What is Reddit's opinion of
DigitalOcean?
From 3.5 billion Reddit comments
➔ DigitalOcean website
By popularity on Reddit, this Service is:
100 reviews of this app found across Reddit:
This tutorial will help you set up an OpenVPN instance on an Ubuntu Linux machine (it's written for 14.04 but still works in 16.04 for me). It'll walk you through all of the steps to set up the vpn instance although it assumes you already have some knowledge with a headless Linux server and the command line. Hopefully that helps!
Edit: For people worried about DigitalOcean's imo okay privacy policy, this will work on any Ubuntu Machine/VM regardless of where you get it.
https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-on-ubuntu-14-04
https://www.digitalocean.com/pricing/#droplet $5 a month droplet, you're traffic isn't going to be huge.
https://themeforest.net/category/wordpress
Hey presto you are a design agency.
Ok there is some extras you will need. Photoshop get it CC for monthly amount.
Nope. That's Adobe's ExtendScript for things like After Effects and Photoshop with some shell jibberish added in.
Things to note:
Extendscript
- toComp()
sub(targetBox, boxAnchor)- Anchors are used on all elements in an AE composition.xDistanceToEdge- obvious XY two dimensional coordinate in relation to some outer edge (not a bounding box, vector, or an area)
Bash/Shell
MKDIR BKUPMYCONFIGPROGRAM,SHCREATE_SAMPLE_FILES,SH./backup- <code>FIND -INAME</code>...
In this case you can always use your own VPS to host a VPN for yourself, it may not give you the “hide in the masses” advantage but still gives you some sort of bypass to censorship.
Now, I can hear people say that most people don’t have the technical know-how on how to do this, but I’m pretty sure there are many guides out there and there are some who gives “out-of-the-box” VPNs for you to use to set up in a VPS.
A guide to set things up manually in a VPS using OpenVPN: https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04
Out-of-the-box experience: Algo: https://nomadgate.com/10-min-vpn-server/
Ok, I gotta admit that I’ve not used Algo before, because I set up my server manually with openvpn, but then again, I’m a newbie so take whatever I’m saying with a pinch of salt
Firstly, you can write e. g. {0:.2f} to specify a float with 2 decimals, see e. g. https://www.digitalocean.com/community/tutorials/how-to-use-string-formatters-in-python-3
Secondly, the best formatting method is f-strings, see e. g. https://www.blog.pythonlibrary.org/2018/03/13/python-3-an-intro-to-f-strings/
Digital Ocean has some great guides to set it up for Ubuntu
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04 https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
https://www.digitalocean.com/community/tutorials/new-droplet-plans-frequently-asked-questions > In order to decrease impact on existing applications and workflows, these plans are being introduced as completely new plans. This means there is no impact to your current Droplet and these changes will only impact newly created Droplets.
So the pricing changes aren't automatically applied to existing droplets. But you should be able to resize an existing droplet into one of the new plans to get the discount/upgrade.
We moved to DigitalOcean + Dokku Our main reason was bad performance, high cost, lack of control and little or no support for new machine learning libraries.
We had several pro paid dynos on heroku, and were also using rabbitmq and postgresql addons. And now we are covering all that with dokku (Thanks to the plugins support) . It took me about 2 days to learn, search and configure but never been any happier. And it's all in docker containers, which are nice and controlable
If you plan to host different services/sub domains on the same ports (such as 80 and 443) take a look at NGINX reverse proxy, I followed this DigitalOcean guide and got my reverse proxy and Lets Encrypt certs done real quick.
Be aware that the article shows how to set up OpenVPN Access Server, which is NOT free. It has 2 client licenses for "testing" only (source).
OpenVPN Community Edition is the free version, but it does not have the web GUI seen in the article. You can find a guide for CentOS 7 here, and how to get it working with firewalld here.
https://www.digitalocean.com/community/articles/how-to-protect-ssh-with-two-factor-authentication
[Edit] It mentions in the article, but since so many people have upvoted this, I feel I should mention, it is EXTREMELY important that you make sure you take note of those emergency codes that are generated and keep them somewhere safe. If, for example, your phone is stolen, those emergency tokens are the only thing that will let you back into your system. Please take care to store those somewhere safe.
I work for DigitalOcean, what kind of logs?
We don't log traffic, if that's what you're asking. We log things like Droplet Creates, Destroys, etc — activity within the control panel. We don't log anything that happens on your droplet, with one exception: metrics.
We collect your general bandwidth usage (speed in/out and how much data), CPU usage, and disk I/O usage. If you have our monitoring agent installed, we collect things like your disk space usage, memory usage, etc. We don't see any specific data — the metrics are only collected in order to (A) ensure the platform is healthy and (B) provide the information to you.
If some crazy law was passed and we were required to log that network activity, the only logs would be from that point forward, and it'd probably take us a long time to even be able to technically implement something like that on such a large scale. The storage alone would be extremely expensive.
Also, knowing our executive team, we'd fight such legislation tooth and nail, as would pretty much every other provider.
Keep in mind that you have control over the logs on your droplet itself. If you're in legal trouble and we receive a subpoena for that data, we'd be legally obligated to provide it. If it's encrypted or if it doesn't exist, ¯\_(ツ)_/¯
https://www.digitalocean.com/legal/privacy/ and https://www.digitalocean.com/legal/enforcement/ have all the legalese, but are worth reading.
OpenVPN is what you're looking for. Link is for doing it at Digital Ocean, but it should apply anywhere that offers Ubuntu server (which is any hosting company, really). Some knowledge of Linux command line helps, but really if you're even kinda technical you should be able to get by with copy paste and figure it out.
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04
One thing to note is that this is not a good solution for doing illicit things. Your home ip will not be tracked, no, but your server ip will be. That server is yours and linked to you personally. Great for Netflix, not for torrents.
Never use GoDaddy. For anything. Ever.
Use Digital Ocean. Far cheaper than anything GoDaddy offers, FAR FAR better for any real RoR app or any real web app at all.
GoDaddy has AWFUL ethics, AWFUL security and AWFUL...well everything.
There was the time GoDaddy supported SOPA.
Digital Ocean is $5 a month for a VPS, way better.
If you're feeling generous, here is a referral link.
If you're not feeling generous here is a regular link.
Usually I get trainees to install a LAMP stack:
It's a good way to get them to understand certain concepts, utilities, services and packages. It certainly also lets them explore how it all works together to provide a solution and see how bash / the cli works.
It's not too difficult, and can be quite fun.
I'm also suggesting this, as this was my very first project that got me into Linux and even into a Junior Sysadmin job!
This is what I used:
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04
Got an account, fired up an Ubuntu Server VM, used Putty to connect and followed instructions. Took a bit of fiddling and this ain't my first rodeo. Be glad to help.
Best thing is; once you have it working you can simply install OpenVPN on any PC and copy the config file. It just works. Wife wanted it on her PC. No problem. Install OpenVPN and copy the config file to the appropriate directory. Works like a champ.
I currently work in NYC in the tech sector and work about 40-45 hours a week and it's been that way for the 2 1/2 years I've been here. A good work/home life balance is important not only for your mental health but also your productivity.
Anyone else putting in massive hours in tech in NYC (or anywhere else, we're 40% remote) should check us out: DigitalOcean Careers
Hi deadbunny! We actually do have a team of in-house writers (I'm one of them!), in addition to the great work our editors do with community authors. I actually got the job after writing as a community author for a little while, and it was a great experience.
If anybody reading this knows some interesting tech and wants to get paid to write about it while working with some wonderful editors, give our Write for DOnations program a look. We recently revamped our payouts and also added in a donation to a tech-focused charity of your choice.
We’re in the process of getting DHCP failover configured. Just setup NTP for accurate time. Trying to figure out some of the options in the dhcpd.conf file.
We’re using instructions from the following sites. 1. DHCP Failover Example 2. NTP Server on Ubuntu
IMO, a better way to do this is by setting up a SSH certificate authority and avoiding authorized_keys files completely. Then when you sign your friends key you could specify an expiration time. The following example would give a friend access to your server for the next 2 weeks:
ssh-keygen -s ca_key -I user_friend -n friend -V +2w id_rsa.friend.pub
His/her login would be valid on all servers using this CA where the unix user "friend" exists and has login permissions. More info.
Given how cucked reddit is I wouldn't be surprised if that wasn't a front for various spy organisations.
e.g. 'Hey guys, try out XYZ VPN, they take no logs and are totally free speech man!'- then full pipe your data straight to the NSA.
Learn how to set up your own VPN's and proxies. It's easy. Example. Chain a few together and you should be able to dodge casual snooping.
If things get properlly bad, you're going to need that kinda info and more.
That said, I hope it's not required.
Trump 2016
Here's a good overview. Ignoring Nosql and sqllite, you should be looking at mysql and postgres. The gist of that article is that postgres is better in almost every single way except speed.
- Postgres supports concurrency while still staying acid
- Great user/security system
- Amazing schema system
- slightly slower for small workloads
You're right that it's not as simple as I made it sound. That said, if you're using a VPN that has no surveillance reciprocity with your home country (i.e. not in the 5/14 eyes for US citizens) then you're better off than you would be otherwise.
Also, you'll note that that table has several columns devoted to each VPN's logging practices.
Also, for the sake of completeness, here is a pretty user friendly guide to setting up your own VPN: https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04
If you're really worried you can host your own VPN server and burn it down every few months.
I work for DigitalOcean. We absolutely let you export your data, dns, etc - just not backups and snapshots. This is because they wouldn't really be of any use to you - they're customized for our system. We even have a published tutorial about backing up outside of DigitalOcean
Check out our API - https://developers.digitalocean.com/documentation/v2/. You can export your DNS, firewall settings, etc from there. Want to move to another provider? Use our API to get your DO settings and then the new provider's API to set them up.
Digitalocean had a pretty good article about the history of Apache and Nginx, as well as some considerations to take that helped me when I was starting out. Link
Most hosting sites don't let you execute processes but instead give you access to a folder where you can create files that get parsed and served by an Apache type server. This allows you to easily make a website out of html files which just get served to the browser or php files which get parsed and run generating a static file which gets served to the browser. NodeJS apps run as their own process and need to be executed differently resulting in the need for other hosting sites like nodejitsu.
I highly recommend using Digital Ocean as it not only lets you run nodejs apps but it gives you access to your own virtual private server which is a machine that you can install whatever os you want on. You can then ssh into in and run nodeJS apps as if you were on your own computer. It's also cheaper than most of the other hosting companies I have seen since the starting price is only $5/month. Virtual private servers also teach you more because you learn how to setup your app yourself.
I'm an owner of multiple websites, including one that hosts a 45GB torrent (with a web seed, the files are hosted and downloaded off of our servers). All I can say is that to host a VPK website, it might take a lot of work, but it will take neither web space nor bandwidth, considering you guys all use mega.nz and google drive. This means you can easily use Vultr or DigitalOcean, for example, to host your own website for typically less than $10 a month. There is absolutely no reason why you need either ads or the horribly atrocious adfly links. These will only help your pockets, not to mention degrade the website's performance (how can adding ads to a website increase it's performance???).
Assuming you're already reasonably comfortable on a Bash/sh prompt: The best place? Your own server! If you don't have one and don't want to pay for something with AWS, digital ocean or whatever you can just run virtual machines on your own computer just fine most likely. VMware player is free and makes it easy to get a virtual machine going.
