Category Archives for Technical

Why I am moving my domains from Netfirms to Namesilo

List of Domains available


Netfirms vs NameSilo


I have used many registrars over the years and each year they seem to get more expensive. I get these businesses need to make a profit, but they seem to be into the nickel and dime business model. I have about 5 – 10 domains, so I am looking for a reasonable price for an adequate service. The thing that really made me move this  year was the renewal price. I was ok to pay around $10 to register a domain but also to renew a domain, but when I noticed quite a jump in cost, that made me start looking.


I did a quick search and quite a few names popped up

  • GoDaddy of course
  • Namecheap
  • Tucows
  • 1&1 (Supposedly the cheapest for 99c but bad reviews)
  • NameSilo

and a few others. I hadn’t heard of NameSilo before, but found them on a forum that somebody was recommending. I think I had used Namecheap before but hated their interface for one reason or another and I don’t think they were that inexpensive.


There are a lot of mixed reviews on the internet so do your research. One of my requirements is that the registrar must be able to register .CA and .COM domains, so I can keep my domains all in one area.




I am currently with Netfirms but plan to move all my domains away from to NameSilo. There were really two issues I had with Netfirms, one their renewal price was too much especially when it was converting the cost in to CAD$ for me and two this is a big one, the Privacy setting is an extra $10 a year. I mean, seriously ? In order to have a privacy setting, I need to pay $1 a month, not a set fee for all my domains .. I was used to using where the privacy setting was included and to be honest SHOULD BE included


I had recently registered a new domain and didn’t realize the amount of spam new domains created, I got at least 50-100 emails, plus I got endless calls on my phone that I provided and I am unable to stop them calling unless I paid $10 for the privacy setting, this absolutely made my blood boil that I was unnecessary subjected to this and the fact they trying to make an extra $10 off you per domain because they KNOW this happens. They have completely lost my respect and business.


Also I had many email issues with Netfirms, I never received my emails and couldn’t figure out why, try many changes to DNS etc. I was curious to see if I would have the same challenges on name silo and surprise surprise I did not, my email actually works, I was a little speechless.



Why NameSilo?


First off NameSilo’s renewals are the same price as the registrations and there motto is no hidden costs, check them out here. The second thing, I noticed registrations are under $10 which is great, it’s in the ballpark.


Third thing I noticed, the privacy setting is FREE and included in the cost of the domain, to be honest this is how it should be now days with privacy around domains and just privacy in general.


Setting up the domains was relatively straight forward, the domain screen allows you to click on the domain and a bunch of icons will highlight above the domain.


NameSilo Domain Setup Screen


Setting up DNS


Setting up DNS was a little more tricky, but watching a few youtube videos quickly made the process easy to understand. There are two things you can do.


Setup a DNS Server and point them to your DNS Servers if you run separate DNS Servers or you can configure or UPDATE DNS with your DNS Records, all very straight forward


NameSilo DNS Setup Screen


Video on how to point your domain to an IP Address




Managing the Domain


There are a bunch of different things you can do to manage the domain, make sure you Turn on the Privacy setting during registration, but if you miss, just head in settings and update the privacy settings, so you don’t get spammed.

Most of settings will default to the standard settings like locking the domain and parking the domain. I don’t particularly care for the new domain settings, so getting out of the parked domain is a little confusing. The nice thing you can do at NameSilo is setup templates, so if you have a domain transferred over already, then you can create a template and use this template to update the DNS Settings as above.


I wanted my email to go thru NameSilo which I forward to my personal accounts, but I want the domain to hit my web server, this can be achieved with similar settings as above.


NameSilo Domain Setup Screen



Things I like about NameSilo


  • Reasonably priced domains, perhaps the cheapest with no hidden costs
  • FREE Privacy Settings
  • Relatively easy interface once you get used to it, I would say it is easier to get around than Netfirms. The interface is a little dated, but it works.
  • Renewal fees are same cost as registrations
  • They seem open about the costs and seem honest in the advertising




I can recommend NameSilo to anyone look for a decently priced registrar with no hidden costs and a good interface. It probably takes 10 minutes to figure out the interface, but once you do it is a breeze.


I have used various registrars, domainsatcost, net firms, tucows, backspace and these guys rank up with the other guys and better. I thought I wouldn’t like the user interface, but it has grown on me.


Setting up a Home NAS / File Server

Build a Home NAS

Scope of this Article (NAS)


This article will cover how to create a NAS Server for your home. I am going to talk about several ways to do this and how to go about configuring a NAS with Linux on a PC. If you would like to see certain points covered, just let me know in the comments section. I am not going to cover the most efficient way to create a NAS, but what works for me. My main reasons are 1. Duplicate my data so it is safe 2. Not use any propriety hardware like RAID Controllers which could fail and cause data loss 3. Cost – Keep it at a reasonable cost


The two topics I will cover are

  • Setting up a Linux NAS Server
  • Buying a NAS in a Box Solution.


