I have been an ev1 server customer for over 4 years on the ensim dedicated platform. I have a fulltime job as director of IT for a large corp. and develop websites as a side venture so I recently sold off the hosting part of my company to concentrate on Development but wanted to still maintain a prescence to host a few sites.

Since I use VmWare GSX and ESX server extensively and have great results in my enterprise i decided to go with the Virtuozzo with Plesk as I believe Virtualization is the future of IT.

I purchased a VPS package in late march and transfered 3 sites over. 2 sites are only 1 page. My server was hacked friday night as i had not had time to properly harden it (My Fault). I reloaded it to default and the problems started:

First off the default image was an old release of Plesk 7.1. I dont think that upon receipt of a new "server" i should have to go through 4 updates to be current. My ensim servers came with the latest release at time of purchase. Support took 8 hours and multiple phone calls and chat sessions to even look at my server. They then reloaded it and updated it to 7.5.4 which is still no the current release but ..oh well , close enough.

Once reloaded i set about hardening the server to find out that i could not get KISS firewall to load due to configuration on the Host side of the VPS (EV1's side) I opened an issue with a link to SW-Softs KB that gave step by step instructions for the resolution of my issue. The ticket was not touched for 15 hours and then it was not done correctly and EV1 resolved the issue without verification. The issue still existed so i reopened the ticket and posted the details of the SW-Soft KB article. that was at 3PM and it is now 2 AM and the ticket has not been touched.

I also am having issues with FTP where the connection is dropped repeatedly so I cant upload any large files. I have verified it is ok on my end by testing the upload to one of my corporate boxes without a problem. That ticket has been untouched for 9 hours.

I also am showing that i have used 12GB of bandwidth which is very unusual due to the lack of content that is on my server. And, according to my Virtual's logs i have not even used a fraction of that. Another ticket has been submitted.

The Virtuozzo forum has very few posts and those posts do not have any answers. Where is the support for this platform?

Any help would be greatly appreciated.

i'm a new ev1 customer, so i have no much comments. but i have same concern:

1. Bandwidth stats. i have only 1 website running on the VPS, it uses less than 50M bandwidth per day, but from servercommand, my daily usage has been more than 1G, such as today 1.8G which is not possible.

2. are you referring http://kb.swsoft.com/article_130_875_en.html for the apf firewall? hope ev1 can get it solved soon.

3. i remember when i first ordered the VPS, there is no up2date or yum installed, not to mention there is no compiler installed such as basic gcc. software are outdated, php was 4.3.x, mysql was 3.x. etc.

4. i can't believe they are still using Redhat 7.3
cat /proc/version

Linux version 2.4.20-021stab028.3.777-smp (st@current.eng.sw.ru) (gcc version 2.96 20000731 (Red Hat Linux 7.3 2.96-110)) #1 SMP Wed Feb 2 21:32:05 MSK 2005

i heard good things about Ev1 and planned to move all my servers to Ev1, hope they are able to solt out all VPS problem first.

I got a reply on my Trouble Ticket about the firewall issue as follows:

Please check the configuration kiss as currently it does not have the location for ip_tables wish is loaded onto your server properly configured thus Kiss is unable to properly start. Once you have configured the proper location for ip_tables in kiss then you should be able to use it. Also please note that Kiss is a third party software that we do not support. If you have any other questions or concerns please feel free to contact us again at anytime and thank you for choosing Ev1servers.net

Thank you,
Jack S.
Ev1servers
Webhosting technical support.


It would have been common sense to tell me where they had put ip_tables but no, left to my own devices I went searching and could not find it anywhere. So I have reopened the ticket and requested the location so I may modify the following lines of KISS my firewall

# Note: KISS requires that ip_tables, ipt_state, and ipt_multiport exist:
if [ ! -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ip_tables.$EXTN" ] || [ ! -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_state.$EXTN" ] || [ ! -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_multiport.$EXTN" ]; then
echo "Since the ip_tables, ipt_state, and/or ipt_multiport modules do not exist, KISS can not function. Firewall script aborted!"
exit 1
fi

# All is well, load modules:
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ip_tables.$EXTN" ]; then
$MODPROBE ip_tables
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_state.$EXTN" ]; then
$MODPROBE ipt_state
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_multiport.$EXTN" ]; then
$MODPROBE ipt_multiport
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ip_tables.$EXTN" ]; then
$MODPROBE ip_tables
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_state.$EXTN" ]; then
$MODPROBE ipt_state
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_multiport.$EXTN" ]; then
$MODPROBE ipt_multiport
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/iptable_filter.$EXTN" ]; then
$MODPROBE iptable_filter
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_unclean.$EXTN" ]; then
$MODPROBE ipt_unclean
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_limit.$EXTN" ]; then
$MODPROBE ipt_limit
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_LOG.$EXTN" ]; then
$MODPROBE ipt_LOG
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_REJECT.$EXTN" ]; then
$MODPROBE ipt_REJECT
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ip_conntrack.$EXTN" ]; then
$MODPROBE ip_conntrack
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ip_conntrack_irc.$EXTN" ]; then
$MODPROBE ip_conntrack_irc
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ip_conntrack_ftp.$EXTN" ]; then
$MODPROBE ip_conntrack_ftp
fi
if [ -e "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/iptable_mangle.$EXTN" ]; then
$MODPROBE iptable_mangle
fi

If you need a firewall that works well with vituozzo pm me:)

Hello,

Thank you all for choosing Ev1 Servers. I apologize for the problems that you have run across here. I, and my team will do the best that we can to get your problems resolved and looked at in a reasonable time frame.