Ubuntu and its derivatives have the most help available online through questions asked to try and work it out yourself. DigitalOcean in particular has some good docs to help you like this one. Outside of Apache+PHP you generally need to setup a module or a second application server to run code. Nginx, for example, is meant to serve your static content like .css and .js very quickly, but defer the work to something like gunicorn to actually interpret and run python to generate the page if you're using Django or something.
If you aren't comfortable on the shell, yet, well you'll want to get that down first.
Install Ubuntu + LAMP stack onto a spare computer, make a WordPress site.
https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lamp-on-ubuntu-16-04
Develop the site out, make another site if you can. Make a blog and a real webpage, YouTube a few of those 2+ hour videos on intro WordPress sites, you have the time. Devote a week or two to those and boom you have a portfolio and marketable skills, go forth and work.
Don't beat yourself up if you don't pick it up on the first try, do it again and again, learn from mistakes, don't ignore success, and be patient with yourself, this is the hard part.
https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2
Take a look there. It's pretty straightforward once you get it going. Basically you
- Generate the key. You'll get two - an id_rsa (the private one) and an id_rsa.pub (the public one) file.
- Put the contents of the .pub file into the ~/.ssh/ folder under the authorized_keys file of whatever user you want to login as on the machine you want to login to.
- Put the id_rsa into your ~/.ssh/ folder as id_rsa.
- Try to ssh into said server from your computer and viola.
Keep the id_rsa one secret. Disable the password login ability of your SSH server and now even if anyone gets both your username and password, they still can't login - since they don't have your key.
As far as fail2ban - the most basic level of getting it up and running is:
sudo apt install fail2ban
That's about it. All it basically does is scan your logs and look for IPs that fail to login a certain number of times over a certain time period. If so, it bans them for (I think the default is) 3 days. Even if they have the right credentials in that 3 day period, that IP is getting dropped until unbanned.
Glad to be of help, and thank you! If you're interested in setting up SPF records on your current or future domains, there's a fairly in-depth, yet approachable, tutorial at this page. You can set them with virtually any DNS provider, and it can be a good step to take.
I use digital ocean
I think you get $10 credit with my link
https://www.digitalocean.com/?refcode=6de208ecb9dc
Set up the $5 per month Ubuntu LAMP stack.
Install Putty (windows) to connect to your VPS IP address.
sudo apt-get install python-pip
Then you can run Flask if you want
https://www.digitalocean.com/community/tutorials/how-to-deploy-a-flask-application-on-an-ubuntu-vps
Use WinSCP to manage your files.
The best is to disable password authentication and use a key-file (https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server). If you don't want to then your new password must be at least 10 characters long and not subject to dictionary attacks.
An easy way of going about it. Probably won't work on mobile devices though - that's what led me to set up OpenVPN. It really is not that much of a big deal if you follow a decent guide.
edit: So DigitalOcean is now also blocked. Shit.
You should not even have access to your users' Private keys. They should run the ssh-keygen command, then copy their public keys to your server.
Also, Ed25519 is preferred to ECDSA. /u/Plausibleaurus must work for the NSA :P
If your users don't use Linux, they can generate keys with PuTTY. If they do, my preference is to generate a separate key for each server with ssh-keygen -f ~/.ssh/id_ed25519_servername -t ed25519, but that's by no means necessary. That gives you two files (~/.ssh/id_ed25519_servername and ~/.ssh/id_ed25519_servername.pub), with the .pub going on the server to their home folder (~/.ssh/authorized_keys).
> It means that you have changed your ssh password since the last time you used ssh on that computer.
... no it doesn't. SSH is an encrypted channel (you might even call it a Secure Shell). As in all SSL/TLS connections there is a handshake to exchange the keys for the communication and establish some small level of trust. This message is telling OP that the public key presented by the SSH server running on the device he is trying to connect to is different from the last public key that was presented from that same IP.
also, this is a really bad solution. You don't want to delete the entire file of known devices. It's better to just remove a single line for the IP of your device. Open the file with vim
> vim ~/.ssh/known_hosts
search for the IP by typing /<IP Address> e.g. /10.0.1.2 (you may need to specify a port here if you use a port other than the default of 22. e.g. /10.0.1.2:2222
delete the entire line by hitting d key twice
exit vim by typing :x.
or you can use another text editor if you don't like vim. edit will open the default editor on your computer. Find the line, delete it, save, and close the file
> edit ~/.ssh/known_hosts
if you do not know this, you'd better be careful SSHing to your device, especially as root. It is very easy to mess stuff up if you don't know what you're doing
Morgan from the MySQL team here! Happy to answer any questions.
I also have an article describing the SQL mode changes here: https://www.digitalocean.com/community/tutorials/how-to-prepare-for-your-mysql-5-7-upgrade
If it's static, why not just use GitHub Pages?
Otherwise, there's: https://lowendbox.com/
And since I like stability and accessibility, I've used DigitalOcean, which is very scaleable and developer friendly.
I set up a LEMP server using Digital Ocean's tutorials, and then installed WordPress myself. Link here: https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-in-ubuntu-16-04 This pretty much tells you everything you need to know, but feel free to PM me for help as well.
> I have id_rsa auth with a strong password, but if I use that my employer could just sniff the password and copy the key.
Setup a separate key you use to login from work, then setup two-factor authentication for logins using it. The second factor will keep your work from being able to use the key while you work there, and you can revoke the key when you leave that job.
Tl;DR just buy a hardware token and use that for 2FA.
I'm guessing that he means using something like a VPS service (Virtual Private Server) - basically you rent a server from a company that you can access over the internet - and installing a VPN Server to it. This way you control all the logs and can wipe anything once you finish whatever you wanted to use it for.
