Redundancy What?:

When we think of redundancy, we care most about having multiple  replication points in backups (discussed in my second article Workstation Backup Solutions Pt. 2: Methods & Retention), and then about replicating that data to other hardware or even geographically different locations. Let me elaborate in the next section.

Redundancy Where?:

With local redundancy (Raid arrays, replicating to multiple physical hard drives/hardware, etc.) you ensure that the information is copied across multiple pieces of equipment, which should minimize data loss in case of hardware failure. The issue with this is that even if you have 10x replication of a single piece of data, unless you live in a bomb shelter with the ultimate fire/flood suppression setup, you can’t really be sure a natural disaster won’t destroy the hardware.

Geographical redundancy is a little bit harder to implement on a budget because of expense involved in keeping multiple sets of hardware in other locations. If you have a friend who can keep a machine elsewhere in the state/province/country/continent/world, it’s good to be you, and the redundancy world is your oyster. For uncool people like us however, buying/renting or collocating a server elsewhere is the best bet. Of course, there are companies that offer remote backups that you can use instead of hosting your own hardware, but with these services come some amount of risk, and you will need to choose wisely in order to avoid a headache.

Redundancy How?:

Firstly, you will have to determine whether you want to simply use raid arrays or local replication, or go with a remote backup option.

With raid arrays, you have the option of software or hardware raid. Software raid, though somewhat reliable, will crash and burn if anything happens to your OS, whereas hardware raid uses a raid controller and is less prone to operational failures. Using raid brings up the problem of whether an additional point of failure such as software glitch, or a hardware controller is worth it. If you buy a good raid controller, you should be better off when considering both raid options. But keep in mind that raid cards fail too. Ultimately, if choosing to use raid, I’d go with the hardware raid option always.

Local replication is as simple as moving already backed up data to another hard drive or piece of hardware. This can be done using either a drag-drop method, or setting up a script to move it for you. In Windows, simply creating a network share folder and setting up a routine to move the files over works pretty well. In Linux, a cron that runs an rsync or sFTP script works well too. For Mac, a similar procedure can be ran as in Linux environments to move data.

Some backup software may have remote options available for backing things up. It is totally dependent on the awesomeness of the software developers, but this feature is also very often associated with a larger dollar amount for the software. So beware.

For true remote backups, you will need a server or hardware of some sort in a different geographical location to your system. In all honesty, maybe having it at a friend’s house a few lots over isn’t going to be enough space. Think broader. If a natural disaster has the likelihood of hitting both locations around the same time, maybe it’s wise to keep it elsewhere.

A few things to consider when retaining hardware elsewhere is:

1. Uptime/Relative Network Speed
2. Remote hands capabilities
3. Hardware guarantees on rented machines

All three points are there to minimize headache. If you can’t connect to the remote server, replication is going to be difficult and a lot of hand-holding over the process will take place. If you collocate, you will need to maintain your hardware, and having competent remote hands to install new hardware/fix issues will go a long way. If you rent a server, a hardware guarantee of some sort is a wise idea as well. If you need to rely on a backup, and the remote server has failed without you knowing about it, you can kiss sanity goodbye; there is no going back.

I hope these articles help. There are a lot of options I didn’t cover, and in redundancy no two setups are usually exactly alike. Just remember that a backup plan is better than nothing, multiple sets of backups are better than just a single backup, and a geographic redundancy scheme even better still. Also remember that Google is your friend. You can find a lot of backup articles for workstations and servers from other contributors there.

Cheers!

Related Posts

• Workstation Backup Solutions Pt. 2: Methods & Retention
• Workstation Backup Solutions Pt. 1: Having One
• PHP Script Tips and Resources
• The Truth Will Make it Free
• The new iPhone brought to you by Gizmodo
• Apple’s new iPad
• A Little Security Goes a LOOOONG Way
• Drupal – Free Website Building Tool
• How a 1-800-HOSTING Geek Maintains His Backups
• Linux Tip: Setting up key-based authentication.

Methods and retention vary from OS to OS, as does retention jargon. In fact, even the software within an OS may use different terminology for retention methods depending on their architecture and marketing prowess. Because it can get so confusing, we will stick with generic terms, and keep it light.

