Re: [UPHPU] Utah Colocation
On Dec 11, 2007 9:07 PM, Wade Preston Shearer [EMAIL PROTECTED] wrote: I use webpipe and they seem pretty good... Tier Four tierfour.com (the are a php.net mirror and host uphpu.org) +1 for TierFour ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] Utah Colocation
On 12 Dec 2007, at 09:11, Brandon Stout wrote: [EMAIL PROTECTED] wrote: Hi, I'm looking for a colocation host here in the Salt Lake City (Layton and further north is fine). I've looked at a few places but most are too expensive. The server won't have a lot of traffic so preferably I'd like something under $100 a month. I've found a couple places that I like the price but I want to see what others would recommend. Thanks, Eric I'm not sure what you mean by colocation, but if you are looking for web hosting, I own Stout Hosting LLC and I can provide hosting on enterprise class server clusters with MySQL 5 or Postgres, and PHP 5 for much less than $100, depending on your needs. Send me an email for details. Send me your phone number if you'd like a call. Colocation is when someone takes their own server machine and put it in a hosting data center and uses the data centers' internet connection, power backup, etc. ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] Utah Colocation
[EMAIL PROTECTED] wrote: Hi, I'm looking for a colocation host here in the Salt Lake City (Layton and further north is fine). I've looked at a few places but most are too expensive. The server won't have a lot of traffic so preferably I'd like something under $100 a month. I've found a couple places that I like the price but I want to see what others would recommend. Thanks, Eric I'm not sure what you mean by colocation, but if you are looking for web hosting, I own Stout Hosting LLC and I can provide hosting on enterprise class server clusters with MySQL 5 or Postgres, and PHP 5 for much less than $100, depending on your needs. Send me an email for details. Send me your phone number if you'd like a call. Brandon Stout Stout Hosting LLC ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] Utah Colocation
Wednesday, December 12, 2007, 7:00:03 AM, you wrote: On Dec 11, 2007 9:07 PM, Wade Preston Shearer [EMAIL PROTECTED] wrote: I use webpipe and they seem pretty good... Tier Four tierfour.com (the are a php.net mirror and host uphpu.org) +1 for TierFour -1 for TierFour We spend a chunk of change ($) each month there. More outages than I've ever dealt with. And they've actually blamed equipment failures on us (e.g. NIC failure because DNS cache for a domain was set to 30min). I could even look past that stuff if it weren't for some problematic attitudes with *some* of the staff that make it challenging whenever collaboration/support is necessary. Jacob -- _/ _/ _/ Jacob Hanson _/ _/_/_/ mailto:[EMAIL PROTECTED] _/_/_/ _/ _/ http://www.jacobhanson.com ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
[UPHPU] phpBB3 Release Date Announced
phpBB announced the gold release date for phpBB3 this past Sunday. It will be released tomorrow at 10 AM MST. Here is the announcement: http://www.phpbb.com/community/viewtopic.php?f=14t=611789 I'm the phpBB Modifications Team Leader so if you have any questions, you can ask me and I'll try to answer them. Maybe I could do a presentation on phpBB sometime if enough people are interested. ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] phpBB3 Release Date Announced
phpBB announced the gold release date for phpBB3 this past Sunday. It will be released tomorrow at 10 AM MST. Is it more secure? smime.p7s Description: S/MIME cryptographic signature ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] Utah Colocation
I was guessing it was 95th percentile but the quote didn't mention it. I'll look into a dedicated/managed server and see if I can find something at a reasonable price. This server won't be just for websites, email, databases, etc. I'd like to have more control over the server than you can with shared hosting so I can use it for subversion, cvs, etc. ---Original Message--- From: Dave Stevenson [EMAIL PROTECTED] Subject: Re: [UPHPU] Utah Colocation Sent: Dec 12 '07 19:41 I'll second Tierfour. They price their bandwidth based on 95th percentile billing. The numbers they give you are for a constant stream of data at that speed. i.e. 256kbps seems slow, but thats a constant rate of data transfer per second. You can burst to 10x your bandwidth amount. So if you purchased a 512k connection, you can burst to 5mpbs. I'll also second what Brandon mentioned about hosting. Unless there is a specific reason for wanting to colocate, using a hosting provider such as one that provides a dedicated server or a VPS can usually be very competitive and a good choice. Regards, Dave [LINK: http://www.silverrack.com] http://www.silverrack.com - VPS Hosting On Dec 12, 2007 12:00 AM, Eric Faerber [LINK: mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Wade Preston Shearer wrote: Tier Four [LINK: http://tierfour.com] tierfour.com (the are a [LINK: http://php.net] php.net mirror and host [LINK: http://uphpu.org] uphpu.org) I got a quote from them and the speeds they quoted me were 100Kbps, 256Kbps and 512Kbps. Slw. I've replied asking for clarification. That's got to be a mistake. A server connected at 100Kbsp? Have to use a dial up connection so the server speed wouldn't affect you. ___ UPHPU mailing list [LINK: mailto:[EMAIL PROTECTED] UPHPU@uphpu.org [LINK: http://uphpu.org/mailman/listinfo/uphpu] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on [LINK: http://irc.freenode.net] irc.freenode.net No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.17.1/1181 - Release Date: 12/11/2007 5:05 PM ___ UPHPU mailing list [LINK: mailto:[EMAIL PROTECTED] UPHPU@uphpu.org [LINK: http://uphpu.org/mailman/listinfo/uphpu] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on [LINK: http://irc.freenode.net] irc.freenode.net ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] phpBB3 Release Date Announced
