This review is for BurstNet (www.burst.net).

We sent a simple request to their support on Dec 19, 2000.
No response; not even an acknowledgement that they got
it. We called them on Dec 20, 2000; the support person
said he could not process the request and said to send email to the sysadmin. Did that. Now it is Dec 23, 2000
and not a single response yet; not even an ack.

Our request had to do with setting the permissions
properly on the account.

After creating a Unix account with them we realized that
the permissions on the shared server were not configured
properly. It requires giving world read permissions
otherwise the Web server will not be able to access the
pages. If your CGI needs to create a file then the
directory has to also be given world write permissions.
This is a really bad setup for a shared server. It allows
anyone else who has an account on that server to be able
to completely access your area. We asked
them to add the web server user id to our group so that
only group read/write permissions would need to be given
instead of world read/write permissions. It is terrible
that a customer has to tell them this; and still they
don't do anything. We plan on canceling the account
if they do not fix this security hole soon.

Called BurstNet support talked to Ben he
told me he is not authorized to make the change
Eric and Shawn who can do that will not be
back till Monday.

Lol.. Do they ever plan to improve?? I wish you had researched a lil before signing up with them.

I hate burst.net but 90% webhosts have that "nobody user" CGI config. Solutions: cgi-wrap, dummy user with ip fw / port 81, etc.

HX,

I can tell you that properly configuring a solution to let the scripts run as the owning user is a pain. I have had nothing but problems getting suEXEC to work on our new server. I am doing some more research and am trying to get it to work for the third time. I can easily see why most people would simply give up and let the scripts just run as nobody.

Best regards,
Frank Rietta

We have a local Linux server with Apache
and I setup suExec on it a while back.
Here are some notes that I had made when
doing it. Maybe it might help you.

To add the suExec support

Go to the apache distribution directory
Edit src/support/suexec.h
change HTTPD_USER to nobody
search for 'not in docroot' and comment out this requirement;
too stringent; will not allow us to create cgi-bin directories
outside of document root (not sure what security problem this
causes).
Compile suexec.c
cc suexec.c -o suexec
By default apache will look for
/usr/local/apache/sbin/suexec
to be the su wrapper. Copy the
suexec binary to this location
mkdir /usr/local/apache/sbin
chmod o+rx /usr/local/apache/sbin
cp suexec /usr/local/apache/sbin
Set appropriate permissions on suexec
chown root /usr/local/apache/sbin/suexec
chmod 4711 /usr/local/apache/sbin/suexec
Set directory permissions
chmod o+rx on all the directories leading to suexec
or make sure that suexec is accessible and executable by the
id running the web server

We will make sbin an actual directory in the
version specific server directory, thus make sure
/usr/local/apache is linked to the apropriate version
specific directory before doing the above commands

Good luck.

Well about 2 weeks after the initial
request, they finally did what we
requested (added userid nobody to our
group).

Now we found that any program which
runs for more then 20 seconds is
automatically killed.

Have there been any improvements with there service? Coz some one told me there service had improved? What do you think?

I have nothing but good things about them the last 4 months, they have steady growth, no machines going down.

Instead of complaining here , you should just call burst, i`m sure they have it fixed asap.

Before you anyone signs up with Burst, see this thread:
http://webhostingtalk.com/showthread.php?threadid=1298

Is that how you want the company YOU host with to repond to criticism?

i have said they have improved, and have grown. The issue is now, they will fix problems. The past is the past, i`m sure something like that will not happen again.

I still think they are Currently a good company, many businesses have grown with them.


Bill

Now if they could just fill more than 50% of inventory on a consistent basis...