Moving Hosts

Let us face it – many times as a webmaster, you find that you have to move your hosting account from one to another for various reasons. Some hosts offer additional advantage, better servers, physical location of the DC (data center) to the targeted audience, consolidation of online assets and better value for the money – to name a few common reasons for moving hosts.

It can be quite disruptive for the uninitiated and in the process of moving your host you might end up losing the rankings from some of the search engines. We have done this many a times and we try to cover the basic steps involved in moving your hosting provider.

Step 1 ; Creation of Full Backup:

Before you proceed any further, first take a full backup of your site. Many webmasters rely on the hosts to get a full backup on a periodical basis. It would be prudent if you have an independent backup created offline at a set period on a regular basis.

If you have a database, take a full dump of the database ( if it changes every minute as they do in most production environment) and you can sync your data to that of the new host eventually.

Moving Hosts

Step 2 : Setting up the New Host:

We will assume that you have found a new and better host and you have created an account. Some hosts will charge some nominal amount to set up your account. Most will give you a control panel to set up customization. If you are on a shared hosting, insist on a unique IP address. It does not cost a lot. A dedicated IP address helps establishing your unique presence. It comes in handy for many things too.

Set up your FTP details from your control panel and start uploading your files. Take care to preserve the same directory structure. If you have taken a full backup and you have a shell access to your hosting account, you can use the tar function from the shell to place all the files along with the original file permissions. In Unix/Linux Hosting, some pages may require specific file permissions to work. If you have a database, set up the database and make sure that you create the username and password to access the database as per your old hosting account.

Now use your dedicated IP address to test your pages. As you have not started the transition of the DNS, you will have to depend on the IP address to display your pages.

If you are sure that everything is working normally as usual, proceed to the next step.

Step 3 : Setting up DNS :

Your new host will have provided you with information about their Domain Name Servers. It would be something like this:

Nameserver 1: ns1.targetwoman.com 70.84.70.105

Nameserver 2: ns2.targetwoman.com 70.84.70.99

Login to your domain name registrar and find your way to the domain name server part. It should show you the old host’s name server details.

Make the required changes to the entries – pointing to the new host’s domain name servers.

Don’t expect to see your browser immediately displaying pages from your new host. It won’t. You need to wait for the DNS propagation which can take typically about 72 hours.

If you are using a Windows machine to browse, learn how to purge the old DNS cache as here: Go to Start – Run – cmd ->

You will be presented with a black window reminding you of the old days of DOS. You type:

ipconfig/flushdns

Whereupon you will be told that the operation of flushing the DNS was successful. Now type

ping yourdomain.com

You should see the IP address of your new host now.

If not wait for a few hours and try again.

Step 4: Post Moving … :

Don’t shut down the old server – yet. If you have a constantly changing database, you will need to sync the old database to the new one. You will have to keep the old server up and running for a week. Purge the contents after the 3 day from your old server.

IP Number

What you should know about your IP number ?

Lots of people especially webmasters are familiar with the IP Numbers which identify their unique address in the “stateless world” of Internet. Equally there are many who blink at this term. This blog sets out to unravel the mystery of this in a simple way.

 

For example the adjacent number (unless you have javascript disabled in your browser) shows your IP address along with some information about the browser type – .

Your IP number identifies your computer – like your physical address. IP (Internet Protocol) Address refers to a set of four octets (numbers) separated by a dot (.). Each octet consists of a number between 0 and 255. There was a popular movie in which the main actor is peering into the monitor of her computer displaying some IP address with one octet as “275”. You can’t have such IP addresses in real life.

 

Many computer peripherals operate assigned with their own IP addresses to help the users manage them easily. Your network printer can be fed with the document to print by assigning the print task to the particular IP. In the modern networked environment each peripheral or machine can be controlled, monitored and managed in a more effective manner if they have their own Network interface. This also is the main reason why we may face a shortage of available IP numbers in the near future. The current system which uses IPv4 uses 32 bit addresses which has a maximum limit of 4,294,967,296 addresses.

 

If the entire world is going to be connected to the Net along with their machines, then this IPv4 system simply will run out of available numbers. So they may eventually shift to the IPv6 system in which 128 bit addresses will be used.

IP number

To give you an analogy of how things are – we will use a hypothetical physical address like this:

[Note: all addresses given below are imaginary and do not represent anyone]

 

32, West side Avenue,

San Jose, CA

USA

 

Class A:

IP numbers are grouped under classes too. Class A represents the first octet like so :

72. xxx.xxx.xxx

This might be like your country code. But each country may have many sets of Class A addresses assigned to them.

 

Class B:

72.84.xxx.xxx This example shows a typical address which is like your city code.

