In line with our sustained efforts in providing our VPS clients with industry leading hardware and software options, we have upgraded the HDDs on our VPS servers from the current Raptor 10K RPM disks to Seagate Cheetah SA-SCSI 15k RPM drives.

SA-SCSI (Serial Attached Small Computer System Interface) is the gold standard in storage solutions for web servers requiring enterprise class robustness with high availability and fault tolerance features, especially where large databases and mission critical applications are involved. To ensure our clients are able to get the performance of a dedicated hardware at a fraction of its cost, we  have gone ahead and upgraded all our VPS clients to the new hardware without any additional expense and they are all delighted with the improved performance which is being delivered to their applications, as a result of this upgrade.

The SCSI HDDs coupled with the RAID hardware makes it a very stable and robust platform for hosting VMs on the Citrix Xen Server platform. Furthermore, we have also upgraded the Xen Server virtualization platform to its latest version (Xen Server ver 5.6) which is more stable and has several bug fixes implemented in its current verion. We have also added more storage space to our VPS hosting plans alongwith a higher monthly bandwidth allocation for no additional charges.

Bottom line is that if you are looking for a VPS or would like to host your application, website or mail server on a dedicated server platform, you will be hard pressed to find an offering which could better ours!

Check out our new Linux VPS and Windows VPS hosting plans and talk to our sales team today!

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Posted by admin under News & Updates, Virtualisation
0 Comments

In sync with the launch of our new website, we have also revamped our shared web hosting plans for both Windows 2008 Enterprise and Linux platforms and the new hosting plans are now available online. The new hosting plans have enhanced web space, bandwidth and email id allocations amongst other updates and the key benefits are given below:

  • No limits on mailbox quotas: You can now define your own mailbox capacity on a per mailbox basis and the total storage limit allocated on your domain would apply for all users on your domain.
  • No limits on web hosting space: For Linux hosting plans, we have removed web hosting space limits. The total applicable limit on your hosting plan can be used your website, emails or a combination of both, as per your choice.
  • Additional mailboxes: Starting with the SOHO plan onwards, we have increased the no. of mailboxes on every hosting plan by as much as 50% than our previous hosting plans for no additional charges.
  • Latest OS & Control Panel: Industry leading Plesk 9.5 control panel is available to all our clients. We also host ASP/ASP.net enabled websites on Windows 2008 Enterprise Edition for enhanced performance and IIS 7 Support.
  • More server storage space: We have upped storage limits on our hosting plans by nearly 50% across the board. The additional storage space is matched by the upgraded hardware to make your websites and applications run better and faster.

These feature enhancements coupled with our commitment to providing our clients with the most responsive hosting support team in the country clearly makes it a win-win deal for our clients.

Want to learn more? Check out our new Linux and Windows 2008 enterprise hosting plans and signup online.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Posted by admin under News & Updates, Web Hosting
0 Comments

Our new website is finally online. After about 3 months of planning and implementation, we have finally been able to put up our revamped site online. Though I might sound superstitious, I consider ourselves fortunate that the site has been launched on the same day when India celebrates  Rakhi or Raksha Bandhan which is an auspicious event for most Indians.

The updated site has had a major overhaul and following are the key changes implemented:

  • The backend CMS has been upgraded from Joomla1.x  to Joomla 1.5 which is considered to be the most popular CMS on the planet.
  • The site template is built from scratch and cannot be found anywhere else on the web. This gives our site a unique sense of distinction, unlike most other Joomla based websites which use free or commercial templates.
  • The site has a clean and uncluttered feel to it and we have placed special emphasis on the typography, navigation system and most importantly, meaningful and relevant content. We have dumped fancy javascripts, over the top graphics and animation which cry out for your attention in favour of a clean, simple and fast loading website.
  • New hosting plans (Windows and Linux) and upgraded VPS hosting plans have been launched with this site (more on this in our next post).
  • Pages are made SEO friendly to enable deeper indexing by search engines and more visibility for relevant organic searches on the search engines.

This is the fifth major revamp of our website over the past decade and it will be updated on a consistent basis with new services and offerings, so stay tuned with us!

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Posted by hriday under News & Updates
0 Comments

It might sometime happen that your ISP assigned Internet IP might be blocked by other servers and you might not be able to access those sites or services from your PC. To know your internet IP address (as opposed to your local LAN IP), www.whatismyipaddress.com, allows you to get your ISP IP without a fuss.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Posted by hriday under Web Hosting
0 Comments

A ‘catch all’  subdomain allows you to redirect all users who might type in http://subdomain.yourdomain.com  where ‘subdomain’ could be any subdomain which you would like to redirect users from.

Why would you need catch all subdomains

Maybe you have a few subdomains but sometimes your visitors are accessing non-existing subdomains. So the most appropriate solution would be to either redirect them to your main website or at least show them a list of available pages.

Step-by-step configuration in Plesk

  1. Create a subdomain ‘z-WILDCARD’ in Plesk – under the admin section of the right domain.
    Why do we need this name?  Because this entry should be the last entry in the list of subdomains, otherwise this “trick” will not work.
  2. Add special configuration (catchall for all subdomains) to the vhosts.conf file of this subdomain.
    Normally it’s located in /srv/www/vhosts/domain.com/subdomains/z-WILDCARD/conf/vhosts.conf. You have to create it – normally you need the root user to do this. Copy the following content into the file:
    ServerAlias *.domain.com
  3. Apply the new configuration – recreate the Apache configuration. You have to run the tool websrvmng which is a Plesk tool that manages and creates the webserver configuration. Execute the following as root user.
    /usr/local/psa/admin/sbin/websrvmng -u --vhost-name=domain.com
  4. Finally – restart Apache to load the new configuration, also as root.
    service httpd restart

That’s it! Now your users can access non-existing subdomains as e.g. doesnotexists.domain.com and you should see the Plesk page displayed for new pages.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Posted by ankur under Plesk Control Panel
0 Comments

What is vulnerability?

Vulnerability is a hole or a weakness in the application, which can be a design flaw or an implementation bug that allows an attacker to cause harm to the stakeholders of an application. Stakeholders include the application owner, application users, and other entities that rely on the application. The term “vulnerability” is often used very loosely.

Intruders are just as aware of the critical information that can be accessed through an application as the webmaster.  In many cases, their entrance and overall success is attributed to numerous factors.  Those conscious of the roaming threats typically monitor network perimeters with firewalls and intrusion detection systems.  However, these components actually encourage exploits as they are required to keep ports 80 and 443 open to support SSL and protect online transactions.  To an intruder, these ports are open doors that enable website attacks in a number of different ways.  Most network firewalls are configured to secure only the internal perimeter, leaving the company open to a wide range of attacks.  And while both intrusion prevention and detection systems are somewhat more effective, they don’t perform complete analysis of a packet’s contents.  Without an additional layer of security, a knowledgeable intruder can penetrate a web application with relative ease.

An organization dedicated to improving the security of web-based applications, the OWASP (Open Web Application Security Project) recently composed a list of 10 of the most common vulnerabilities in today’s applications.  The potential threats are associated with the following:

Cross site scripting:

XSS flaws occur whenever an application takes user supplied data and sends it to a web browser without first validating or encoding that content. XSS allows attackers to execute script in the victim’s browser which can hijack user sessions, deface web sites, possibly introduce worms, etc.

Server-side scripting errors

Injection flaws, particularly SQL injection, are common in web applications. Injection occurs when user-supplied data is sent to an interpreter as part of a command or query. The attacker’s hostile data tricks the interpreter into executing unintended commands or changing data.

The execution of malicious code

Code vulnerable to remote file inclusion (RFI) allows attackers to include hostile code and data, resulting in devastating attacks, such as total server compromise. Malicious file execution attacks affect PHP, XML and any framework which accepts filenames or files from users.

Insecure direct object reference

A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, database record, or key, as a URL or form parameter. Attackers can manipulate those references to access other objects without authorization.

Cross site request forgery

A CSRF attack forces a logged-on victim’s browser to send a pre-authenticated request to a vulnerable web application, which then forces the victim’s browser to perform a hostile action to the benefit of the attacker. CSRF can be as powerful as the web application that it attacks.

