My experience with cloudatcost.com CAC

I heard cloudatcost from a forum post talking about hosting company. it was on sale 40% off for all it's one time plans; I registered an account on their website cloudatcost.com, I bought a $35 pro 1 plan, after 40% off it's $21 USD, converted to CAD 33.25, it's one-time fee! I paid by Paypal.

reasoning: I googled and found this company is from the same parent company of freephoneline.ca which I have used for 3 years, and this company has been around for 3 years too. even as a toy, the $35 VPS is worth risking the money, you can have it for as long as the company stands, and it's always on, you can play with it wherever there is internet.

BTW, I have some cloudatcost coupon codes which you can get 50% off: 6yNu5edaTU

OK, enough blah...

after I paid, I got an email with my server information, IP, user, password, I logged into panel, re-image my server to CentOS 7, reimaging seems to take long time, I logged out and go to sleep, next morning I logged in, it showed: re-image failed. I delete the server and re-image again. after a few hours, I checked email and I got an email with new server information, but I can not ping the public IP, from the console, the server can not ping it's gateway.

although I saw a lot of bad reviews about the tech support/customer service, I still issued a support ticket, surprisingly I got reply after half day, saying OS is not installed properly, I need to re-image, this time I give up CentOS 7 I wanted to play with, I went practical and just installed LAMP on CentOS 6.5, it succeeded smoothly

for now, remember to modify server mode from safe to normal, otherwise server will shutdown automatically after 7 days no activity.

Now I am playing from there, hoping I'll move my website hosting to there...

Apache
Login to server: (on *nix or OSX, use ssh; on Windows, you can download and install Putty which is ssh simulator) Tried to bring up Apache HTTP server first:

#service httpd status
if it's not running:
#service httpd start
Test if Apache is working by type in your server public IP into a browser URL bar, enter, you should see this:

I did not see it first, then I ran: # iptables -F
clear all iptables rules, then I can access Apache test page!
From now on, I will access my server test page from time to time to test its stability, so far(about a week) it's fast and stable.

MySQL
#rpm -qa
shows MySQL is installed, but

#service mysqld status
mysql - mysqld: unrecognized service
so I re-install:
To install MySQL, enter the following command:

# yum install mysql mysql-server -y


Start the MySQL service and make to start automatically on every reboot.

# service mysqld start
# chkconfig mysqld on

To secure mysql, we have to setup mysql root user password.

# mysql_secure_installation


NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!


In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!


By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
... Success!

By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
... Success!

Cleaning up...



All done! If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!


PHP

Before installing, test first if it's installed:
# vi /var/www/html/info.php
put the following text:

 <?php  
 phpinfo();  
 ?>  

Save and Exit.
in browser go to:
http://serverIP/info.php
you should see this:
congratulations! PHP is working.



Add application users to MYSQL:

mysql> create user 'user1'@'localhost' identified by 'password';
Query OK, 0 rows affected (0.00 sec)

mysql> grant all privileges on *.* to 'user1'@'localhost';
Query OK, 0 rows affected (0.00 sec)

mysql> create user 'user1'@'%' identified by 'password';
Query OK, 0 rows affected (0.00 sec)

mysql> grant all privileges on *.* to 'user1'@'%';
Query OK, 0 rows affected (0.00 sec)

mysql> quit
Bye

Migrate data from old hosting to new hosting
Use SQLYog community edition(free), connect to old and new database,create a database in new host with the same name as old, right click old database > select Copy database to different host/database, following the instructions...


Migrate application code from old hosting to new hosting
Use WinSCP, copy the root folder of old hosting to local, then copy from local to new hosting.

Edit config.php

save and restart apache:
service httpd restart

accesss my web:
get server error 500

on server:
yum install php-mysql -y
success
then access web, got:
Osclass » Error

Osclass database server is not available. Need more help?

edit config.php
change from: define('DB_HOST', 'IP'); to: define('DB_HOST', 'localhost');
then access web, yeah~~~, it's up and running!
now it can only accessed by IP, Google Adsense does not show, Captcha does not show.
this might be because DNS is not pointing to it yet.

Set up Email Server

Installed telnet in order to test SMTP server: #yum install telnet -y
add a host entry for your domain to that IP in the /etc/hosts file like below.
12.34.56.78 craplist.ca

Install Postfix:
# yum -y install postfix

install SMTP AUTH packages
# yum -y install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi cyrus-sasl-md5 cyrus-sasl-plain

run following commands step by step for creating SSL Cert:
# mkdir /etc/postfix/ssl
# cd /etc/postfix/ssl/
# openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
# chmod 600 smtpd.key
# openssl req -new -key smtpd.key -out smtpd.csr
# openssl x509 -req -days 365 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
# openssl rsa -in smtpd.key -out smtpd.key.unencrypted
# mv -f smtpd.key.unencrypted smtpd.key
# openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 365


vi /etc/postfix/main.cf
Find and comment the below lines .
#inet_interfaces = localhost #---> line no 116
#mydestination = $myhostname, localhost.$mydomain, localhost #--> line no 164

and add these lines at the bottom of the file.

myhostname = craplist.ca
mydomain = craplist.ca
myorigin = $mydomain
home_mailbox = mail/
mynetworks = 127.0.0.0/8
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = cyrus
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom


vi /etc/postfix/master.cf
add the below line after smtp


smtps inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_sender=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o broken_sasl_auth_clients=yes


start postfix and saslauthd service
# service postfix start

# service saslauthd start

start the postfix and saslauthd at startup
# chkconfig --level 235 postfix on

# chkconfig --level 235 saslauthd on

check your smtp connectivity . just telnet localhost on port 25 and type this command ehlo localhost
# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 mail.craplist.ca ESMTP Postfix
ehlo localhost <---- type this command
250-mail.craplist.ca
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.

