Shared Server

This document is for general information about the shared server setup. There’s also specific information for WordPress and other applications.

Transferring files to server

The server only accepts secure connections via SSH server so you can use SFTP protocol or transfer files from command line with scp command. If you need a graphical user interface to transfer files we recommend using Cyberduck which works with Windows and MacOS. Another popular file transfer application is FileZilla. You should have received your server hostname and your username and password with your order confirmation.

Connecting to Linux Shell

The server only accepts secure SSH connections. Open your terminal program such as PuTTY on Windows or the terminal program on MacOS and Linux. To connect type:

ssh username@serverhostname

Directory structure

Your account directory structure is organised so that there can be multiple sites under same account.

/backups       - This directory contains a daily snapshot of your database. You can put your own backups here too but be aware that they are automatically discarded after 7 days. Full backup that includes this directory is stored on a remote server encrypted.
/conf          - This contains account specific configuration files you can modify this include email server settings
/logs          - This contains account specific logs such as error log from php-fpm and msmtp log
/yourdomainname
/yourdomainname/conf
/yourdomainname/logs    - This contains your websites nginx access and error log
/yourdomainname/htdocs  - This is the public root of your website.

Email settings for PHP

We don’t allow out going SMTP on port 25 because vulnerable PHP applications can easily be harnessed to send spam and that will affect negatively on everyone on the server. Since many applications still need to send email we’ve enabled that through msmtp client that we have configured PHP to use instead of the regular sendmail. You can configure it to use your Gmail or Yahoo account to send it or you can get email service from us and use our authenticated email server. The only requirement is that you must use secure TLS on the submission port (587). You can configure your email credential on /conf/msmtp.conf file which we’ve already pre-configured to use our server you just need to enter your username and password. Please note that the account name must be default and the file permissions must be 0600 otherwise it won’t send any email.

Gmail example:

account default
tls on
auth on
host smtp.gmail.com
port 587
from username@gmail.com
user username
password plain-text-password

Yahoo example:

account default
tls on
tls_starttls off
auth on
host smtp.mail.yahoo.com
port 587
from username@yahoo.com
user username
password plain-text-password

To test your configuration create a file demo_email.txt with following content:

From: Tester <tester@example.com>
To: You <you@youremail.com>
Subject: Hello World
Email sent using MSMTP

Then use the following command and replace you@youremail.com with your email address. If everything worked you should receive the email in demo_email.txt. You can also check the msmtp.log to see if everything worked out.

cat demo_email.txt | /usr/bin/msmtp -C ~/conf/msmtp.conf --logfile ~/logs/msmtp.log -a default  you@youremail.com

Crontab

Your crontab file is /conf/crontab. You can can edit that file and install it by running command:

crontab ~/conf/crontab

Disk Quota

We give out disk space quite generously on our plans and to make sure there is enough of it to everyone we enforce disk quota. You can check your quota usage by running following command:

quota -s

We don’t currently enforce any inode quotas and you can assume that you have at least 500k inodes available to you.

Backup

Backup is stored encrypted on a remote server. We make a weekly full backup and daily incremental ones. In order to do a full restore you’ll need to restore the full backup and latest incremental. We provide a commandline program to access your backups and standard unix tools can be used to restore it. Please note you’ll need your backup encryption key to decrypt the backup file and it will be prompted by gpg –decrypt command.

To list all your backup files run following command

backup-helper list

Below is an example listing of the the output from backup-helper list

Date         Filename                                                      Size
Nov 13 01:17 tartarus-username-20161113-0215.tar.bz2.gpg                   182857979
Nov 19 00:12 tartarus-username-20161119-0112-inc-20161113-0215.tar.bz2.gpg 4804847
Nov 20 01:04 tartarus-username-20161120-0202.tar.bz2.gpg                   182824009
Nov 21 00:12 tartarus-username-20161121-0112-inc-20161120-0202.tar.bz2.gpg 930874
Nov 22 00:12 tartarus-username-20161122-0112-inc-20161120-0202.tar.bz2.gpg 1688229
Nov 23 00:11 tartarus-username-20161123-0111-inc-20161120-0202.tar.bz2.gpg 2505457
Nov 24 00:13 tartarus-username-20161124-0112-inc-20161120-0202.tar.bz2.gpg 3220819
Nov 25 00:12 tartarus-username-20161125-0111-inc-20161120-0202.tar.bz2.gpg 4135913
Nov 26 00:12 tartarus-username-20161126-0111-inc-20161120-0202.tar.bz2.gpg 4955579

Files named with -inc-[date].tar.gz2.gpg are incremental to previous full backup on [date]. For example tartarus-username-20161126-0111-inc-20161120-0202.tar.bz2.gpg is incremental to tartarus-username-20161120-0202.tar.bz2.gpg and thus in order to do a full restore you’ll need to extract the full backup first and the incremental on top of it.

Listing files inside a backup. Substitute [FILENAME] with the backup filename from listing.

backup-helper download [FILENAME] | gpg --decrypt | bzip2 -d | tar -tpv

Extract a single file from backup

backup-helper download [FILENAME] | gpg --decrypt | bzip2 -d | tar -xpv path/to/file