Avoid “Hotlink Protection” feature in cPanel 11.25, 11.26

In cPanel 11.25 and 11.26 (not tested earlier versions) when you add “Hotlink Protection” in cPanel it will add the appropriate mod_rewrite code to all domains, subdomains, add-on domains. It looks similar to this:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://test-cpanel.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://test-cpanel.com$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.test-cpanel.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.test-cpanel.com$      [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]

It actually checks for the line “RewriteEngine on” and does not add it a second time into the .htaccess which is smart… The problem comes when you remove hotlink protection.

cPanel goes through all domains, subdomains, add-on domains once again this time and removes the code but it removes all instances of “RewriteEngine On” in every .htaccess. The problem that comes with this is that if you’re running something such as WordPress, vBulletin, IPB, or any other script that uses mod_rewrite, as most do, suddenly all of your rewrite rules no longer work. Continue reading


Sales Ticket with an [Interesting Character]

At MDDHosting today we received an order which our sales department reviewed and determined was likely fraud and marked the order as such.  We shortly there after received an email from the individual who will hence forth be known as “Interesting Character” to protect their identity.  While they may not actually be a fraudster – their order details and actions all indicated that they most likely were.

The individual signed up using a first name and last initial only, their mailing address was a mail forwarding address, and many other red flags were sent up when this individual attempted to order services.

Here is a complete view of the email conversation with all personally identifying information redacted and by all means read it over and let me know what you think in the comments.

Interesting Character
Potential Client
03/31/2010 20:39
it seems like there is an issue with my order. can you please review it and approve it?
thank you
[Interesting Character]

Continue reading


Another Day, Another DoS

Disruption of Service (Graph)

Let’s face it – the world tends to be a very hostile environment and the internet is not much different.  From viruses and trojans to distruption of service attacks – it happens all day every day and it is only a matter of time before it affects you.  I have personally dealt with two DoS attacks in the last two weeks and both for very different reasons although the end result is about the same.

Last week the DDoS, or distributed disruption of service, attack was motivated entirely by financial gain for the attacker.  The attacker had previously attacked another hosting company called A Small Orange and had attempted to extort $7,000 from the company to stop the attack.  ASO did not bow to the demands of the attacker and simply worked to filter out the attack and return service to their customers.  While some of ASO’s customers were not satisfied, many times when a provider is put in this situation there is not much that can be done.

The attacker moved on from ASO to my company and sent a message to our sales department informing us that we were next.  The attack began about an hour later and peaked at about 4.5GBPS which is enough to  bring down most small data centers in their entirety however our data center SoftLayer Dallas was able to filter out the attack within 10 minutes to restore full service.  The attacker subsequently moved on to their next target which was VectorLevel who was hosted with Colo4Dallas at the time.  The attack at VectorLevel brought Colo4Dallas to it’s knees until the attack was null-routed at C4D’s upstream provider.  At the time of this writing Colo4Dallas’ web site was unreachable and as such I am not directly linking to it. Continue reading


LiteSpeed Licensing – 39 Months To Make Owned Worth It???


I was doing the math on the licensing structure (we’ll go with the 1-CPU Enterprise license as this example).

I will start by saying that I realize it is in LiteSpeed Technologies’ best interests for you to lease your license from them as this gives them the most profit/income etc… where as an Owned license is generally seen as a larger up-front investment to reduce long-term costs.

I am also aware that I am comparing monthly lease to a yearly ownership as I am wanting to compare the extremes (smallest up-front investment vs the largest).

Owned licenses are an investment into LiteSpeed Web Server/Technologies and I always look at investments based upon how well they will return and how long until they return. A 39 month wait until the investment begins to return is a tad too long in my opinion and as you read on you will see the details of my analysis of their licensing program. Continue reading


LiteSpeed4.0 vs Apache2.2 In My Eyes

LSvsAPI will start this post by saying that I have used Apache for more than 2 years in production environments and I am quite experienced at optimizing Apache to accomplish the goal at hand should it be handling thousands of connections simultaneously to serving dynamic web sites quickly and efficiently while minimizing the memory footprint.

I have in the past fought tooth-and-nail for Apache’s ability to match LiteSpeed Web Server’s speed when serving web sites.  Apache can be configured to be nearly as fast if not just as fast as LiteSpeed but the problem is that Apache requires in my own personal testing nearly two times as much memory and FastCGI to come close to LiteSpeed comes out of the box.  LiteSpeed claims to serve static content up to 9 times faster than Apache and PHP up to 50% faster.  While I won’t go into depth as to which one can do what faster, I will go into why I chose to move my company from Apache to LiteSpeed and what benefits we have seen.  If you want to see benchmarks that compare LiteSpeed and Apache I recommend you search Google. Continue reading