Improper error handling and data leakage

Applications can unintentionally leak information about their configuration, internal workings, or violate privacy through a variety of application problems. Attackers use this weakness to steal sensitive data or conduct more serious attacks.

Penetration of authentication and session management

Account credentials and session tokens are often not properly protected. Attackers compromise passwords, keys, or authentication tokens to assume other users’ identities.

Vulnerable cryptographic storage

Web applications rarely use cryptographic functions properly to protect data and credentials. Attackers use weakly protected data to conduct identity theft and other crimes, such as credit card fraud.

Insecure web communications

Applications frequently fail to encrypt network traffic when it is necessary to protect sensitive communications.

Failure to restrict writes permissions and URL access.

Frequently, an application only protects sensitive functionality by preventing the display of links or URLs to unauthorized users. Attackers can use this weakness to access and perform unauthorized operations by accessing those URLs directly.

From the above list, its quite evident that simply securing your web server is not enough (though its a necessity) to ensure that your site is secure from malicious intrusion. The underlying code and applications for your website needs to be tested for common web vulnerabilities and ensured that the security loopholes are patched and secured against intrusion attempts.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Posted by anirban under Web Application Security
0 Comments

After much procrastination, we have decided to take the leap and go ahead with revamping our primary website (www.diadem.co.in) with the following objectives in mind:

  • Revamp our key service sections and make it relevant to our current offerings (VPS, Value Added Hosting and Dedicated Servers).
  • Upgrade the CMS platform which is being used for the site backend to its current version.
  • Keep the UI of the site simpler with less graphics and color and a greater focus on providing relevant content to our users.
  • Enhanced navigation menu and other small tweaks across the site

Here is a preview of the last approved wireframe and we are aiming for a soft launch of our site by the end of July 2010.

Wireframe of the new Diadem Tech Homepage

Wireframe of the new Diadem Tech Homepage

This is going to be the fifth major revision of our site over the past decade and improving a large website like ours with just a couple of developers requires considerable planning, persistence and numerous obstacles to overcome before you can reap in its benefits. I am hopeful that the upcoming version would last us for atleast a couple of years before we rework it again and I will keep posting more updates as we make progress.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Posted by hriday under News & Updates
0 Comments

Keeping in view the ever growing needs of our clients for faster and higher performance web hosting servers, we have recently provisioned our first 64 bit Linux Web Hosting Server which is deployed with the 64-bit RHEL 5 Enterprise OS.

64 bit web servers are a significant step up in computer architecture and deliver higher performance, security and reliability of hosted web applications on such servers.  Here is the hardware configuration of our new 64 bit Linux (RHEL 5) server:

  • Quad Core Intel Xeon 5520 Processor
  • 6 GB DDR 1333 Registered RAM
  • 64 bit RHEL 5 OS and applications
  • Raptor 300 GB 10K RPM HDDs
  • RAID 10 Disk Array
  • Plesk 9.5 Control Panel

This shiny new 64 bit server is ready to host your website and unleash the power of the 64 bit computing platform for your website, email and hosted apps. You can view our 64-bit Linux Hosting Plans online get in touch with us for any queries on our plan features.

Reference: Wikipedia – 64 bit

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Posted by hriday under Linux
0 Comments

iSCSI or Internet SCSI (Small Computer System Interface), is an Internet Protocol (IP)-based storage networking standard for linking data storage facilities, developed by the Internet Engineering Task Force (IETF). By carrying SCSI commands over IP networks, iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances. The iSCSI protocol is among the key technologies expected to help bring about rapid development of the storage area network (SAN) market, by increasing the capabilities and performance of storage data transmission. Because of the ubiquity of IP networks, iSCSI can be used to transmit data over local area networks (LANs), wide area networks (WANs), or the Internet and can enable location-independent data storage and retrieval.

In computing, the iSCSI (for “Internet SCSI”) protocol allows clients (called initiators) to send SCSI commands (CDBs) to SCSI storage devices (targets) on remote servers. It is a popular Storage Area Network (SAN) protocol, allowing organizations to consolidate storage into data center storage arrays while providing hosts (such as database and web servers) with the illusion of locally-attached disks. Unlike traditional Fibre Channel, which requires special-purpose cabling, iSCSI can be run over long distances using existing network infrastructure.

iSCSI can run over existing Ethernet networks. A number of vendors, including Cisco, IBM, and Nishan have introduced iSCSI-based products (such as switches and routers).

Although iSCSI can communicate with arbitrary types of SCSI devices, system administrators almost always use it to allow server computers (such as database servers) to access disk volumes on storage arrays. iSCSI SANs often have one of two objectives:

Storage consolidation

Organizations move disparate storage resources from servers around their network to central locations, often in data centers; this allows for more efficiency in the allocation of storage. In a SAN environment, a server can be allocated a new disk volume without any change to hardware or cabling.

Disaster recovery

Organizations mirror storage resources from one data center to a remote data center, which can serve as a hot standby in the event of a prolonged outage. In particular, iSCSI SANs allow entire disk arrays to be migrated across a WAN with minimal configuration changes, in effect making storage “routable” in the same manner as network traffic.

iSCSI Fundamentals

Initiator

An initiator functions as an iSCSI client. An initiator typically serves the same purpose to a computer as a SCSI bus adapter would, except that instead of physically cabling SCSI devices (like hard drives and tape changers), an iSCSI initiator sends SCSI commands over an IP network. An initiator falls into two broad types:

Software initiator

A software initiator uses code to implement iSCSI. Typically, this happens in a kernel-resident device driver that uses the existing NIC and network stack to emulate SCSI devices for a computer by speaking the iSCSI protocol. Software initiators are available for most mainstream operating systems, and this type is the most common mode of deploying iSCSI on computers.

Hardware Initiator

A hardware initiator uses dedicated hardware, typically in combination with software (firmware) running on that hardware, to implement iSCSI. A hardware initiator mitigates the overhead of iSCSI and TCP processing and Ethernet interrupts, and therefore may improve the performance of servers that use iSCSI.

TARGET

iSCSI refers to a storage resource located on an iSCSI server (more generally, one of potentially many instances of iSCSI running on that server) as a “target”. An iSCSI target usually represents hard disk storage. As with initiators, software to provide an iSCSI target is available for most mainstream operating systems.

Common deployment scenarios for an iSCSI target include:

Storage array

In a data center or enterprise environment, an iSCSI target often resides in a large storage array, such as a NetApp filer or an EMC Corporation NS-series computer appliance. A storage array usually provides distinct iSCSI targets for numerous clients.

Software target

In a smaller or more specialized setting, mainstream server operating systems (like Linux, Solaris or Windows Server 2008) and some specific-purpose operating systems (like StarWind iSCSI SAN, FreeNAS, iStorage Server, OpenFiler or FreeSiOS) can provide iSCSI target’s functionality.

Diadem Technologies provides iSCSI storage solutions to clients who host VPS or dedicated servers on its network. To know more about iSCSI storage options , pricing  and how it can ensure greater availability and redundancy of your mission critical applications, please write to us at info@diadem.co.in for more details.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Posted by anirban under Web Hosting
0 Comments

In Drupal websites, the login and registration is already integrated by default. But in one of our sites, our requirement is to add some custom fields in the drupal registration form. E.g., Full name, address, state, postcode, etc.

To fulfill our requirement we will use profile module. Once, the profile module is installed and enabled you can add custom fields from administrative menu/user management/profile as shown in figure below :

Custom Fields

Custom Fields

Firstly, you will have to choose the field type from the list like text field, multi text field, checkbox etc.

Secondly, give a category name to make a group of your custom fields.

E.g., If you are giving “category name”=Contact Information to the fields then those fields will become a group and show under Contact Information tab.

Finally, Give the title of the field and a machine readable name. Check this option “Visible in user registration form” from the form. If this option is not checked then this field will not show in the user registration form. If you want to validate the field then check the option ” The user must enter a value “.  Click Add field button to save the field.

In our example, we have added some custom fields like registration type, full name, firm, etc. as shown in the figure below.

Registration form

Custom Drupal Registration form

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Posted by mithun under Drupal CMS
3 Comments