Results 1 to 14 of 14
  1. #1

    Does anybody have any experience with servage

    I want to register a domain through servage. Before doing so i need some experiences with servage? what are the drawback and what are the advantages? plz tell me. i will be helpful to you.

  2. #2
    Join Date
    Jun 2006
    Location
    East Coast // NYC
    Posts
    1,698
    Your best bet would be to do a search on servage reviews on the title only.

  3. #3
    Join Date
    Aug 2005
    Location
    Canada
    Posts
    862
    Draw backs:
    No logs, not much stats, not great security, limited support channels (e-mail and control panel), daily bandwidth/hit limits.

    Advantages:
    Huge bandwidth, clustered redundant web servers, not so restrictive TOS/AUP, frank CEO (steff).

    If you want to know more, read reviews by searching "linuxhata".

    Oh, don't get scared by some people repeating "overselling" like a bunch of parrots.
    Some small hosts act mechanically to other hosts offering more competitive packages.
    It's a robotic reaction, I guess. They can't help it, most probably.

  4. #4
    what do mean by great security? does they take a backup everyday?.. or permits me to backup my databases?

  5. #5
    Join Date
    Apr 2003
    Location
    Huddersfield, UK
    Posts
    1,490
    I was deeply reluctant to use Servage but, in all honesty and I hold my hands up I've been pleasantly surprised

    The Servage clustered system appears to work great as my site is never down (as reported by 3rd party monitoring) and bandwidth has never been a problem (my site is popular software downloads provider).

    Never had any security problems and tbh I've not seen any reported either but, security is also a customer thing (scripts ...etc).

    You can switch safe mode on/off and globals on/off for each site hosted independently (I have several domains hosted some of which have their own virtual/seperate server space).

    You can backup databases via the control panel (I've done several times) with one click

    Backing up your whole site(s) and or server is a problem for me as despite several cron jobs it never works so I do mine via either a script from HotScripts or just download it raw via ftp.

    Other than that everything's sweet. Everything works as should and no problems.

    Hope this helps.
    ┣▇▇▇═─√v^√v^√♥
    - Proudly Hosted By: DTS-Net

  6. #6
    Join Date
    Aug 2005
    Location
    Canada
    Posts
    862
    Security at servage was bad when I was using them.
    For example, they were offering Apache's default status page for anyone.
    So, anyone could see which IP was accessing which URL, and so on.
    It's like showing your raw log to public (not as bad, though).

    And they were running (and they may be still running) mod_perl & mod_php without grsec.
    It means you HAVE TO use unsecure permission setting of 777 (or owner/permission combination writable by basically anybody).

    If you used compiled binary CGI, you could get away by using suid CGI.
    But the program should do some checking to make sure that it was invoked by the access to your site and not by a script of other site.
    Also, not many people know about the possiblity nor care about using them, in addition to the fact that it must be a compiled binary CGI.

    And there were a few other things I noticed and I reported to them, but they didn't even want to talk about the security (a bad sign).

    So, I can say that they cared less about security than some other hosts I've used, at least a few years ago.
    (You can check these if you have multiple account ofn the same cluster or if you have a friend who have an account on the same cluster.)


    Now, maybe they have improved the security (they've already improved a bit about the structure of user directory, while I was using), but I'm not sure as not so many people really care about these details (although very important in my view) and most report in WHT don't cover these aspects, somehow.

    Quote Originally Posted by EncoderZ
    Never had any security problems and tbh I've not seen any reported either but, security is also a customer thing (scripts ...etc).
    With a host using SuExeced CGI/PHP, it's easier to keep the security by using correct permissions.
    If a host use grsec and if the setting is good, I guess it's even better.

    For a host with mod_php, mod_perl and without grsec or other means of security,
    user can't make it very tight, if s/he is using a script that needs to write a data.

    And if your directory/file is readable any everyone hosted on the server/cluster,
    it means they can read your DB password and everything.

    You have to think about the security in terms of someone trying to get in from your own scripts and ALSO from the back, using a cracked account of someone hosted on the same server/cluster/network.

    That's why I never recommended servage for someone who hosts something other than totally public data.
    For a downloading site, for example, the security isn't a big problem, because you don't care if someone is downloading from your site, or using an account of someone else with a script.

    But if you have something you don't want others to see, well, you may better check current situation.


    PS.

    LunarPages' security wasn't so good when I was using them several years ago, either, to be fair.
    And PowWeb's security wasn't very tight, either. Their raw log was visible by any user on the same cluster, too.
    (But they improved it when I reported and suggested different methods.)
    Last edited by extras; 12-26-2006 at 07:00 PM.

  7. #7
    Join Date
    Apr 2003
    Location
    Huddersfield, UK
    Posts
    1,490
    Not sure about suexec as nobody has overwritten or inject my index pages yet but, Server API directive is Apache value ...

    The directory and files default permissions are correct ...

    Even though I host files for downloads, I choose scripts carefully and am careful about script permissions and http referer (referrer) plus change dir. name often ... etc.

    You may often find hosting providers shy away from discussing server security for obvious reasons.

    Kind regards
    ┣▇▇▇═─√v^√v^√♥
    - Proudly Hosted By: DTS-Net

  8. #8
    What the are drawbacks if i dont get any RAWLOG?

  9. #9
    Join Date
    Aug 2005
    Location
    Canada
    Posts
    862
    Raw logs can show you who accessed which URL and what kind of response they got.
    It's very valuable for someone who would like to check traffic, plan the site construction strategy, checking for any cracking attempt, and so on.

    PS.

    I saw your PM.
    Unfortunately, it's not very simple and alos it can be a very time consuming task.
    So, I recommend you to ask in here (or better security section of WHT) with all technical details, such as OS, server setup, if PHP is running as CGI or not, SuExeced or not, and so on.

    If you want high quality response, rapidly, you should hire a real security expert.
    (I know enough to maintain my site, most probably, but not a security expert.)

  10. #10
    Join Date
    Aug 2005
    Posts
    3,587
    Servage is actually doing quite allright. They served my website well, but sometimes it's a bit slow... But upon request you're moved to another server without problems or hassle.

  11. #11
    What do you mean by Slow? Is there response slow?

  12. #12
    Join Date
    Apr 2003
    Location
    Huddersfield, UK
    Posts
    1,490
    Quote Originally Posted by mishu007
    What do you mean by Slow? Is there response slow?
    Response as in server speed or customer services?

    CS is pretty fast and server speed I've not noticed a problem tbh.

    I have however noticed rare slight slowness that is attributed to hops to & or from the Servage server(s) but not Servage itself and certainly nothing that concerns me.

    Hope this helps
    ┣▇▇▇═─√v^√v^√♥
    - Proudly Hosted By: DTS-Net

  13. #13
    Join Date
    Aug 2005
    Posts
    3,587
    I meant serverspeeds. Well, connecting to the servers can sometimes take too long. And this is for HTTP as well as for FTP and email. Their supportteam is always fast and friendly, no bad comments about them at all!

  14. #14
    Ok.. thanks for the help.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •