Your WebFaction account: the control panel

This is the third in a series that’s going over what’s included in your WebFaction account. In today’s installment, we’re taking a closer look at the control panel.

screenshot of the control panel

There’s a lot going on the control panel because it’s the hub of every WebFaction account. Nearly every part of account management, from billing to disk usage to applications to support, has a part to play in the control panel. And that’s by design: the control panel is often the first and last place you need to go to manage something to do with your account.

For example, the control panel is your account’s virtual postmaster, with the ability to create and manage email addresses and mailboxes. Common tasks, like setting up autoresponders and forwarding mail can be managed from the control panel, without requiring complicated configuration files.

One area of the control panel that we’re particularly fond of is our one-click installers. With the control panel, you can install a bunch of popular applications with the absolute minimum of hassle. It’s such an important part of the control panel, we did a whole series of blog posts on just one-click installers.

Of course, sometimes you don’t want to have to actually click anything. That’s why many things that you can do with the control panel can also be done with the XML-RPC API. With the API, you can automate many control panel tasks, like creating email addresses or managing DNS overrides. The API even knows a few tricks that the control panel doesn’t, so check out the API documentation for a tutorial and reference.

Lots of web hosts have control panels, but many use off-the-shelf packages that are designed for the generic idea of web hosting. We’ve made our own control panel that’s designed for our customers’ use cases and our service’s strengths. We have the flexibility to improve the control panel, and do things like add a new feature without waiting on a vendor’s release schedule. We’re proud of the control panel and strive to make it the best tool possible for our customers.

To learn more about what you can do with your WebFaction account and the control panel, check out our documentation site or join us in the Q&A Community.

Previously in the “Your WebFaction account” seriesEmailServers

Posted in Control panel | Leave a comment

New control panel feature: simple user permissions

A few days ago, we quietly introduced a much-requested new feature to the control panel: granting extra SSH and SFTP users access to directories. We made this two-minute screencast about managing extra user accounts that covers the new feature:

Now you can grant an extra user access to a particular directory right from the control panel. It’s much faster and less error-prone than doing so in a shell session manually. While it’s not a substitute for fine-grained access control, it’s perfect for dealing with the common case of granting a user access to a particular application or subdirectory.

So check out the screencast and give the new feature a try. If you have any questions, join us in the Q&A Community.

Posted in Control panel, Screencast | Leave a comment

Fun with WebSocket: Setting up a shared drawing board

Three weeks ago we added support for WebSocket to our platform. WebSocket is a protocol providing full-duplex communications channels over a single TCP connection. It means that multiple clients can stay connected to a server and they can communicate back and forth much quicker than with the standard HTTP protocol.

One case where WebSocket is useful is when the changes made by one client need to be instantly broadcasted to the other clients.

As an example we’ve set up a shared drawing board web app where multiple people can draw on the same canvas at the same time. The tools we used are:

  1. A hosting account that supports WebSocket and Python
  2. The CherryPy Python web framework
  3. The WebSocket for Python library
  4. The jCanvas javascript library (built on top of jQuery)
  5. 300 lines of Python code for the web app itself

The source code for the drawing board is included as an example in the WebSocket-for-Python library and you can try the demo at https://demos.webfaction.com/drawing

Here is a short video showing the drawing on one device being instantly displayed on another device (after travelling via the server which was hundreds of miles away):

Posted in Python, WebSocket | 5 Comments

Security issue in the OpenSSL library (Heartbleed bug)

As many of you have probably heard a serious security issue (dubbed the “heartbleed bug”) was found in the OpenSSL library yesterday. This is a very serious issue as this library is used to encrypt a large percentage of the Internet’s traffic, including web and email.

The security issue could allow anybody to access parts of the encrypted traffic as well as the secret keys used to encrypt that traffic.

What we have done

As soon as we were made aware of the issue we started updating the OpenSSL version used by our various systems and we replaced the SSL certificates that we were using.

As of now all of our systems have been patched and all of our SSL certificates have been replaced.

What you should do

We are not aware of any data having been compromised but there is a possibility that some may have been so as a precaution we recommend making the following changes:

  1. If you are using SSL certificates for your sites there is a risk that your certificates have been compromised. So we recommend that you ask your certificate provider to re-issue your certificates and then open a ticket for us to replace your certificates with the new ones.
  2. Once you have replaced your SSL certificate, you should consider that the data secured by your old SSL certificates may have been compromised. Change any passwords or other credentials that were encrypted by your old SSL certificates.
  3. We recommend that you change your WebFaction control panel password. Although the WebFaction control panel wasn’t vulnerable (it uses a different version of the OpenSSL library) the SSL certificate that it uses may have been compromised because it was also used by other sites which were vulnerable. So there is a small possibility that some control panel passwords may have been compromised.
  4. If you’re using phpMyAdmin or phpPgAdmin on our servers you should change these passwords.
  5. If you are using our email services we recommend that you change your email passwords.

You can find more information about the heartbleed bug at http://heartbleed.com

If you have any questions regarding this issue just open a support ticket and our team will reply to you asap.

Posted in Control panel, Email, Server setup | 2 Comments

Your WebFaction account: email

This is the second post in an in-depth series on what’s included with your WebFaction account. In today’s installment, it’s time to take a look at email. Email’s easy to take for granted, but your account includes several email features that ought to make life with email a little easier. Let’s look at the highlights:

  • Sending, receiving, and storing email
    Rather than expecting you to run your own mail server, you can send, receive, and store email using our managed mail servers. Instead of fiddling with configuration files by hand, you can set up accounts and email addresses with the WebFaction control panel.
  • Spam filtering
    We take broad measures to prevent spam from reaching your inbox, like rejecting mail from servers that are misconfigured or known to be operated by spammers. We also run SpamAssassin, an open source tool for detecting spam, to give a spam score to every incoming message. With the control panel you can choose how spam messages are handled: have them immediately discarded, have them put into a spam folder or, for advanced users, have them processed with custom filtering rules.
  • Automatic mail tools
    Aside from spam detection, you can set up other ways to automatically deal with email. You can forward incoming messages to another address, or you can set up autoresponders to let people know when you can’t respond yourself. You can even choose to direct incoming messages to a script to process with your favorite programming language.
  • Many ways to get your mail
    Once you’ve received mail, you have several ways to access it. You can configure your mail client to access mail stored on the server with IMAP, or to download mail with POP. To send mail, you can use SMTP. And if you don’t want to run a dedicated mail client, you can log in to WebFaction’s webmail interface.
  • Unlimited email addresses
    Feel free to set up as many email addresses as you like. You can add addresses with the control panel, and you have the flexibility to have a single mailbox receive messages for multiple addresses. You can also receive as much mail as you like, provided you don’t exceed your account’s disk space limits.

With this set of features, email with WebFaction can be used in a variety of ways. Individuals can set up their favorite email client or use the webmail interface to exchange mail with friends and family or clients and colleagues. Likewise, your web applications can benefit from email communications, like sending welcome email or password reset messages.

We hope this post gives you a better idea of the mail capabilities of your WebFaction account. For more details, check out our mail documentation, and if you have any questions, join us in the Q&A Community.

Previously in the “Your WebFaction account” series: Servers

Posted in Control panel, Email, Server setup | 4 Comments

Your WebFaction account: servers

This post is the first in a new series for potential and current WebFaction customers to learn more about what’s included in WebFaction plans and accounts. For new and potential customers, we’re going to go in-depth on what WebFaction delivers. For customers who’ve been with us for a while, we hope to remind you of your plan and account features, so you can continue to get the most out of your account.

At the core of every WebFaction plan is use of one of our shared or dedicated servers, depending on your subscription. Regardless of the specific plan, each comes with an allocation of disk space, an allocation of memory, and SSH access.

Disk space and memory are critical to web hosting. Your disk space allotment, measured in gigabytes, is the amount of files you can store on a WebFaction server. Currently, our plans start with disk space allotments of 100 GB. As a point comparison, 100 GB is which is about as much data found on two to four Blu-ray discs. Your memory allotment, measured in megabytes, is the amount of the server’s working memory (also known as RAM) that you can use. Currently, a WebFaction plan starts with 512 MB of memory, which is sufficient for a wide variety of processes, including web applications and utilities.

Note that, on a shared server, your memory and disk space aren’t dedicated pieces of hardware for your use alone. To keep costs and prices low, your files are stored on disk drives split up between users, just as your processes use physical memory modules split between users. This kind of sharing is done in controlled way, so that individual users may not exceed their allotments of memory or disk space to the detriment of their server neighbors. This kind of sharing also comes with a major benefit: common processes, like nginx for static-only sites and shared MySQL and PostgreSQL databases, are shared across the server’s users, so they don’t count against your individual consumption of your memory allocations. Compare that to a Virtual Private Server (VPS), where each individual user must pay for the memory and disk space required to run a full operating system.

To access your server, your plan comes with a user account that’s accessed with SSH, or Secure Shell. SSH is an encrypted and authenticated way for you to connect to your server. You can use it control your files and processes and, thus, your disk space and memory consumption. With SSH, you can run software using a command-line interface called a shell (most people use the default shell, Bash). You can manage files using command line utilities, or connect with your favorite SFTP client. SFTP is a secure alternative to FTP, and uses SSH to communicate between client and server. Many hosts do not allow SSH connections (or even SFTP), but we offer it because it’s more secure and flexible.

To learn more about what you can do with your WebFaction account, check out our documentation site or join us in the Q&A Community.

Next in the “Your WebFaction account” series: Email

Posted in General | Leave a comment

Busy October and a $50 credit for all new services ordered

As you may have noticed October has been a busy month for WebFaction:

To finish the month in style we are giving a $50 credit for all new services ordered before October 31st at midnight UTC:

New customers: just sign up between now and October 31st, pay $9.50 for the first month (or pay for longer) and enter the promo code “BUSYOCTOBER”. $50 will automatically be credited to your account.

Existing customers: add one new service to your account (or upgrade an existing service) between now and October 31st, pay for one month of that service and mention the promo code “BUSYOCTOBER”. A $50 credit will be automatically added to your account. You need to keep the new service for at least 6 months to keep the credit.

Each customer is limited to one credit only, and it is non-transferable and non-refundable.

Here is to a great October and many more great months to come!

Posted in Django, General, Ghost, Node.js, Python | Leave a comment

New one-click installers: Node.js and Ghost

Today we’re unveiling two new one-click installers: Node.js and Ghost. Both of these applications have been requested often, and we’re happy to be able to bring them to you.

Node.js

Node.js is a platform for running JavaScript applications, especially on the server. Node (as it’s commonly referred to) uses the V8 JavaScript engine from Google Chrome, so you can use the familiar browser language that you know and might love in a whole new environment.

Node has a substantial API, including an HTTP server, so a simple application looks something like this:

var http = require("http");

http.createServer(function(request, response) {
  response.writeHead(200, {"Content-Type": "text/plain"});
  response.write("Hello World");
  response.end();
}).listen(13478);

In fact, you’ll find a hello-world.js script just like this in the Node.js application directory, after you install it with the control panel. You can check out ~/webapps/node_app_name/bin/start and ~/webapps/node_app_name/bin/stop to see how the application runs (or modify them to run your own Node creation).

Node also comes with a package manager called npm, and so does the Node one-click installer. The package manager makes it quick and easy to install Node modules and their dependencies. Your Node application’s copy of npm is available in the application’s bin directory, and it can be used like this:

[demo@web310 ~]$ cd webapps/node_demo/
[demo@web310 node_demo] $ ./bin/npm install underscore
npm http GET https://registry.npmjs.org/underscore
npm http 200 https://registry.npmjs.org/underscore
npm http GET https://registry.npmjs.org/underscore/-/underscore-1.5.2.tgz
npm http 200 https://registry.npmjs.org/underscore/-/underscore-1.5.2.tgz
underscore@1.5.2 node_modules/underscore

Then you can require installed modules just as you’d expect:

[demo@web310 node_demo] $ ./bin/node
> var underscore = require('underscore')._;
undefined
> underscore.map([1, 2, 3], function(num){ return num * 3; });
[ 3, 6, 9 ]

To learn more about Node.js, check out Node.js’s official documentation.