Methods:

Manually – Nothing beats good ol’ fashion drag/drop backups. They’re reliable, you know what you’re moving over to your backup space, and you can do it at your leisure. The issue with this is they’re not automatic (As you’ll find going to the movies instead of moving files, is much more fun.) If you don’t like the movies, and instead like this option, more power to you, I think movies are overpriced anyway. But, this option isn’t for everyone.

Commands/Scripts – This method takes a little bit more know-how. The good thing is, most everything you need in regards to this are available on Google, or other search engines/sites. You don’t have to get out your Shell Scripting for Dummies and learn shell script or DOS to do this. Instead of reinventing the wheel, read about how other people did, and use the extra time to go see that overpriced movie.

Software – Software will do just about the same thing as commands/scripts, as that is pretty much what their back-end is, but it will be presented in jelly buttons, and cool progress bars that aren’t accurate. The good thing about this option is that it makes things easy, and usually encompasses both the method, and has retention policy options. The downside is that software not laced with adware/virus, or advertisements costs money, and sometimes quite a bit of money.

Overall, compression and retention are going to be more involved on the first and second option. The third usually has a compression option built in. When you look for software, or are going to develop your own backup scripts, you will want to take into consideration these things.

Retention:

Yearly/Monthly/Weekly/Daily/Hourly/Minutely – When writing this, I didn’t think minutely was a real word as it sounds silly, but I was wrong. When choosing a method, you will want to think about how long you want to keep your data, and how it is backed up. Some software allows you to backup on the minute basis, others only allow less frequent backups, such as daily, or weekly. This can be a game changer if you need a twice daily solution (Every 12 hours) or need multiple schema, such as a backup daily, and also a backup hourly of say, a highly written to file.

Full – There are two major types of full backups. One that retains the filesystem structure, and the other retains all of the necessary components to restore the entire OS. Whatever the type, it will retain a full backup of all of the files/folders and structure of your system. Most backup software will just retain the filesystem structure, but won’t be able to do a bare-metal restore. This means you will need to reinstall the OS, then restore the files accordingly. Keep in mind that you most likely will lose your installed applications, though the files for them will still be intact.

Incremental/Differential – When we talk about incremental and differential ,there are very technical differences between the two. Know however, that typically differential are backing up only files that have changed since the last full backup. Incrementals are files changing since the last backup, whether it be full, or the last incremental. Both are designed to save time and diskspace when backing up and restoring, but are also difficult to construct without very in-depth knowledge of the OS you’re trying to backup. In other words, it’s easier to use software that has this option than try to create a backup scheme from coding yourself, that is, unless you’re a super-supremo-awesome coder. In that case, go for it, let’s team up and market that. I could always use more money…

Continuous – If this wasn’t self explanatory enough by the name, I really can’t help you understand it better than talking about its technical aspects. A continuous backup basically backs up your data…well…continuously, but references your first full backup the same as incremental/differentials do to determine what has changed. Some are as specific as will backup even a draft save on your latest Word document, others wait until you’ve saved a copy and a write to the hard drive is made. Either way, it can be very beneficial to have this in case a revision to a file was a mistake, and you need the previous version.

In conclusion, as your backup needs change, you can evaluate these options more. Always weigh out the benefits of going for a more feature filled software first instead of having to buy whole new software later on. If you think you will grow into it, and the price point isn’t that much higher, well….I don’t even need to tell you. Just use logical judgment. As for making your own schema, the same rule applies. A little more work while creating the setup will go a long way in terms of you not needing to touch it for awhile. Grow as necessary though, and project slightly into the future.

Related Posts

• Workstation Backup Solutions Pt. 3: Redundancy
• Workstation Backup Solutions Pt. 1: Having One
• PHP Script Tips and Resources
• The Truth Will Make it Free
• The new iPhone brought to you by Gizmodo
• Apple’s new iPad
• A Little Security Goes a LOOOONG Way
• Drupal – Free Website Building Tool
• How a 1-800-HOSTING Geek Maintains His Backups
• Linux Tip: Setting up key-based authentication.

In a world of ever increasing data, those of us who don’t backup our precious files are downright insane. I’ve had instances where I could have backed up my data, a failure/accidental deletion/unintended alteration occurred and I was kicking myself for a long time. The reality is, that backups sometimes seem difficult to perform on a regular basis, and effectively. But what I’m here to say is that even if your backup policy seemingly dry-heaves in comparison to other’s, it is still backing up something.