The exact process for installing and configuring a VPN server isn't something that translates well to an ELI5, though there are many step by step guides available online.
It's not something to be recommended unless you are fairly computer-savvy, at least if you want to trust it to be secure and anonymous.
An example of a guide on how to do so is here for the curious, however.
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04
Depends on how in depth you're wanting to go? DO did a good write up here, but the very basic tl;dr is that networking stack is fantastic on the BSD's, OpenBSD is extremely secure (even comparative to Linux), NetBSD runs on a phenomenally large amount of architectures, more complete documentation, BSD's can execute most Linux binaries (but not the other way around), and BSD's can have noticeably higher performance. Also BSD vs GPL license (former being potentially more attractive). Just a few reasons for why you may pick over Linux. Linux still has much larger support for desktop usage, etc.
Or you could install your own for pretty cheap!
I've not done this yet, but it's on my ToDo list.
- http://lifehacker.com/5900969/build-your-own-vpn-to-pimp-out-your-gaming-streaming-remote-access-and-oh-yeah-security
- https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04
- https://medium.com/@stevenhubertron/host-your-own-ssl-vpn-on-digital-ocean-in-5-minutes-for-5-and-gain-piece-of-mind-1798512f4f78#.kh7sbglw4
DO is absolutely designed for production usage: that's a common misconception. It's just advertised primarily for developers, since it was designed with ease of use and developer friendliness in mind.
There are plenty of larger customers that use the service in production. Check out https://www.digitalocean.com/customers/
I've been a very happy customer of DigitalOcean for more than a year now. Their smallest package is $5 per month.
Their uptime has been sublime. Their support is even better. You should check them out!
You can get an ubuntu 16.04 virtual machine with 512mb ram on digitalocean for $5/month. You can install your openvpn server and use it with as many devices as you want. You can also use that virtual machine for other stuff.
I run an openvpn server, a bombsquad server and a small minecraft server on mine.
You can get free credits for digitalocean if you have an .edu email here. To get an extra $10 credit, you can use my referral link to create your digitalocean account.
>But keep in mind the amount of work that goes into maintenance on your own openvpn server.
I installed my openvpn server two months ago and it needed zero maintenance since then. Works fine on my pc and mobile devices. I can't switch countries like you can with pia but the people monitoring my connection and credit card transactions won't be able to see I'm using vpn.
Word of advice as I just came from this. Drop MySQL cluster. Its expensive and you dont get InnoDB and you have to use the NBDENGINE engine type for the database/tables. Go with Galera and MariaDB/MySQL https://www.digitalocean.com/community/tutorials/how-to-configure-a-galera-cluster-with-mariadb-on-ubuntu-12-04-servers
1. Yes. Separate your commands with && or a semicolon, like so:
command1 arg1 && command2 arg2
or
command1 arg1 ; command2 arg2
The first one executes command2 only if the first one succeeds, whereas the second one executes both regardless.
2. Look into aliases. Here is a link I found from a quick search.
3. Most shells have tab completion - the common ones, bash and zsh, do. Start to type a file as an argument of a command, start typing a file name, then hit tab. Pressing tab repeatedly will loop through all the files beginning with what you typed.
This has really been covered ad nauseam. I recommend Digital Ocean. $5 per month for a simple "droplet".
There are some really great guides that will help you get up and running over there as well.
MySQL replication is easy-peasy and you can have it up and running in ~30 mins - here's a good simple tutorial how to set it up. (automatic failover is a bit more complicated, but just sprinkle on some HAProxy with xinetd and you're done)
MySQL backups are also easy - use the built-in mysqldump command, it dumps .sql files(text with SQL commands) from tables and databases, and back them up in a way(even basic rsync with versioning might be fine). This generates a bit of read load, understandably, but depending on your workload(writes every 30s doesn't seem very intensive) and hardware it shouldn't be a problem to run it every 15 mins if it tickles your fancy. Another option is Percona xtrabackup, which is a bit more complicated, but faster and more powerful.
Don't forget this is open source software, there's tons of documentation online on basically every topic and everything is easily accessible.
PS: I hope you plan on using MariaDB and not MySQL (in most, if not all, distros the MySQL packages are actually MariaDB)
I can't help you with the iPhone - Windows/Linux integration, since I have never owned an Apple device. On the topic of Linux, there are tons of guides online. Since you're coming from MacOS, I'd suggest you try Elementary OS since it follows a similar design philosophy. Grab the nearest laptop and flash drive, make a LiveUSB and boot from it. It takes no more than 5 minutes just to test Linux in a non-destructible environment(your USB stick).
Here's a couple of guides to get you started:
The Complete Beginner's Guide to Linux
How to create an ElementaryOS LiveUSB
How to install apps on ElementaryOS
If you have questions don't mind sending me a PM or posting on /r/linuxquestions or /r/linux4noobs
That is a good question. We've discussed this quickly here at DO and it should be possible should you need to however you may encounter problems doing so on a 1GB droplet.
This tutorial will help you get a desktop environment up and running on your droplet and accessible via VNC.
This one will assist you in enabling swap (you will want to do this as what you are looking to do will be memory intensive)
From there you should be able to install the Android SDK just as you would on a normal Ubuntu desktop system.
I would recommend going with the 2GB or 4GB droplet in order for this to work well.
DigitalOcean goes out of their way to make hosting wordpress specifically easy https://www.digitalocean.com/community/tutorials/how-to-use-the-wordpress-one-click-install-on-digitalocean
I understand that there's more to do than with a traditional cpanel setup, but if you give it the time it deserves you'll learn it quickly and you'll be free to choose from a great selection of cheap, high quality hosting services. Plus, on a virtual private server instead of a shared server, your site will likely perform better as it won't be competing for resources with other sites.
