Home Blog Page 8

New Dedicated Server Available



Now we have new dedicated server available on our website. To get a complete list just follow the links below:

Rise Dedicated Server– https://www.bullten.com/rise-dedicated-servers.php

Advance Dedicated Server:- https://www.bullten.com/advance-dedicated-servers.php

Game Dedicated Server:- https://www.bullten.com/game-dedicated-servers.php

Storage Dedicated Server:- https://www.bullten.com/storage-dedicated-server-overview.php

If you have any doubt just contact using live chat or support ticket.

Force Users To Use Single Php.ini Under suPHP


If you have a dedicated server and use it to sell shared hosting then this article is for you. Today I am going to explain how you can force your users to use same php.ini under suPHP by disallowing .htaccess override. Limiting php.ini use will add security to your server and will disallow users to use custom php.ini file by overriding default php settings set by server administrator (root).



How to make it work:

Its very simple to enable this function in server using suPHP. Just by enabling phprc_paths in /opt/suphp/etc/suphp.conf will do the work for you. See the steps below:

vi /opt/suphp/etc/suphp.conf

Find the code below and press I to insert text.

;Uncommenting these will force all requests to that handler to use the php.ini
;in the specified directory regardless of suPHP_ConfigPath settings.

Remove (;) from the last three lines ie.


Now press ESCAPE button and enter :wq to save the file.

Restart Apache

/sbin/service httpd restart

Now Users wont be able to override your default php.ini file.

What Makes You Worried About MySQL?


Today everyone want their website to be implemented in dynamic programming language such as PHP, ASP, Etc that requires the use of MySQL databse to store user information ,passwords, senitive data. More the database entries, the bigger is your database. Sometimes MySQL server can act as your server enemy and takes much of your server resources which you can also see using top command or if you have cpanel/WHM you can directly check by clicking on top right corner link which looks like Load Averages: 0.01 0.05 0.07 upon logging in.

If you see MySQL taking high cpu load then you should worry. Try finding which database is causing trouble by running mysqladmin proc stat and some other random linux commands. If you successfully find it tell your developer to optimizie the website because poorly written code may be it’s cause and upon rectification you may also see the difference in the load.

Finally try to tune and optimize MySQL server using MySQLTuner. MySQLTuner is a perl script which overview web server and pop out some recommendations about improvements and stability for MySQL. I will not elaborate more about this tool as you can easily get more infomation on its own website (https://github.com/rackerhacker/MySQLTuner-perl#readme).

Are You Taking Advantage Of Security Questions In Cpanel/WHM?


Now a days due to immense of hacking attempts, webmasters have to take extra security measures to protect their server from anonymous attacks. A hacker can get your password by brute forcing your account, by infecting your pc and Etc. Are you worried they have your cpanel/WHM password? Choosing cpanel can make you feel safe about your server security.

Cpanel/WHM gives an advantage to rule over even if the attacker have your root password. Their security Questions feature adds a protecting layer between your cpanel login and GUI enterface of your server, if there is cpanel access from unauthorised ip. Whenever an ip which is not whitelisted access cpanel/WHM account then there is a popup of 4 security Questions and upon successfull answer only user will be able to enter Administrator panel or will be directly thrown out of web server. Isnt that great?

Cpanel have more stunning security features which makes it first choice of Web Administrator’s. I will be exploring more features in next post. For more information related to Security Questions see the link below:


Installing HAProxy For Anonymous Attacks And Load Balancing


HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for web sites crawling under very high loads while needing persistence or Layer7 processing. Supporting tens of thousands of connections is clearly realistic with today’s hardware. Its mode of operation makes its integration into existing architectures very easy and risk less, while still offering the possibility not to expose fragile web servers to the Net

You can read more here:- http://haproxy.1wt.eu/#desc

Installing HAProxy:-

You can check for the latest version here:- http://haproxy.1wt.eu/#down
At present 1.5 is in development phase 7 and we are going to use that

Note: The configuration file we have used is for single server Protection not for multiple server and made by its owner Willy Tarreau


wget http://haproxy.1wt.eu/download/1.5/src/devel/haproxy-1.5-dev7.tar.gz
tar xvfz haproxy-1.5-dev7.tar.gz
$ cd haproxy-1.5-dev7

