Connecting to a PPTP VPN from an OpenVZ CentOS VPS

When setting up the PPTP and PPP packages on an OpenVZ VPS in order to connect to a VPN, there are a few extra steps you need to take that you don’t have to do with a non-virtualized box. First, you have to load the following kernel modules on the hardware node and/or set them […]

Continue reading...

Tweaking Apache Settings for VPSs

Apache’s default settings assume it’s running under a dedicated box with at least 2GB of RAM, so they don’t perform very well in a VPS that may only have 500MB. I recently made some tweaks to several VPS’s that reduced memory usage by 300-400MB without degrading performance. Apache Performance Tuning is a good article that […]

Continue reading...

Creating an OpenVZ Template From an Existing VPS

I recently setup a VPS on a new OpenVZ node and wanted to use it as a template for future VPS’s created on that node. ┬áThe instructions in the wiki are actually overkill for this situation; here’s all I had to do: vzctl stop [vps id] Create /tmp/vz-template-exclude.txt and add these lines to it: .bash_history […]

Continue reading...

Directory Permissions for WordPress under Plesk/Linux

Jason Diehl describes the right way to setup directory permissions on a Linux box running Plesk so that WordPress can automatically create the directories it uses to store uploads. Basically, you need to make sure that PHP’s safe mode is turned off and that wp-content is owned by apache, in the apache group, and chmod’d to 777.

PHP Error Logs with Virtuozzo

Virtuozzo sets domains up to have PHP’s display_errors flag turned off by default, so that you’ll only see a blank page when there are critical errors. This is a good thing in production environments because it avoids potential security issues, but it can also be annoying when you’re trying to debug something. Instead of displaying […]

Continue reading...

Firewalling an OpenVZ node and containers

The OpenVZ wiki has a nice script for firewalling an OpenVZ node and it’s containers. It creates a service and configures iptables to block all traffic to the node (except the ports you specify), but allow all traffic through to the containers, so that they can manage their own firewall. It also allows the container’s […]

Continue reading...

Relaying Qmail Through a Spam Filter

If you’re running a mail service on a web server so it can send out e-mail from contact forms, etc then you’ll want to make sure it’s relaying outbound mail through a spam filter, or it could be used to send spam if the forms get hijacked. For qmail, you just need to create /var/qmail/control/smtproutes […]

Continue reading...