Yes. We had a paid security audit done by SektionEins (http://www.sektioneins.de). SQL queries and getting user data has been standardized so that they are cleaned before use making it very unlikely for SQL injection and other attacks to happen. phpBB 2.0.22 was released almost a year ago. There haven't been any exploits reported in that since then. You can't say 2.0.22 isn't secure. Like with all software, keep up to date and you'll be fine. Here is a page that compares phpBB2 with phpBB3, http://www.phpbb.com/about/features/ Eric ---Original Message--- From: Wade Preston Shearer [EMAIL PROTECTED] Subject: Re: [UPHPU] phpBB3 Release Date Announced Sent: Dec 12 '07 23:19 phpBB announced the gold release date for phpBB3 this past Sunday. It will be released tomorrow at 10 AM MST. Is it more secure? ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] phpBB3 Release Date Announced
On Dec 12, 2007 3:28 PM, [EMAIL PROTECTED] wrote: Yes. We had a paid security audit done by SektionEins ( http://www.sektioneins.de). SQL queries and getting user data has been standardized so that they are cleaned before use making it very unlikely for SQL injection and other attacks to happen. It took them 3 major versions and several years to get input sanitization standardized? I'm just surprised that phpBB is still around. ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] phpBB3 Release Date Announced
Wade Preston Shearer wrote: phpBB announced the gold release date for phpBB3 this past Sunday. It will be released tomorrow at 10 AM MST. Is it more secure? PHPbb hasn't been so bad if you keep it up to date, has it? I use punbb because it's so bare-bones upgrades are easy for me, but I have quite a few clients using phpbb 2's without trouble - so long as they keep their installations updated. ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] phpBB3 Release Date Announced
On Dec 12, 2007 4:14 PM, [EMAIL PROTECTED] wrote: phpBB announced the gold release date for phpBB3 this past Sunday. It will be released tomorrow at 10 AM MST. Here is the announcement: http://www.phpbb.com/community/viewtopic.php?f=14t=611789 I'm the phpBB Modifications Team Leader so if you have any questions, you can ask me and I'll try to answer them. Maybe I could do a presentation on phpBB sometime if enough people are interested. http://irc.freenode.net Congratulations! I would love to see a presentation on phpBB and all the new features in 3. Looks like there is a lot of new things in 3. -Kevin- ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] phpBB3 Release Date Announced
Yes. We had a paid security audit done by SektionEins (http://www.sektioneins.de ). SQL queries and getting user data has been standardized so that they are cleaned before use making it very unlikely for SQL injection and other attacks to happen. Cool. Sounds and looks (browsed the feature comparison chart) like the team has been busy. Glad to hear that they took the security issue by the horns. smime.p7s Description: S/MIME cryptographic signature ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
Re: [UPHPU] phpBB3 Release Date Announced
On Dec 12, 2007 3:50 PM, Eric Faerber [EMAIL PROTECTED] wrote: phpBB1 was released in 2000. phpBB2 was released in 2002. phpBB3 will be released in 2007. It wasn't until a couple years ago that they raised the minimum version from PHP 3 to PHP 4 for phpBB2. phpBB is old. You can't say they could predict every exploit that was going to happen when they first released phpBB2 in 2002. You certainly can't predict every attack vector that may happen; however, phpBB and phpBB2 were poorly engineered from the start, and slapping security patches on every day or two because you didn't take even the minimum protection standards anyone halfway knowledgeable in sanitization expects is not the right answer. There's a reason why phpBB2 was one of the most banned web applications on shared hosting plans (next to phpNuke, and that's a club you don't want to be a part of). Although I can't comment on phpBB3 or even newer phpBB2, when I did do internal security audits of phpBB2, it was an absolute mess. I hope their engineers have learned quite a bit. From what you're saying, it sounds like they have somewhat - but I can tell you as an application security engineer that outsourcing your security handling is just the start. The engineers need to be trained themselves in best security practices on the web, which aren't always apparent. ___ UPHPU mailing list UPHPU@uphpu.org http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net