If you get this output it's good

install dovecot
# yum -y install dovecot

vi /etc/dovecot/dovecot.conf
add the below line at the end of the file. please make sure mail_location and home_mailbox in postfix configuration are using the same name.
protocols = imap pop3
mail_location = maildir:~/mail
pop3_uidl_format = %08Xu%08Xv

start dovecot service
# service dovecot start

start the dovecot at startup
# chkconfig --level 235 dovecot on

test your pop3 connectivity .
# telnet localhost 110
Trying ::1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
quit
+OK Logging out
Connection closed by foreign host.

Yes .. your server is ready to receive mails .

» Creating users and testing
create users to test your configuration.
# useradd -m bobby -s /sbin/nologin

# useradd -m leela -s /sbin/nologin

and create passwords for the users created
[root@mail ~]# passwd bobby

[root@mail ~]# passwd leela

Test your configuration in thunderbird . configuration details:
name:bobby
email:bobby@craplist.ca
password:
incoming: POP3 server host name: your email server IP port:995 SSL: SSL/TLS Authentication: Normal password
outgoing: SMTP server host name: your email server IP port:465 SSL: STARTTLS Authentication: Normal password
user name:bobby

Mail server centos 6 testing
Step 13 » Now you can send and receive mails using this server. In case of any issues please check the log file /var/log/maillog )

your mail server is ready …


add EPEL repository to install squirrelmail package
# rpm -ivh http://ftp.jaist.ac.jp/pub/Linux/Fedora/epel/6/i386/epel-release-6-8.noarch.rpm

install squirrelmail.
# yum install squirrelmail

configure squirrelmail .
# perl /usr/share/squirrelmail/config/conf.pl

»»» 1 »»» 1 »»» craplist (type Organization name ) »»» R ( return )
»»» 2 »»» 1 »»» ( type craplist.ca ) and choose 3 »»» SMTP ( choose SMTP ) »»» R ( return )
»»» D »»» dovecot ( type ) »»» press enter with default
»»» s ( save and quit)
vi /etc/httpd/conf.d/squirrelmail.conf file and uncomment below lines
# RewriteCond %{HTTPS} !=on
# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Create a squirrelmail vhost in apache config file:
# vi /etc/httpd/conf/httpd.conf
Add the following lines at the end:

Alias /webmail /usr/share/squirrelmail

Options Indexes FollowSymLinks
RewriteEngine On
AllowOverride All
DirectoryIndex index.php
Order allow,deny
Allow from all


Restart the Apache service:
# service httpd restart
open http://serverip/webmail path in your browser . you should see the webmail login page .

but I got error:
squirrelmail Error connecting to IMAP server: localhost. 13 : Permission denied
solution: # setsebool -P httpd_can_network_connect=1
got it:

Server is all set up and running.

The last step is to change DNS to my new IP, I do not know how, opened ticket to domain registrar company.

my domain hosting company canspace.ca asks for 8 dollars to do this, NO! I don't have 8 dollars so I have to do myself...

I go to my domain hosting account > Domains > DNS Zone Manager > Add Zone, added a A record: Zone Name:craplist.ca IP Address: my new server address > Click add zone, done.

Domain hosting company says it takes up to 48 hours for new domain IP to take effect. but after half day, when I ping my domain, it already points to new IP

Another problem: web browser shows IP address instead of domain name when I access by domain name...

Solution: Resolution: I googled a lot but none helped, at last I found in website root directory, in file config.php:

Changed: define('WEB_PATH', 'http://12.34.56.78/'); to define('WEB_PATH', 'http://craplist.ca/'); solved the problem!!!

ALL DONE! welcome to my new website: craplist.ca

Squirrel webmail can not send email: Transaction failed 554 5.7.1 : Relay access denied

Solution: in /etc/postfix/main.cf change line from: mynetworks = 127.0.0.0/8 to mynetworks = 127.0.0.0/8 [::1]/128

Squirrel webmail can not receive email for user on my domain info@craplist.ca, error in /var/log/maillog: postfix/local[14219]: warning: maildir access problem for UID/GID=0/0: create maildir file /root/mail/tmp/1451971305.P14219.localhost.localdomain: Permission denied

Solution: in /etc/aliases, change line from info: postmaster to info: info
# service postfix restart
# service dovecot restart
Not yet, do not forget to harden your system, add firewall...
change ssh login port to a different port than default, save the new port in Putty configuration. Google how to do it.
close unused ports:
[root@localhost ~]# iptables -A INPUT -p tcp --destination-port 110 -j DROP
[root@localhost ~]# iptables -A INPUT -p tcp --destination-port 143 -j DROP
[root@localhost ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
so far it's been stable!