 

Class C:

72.84.70.xxx This example shows a typical address which is like your country:city.street address

 

The last octet represents your machine.

 

There is one more detail: Many ISPs assign your IP number dynamically using DHCP (Dynamic Host Configuration Protocol). Not all users need the IP addresses permanently. Servers and other mission critical users require permanent dedicated IP addresses while the rest can manage with dynamically assigned ones when they need it.

 

Now that we have reached your “home” you can specify the connecting port – your entry point to your machine. You can operate many systems assigned to individual ports in the IP address. For example, you can run a web server under port 80 and a mail server under port 25 and so on.

 

In our firewall blog we have touched upon locking down the ports we don’t use. Using the same physical analogy as above, you secure the windows and doors when they are not normally used. You close the access to the particular ports ( in our case of firewall, we close all the ports unless otherwise required) when not required.

 

Geotargeting: In these days of highly competitive world, you want to maximize on your advertisement dollars. You don’t want people from Timbuktu to click on your ads targeted at the New York city dwellers. Or you want to maximize the reach of your specific ads to the specific target audience. The easiest way is to use Geotargeting which sends specific pages/ads to specific location based on the visitor IP number. Many search engines use this technique all the time to deliver localized search results.

 

Next time you see something like the following in your server log file – you are unlikely to be fazed by the IP numbers :

 

192.168.0.3 – – [28/May/2007:11:31:43 +0530] “GET /cgi-bin/info HTTP/1.1” 200 250 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;)”

 

Firewall Setting up Part II

Just as there are differences in the Operating Systems, there are differences in software firewalls and the way they are implemented.

Basic Firewall Rules: To start with, you deny all inbound traffic unless explicitly allowed and specifically under authorized open ports. It is a good idea to log all denied traffic and the log files checked periodically for any signs of determined effort to bypass your security. Log files serve no useful purpose unless reviewed periodically.

Some commonly used Terms:

NATNetwork Address Translation – This is used to send traffic addressed to outside IP from the local internal network and back. For example if an internal computer with the IP address of 192.168.0.5 browses the Net and sends the request to the server of Targetwoman, the NAT enabled system routes the request to the targetwoman server as if the request emanated from the external IP of our Network and collects the sent traffic from the targetwoman server and returns it to the right machine – 192.168.0.5 – even if there are dozens of machines in the local network.

Packet Filter – The firewall reads each data packet for filtering based on a set of Firewall rules.

DMZDe Militarized Zone – Has nothing to do with the Army except for the military parlance. A local machine is deliberately set to access the Net for some specific or all ports. For example, if a webserver is running in a local server, it would be prudent to avoid the latency and added burden of monitoring the Web server traffic – in some cases.

Reject/Drop Distinction : If a packet is rejected by the Firewall, it returns “connection refused” error to users who attempt to connect. On the other hand, if a packet is dropped, the Firewall doesn’t send any error message. It may be wise to drop packets to avoid giving a malicious user any clue.

With the preamble as above, we will see how a simple Firewall can be setup using Netfilter and Firestarter.

Depending upon your distro of the Linux, you should have downloaded the RPM package or the source tarball. Goto a terminal and type su ( You must be root to install this ) and proceed as follows:

rpm -Uvh firestarter*rpm

Which should install Firestarter if you have no unresolved dependencies.

If you have downloaded the source file, you will need to do the following:

tar -xvzf firestarter*tar.gz
cd firestarter
./configure

With that out of the way, you can start the firestarter by going to RedHat – > System Tools – > More System Tools – > Firestarter Firewall Tool ( if you are running RedHat 9 )

You will be presented with what looks like the image given here:Firestarter Firewall

If you are impatient, head for the Wizard and it will set up a basic Firewall using default set of rules, which you can change any time later.

When it starts Firestarter sets a restrictive policy which you can modify in the preferences section. You will have to go to Edit – > Preferences to access this section.

Firewall Setting up

Under General – select Start Firewall on program startup. Under Services, enable only the services you need :

From the Net ( public access) you can provide access to any of the services listed here. SSH may be the only thing you may need to give access if people are required to access the Linux box from outside. Enable as required.

You can enable NAT (Network Address Translation) from the preferences section. Set the internal network device to point to your actual device from the drop down menu. If you are in doubt, check by typing at the terminal:
ifconfig

If you leave the Autodetect internal IP range, it will select the private class C – 192.168.0.0/24.

Select the external device as appropriate and you are done.

Congratulations if you had followed through to this point. You have a firewall running ….

Our Parent site TargetWoman - the leading women portal presents painstakingly researched extensive information in the form of thousands of condensed pages. It offers the widest and the most detailed information on subjects women care.