Hosting

I Screwed Up

So, for a little while now, one of the sites I host on my VPS has had some sort of malware.  I have no idea how it got there but I have ideas about fixing it if I could find it.  There are plenty of sites that will tell you that your website is infected.  There don’t seem to be any that will also tell you “It’s probably in this file here, go look there.”  Instead it’s all “We’ll fix it for a small monthly subscription of $50/month.”

I think I’ll pass on that one.

Instead, I opted to simply rebuild the website from the ground up.  It’s a simple process really, set up a fresh WordPress install, ad the appropriate plug ins, copy the images in the Uploads folder, and do a quick export/import of the database.  I also wanted to make sure I got the permissions right, to avoid any future malware issues, since this was the likely culprit for how the malware got there.

This is where I screwed up.  Instead of doing a CHMOD on the local directory, I mistakenly did a CHMOD on /* -R.  Or in other words, everything in the root directory, Recursively through each directory.  Or in other, other words, “everything”.  It actually failed to run on a bunch of files, likely because they were in use.  It did however break SUDO, which meant I couldn’t easily try to change anything back.  It also immediately killed every website I host since they all use MySQL which could no longer use it’s databases, because it didn’t have permissions.

I don’t host anything major at least.  A couple of personal blogs, my wife’s two blogs, some side projects like TinyTinyRSS.  My main concern were my wife’s blogs, frankly, no one reads my shit at all anymore (why are you here???), lots of people read both of her blogs.

If this were a physical server, I’d load a recovery CD and backup or even just reinstall from there.  This is a VPS though.  There isn’t a physical machine I can access and really, there probably isn’t even a physical machine at all, not a dedicated one.  There may be a dozen other servers on the same physical machine as my VPS.  Fortunately, with the use of a support ticket, Digital ocean will mount a virtual recovery disc to your virtual server.

So I managed to get access to the server files.  I set about with two plans at this point.  Worst case scenario, I would need to reimage the server and rebuild everything.  I’ve done this sort of thing many times over the years moving from server to server, I’m actually pretty good at it.  Getting the data was the important part, so I started some downloads of the data.  Honestly, this was always the only option, but I was hoping I could get the old set up running because it would make my life easier.  If I could get MySQL working I could make proper back ups instead of trying to use the raw files, something I’ve never done (it wasn’t hard in the end).  So, 50,000 files later, I had all of the needed files downloaded.  I probably could have saved some time and just reinstalled the core WordPress files but I wanted to keep things as pain free as possible to avoid any more screw ups.

How to restore the server.  The problems stem from permissions, as in, nothing has permissions on anything.  So the simplest solution seemed to be to set the files all to 777, or open access to every user, group and everything.  This is absolutely horrible practice for a live server and should not be done.  However, I needed ten minutes or so to dump some SQL files and a few other proper back ups that would be much easier in a live environment.

Setting everything to 777 didn’t work, for starters, all those system files that were previously inaccessible, were now accessible, since the recovery CD wasn’t using them.  So now EVERYTHING became 777.  I don’t know much beyond that other than it flat out refused to work at all now.

Fortunately, I had my files, the important stuff.  The next few steps were simple, re-image the server with a clean install, sudo apt-get on apache2, php5, mysql-server, proftpd, ftp the files in the appropriate places.

This is also where I did right on permissions, like I should have done to start with.  Instead of screwing with permissions themselves using CHMOD, I set the appropriate ownership with CHOWN.  This was partially necessary, for example, the files created by MySQL normally own and belong to the mysql user and group.  The ones I restored, were all owned by root.

I also took this opportunity to pair down some of the cruft I’d accumulated.  I kept a copy, but it all doesn’t need to go back.

I feel like the end result worked out well, everything is mostly back on line.  I found later that something had gone wrong in backing up the SQL files for both Joshmiller.net and Blogging Intensifies.  Fortunately there isn’t anything on JoshMiller.net since I had purged it all.  And I don’t post here super often so I only came up missing 2 posts from my last back up, I was able to recover both posts from Google’s Cache pages.  Everything for both The Zippy Zebra and Treasured Tidbits came over though, which was my main concern.

Testing The Waters on Digital Ocean

/ 1 Comment

A while back I set up a Digital Ocean VPS running OpenSIM.  I then promptly forgot about Digital Ocean.  Part of the problem was I forgot my password and form some lame reason the email didn’t show up when I searched my emails for “Digital Ocean”.  It was also more of a fun side project that didn’t really cost anything since DO gives you some credit when you sign up.

I’m thinking of using my VPS for a bit more though, specifically, as my new Web Host.  I currently use GoDaddy which works great and is affordable but I’m starting to do a bit more experimenting and coding and I feel like i could benefit from something with a little more versatility.  For a few bucks more than I currently pay for Godaddy I can get a pretty decent VPS going and at the very least host all of the blogs I currently maintain on it (currently 4 with little to no traffic, and 3 with reasonably light traffic).  i can always beef up the VPS if the load ends up being too much.

I wanted to test out the migration and set up though, I was going to move Raid-Tier over but it’s kind of in a state of limbo and i wanted something I use with some content behind it.  If I am going to discretely move my wife’s blogs over interruption free I need to KNOW I can do it and KNOW it will work.  One, she’ll get pissy if it doesn’t and two she is getting a fair amount of traffic and I’d hate to interrupt that.

So I moved Joshmiller.net here over.  I also moved my little Sandbox Project over at BloggingIntensifies.com over as well but mostly because it’s inconsequential if it gets lost somehow and I wanted a second domain on the hosting so I could make sure I’m doing the server configuration properly.

The migration wasn’t without issues.  For one, the SQL export from this blog is larger than I could get the SQL locally to import so I had to do an old fashioned WordPress import/export.  In my experience the WordPress import/export works great for small volumes of data but extremely poorly for large volumes of data.

I also had FTP issues, All of the help files for vsftp I could find were outdated (not uncommon with trying to solve Linux issues) and there is some newer “feature” i couldn’t figure out that seems to amount to “vsftp won’t run if root has ftp access”.  I’m not sure that’s right because like I said, I didn’t figure it out, i used SSH file transfer instead.  I needed to move all of the images from the old host to this host, all 3-4000 of them.  Its not a huge amount of files but it is a LOT of files.

i still have permissions issues I have not figured out.  Permissions are probably the most annoying part of using Linux, yeah yeah blah blah security, I get that, but fuck there is all this users and groups and who owns the files and who can write/use the files and what user and group are the processes using.  It’s kind of insane.  I even tried the whole “give everything full perms chmod 777” method to no success.

Which has left some broken internal links on this blog.  I’ll do some backend SQL work on it but basically, I set up the old blog to run on /Year/Month/Day/PostTitle Permalinks and the new one uses the ugly post?### style.  for some reason WordPress can’t change this setting in .htaccess and it still doesn’t work when I manually create the .htaccess file.  So screw it, for now it’s ugly links all around.

Phase two will be to pull Lameazoid and Raid-Tier over, if those go smoothly I’ll start with my wife’s less used/trafficked blog and see if she even notices, then work my way up from there.  The whole process actually should be seamless all around since ultimately the domain will point to the same structure and data on the same domain.

The point is do get a more versatile host to do some more complex projects without paying for TWO hosts.  I’d rather pay more for one host than putz with two hosts which end up costing more.  I also still plan to keep Godaddy for my domains for now, I’m not unhappy with the service over there by any means, I’ve just outgrown it.