Sometimes, the difference between my desire to destroy my computer, or kiss it and whisper sweet binary to it has been the ability for me to retrieve past data. And that starts with, you guessed it, some sort of backup routine.

Now, if you’re Apple users and use Time Machine already, I loath you for your self-sustainability, and you can stop reading now (J/K). For those of us who regularly use Windows or Linux machines, and are strapped for cash and can’t afford expensive software, a simple secondary hard drive is the first step.

For the sake of simplicity, we will continue to discuss simple work/home computer backups, but if you really need a server backup schema, we can always sell you a solution.

With that shameless plug out of the way, let’s go over a few different drive options.

1. An internal hard drive, or an external USB option (I suggest a USB powered model as backup failures can occur if the hard drive power cable fails, or is inadvertently unplugged.)
2. A USB flash/jump drive.
3. A compact flash or other media card.

Depending on the type of data you’re backing up, the amount of time you want to retain it, and the depth of your wallet, these options should suffice for most backups.

An internal hard drive poses a lot of very beneficial characteristics. You wouldn’t need to worry necessarily about it unplugging, it is powered intrinsically, and you don’t have to look at it. An external hard drive has the benefit of being unplugged and moved around, but can then unfortunately be accidentally unplugged.

A flash drive and CF/Media card are quick and reliable options if you are just doing periodic snapshots, but eventually their read/write life-cycle will be met, and you run the risk of losing data or encountering data corruption more quickly due to hardware failure than you do with a good brand of hard drive. Also, for more than 16GB of data, most reliable brands get unreasonably expensive.

The simplest way to backup things is just to categorize your data, and pull it over to the hard drive. Creating folders with titles in date form will organize your data as well. The thing to remember is that at the onset of a backup routine, keep it simple. If pulling over files once a week is your routine, than stick to it and add components later on as necessary.

There are a few options for creating a routine if you can’t be at your computer at the same time every day. Windows has a backup routine in the Accessories area you can use, you can get tech-savvy and research how to code your own .bat script, or you can purchase a one-time fee software that allows you to setup routines as well. For Linux users, a script that runs a copy command of selected data to the secondary drive and is scheduled by a cron will work as well.

Ultimately, after you get started backing up your data, you will notice certain caveats to the backup process itself, mainly, data retention equaling too much space usage, local backups not saving your data in case of a fire/natural disaster/theft, and other encumbrances. At that point you’re ready to move onto the next level, and we can discuss that in the next article. But keep in mind, the first step in the journey of a thousand gigabytes starts with the backup of the first gigabyte. Knowing this, you will go far, my young padawan.

Related Posts

• Workstation Backup Solutions Pt. 3: Redundancy
• Workstation Backup Solutions Pt. 2: Methods & Retention
• PHP Script Tips and Resources
• The Truth Will Make it Free
• The new iPhone brought to you by Gizmodo
• Apple’s new iPad
• A Little Security Goes a LOOOONG Way
• Drupal – Free Website Building Tool
• How a 1-800-HOSTING Geek Maintains His Backups
• Linux Tip: Setting up key-based authentication.

You can use PHP to detect crawling activity, rotate images/banners, and process forms. Here is an example of code that will email you whenever Google crawler Googlebot visits your page by detecting the useragent. You could expand the code to include other crawlers, add date and time stamp, and validate the IP to exclude impostors. I left that stuff out for simplicity and because you can  get that info from your webstats/logs. Just copy and paste this code in your web page to try it out. Note that the page may have to end with .php file extension to work, it depends on how your web server is setup.

<?
if(eregi(“Googlebot”,$_SERVER['HTTP_USER_AGENT'])){

//put your email address below
$address=youname@yourdomain.com;
$subject=”Google visited “.$_SERVER[’HTTP_HOST’];
$message=”Googlebot visited today.”;
mail($address, $subject, $message);
}
?>

Here is an example of how to display  random images in a web page, it will pick one of the three banners each time the page loads. You could easily add more cases here or change the img src line to make this a random text function.