Learn how you roll your own VPN. Then pick a server wherever you want.
Here is a good guide. https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04
While this might seem daunting it's well worth the effort.
Hi! I'm with DigitalOcean and can provide some clarification on this at least at it relates to DO.
Our team has access to the same web console shown in your control panel. If you've ever used it you'll notice that this console requires you to log in as a user on that machine in order to do anything. Since we don't have those passwords we don't have access to anything while your droplet is running. Our console access comes in handy for things like seeing boot errors and assisting in troubleshooting.
Your data is stored in a disk image and while some few people in engineering would have access to those disk image files our support team and pretty much everyone in the company does not. We see snapshots and backups much the same way you do, just a name, date and size for the whole disk.
Now if, for instance we received a legal order with proper authority requiring us to hand over data this is usually just a matter of retaining that image file and providing it when legally obligated to.
Companies that provide managed services will, by necessity have a higher level of access to your servers and files than an un-managed IaaS provider like us for obvious reasons.
Keepass can use a remote database and it has a plugin for smart cards. Sounds like what you are looking for.
While I'm not sure which IP blocks are, well, blocked, if they block popular VPN services, you can try MAKING YOUR OWN VPN.
Thanks to DigitalOcean's droplet system, you can deploy your own private VPN in less than 10 minutes, by following this script:
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04
If you don't have an account, you can use this link to get you started with $10 credit:
https://m.do.co/c/7bf0eac41d3a
(this is a referral link, I will get credit if you sign up with my link and spend $25, but you will also get $10 for free to run the minimum-specs VPS for up to 2 months)
Just click "Create droplet", select Ubuntu 14.04, select the $5/mo plan (the specs are more than enough to run a VPN), then select the area you want (New York, San Francisco, or maybe Toronto...), check the "User Data" option, and copy/paste the contents of this https://github.com/digitalocean/do_user_scripts/blob/master/Ubuntu-14.04/network/open-vpn.yml in there.
Ta-da, 2 minutes later you have your own private VPN. You will have the config files in /root on your new droplet. Just copy them to your OpenVPN client and you're done.
Digitalocean $5pm server. Then stick the free cloudflare service on front to offload resources. And if it's a cms and if you have the capability, stick varnish cache on your digitalocean server. Once cached, it'll use practically nothing and your website will fly.
Here's $10 free credit for you https://www.digitalocean.com/?refcode=fde445247b88
- Cmd-grave to switch between windows of the same app
- You can rebind most system keyboard shortcuts (and many in-app shortcuts) via settings > keyboard > keyboard shortcuts
- you can resize the dock to not be massive by dragging the divider between trash and your apps
- you can pin folders to the dock by dragging them from finder to the dock, next to the trash bin
- Click snd hold on the green maximize button to access split screen (you can also do this by dragging an app over a maximized app in Mission Control)
- You can do a shit ton with spotlight search [cmd space] (type in math and it’ll calculate it / type in a file path and a finder window will open to it / type in a phrase and press cmd-B to google it in your default browser / there’s way more I’m missing here)
- Check out the Mac App Store, especially the Essentials list for some nice productivity apps
- Workspaces are your friend
- Try safari before slapping Chrome on it
- Apple terminal is awesome and you can fully customize the theme, try it before slapping a third party terminal
- in general, try all the apple default apps before jumping to your third party picks
- ignore the last 3 points if you’re not trying to get locked into the Apple ecosystem like me
- Dark menu bar and dock is nice (settings > general)
- Check our Homebrew, you’ll find it useful as a dev
- you can mount servers into finder over sftp like they’re a removable drive with sshfs
- you probably know the following two points
- if you live under a rock and don’t know about sketch already, check it out. It’s one of the main reasons I switched to macOS
- macOS has some awesome Adobe alternatives (pixelmator, affinity tools, etc), check em out
If you wanna learn more about the OS and all the hidden features, read the Apple docs. Enjoy!
Rent VPS, install bunch of packages. Run bunch of commands. And I do mean BUNCH
If you are lazy, it's easier to make ssh socks proxy. You simply start ssh client(which you will have since it's standard connection method to unix vps) with a parameter "I want SOCKS proxy" and put the port number into the browser setting. Not as good as you need to setup each app and there's dns leaking, but it's good enough.
I assume this is part of DO's Hatch program?
You are very limited to what you can do with the credits and likely can't "covert" to cash by renting out server space without a value added service built in. The point of the credit is to build your infrastructure on DO so that you stay with them as your company grows.
Their FAQ states credits aren't transferable and you cannot mine cryptocurrency. I'm sure the actual agreement is very clear as to how resources can be used.
You need to read (probably have a lawyer or incubator consultant do so as well) the agreement and find out what you can do that is not directly related to your core business.
Conversely, you can pay $5 a month for a DigitalOcean box and setup your own OpenVPN server on it and share it with friends and relatives.
Rather than just some commands that y'all might not know what they do, here's an article on some fun/funny Easter eggs! The Star Wars ones are my favorite
These kind of posts really piss me off. Not because it's someone asking for help, but because they don't post ANY information about what they're running.
You didn't even specify what distro, much less kernel versions, 64 vs. 32 bit OS, nothing.
Just "Hey guys, I have a problem."
So you wanted advice? Here's my advice:
Reinstall VNC. Go to google and type in "Installing VNC on CentOS" or "Installing VNC on Ubuntu" or whatever you're running.
Make sure your software is up to date. Run the latest kernel. Run the most recent LAN and video drivers.
And THEN come back here if you're still having trouble and provide the following information:
- OS - 64/32?
- Software being installed (what VNC server and what client)?
- All drivers up to date?
- Kernel version.