Now we have to compile the installation file, we are taking example of centost OS

make install

Now make a new directory and copy haproxy configuration file there

mkdir /etc/haproxy
cd /etc/haproxy
vi haproxy.cfg

change the ip address below and copy it to haproxy.cfg

maxconn 20000 # count about 1 GB per 20000 connections
pidfile /var/run/haproxy.pid
stats socket /var/run/haproxy.stat mode 600

mode http
maxconn 19500 # Should be slightly smaller than global.maxconn.
timeout client 60s # Client and server timeout must match the longest
timeout server 60s # time we may wait for a response from the server.
timeout queue 60s # Don’t queue requests too long if saturated.
timeout connect 4s # There’s no reason to change this one.
timeout http-request 5s # A complete request may never take that long.
# Uncomment the following one to protect against nkiller2. But warning!
# some slow clients might sometimes receive truncated data if last
# segment is lost and never retransmitted :
# option nolinger
option http-server-close
option abortonclose
balance roundrobin
option forwardfor # set the client’s IP in X-Forwarded-For.
option tcp-smart-accept
option tcp-smart-connect
retries 2

frontend public

# table used to store behaviour of source IPs
stick-table type ip size 200k expire 5m store gpc0,conn_rate(10s)

# IPs that have gpc0 > 0 are blocked until the go away for at least 5 minutes
acl source_is_abuser src_get_gpc0 gt 0
tcp-request connection reject if source_is_abuser

# connection rate abuses get blocked
acl conn_rate_abuse sc1_conn_rate gt 30
acl mark_as_abuser sc1_inc_gpc0 gt 0
tcp-request connection track-sc1 src
tcp-request connection reject if conn_rate_abuse mark_as_abuser

default_backend apache

backend apache
# set the maxconn parameter below to match Apache’s MaxClients minus
# one or two connections so that you can still directly connect to it.
stats uri /haproxy?stats
server srv maxconn 254

# Enable the stats page on a dedicated port (8888). Monitoring request errors
# on the frontend will tell us how many potential attacks were blocked.
listen stats
# Uncomment “disabled” below to disable the stats page :
# disabled
bind :8811
stats uri /


In the above file replace to with your server ip address.

Change your Apache port to 8181 as in configuration file we are using that server srv maxconn 254.In WHM goto Tweak Settings and find Apache non-SSL IP/port and change it to 8181.

Restart apache

/etc/init.d/apache2 restart

Start haproxy

haproxy -f /etc/haproxy/haproxy.cfg

Now we have to check if its working. Go to your stats page to see

Replace serverip with your server ip used in configuration file and you will see full result generated by haproxy

If you are facing any issue then feel free to contact us

How to find the right web hosting company?


There are millions of websites and everyday some or the other website gets online to mark a niche for them. There are all sorts of websites ranging from personal to business related and each of them has one motive – get as many as visitors possible and become popular. To achieve this, they use various marketing initiatives and spend thousands or even millions of dollars! They may do the right thing, but the foremost concern should be the availability i.e. accessibility of their website.

Imagine a scenario when there are thousands of daily visitors to your website but your site is down for some or the other reason! Will it leave a good impression in the minds of your visitors? Will they come back? What if you had made some important change or announcement on your website but people can’t access it?Imagine all the efforts you put in to develop the website  and due to a minor mistake in decision making your work attracts a negative impression.

In order to avoid such circumstances, it is imperative to first have the best web hosting service because without it, no website can reach its audience. There are number of hosting solution providers all over the world and this domain is so competitive that with some research and proper information you too can avail the best service. Some of the features that you should definitely check are:

  • Website Availability – No matter what, the website should be accessible to people all over the world 24×7, 365 days. Every provider highlights this feature that they are always available and their server never goes down. Don’t go by their words. Do check the websites hosted on their servers and if possible, interact with their customers to get the real picture.
  • Communication – it is very necessary that the service provider is within reach and that too always. Check out the communication tool they use to interact with their customers and the turn around time. Also, make sure they provide best-in-class communication options to you as well like web mail, multiple accounts, auto-responders and so on.
  • Protection Against Hacking –Hacking is the biggest threat to any and every web property. Make sure that the hosting provider is well equipped with tools and security options to deal with hacking, virus and Trojan attacks. Further, do check to see if they are hosting some porn, gambling or illegal sites. These are the hub of Trojans and may affect you as well.
  • Web Software – What if you plan to extend your business offering by utilizing the benefits of e-commerce? It requires additional support of software and is the responsibility of hosting provider to make it available. Some providers offer it within the package while some charge extra. Do check the package options.
  • Website Building – Nowadays creating a website within no time and making it online is a rage. Almost every hosting solution provider gives this feature (either free of cost or for extra charge). Usually it is for the assistance of webmaster to create customized websites and making it online in no time. If your hosting provider is not equipped with this feature, time to look for someone else.

There are thousands of web hosting companies in this domain but all of them are not equal. Number of factors governs the quality of their service but most importantly is the knowledge level of the person managing the server. If a person is doing it just for the sake of earning money then he may be the wrong choice. Make sure to check the expertise of the person by firing volley of questions and observe if he is guiding you in the right path or not.

Get SSL Certificates


Bullten web hosting solutions is now selling SSL certificates to its clients. The starting price of SSL Certificate is 20$ per year.

To know more please click here

SSL Certificates Will Be Available Soon


Hello All,

Bullten Web Hosting Solutions will start selling SSL certification as its new service right from 30th November. As per the management team the starting price for the SSL certificate will start from 20$/yr.

There will be four type of license Domain , Wildcard, Business and Extended and will be sold at varying cost.

For more information please send us your inquiry at sales@bullten.com

Installing BDF To protect Your Linux Server From Brutefore Attack


BFD is a modular shell script for parsing application logs and checking for authentication failures. It does this using a rules system where application specific options are stored including regular expressions for each unique auth format. The regular expressions are parsed against logs using the ‘sed’ tool (stream editor) which allows for excellent performance in all environments. In addition to the benefits of parsing logs in a single stream with sed, BFD also uses a log tracking system so logs are only parsed from the point which they were last read. This greatly assists in extending the performance of BFD even further as we are not constantly reading the same log data. The log tracking system is compatible with syslog/logrotate style log rotations which allows it to detect when rotations have happened and grab log tails from both the new log file and the rotated log file.

You can leverage BFD to block attackers using any number of tools such as APF, Shorewall, raw iptables, ip route or execute any custom command. There is also a fully customizable e-mail alerting system with an e-mail template that is well suited for every day use or you can open it up and modify it. The attacker tracking in BFD is handled using simple flat text files that are size-controlled to prevent space constraints over time, ideal for diskless devices. There is also an attack pool where trending data is stored on all hosts that have been blocked including which rule the block was triggered by.

In the execution process, there is simply a cron job that executes BFD once every 3 minutes by default. The cronjob can be run more frequently for those that desire it and doing so will not cause any performance issues (no less than once a minute). Although cron execution does not permit BFD to act in real time, the log tracking system ensures it never misses a beat in authentication failures. Further, using cron provides a reliable frame work for consistent execution of BFD in a very simplified fashion across all *nix platforms.


wget http://www.rfxn.com/downloads/bfd-current.tar.gz
tar zxvf bfd-current.tar.gz
cd bfd-1.4
sh install.sh

The included install.sh will install bfd to the ‘/usr/local/bfd’ path and place a 3-minute cronjob in ‘/etc/cron.d/bfd’. The setup script will also execute an included ‘importconf’ script if you have a
previous version of bfd installed, which will import your previous settings.

The configuration file for BFD is located at ‘/usr/local/bfd/conf.bfd’. The most important option is the TRIG=”” value in conf.bfd as this check number of failed logins before an address is blocked.

Free Website Builder As Add-on Feature


Bullten web hosting solutions launches a new addon feature for web hosting as Website Builder.
Now don’t pay heave amount for web development and designing, use our free service without any programming knowledge.

1) 1000 and more professional templates
3) 5 min website ready
2) No coding knowledge needed
3) Separate Management panel
4) Free for our clients
5) Unlimited pages creation & much more

This new exciting addon have lots of feature which you wont understand until you use it. Contact our sales department for more info.