Ghost

Ghost Screenshot

In addition to the Node.js one-click installer, we’ve also added an installer for Ghost, a new, open source blogging application. Ghost is described as “just a blogging platform,” as opposed to more complicated content management systems, like WordPress or Drupal. There’s been a lot of excitement about Ghost, especially because over 5,000 people backed the project on Kickstarter earlier this year.

Because Ghost runs on Node.js, everything you’ve just learned about the Node.js one-click installer also applies to the Ghost installer. To get started with Ghost, add a Ghost application to a website, and then open http://example.com/ghost/signup/ (where example.com is your site’s domain) in your web browser. Ghost comes with a handy example post to teach you some of the basics.

To learn more about Ghost, check out the Ghost Guide, but keep in mind that Ghost is experimental software (its first public release was last week), so you may find yourself breaking new ground.

Whether you’re interested in Node.js or Ghost, give one of the new installers a try. If you have questions or run into problems, then join us in the Q&A Community.

Posted in Ghost, Node.js | 23 Comments

New one-click installer: Django and Python 3

Today we’re introducing a new installer and we think this one is pretty special. You can now install Django 1.5 running on Python 3.3. The team at WebFaction is excited to be an early Python 3 adopter by becoming one of the first hosts to support Django on Python 3.

If you’re a Python user, you know that the transition from Python 2 to Python 3 hasn’t happened overnight. In fact, the first Python 3 release happened almost five years ago. The pace of transition has been influenced by a kind of chicken or the egg problem: Python users have been reluctant to upgrade because few libraries supported Python 3, but library maintainers (and web hosts) have been reluctant to upgrade because of few Python 3 users. But that’s starting to change with Python 3 support appearing in popular libraries such as Requestsnose, and now Django.

With Django on Python 3.3, you get all the new benefits of Python 3 which were not backported to Python 3 (check out the “What’s New” documentation for Python 3.03.13.2, and 3.3 for complete details). For example, if you’ve ever needed to do something like this with a generator in Python 2 code:

for elem in some_iterable:
    yield elem

You can now simplify that code using Python 3.3′s yield from syntax:

yield from some_iterable

Before you dash headlong into upgrading your Django sites, please exercise some caution. The Django project considers Python 3 support to be experimental, so the current Django release comes with a few limitations. Notably, MySQL with Python 3 is unsupported. Additionally, while many libraries have added Python 3 support, support for the new language version is far from universal, so be sure to investigate your dependencies (including pluggable Django applications) before upgrading.

If you’re ready to give Django on Python 3 a whirl, give the installer a try with the WebFaction control panel. And if you run into problems with the new installer, join us in the Q&A Community.

Posted in Django, Python | 1 Comment

Memory doubled!

We’re excited to announce that we have doubled the memory on our base plan without changing the price: the memory quota is now 512MB instead of 256MB and the price is still $9.50/mo (or $8.50/mo if you pre-pay for one year). All existing accounts have been upgraded to the new quota.

The memory used by the operating system, web server and database servers still doesn’t count towards your memory usage.

Customers on Web418 and over can also purchase an extra 512MB of memory (for a total of 1GB) for $7/mo. Unfortunately customers on Web417 and under are still limited to 512MB of memory per account per server as these machines don’t have enough RAM to accommodate more than that. If you’re on Web417 and under and want more than 512MB of memory you can request a migration in the control panel under “Account->Server migration”.

We have also doubled the memory on our larger plans and you can now get a 2GB plan, 4GB plan or 8GB plan for $40/mo, $80/mo and $160/mo respectively (discounts apply for yearly pre-payments). See the “Account->Upgrade / downgrade” screen in the control panel for details.

Enjoy the extra memory!

Posted in General | 3 Comments