And here are links to the more popular distro instructions. Follow these:
http://wiki.centos.org/HowTos/VNC-Server
https://www.digitalocean.com/community/articles/how-to-setup-vnc-for-ubuntu-12
Hey great site, and I like how it links to the store page. Just found myself a Negev that I would've otherwise never bothered to search for!
About the hosting, where or how are you hosting now? I'm using the $20 plan from https://www.digitalocean.com/ for my TeamFinder site, performance is pretty good and it barely puts the CPU or RAM at more than 4%.
~~There are a couple things I'd like to give feedback on, but am at work at the moment~~. If you need or want any help with the site give me a shout.
EDIT:: Found some time to write a couple things down:
I'm on my Laptop with a resolution of 1366x768 and getting a horizontal scroll. After looking at the code a bit I think it's because you have the header/ background image as a <img>. Maybe try to replace it with a <div> with a background img.
This one is just personal opinion. When I clicked on the image I expected for it to show a larger image, but it brought me to the market page. It was a pleasant surprise, and I'm glad that feature is there, however I might add a link to store and open a lightbox/modal, or popup with a bigger/different image of the skin.
The navigation wraps on my screen so 'Cases' is underneath 'Rifles'. So when you expand the 'dropdown' it moves everything around. So, maybe have it more of a popdown rather than changing the height of the div and revealing the options.
Again, I really like the site and it's a great start!
Stick your domain name into mxtoolbox.com and see what it says. You don't need the /32, it's assumed unless larger than that. I don't think you need the "a:mail.domains.com" since the A record is the same as what you already specified in "ip4:" but I may be wrong.
Here's a good description/guide: https://www.digitalocean.com/community/tutorials/how-to-use-an-spf-record-to-prevent-spoofing-improve-e-mail-reliability
You create the public key and private key on your laptop.
You use ssh-copy-id to upload your public key to the server while your private key remains on the laptop. Then, when you ssh, the keys will magically do their thing and let you in without a password.
You don't have to worry about "storing stuff" on the server because this is not like storing data on the server - its a built in function of ssh and the server will automatically do the right thing and put the key in the right place (as long as its configured too, which it probably 100 percent is)
Your IT dept could probably help you if you asked them "can you help me set up ssh public key with on Server X", but you can also do it yourself.
There are many tutorials out there..." Ssh passwordless with" "ssh public key" etc...
https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2
OpenVPN Access Server might be up your alley. DigitalOcean and Linode both have easy to read articles on how to set it up. It takes all of a couple minutes to set up.
(The steps haven't changed too much since that article was written. I can't get to the Linode one right now, but their article was the one I followed.)
Ah, did some digging and answered my own question. They've got a lot of hidden fees that make small or long-lived containers more expensive than the competition. Sure, their cheapest container is $1.03 monthly, but you also pay for storing images and any persistent volumes. The minimum size for a volume is 10GB, and storage costs $0.10/GB per month. Also, if you want your container to be web accessible, you'll need to assign it a floating IP, which is another $1 per month. That means their REAL minimum monthly cost for a container is closer to $4 plus applicable tax. That nets you a 64MB memory, 10GB disk container.
In contrast, DigitalOcean's smallest droplet costs $5 per month, tax-inclusive. This is a 512MB memory, 20GB disk VPS, meaning you can run as many containers as you want on it. If you plan on using even just TWO small containers all month in hyper.sh, it's more cost-effective to use something like DigitalOcean or AWS EC2/ElasticBeanstalk.
Of course, hosting should be unique to the use case. None of the competition will charge you for just 30 seconds of container time. Hyper.sh's network transfer is free, whereas DigitalOcean/AWS have caps after which they start charging. The CLI is extremely easy to use, which is probably worth something too.
Read this: SQLite vs MySQL vs PostgreSQL: A Comparison Of Relational Database Management Systems. That should get you started.
Its not very hard on DigitalOcean. Follow this doc and then this one.
I talk a little bit about it in this blog post.
Bonus! There is Let'sEncrypt in there.
PROTIP:
Ole opiskelija
Käytä koulun sähköpostia tämän (https://education.github.com/pack) GitHub Education Packin hankkimiseen
Odota viikko pari että se aktivoituu, saat packin jossa on kaiken muun lisäksi 50$-100$ krediittiä DigitalOceanille
Käytä krediitti halvimpaan VPS-droplettiin (5$ per kk, 1Tt liikennettä per kk) jolloin saat 10-20kk ilmaista aikaa
Asenna OpenVPN dropletille. Jos et osaa, opitpahan samalla. Viralliset ohjeet:
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04
You can purchase a domain from GoDaddy.com or Namecheap.com (and I think even Amazon.com now) Namecheap is pretty good.
You'll also need a server to host on. I hope you're familiar with Linux, because that's the easiest way to get a cheap server. Grab a $5/month server from http://digitalocean.com and throw Ubuntu or CentOS on there.
Then you should install a webserver environment, like Ngnix or Apache with the right module to run Python. Python has its own built-in webserver, but it's not really intended to be used in production. You need to install additional daemons and scripts to make sure it's always running as it will crash out if your script has a fatal error. It's usually best to let a dedicated web server like Ngnix or Apache handle that.
From there, I would use a web application framework like Flask for Python to help get you started. Django is another alternative, but that probably has too much technical overhead for you to have to learn just to get a simple site up and running.
In fact, Digital Ocean has a convenient little tutorial on how to get Ngnix, Python, and Flask running on a CentOS server:
That should be a decent place to get you started.
Domain: https://www.namecheap.com/ Host: https://www.digitalocean.com/
I use these. DigitalOcean is super cheap with an outstanding community. For $5 a month, with endless possibilities, I don't think I could find anywhere else.
I would suggest getting a VPS from Digital Ocean ($5 a month) and running through some of the tutorials on their site. They have some pretty good ones. If you don't understand something, look it up and try to learn everything you're doing.