Please remember to email ams@ev1servers.net whenever you feel that an issue is not being handled properly. That way, management will be notified and can step in to make sure that the issue is being looked at and monitored. Please email the address listed above so that we can take up the issue and assist you in getting a resolution.

Thank you,

Aamir A.
Supervisor
Account Management Team
Ams@ev1servers.net
www.Ev1Servers.net
1-800-504-7873

I have emailed everyone including Headsurfer without a single reply. I have reopened issues that were resolved 3-4 times per issue. I have called, I have chatted, I went to church and prayed, threw coins into a wishing well, rubbed a Buddahs belly, and still absolutely nothing has been done to fix my issues.

lol, take it easy man...

Honestly, so far EV1 has been good to me, hope your problems can be solved soon.

Well they are not being very good now.

Here is the latest from EV1. I cant believe this!:

####################################################
After further investigation is has been determined that you will not be able to use a firewall that interacts with the iptables. Due to the configuration of our VPS servers any modification to the iptables would affect the other VPS accounts hosted on the same server as you. Your only option is to use the hosts.deny in your server to block access to your VPS.

Thank You
KevinS
EV1 Servers
Webhosting Technical Support

##################################################

Apparently squeezing as many VPS accounts as possible onto 1 server is a more important use of resources than protection of customer data.

SW-SOFT has a KB article that explains exactly how to enable use of the required modules on the harware side of the VPS:

http://kb.swsoft.com/article_130_875_en.html

Though small in number, there are limitations to operating in a virtualized environment.

Have you considered something from our Value Series line?

There are no limitations in this case except the ones that EV1 chooses to impose to fatten the bottom line.

I work extensively with VmWare virtualization in my enterprise and I know what the basic issue is here - $$$$$$$$$$$

Don't blame ev1 kiss firewall can consume alot of resorrces on a VPS

I told you I have a firewall that works just fine with vortuozzo but you neever folowwed up :confused:

No you didnt you told me that you added me to your yahoo messenger list. What is the name of a firewall that works?

lowesthost "yahoo"


it does not have a name but there is a link to it some where on this forum but I allready have one configured for plesk you can have it if you want a copy

I suspect you got the wrong tech support person. Initially I had then add the requirements to allow me to run APF, but they didn't restart the hardware node to make it actually work. Once they restarted the hardware node after making the changes (meaning all vps'es under that hardware node were rebooted) all works great and I'm able to run apf without problem.

Of course I want a copy! If it is a working solution I am all about it.

I figured as much too. The last tech on the issue was hard set on not doing anything. I had already seen in the VPS forums where others were assisted in making APF work.

I usually hate to be a pain in the neck, but in this case I felt my options were either to be very persistent to get it done or get a vps from another provider, so I stayed on the ticket being polite but demanding that it was possible and that I needed it, and within a few days they got it fixed up for me. My feeling is that most of the techs have minimal vps training do be able to do things from the control panel but aren't expert enough with virtuozzo or authorized to go in and start making changes on the hardware node that could impact many other vps customers and I don't know which person or people at EV1 are the virtuozzo pros, but once you reach them, I'm confident they will get your issue taken care of.

i agree with jeff, finding the right person is the key.

i had tried install APF at different VPS hosts before, but so far i haven't had the luck to get it working, it's not Ev1's fault, but we do hope them can follow the KB article and get APF working on VPS.

With a bare IPtable rules, i'm really scared that my VPS will be taken down by hackers sooner or later,as i've already started to see hackers trying to scan and BF my VPS from logs.

Use apf with SET_MONOKERN="1"

I received the note below on my TT and nothing since. A customer should not have to put the time I already have into this issue. But, if you stop calling and chatting EV1 does absolutely nothing. Early in my career I worked at several large hosting companies in various positions from support to NOC admin. Even at companies that had subpar ratings we still did not let Trouble Tickets fester without followup or the "touching" of the ticket.

4/20/2006 7:37:32 PM

I have long since made the changes mentioned in the SW-Soft article. I restarted the Virtuozzo service to make sure the changes went through. The same issue is occuring. I am escalating this issue to our Virtuozzo Systems Administrator for further investigation.

RonnieK
EV1Servers
Webhosting Technical Support

If you read above i mention the KB article at:

http://kb.swsoft.com/article_130_875_en.html

That setting is covered there and was done as the article specified.