<?
$randomimage = Rand (1,3) ;

//put your image name at bannerx
switch ($randomimage)
{
case 1:
“banner1″;
break;

case 2:
“banner2″;
break;

case 3:
“banner3″;
break;
}

echo ‘<img src=”‘$randomimage.’” border=0>’;

?>

Another cool thing you can do is filter form data to by blocking bad words, banning ip addresses, and setting a timer with a cookie. There is nothing worse than having your website form spammed. You can get the visitor’s IP address with a built in php function and then check it against a list of bad IP addresses you have stored in a list called an array. You can modify this to include words by replacing the IP addresses with words. This is useful if there is a relatively small number of abusers. In the case of larger numbers, blocking at the server level using iptables or a firewall may work better for you.

Here is the code for blocking IPs and you can add more IPs to the array if needed:

<?
$banned_ip_addresses = array(’4.2.5.5′, ’64.43.67.19′, ’207.22.32.152′);

if(in_array($_SERVER['REMOTE_ADDR'], $banned_ip_addresses))
{
echo “You are banned.”;
} else {
continue with form processing…
}

If you are having problems with abusive surfers filling out your forms with constantly changing ip addresses, you can stop them by adding a cookie. A cookie is a small piece of code sent to the user’s pc to identify them.  Note that not all browsers will accept cookies, but most will. Once the cookie is set, you check for the existence of it in your form processing. Here is an example:

//this sets time to 7200 seconds, 2 hours
<?
setcookie(“userx”, “cookie1″, time()+7200);
?>

Then add the code below to find out if this person has been on your page before:

<?
if (isset($_COOKIE1["userx"])){
echo “You have already filled out this form recently”;

} else {
continue with form processing…
}
?>

There is a plethora of PHP support websites on the Internet. My longtime favorite is  PHP Freaks Forum where you can post  technical questions and read responses. Another good one is the Digital Point PHP Forum. If you are looking for scripts then visit Hotscripts, where you will find many, some free and some paid. Also check out Free Scripts Directory,  Script Repository, and PHP Resource Index. They have scripts for: counters, auctions, voting, calculators, searching, support ticketing, etc.

PHP works fine on both Linux and Windows systems. If you have a Linux box then chances are good that it is already installed; if not, visit php.net to download it. PHP is not standard on Windows but it can be installed. If you need technical support we can help you with installing or upgrading.

PHP is very powerful. In an upcoming post I will explain how to speed it up using accelerators, pull data from a database, write it to a webpage, and add functionality using extensions.

Related Posts

• Workstation Backup Solutions Pt. 3: Redundancy
• Workstation Backup Solutions Pt. 2: Methods & Retention
• Workstation Backup Solutions Pt. 1: Having One
• Drupal – Free Website Building Tool
• Linux Shell Insights: Volume 2
• Linux Shell Insights: Volume 1
• MySQL Error in the errmsg.sys file
• MySQL Version 6 Preview
• A Little Security Goes a LOOOONG Way
• Linux Tip: Setting up key-based authentication.

Don’t take it lightly when you see reminders to use a more complex password. I’m not saying you should use a 50 alpha numeric password, but a nice 8-digit password with at least one Uppercase, Number, and Symbol. If you’re not creative enough, there are plenty of random password generators out there. Brute forcing passwords is an old, but still used hack attempt these days and isn’t even the most popular way hackers get into servers.

The biggest step you can take to help protect your server is changing your default RDP/SSH ports, even your FTP and other program ports. I think a lot of admins don’t do this because they fear it’s a complex step. It’s not! For windows, it’s as simple as using regedit (OOOO SCARY!!, calm down and just be careful) Do the following for windows 2003:

Start->Run-> type regedit

Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

In the right Pane, look for PortNumber

Simply change the port number to whatever you want. Usually I keep my birth date in my port number changes. e.g. 3371 (Not my real birth date, but you get the point.)

When you reconnect to the server just make sure you append the port number. e.g. xx.xx.xxx.xxx:3371

In Linux, it’s even simpler. All you need to do is edit the sshd_config. To do this you do the following:

Use your favorite text editor and edit /etc/ssh/sshd_config

At the very top of the config is your current port 22

#Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

Simply uncomment by removing the ‘#’ and choose a new port. Idea, let’s go with the birth date method. e.g. 2271. So it will now look like:

Port 2271
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

Now all you have to do is restart ssh (this process is different depending on your distro, just google restart ssh) To connect from another client using the new IP, do:

ssh -p 2271 root@xx.xx.xxx.xxx

Lastly, using a firewall really does help. The built in windows firewall works. It’s simple, basic and easy to use. Just make sure before you enable it to add your new RDP port. If you forget, you know where to reach us. The same goes with IPTABLES in Linux.