Set up UFW to block all incoming ports that you don't approve of. Don't allow them access to your desktop. You can also log login attempts and install software that reacts to login attempts, such as Fail2Ban. Make sure public key logins are enabled for SSH, don't use password logins if you don't have to.
Here you have the choice now of either installing an antivirus or trusting your OS (dangerous, but I'd say most of us do this). Hell, most of our phones don't even have an antivirus on them and they're doing fine. You can install ClamAV, but it doesn't remove viruses from infected files, it only moves the infected file to a quarantine folder. Here's a good article on the subject with some different options. If you choose not to install an AV you can always say that you did, although that might eat at your conscience. They can't really check at this point.
Here's some advice that will likely pertain to any server running SSH, and not just CDDA. Typically SSH hardening involves disabling password based logins for administrative accounts and opting for RSA-key based logins instead. Personally, I typically couple that with something like Fail2Ban to mitigate brute force attempts.
Also, are you going to be advertising this somewhere? If you are, you may think about hosting the SSH connection on a non-standard port (something other than 22) that anyone connecting to you would have to specify. That'll cut down on the brute force SSH hacking attempts as well, since they're often done by bots trying port 22.
Edit
Here's a pretty good introduction from Digital Ocean to securing a Linux PC, complete with some SSH hardening techniques: Link to said techniques
Doing it on the frontend (as /u/Entrepreneur2015 and /u/Pancakepalpatine suggest) is bad if you ask me; users without JS enabled don't get redirected, users have to download a full HTML page before they're redirected, etc.
Instead, redirect using your web server. If you're running Nginx this is fairly easy since it has native support for GeoIP. See this article and adapt it to your needs (here's a short Apache version)
There are really only two developers on /r/gamedev that release transparent income reports: TrueValhalla and devMidgard.
The latter I'm actually partnered with on a new .io game.
Check out their income reports, and compare to the their games/traffic. Most developers will not publish transparent information involving HTML5 games, because they've found a decent revenue generator that works better than App Store games and Steam Greenlight. They don't want more saturation and competition, so it's best that people aren't aware of how much money they actually make. For the Starve.io game, I'm fairly certain they're making at least 10x the monthly server costs.
It also depends on the type of server you get, multiple cores can support a lot more users for just a minimal price increase of 1c/standard systems. There's a lot of balancing work involved, so it's good practice to start out with something small and work your way up.
Note: Digital Ocean costs by the way.
You are correct.
SSH is a protocol used to log into and execute commands on a remote machine. Normally you can validate with usernames and passwords like you'd normally do, but it's preferred to use SSH keys, which are extra secure.
In order to SSH into something, you need to have a remote server that has an SSH server listening for outside connections. It's especially useful for controlling computers that you don't have physical access to - e.g. if you rent a server from a company to host your website.
Assuming this is a standard runs-on-linux kind of situation your best bet is probably to use something like Digital Ocean
$5/mo would likely get you all you need to run an old-school C based MUD for 10 players.
Some people just can't handle criticism.
> It appears many people have found this method helpful
People don't know any better. There are plenty of guides on how to setup key based authentication that follow the proper process, do not contain incorrect information and incorrect commands, and do not recommend insecure passphraseless keys. I'm not sure what you're trying to accomplish here.
> Second, I wrote this excerpt as a way to do this from the Pi itself. It's okay to do it from another computer; there is no right or wrong way of doing this.
The method you have described is the wrong way. Generate key pair on client. upload public key to server.
Here are some guides that outline the correct procedure:
https://www.linode.com/docs/security/use-public-key-authentication-with-ssh
The free AWS instance is useful for smaller stuff. I think Google compute engine has like one free month.
If it is something that will be on 24/7 though, I would rather pay the $5 a month to digital ocean.
Comparing Youtube to web hosting is a bit random. Youtube make money from videos being uploaded to their service.
Hosting static websites can be free, Github pages do exactly this. However if you want backend services which will use up resources then you're going to have to pay. You can pay $5 a month for a VM (https://www.digitalocean.com/pricing) which will host everything you need.
dokku is your answer. It's like your own heroku. DigitalOcean has it's own dokku image. In combination with supervisord you can keep the apps running even if the app crashes. It takes care of the ports for you, and allows you to deploy multiple apps to the same domain easily. If you have any questions let me know. this tutorial should get you started.
When you have everything set up, deployment is as easy as:
git remote add dokku :your-node-app git push dokku master
First of all, people have very bad experiences with GoDaddy. I'd never give them my business.
But in the end it comes down to two seperate things.
- Buying the domain name
- Pointing the domain name to the right servers
For example: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-host-name-with-digitalocean
Hmm... How does it cost that much?
I don't know how your bot works exactly but I'm assuming it queries /r/all/comments/new and messages/inbox/ 2 times per minute, if request is made then it uses API for some online wallet storage and transfers funds from one wallet to another then user is ~~massaged~~ sent a message and comment is posted to notify users of the transfer.
From my experience with reddit comments the average page returns about ~25kb of comments per request. Posting comments and sending messages doesn't require nearly as much data as it's only POST requests.
Now assuming you obey reddit API rules and make request every 30 seconds that would mean you get 50kb of data in a second, 3000kb/min, ~175.78mb/hr, ~4gb a day, ~130gb a month. Let's assume you get that much for messages too (you probably don't), that's ~260gb of reddit comments and messages.
The wallet API and messaging doesn't take a lot of resources since it consists mostly of smaller GET and POST requests, but lets say that consumes the same amount as parsing comments (in reality it probably uses ~1/10th of it) that would be another 260gb
Which brings us to (exaggerated) total of ~520 gigabytes per 31 days. In reality I'm guessing you use ~250gb or less per month??
