleaned my sites of the spam malware links.

I received a message back this evening stating that my appeal had been successful and I’m now typing this blog post without using a proxy server! Hallelujah! I suspect my traffic from Singapore may start crawling back to the highs it had in December last year again.

This by no means has deterred me from moving to a new web host though; I’m already in the process of moving archived Rubenerd Show files over to the Internet Archive (you can track my progress here) and am in the process of upgrading my Segment Publishing account so I can host this blog, my podcast, my pontifications and my anime blog on there instead of just my lightly used university blog whatsit. It’s going to be a massive, all in one site with everything, I’m looking forward to it!

But being serious again for a second though, this whole experience has taught me a valuable lesson: the ramifications of hosting your media on a budget web host that doesn’t enforce sufficient internal security (even more important than external security) is not worth any financial savings you may glean, no matter how significant. Thousands of gigabytes of capacity and transfer per month for less than $10 may sound like a better deal than a few gigabytes of capacity and transfer a month for a similar price, but as they always say: "if it sounds too good to be true, it probably is.".

If you’re interested in these exploits, a quick search for "Servage Hacked" on Google or Yahoo will tell you all about it and give you an idea of the extent of the damage and fallout from their lax approach to security. Scary stuff.

In any event, I’m off to brew myself a cup of green tea in celebration :)

Promotional image from the Starbucks Singapore Christmas page

Given my blog has been under siege over the last week with code injections and having my webhost blocked by several ISPs because of the fact they host some less than reputable characters’ scamming and spamming sites, my writing spree that was so instrumental in allowing me to maintain my sanity during exams and bad news worldwide has been abruptly stopped.

For this reason I decided this Friday evening as I drink my Starbucks Toffee Nut Latte which you can only get at Christmas, I thought I’d break another blogging rule that states you shouldn’t abruptly interrupt a post dry spell by creating a pointless entry that really has no merit or that can’t really stand on it’s own.

By using a proxy server. To access my own site. What a rip.

I’m working through the transition to my new webhosts as we speak, and it’s surprisingly difficult but not because it’s complicated, rather it’s ridiculously time consuming. I’ll definitely be looking back at this and laughing.

“Christmas 2009 you ask? Well, I worked on moving webhosts and changing over 2 gigabytes of data because my old webhost stopped screening the sites they host for illegal activity and as a result my current sites crumbled! You?”

I wonder if P.G. Wodehouse had these kind of problems with his blog and webhosts. Wooster would have just had Jeeves sort it out for him no doubt.

I can’t say I ever thought I’d be using Perl as a last resort emergency security tool. Sheesh Servage, get your act together.

My first few days back in Singapore have been eventful to say the least. I could have said they were uneventful, but that would have been inaccurate and would also have contradicted what I just wrote. And the last thing I want to do here is look ridiculous. Well, any more ridiculous than I look now walking down from my apartment building to Orchard Road while I type this post on my iPhone.

ASIDE: I used to mock people who spent more time looking at their phones than paying attention to where they were walking; now with this ridiculously useful iPhone I’m guilty of the exact same behaviour. Walking into light poles seems to be my divine punishment for this hypocricy.

Yes back to eventfulness, since coming back here last Saturday morning, I’ve had my first major problems with online hacking of my sites, to a degree I never thought possible. So far RubenerdShow.com and the associated subdirectories such as this blog have been the victim of 12 code injection attacks as a result of poor security standards on my webhost. I dislike it when people shift the blame onto others, but all my permissions are set perfectly and the attacks are coming from within my host’s IP range, so it’s a matter of lax internal security due to what I suspect is poorly enforced group permissions.

As Bruce Schneier said in his Secrets and Lies tome which I admit I’ve read more than three times, internal threats are often more dangerous than external ones, though they often get placed second in priority. I am a huge fan of Bruce Schneier, I even wrote about the Bruce Schneier Facts website back in 2006. Very fun distraction when all this nasty stuff is going on!

For Servage this isn’t new; a quick Google search for Servage Hack returns thousands of results. Even Flickr has a couple of screenshots by people showing their sites and even the Servage host site itself being hacked.

Perhaps as a result of this or because Servage has also been caught hosting hundreds of spam and credit card fraud sites, the StarHub ISP here in Singapore has seemed to start blocking all Servage hosted material. As I sit here at Starbucks now in Tanglin Mall it seems SingTel haven’t filtered it, but given Singaporean ISP’s general low tolerance when it comes to abuse of their systems I worry they may be next.

ASIDE: For those interested in the attacks themselves, it seems shady Servage users have been inserting javascript into the first line of my index.php files and modifying my .htacess files to redirect to other sites. This despite all my permissions being set to allow myself to read and write, but others in the group to only read. I don’t know what else I can do to block these changes.

I’ve written a trivial Perl script to check the modification dates of every file on the server, and if it doesn’t match a list of predetermined values it deletes the hacked/modified file and restores it, then logs the change. This seems to have stopped all the attacks but it really is a clumsy measure. Servage need to get their act together, because it’s not just me this is affecting.

Suffice to say, I am already in the process of moving over all my material to Segment Publishing hosting and Ourmedia instead of using Servage as well. I had kept Segpub for use only for my university blog, but they’ve proven themselves for their stellar reliability and great service. They do cost more than Servage, but as I’ve learned from this experience cost shouldn’t be the primary consideration. As a student I do have a stretched budget, but if I have to pay a few dollars extra a month for peace of mind, a server running FreeBSD and my own dedicated IP address that I don’t have to share with hundreds of other sites — some of which engage in criminal activities — I think it’s worth it.

Segpub Christmas cheer!

What frustrates me is that it’s my own home ISP StarHub that has blocked Servage, which means I have to use a proxy to access my own site. I’ll be doing some serious cleaning up of my MySQL tables and I’ll be exporting them hopefully today or tomorrow.