There are many choices of Home NAS’s out there today which you could consider depending on what you looking for. One of the common solutions and well known is the Buffalo NAS Solution such as the Buffalo Link Station 210 .This is a easy solution in a box. If you looking for a no fuss solution, then take a look at the Buffalo Series, they have been around for a long time. There are various models and the price has come down quite a bit than when they first launched. They start around $150 – $200 without hard drives and some of them include hard disks, so look out for that.


Buffalo NAS in a Box

Buffalo NAS In a Box ModelsBuffalo NAS In a BOX

The more expensive version can be found here TeraStation 1400 4-Drive 8 TB Desktop for Home Office which does include hard disks and is an all around solution. If you looking for simple home NAS management, then a NAS In a box is for you. My only issue with these types of devices is your data is been managed by a NAS Solution and you don’t really have a lot of control of it. Sure it comes with some nice neat cool features like Raid 1 & 5 or whatever the latest RAID  fad is and overall this is fine. For me I like to be in control of my data. Another nice thing about this NAS in a BOX is it has RAID 5 type technologies, what this essentially means in layman’s terms is you get a bigger bang for your buck, hence you get more space, since it creates a RAID across the disks.


Product Highlights

Some of the features you get with these units are pretty cool. As I already mentioned the different RAIDS for either redundancy / performance or more disk space since you raiding across multiple disks. It is worth while reading up on RAID levels that you can make an educated decisions. Here is a quick comparison with RAID 5 vs 10. Personally I would recommend using RAID5 unless you need the performance else consider RAID 6 or 10 depending on what your unit supports.


  • Ideal for small businesses, home offices, and power users
  • Hot-swap SATA hard drives
  • RAID 0/1/5/10/JBOD (Individual Disks)
  • Hot-spare
  • 1.2 GHz dual-issue ARM processor, 512 MB DDR3
  • USB 2.0 port with accessory support
  • Active Directory integration
  • Disk quota support
  • Scheduled or real-time replication to other TeraStation devices
  • 10 free licenses of NovaBACKUP Business Essentials v14


QNAP Nas System


Another brand I can recommend is the QNAP Series, I have a friend who swears by them and has used them for over 5 years. One of the models is the  QNAP TS-453A 4-Bay Professional-Grade Network Attached Storage, Supports 4K Playback which is one of the more recent models.



== Product Highlights ==

  • NAS and iSCSI-SAN unified storage solution for server virtualization
  • Supports VMware, Citrix, and Microsoft Hyper-V and advanced virtualization features
  • AES-NI hardware-accelerated encryption for efficient cryptographic performance up to 412 MB/s
  • Supports hardware decoding and transcode 4K (H.264) videos on-the-fly or offline
  • Dual HDMI outputs for switching between mirroring and extended desktop options
  • Supports the Linux OS with direct output via HDMI
  • Equipped with 24-bit digital to analog converter (DAC) for amplifier and clear audio



Building your own NAS System


The HOME NAS I wanted to talk about meet some relatively simple objectives, if these objectives are for you, please read on. I am choosing Flexibility over HIGH Performance and data security without the fuss as time goes by

  • Fairly simple to setup and maintain
  • Easy to recover from a failure
  • Easy to upgrade disks to larger disks without impacting the NAS or having to try recreate a logical volume.
  • Keep old disks as backups should you have a complete failure or mishap
  • Raid 1 type redundancy (more costly)
  • Encrypted Disks. I think now days everything should be encrypted, this has added complexity and pro’s and con’s. If you are keeping sensitive information, tax forms, sensitive photo’s etc, you should be seriously considering encryption. If someone breaks in and steals your computer or NAS, you want to make sure it is safe. Most thieves typically won’t care about data, but depending on your circumstances, they might.

What I was not so much concerned about although would of been a nice to have

  • High Performance
  • Saving disk space or having large capacity when using RAID 5.


Negative side of RAID Controllers in the home environment


What I wanted to stay away from was a situation where I lost my data either due to a disk failure or unable to replace the hardware due to age such as a raid controller. In a RAID 5 environment your data is spread across 3 disks or more and losing one of those disks without a proper controller would mean data loss and complicate things generally. Now days it is mostly hardware that does this so you don’t have to worry.

Raid controllers are great when they work, but if you unable to replace them, you may have no data which will be a disaster if you rely on your NAS.

Take for example your RAID controller works fine and before you know it, 5 years has passed. The chances of you getting the same type of controller are slim to none in this fast moving hardware world.

I also want to be in control of my data and how it is backed up, accessed, encrypted, see it, use it and copy it if you needed to recover a file, typically what you would expect from a file server.


Building your NAS out of PC components


== Hardware Requirements ==

  • Suitable Server/PC with a basic configuration (We will talk a bit about the components)
  • A Case with Hard Disk Expansion and lots of cooling to keep your disks cool
  • A decent PSU (Power Supply Unit) 600 Watts and Above
  • A motherboard with 4-6 SATA connections or more, at minimum I would get at least 4 SATA Connections
  • A minimum of 2 Hard disks to start with (you probably want to build it up to 4 disks or more), 1-2TB and up. I would recommend a minimum of 2 x 2TB Disks + 1 Disk for the Boot disk. My preference is Seagate, but you can choose what you like.


Here my recommendations, you can choose what you like. Remember we trying to keep this cheap, it’s simply a file server and not your main PC.