You might be surprised, but the majority of successful hack attempts are done through poor or outdated code. It’s the long lived battle of the programmer v. web-dude, but belief in what I said above will mean nothing if your code is vulnerable. The same goes with using your windows server to surf the web. DO NOT SURF THE INTERNET WITH YOUR WINDOWS SERVER. You are asking for trouble by doing so. Remote desktop has a file transfer program built into it for a reason.

In short,

-Use a more complex password

-Change your default ports

-Add a firewall

-Don’t use your server like a workstation to browse the web and download files.

Hope this helps.

Related Posts

• Workstation Backup Solutions Pt. 3: Redundancy
• Workstation Backup Solutions Pt. 2: Methods & Retention
• Workstation Backup Solutions Pt. 1: Having One
• PHP Script Tips and Resources
• Drupal – Free Website Building Tool
• Linux Tip: Setting up key-based authentication.
• Linux: Low memory – feature or a bug?
• Linux Shell Insights: Volume 2
• Linux Shell Insights: Volume 1

Drupal is based on a system of templates where you can use the built-in ones or make your own. It has some cool features built in such as chat forums, rss, video and podcasting options. Currently, there are thousands of websites using Drupal such as Spread Firefox, The White house, and The Onion. There are many more listed on Drupal Sites. Drupal is an open source software package licensed under the GNU GPL and runs great on a Linux server with Apache, PHP, and MySQL. We here at 1-800-Hosting are Drupal friendly and can help with installation as well as well hosting technical support like unix file permissions, phpinfo(), mod_security, php file size and memory limits.

The best thing I like about Drupal is that it can be extended with third party modules in order to add functions. You can add search, instant messenger, cron, voting, image browsing, slideshow, google analytics, e-commerce, and chat room. If you’re looking for an easy way to get a website up and running without the hassles of back-end development, take a look at Drupal. It can make building a site a little easier without getting lost in the interweb fray.

Related Posts

• PHP Script Tips and Resources
• Linux Shell Insights: Volume 2
• Linux Shell Insights: Volume 1
• Using a Content Management System (CMS)
• Workstation Backup Solutions Pt. 3: Redundancy
• Workstation Backup Solutions Pt. 2: Methods & Retention
• Send Us Your Postcards!
• Workstation Backup Solutions Pt. 1: Having One
• Employee Appreciation and the Lost Art of the Road Trip
• A Resolution to Keep Resolutions

This can be used either for non-password based authentication for scripts or other utilities, or for extra security when paired with a pass phrase key.

We’ll need to generate a key-pair, a public-key and a private-key. The public-key will be placed on the server, and you will log in with your private-key. You will need to enter a passphrase for security (or leave blank for password-less auth.)

First generate the key:

ssh-keygen -t rsa -b 1024 -C “your-email-address”

This will create a 1024 bit key using RSA in your current directory. You will need to transfer it to the server you wish to authenticate with by some means, you can use SCP if you have an SCP client like this:

scp -p id_rsa.pub user@server:~/

Then log in to the remote server, and put the file in the authorized_keys for the user you want to authenticate with.

mkdir ~/.ssh
chmod 700 ~/.ssh
cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
mv id_rsa.pub ~/.ssh

Sometimes you may have to delete the public key file on the local machine to be able to log in, e.g.

rm rsa.pub

Once you’re done, try to log in to the remote host, and if everything was done right, you should be in!

Related Posts

• Workstation Backup Solutions Pt. 3: Redundancy
• Workstation Backup Solutions Pt. 2: Methods & Retention
• Workstation Backup Solutions Pt. 1: Having One
• PHP Script Tips and Resources
• A Little Security Goes a LOOOONG Way
• Drupal – Free Website Building Tool
• Linux: Low memory – feature or a bug?
• Linux Shell Insights: Volume 2
• Linux Shell Insights: Volume 1