Most VPS's offer 1TB+ bandwidth for as low as $5/month, like digitalocean https://www.digitalocean.com/pricing databases and CPU consumption shouldn't be a bottleneck as they're relatively simple tasks and database stores only IDs so the 20GB SSD should be enough.
Please don't think I'm saying you're lying or that you're wrong, this comment is more thinking out loud than "proof" or attempt to show that you're wrong. You have the stats and I'm just guessing data consumption and cost.
If you could share some real numbers I'd appreciate as I've been planning on running my own bot (for a subreddit) and by my calculations (like the one above) it is something that isn't too expensive.
I've heard a lot of horror stories but set it up anyway manually on a VPS with dovecot/postfix/MySQL/spamassassin + radicale for contacts and calendar. It was some learning to get started but has been ok since then. Once you get 10/10 on mail-tester Gmail will eventually accept your mails.
You really don't want to run your own mail server: https://www.digitalocean.com/community/tutorials/why-you-may-not-want-to-run-your-own-mail-server
Look into G Suite or Zoho or whatever, a couple of bucks a month.
You don't want to host your own mailserver, you will regret it. Look at something like G Suite, Zoho or whatever. It's just a couple of dollars per month and it saves you from all the hassle.
https://www.digitalocean.com/community/tutorials/why-you-may-not-want-to-run-your-own-mail-server
(I will assume you're a novice just in case, so forgive me if some of this is really obvious and/or is already handled by Wordfence, which I've never used or explored)
I actually did a college project on Wordpress security and we found the vast majority of security issues came from not updating as soon as new versions come out (both core and plugins). Keep an eye on vulnerability websites like https://wpvulndb.com to see what kind of horrible things can happen to you in old versions.
If you want to go really overkill, there are some plugins that hide the Wordpress version you're using so automated bots looking for vulnerable versions don't target you, but again, pretty overkill and IIRC it wasn't a trivial setup.
As misc advice for the server itself, definitely look into fail2ban. Set it up correctly the first time (I really like digitalocean tutorials for stuff like that), it's a pain in the ass to debug and fix the problems otherwise. Also, instead of having a "really secure SSH password", just set it up so it requires a public key, and add the keys of the people you want accessing the server to it.
SSL is absolutely trivial to set up nowadays thanks to the godlike help of Let's Encrypt, so I don't think you'll have any issues with that.
Regarding my own ransomware, it's probably irrelevant to you. I made the triple mistake of 1) hacking a Linux VPS into running windows server 2016, 2) leaving a completely exposed remote desktop service open 24/7 and 3) somehow forgetting to change the default password to that remote deskop service. Suffice to say, I'll stick to Linux in the future, which I actually know how to secure.
For the best possible purpose: Because you can.
Not to mention there's a general motivation to have SSH key authentication fit into some sort of PKI. Like with certs.
Kind of along the same lines as using DNS(SEC) to house host keys instead of the default approach of spitting out a key signature that everyone says "yes" to unless the client tells them it conflicts with known_hosts.
Wrong sub for this, /r/ccna would be better I think as they have info on basic subnetting, but its called CIDR notation and the /xx represents the length of the subnet mask (how many 1's are in the netmask)
https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
It was a quick example to prove my point. If you actually want a VPN that's cost effective it would depend on your use case. You have the basic choice of:
- Cloud hosted via a specific service (as linked). This is easy and expensive. So it's best suited to just 'occasional' use.
- Dedicated VM from a hosting provider. This is more fiddly as you just get a basic machine that you would have to configure from scratch (e.g. by following this guide). This is vastly cheaper than cloud especially for heavy usage or 'always on'. You also get full control over the VPN server so you know exactly what is going on.
- Buy a VPN service from someone. Easy and cheap. The downside is that you are relying on a 3rd party for your privacy. Torrentfreak do a nice round up regularly of what's out there. This is more flexible as there are services tailored to every type of use case and price point.
I use digital ocean and it's perfect. Aws is way overkill unless you know why you need it.
Use cloudflare, free wildcard ssl certificate, cdn, will hide your IP address. You can set the length it will catch files for
These guides you should do a few time until your understand.
https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-16-04
SSH to remotely access your server without a password.
https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04
Fail2ban to block failed ssh/password users gaining access to your server.
UFW to fire wall your server.
You can also mount your database and WordPress files in digital ocean block storage so you can kill a server and have your data in separate containers.
Get a floating IP address your domain points to at digital ocean that way you can change servers if you have to.
https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lamp-on-ubuntu-16-04
As can see digital ocean has amazing docs.
Also your understand that you can find system logs to in /var/logs when things break and config files can be found in /etc
Practically speaking there are two options at your disposal for making a dynamic rerouting decision like this: DNS or a floating IP.
DNS is nice because because it's out of band and you can request the same resource but get a different answer or IP depending on the state of your servers (e.g. always return the IP address of the primary unless it's down, in which case start returning secondary). For this to work you'd need to hardcode a URI into the app rather than the IP of the primary or secondary servers. You'd also need to write some code to dynamically update the DNS record when the primary server goes down or fails a healthcheck, or use a managed DNS provider that has these capabilities built in. If you control all of the systems and resolvers, you can use a 0 second TTL and disable or configure the relevant services (nscd/dnsmasq) in order to prevent the IP from being cached.
If your tolerance for failovers is milliseconds or your IP address is hardcoded into the application and can't change then you'll have to use a floating VIP - an IP address that both the primary and secondary servers have the ability to bind to an interface. This comes with its own set of complications but Digital Ocean has a nice overview here of one of the many ways you can implement this.
Another alternative which it sounds like you've hit on would be to build the healthchecking into the application itself and hardcode both a primary and secondary IP, then change the behavior of the app such that if it's unable to connect to the primary after x number of seconds it tries the secondary IP.