Interestingly enough, this blog and all the images used within are quite small. Exporting gigabytes worth of Rubenerd Shows recorded since 2005 and re-uploading them to Ourmedia will be a painfully slow process, but I think it will pay for itself pretty quickly.

Will be keeping you up to date, and thank you everyone for your patience. Because of the difficulty I’m having right now accessing this site, if you want to leave comments you may want to just email me instead, rubenschade\\\at///gmail[[[dot]]]com, with the slashes and braces removed.

What a great thing to be dealing with over my preciously short Christmas holiday break. Though I guess had this happened during an exam period it would have been much more disastrous to deal with. Bummer though.

This is a shorter message because I don’t have much time here. It seems the reason why I haven’t been able to access my blog and Servage.net over the last few days here at home hasn’t been because my site is offline or down, but it seems that my webhost (and all the sites they host) is being blocked for some Singapore Starhub internet customers.

I am accessing my site now through a proxy. Google Reader seems unaffected.

This is extremely serious. I have long suspected Servage has been hosting some less than reputable sites, and with the latest code injection attacks which have been happening on my blog since Sunday on my site and on dozens of other Servage customer’s sites, I suspect Starhub have taken action against them.

I will be moving all my Rubenerd Shows which collectively account for around 92% of my bandwidth onto Ourmedia, and I’ll be moving my remaining sites over to Segpub (FreeBSD webhost in Australia with dedicated IP addresses, SFTP and SSH) once and for all. Perhaps this is the final wakeup call I needed to get my arse into gear and make the transition!

Servage were ultra affordable back when I thought the internet was a nice toy, but they’re lack of adequate checks on what they host and these security lapses have made me lose what little shred of confidence I had in them. I don’t approve of Starhub’s move to block all sites hosted by them, but I can at least see their reasoning, and can somewhat understand.

Stay tuned for further developments. This will no doubt be taking me this next week to do. What are you doing for your holidays?

Today it’s official, I’m moving over all my internet paraphernalia to Segment Publishing, a web hosting company in my birth city of Sydney in Australia!

Unlike every other web host I’ve done business with in the past, Segpub give you full SSH access to your home account, secure FTP, they give you your own unique IP address, their logo is a kawaii face… how could I refuse? But probably the two most striking features that drew me to them was the fact they run FreeBSD which just thrills my socks off, and… they’re not Servage. That last point in particular was very important.

Servage… didn’t

If you’re one to revel in Schadenfreude you would have loved reading my woes with my current web host over this last year, especially my latest experience with my MySQL tables being down for a whopping 4 days!

I figured that disaster plus the 2 cumulative days in total from the rest of the year (a conservative estimate, I’m sure it was more) puts the total uptime for 2007 for the Rubenerd Show and Rubenerd Blog to 98.63%, a far cry from their stated 99.98%. That said in either case I wouldn’t have minded so much had they either given me some form of warning or maybe even a discount for the times they weren’t able to provide service for the reason of the month.

Their "intermittently reliable" physical service is a shame because their technical support system is excellent. Support tickets I submitted never took more than a day to answer, and they always seemed happy to elaborate and explain points further when I replied asking for clarification.

Ironically the day I registered with Segpub on the 07th, Servage upgraded the design of their site and added new features. Go figure.

The move is on!

So by the end of this week this whole mess of a site will be lifted up and moved over to Segpub. I’m taking the opportunity to clean out my public_html folder while I’m at it. There are so many orphaned files and old Perl scripts from previous projects that are all just begging to be spring cleaned.

Well Servage went and did it again. For the second time in a year their service was interrupted for more than two consecutive days. This time they stuffed up the MySQL server where all my WordPress installations are stored:

You read it right: they claimed it will cause slowness. I think they were supposed to say not work at all!

With the release of OS X Leopard last night, it was if they looked up one of the most important days of the year for this site and made it their mission to take it offline during that time. One of those things that no doubt will be hilarious in a few months, but for now is maddening.

Anyway so the SQL server seems to be having intermittent periods of responsiveness in amongst the phonebook length pages of errors, giving me just enough time to post this message. Word to those who want a reliable web host that has decent uptime and warns you in advance before they take your site offline for several days at a time, stay well clear of Servage.

Okay, I caved. Again.

Looking into WordPress again. I was just reading John C. Dvorak’s (http://dvorak.org/blog/) and even he’s using it, high praise indeed. I still don’t like using databases though for such small projects, just had bad experiences with them too often in the past. Then again, I’m still giving some thought to it.

Dvorak: He Gets No Spam

Here’s the problem: I want to have a blog, and at the moment I’m using RapidWeaver for Mac OS X, which is actually a brilliant program. But therein lies the catch: my PowerMac G5 has X on it, but my only laptop (my G3 iBook) has Gentoo Linux 2005.1 on it because X runs so slowly on it; Gentoo runs lightning fast on it. Anyway so when I go to Malaysia and Singapore for Christmas to see the Mumster and the Father (and the sissta) I won’t have a Mac to post on this blog!

There’s also something appealing with having a server-side program doing this stuff too, not a client based program; it would eliminate all the uploading step altogether.

I’ll have to check with Servage (my webhost) and see how easy it is to do database backups, because I’m thinking of moving off them for good. I’m so fed up with their slow and unreliable FTP server, and EVERY mp3 podcast file I uploaded for The Rubenerd Show was corrupted. I’ve managed to upload all my files to my account on Ourmedia which uses the Internet Archives server space, so it’s miles faster and more reliable. With this in mind it’s not really necessary for me to have a web host that provides gigs upon gigs of space anymore, especially considering I’m a uni student and don’t exactly have millions of dollars to throw around!