Building a PC vs Buying a preconfigured PC ?


It is up to you if you want to build your own PC or build it from scratch buying components. Many local stores will build you want to your specs and you can tell them what you want in it. I have build computers in the past, but have no interest in trying to get everything to work, I would either buy a preconfigured computer (just make sure it has the 6 hard disk bays) and the motherboard with 6 SATA connections or more and have a local computer store build it for you. You can provide a list of parts you want them to use and have them build it to your spec, that way they will make sure it works and you take no risk in destroying a part. That been said, if you enjoy tinkering with computers and like building computers, here are some components you use. Do your research and buy the ones that your comfortable with and are within your budget. You should be able to build a decent computer for under $500.


Computer Case

Take a look at the Antec line of cases, they have some really inexpensive cases and some nice looking ones, here is one I bought many years ago, but there are many different types on the market. I like this one for the look and for the fact it can take at least 6 Hard Disks. I currently keep 5 Disks in Total (4 Data Disks and 1 Boot Disk).

  • A decent case for cooling your hard disks. I recommend the Antec 900 that can handle many 9 hard disks and has 7 fans for cooling. This is a really cool and inexpensive case. The 7 fans keep the hard drives as cool as anything. The fans also have a speed control, so you can make the hard disks super cool, definitely consider it.


You can get some cases for as low as $25 US and at the end of the day, they just going to serve your disks, so I wouldn’t go too crazy on the cost and look if you can avoid it. Get one with man bays and can take 3-4 fans, because you going to want to keep your disks cool. As a note, the more fans you have the more likely the case will collect dust, just an fyi


Antec Nine Hundred Black Steel Computer Case



I am a big fan of ASUS motherboards, but now days you can’t go wrong with the various brands out there. Look for one with 6 SATA connections, you don’t have to worry about the other fancy video connections etc. To reduce cost, just board one with all you need on a single board, Network Connections, WIFI if you want (I would still recommend a hard wired connection for a File Server.




Hard Disks

As I already mentioned I am a fan of SEAGATE Hard Disks .. I have a low failure rate. A lot of people swear by Western Digital, so buy the brand you comfortable with. Here is an example for the Seagate


I recommend you look at either the 4TB or 8TB Disks. Try to get a disk with 5900RPMS and try stay away from the 7200 RPMS unless you getting the 8TB Disk.

Seagate Barracuda 4TB ST5000DM000                     Seagate Archive HDD 8TB SAT         Western Digital 4Tb SATA 6.0Gb/s 5400 RPM


For your Internal disk you can just get the cheapest smaller disk, either a 1TB, 2TB or even a SSD, just make sure you can run SSD Disks and Regular hard disks on the same motherboard

== Software Requirements ==

# Mint Linux (Current version) and up or any recent release 18.x etc
# Samba which should come preinstalled, but you may need to install it separately
# Truecrypt if you need or want encryption for your data. [ Truecrypt]. I will talk about Truecrypt in a bit and how the developers tried to kill it off.

== Setting up your NAS ==

# Install your preferred version of Linux
# Install SSH (apt-get install ssh) or just load up the software manager and install the feature software packs. Mint does a good job at allowing you to search and install packages with ease now.
# Install [[Truecrypt]]. You will need to download this 
# Verify all your disks are setup by going to System -> Administration -> Disk Utility / Gparted. You should see 3 Disks, 1 Boot disk and 2 Data disks.



Gparted Overview



Let;s talk a little bit about Truecrypt, it is really a great piece of software and make no mistake, you can and should still use it. If you do research you going to see a whole bunch of conflicting messages. I think what happened is the government was forcing the developers to create a back door which they refused so they tried to kill it off. That been said, it is worth while reading this page

Gibson Research is a well known name when it comes to security and if you were like me in the old days used them to scan your PC for vulnerabilities. This is the final resting home of Truecrypt and you can safely download the last releases. Make sure you download the 7.1a version and not any later version which will contain warnings in them. 7.1a is the version you want.

TrueCrypt Encryption Software





True crypt download

For Linux you can download it here.

Linux 64 Bit: truecrypt-7.1a-linux-console-x64.tar.gz

Linux 32 Bit: truecrypt-7.1a-linux-console-x86.tar.gz

Configuring your Disks

  • For each physical disk, create a file system on it such as /dev/sdc1, /dev/sda1. You can choose what ever file system you want, I chose ext3 or your can use ext4. This takes about 30 mins or so for a 2TB disk.
  • Once you have the file systems created, you can choose to encrypt the file systems or not. I am going to walk you through the process at a high level on how to encrypt the disks (I may create a separate Wiki for this). But it is really no different than creating a Linux file system perspective.
  • TrueCrypt comes with a gui now, so encrypting devices is fairly straight forward, here is a quick command line tutorial which does the same thing
  • Encrypt the entire disk, but you can also choose to create hidden volumes instead, but I recommend a full disk encryption as it is easier to manage

Once you have encrypted your volumes, you can just mount them with a simple script (I will provide you with my VERY simple script 🙂 ) or you can just  load the gui, but this is more of a pain if you have multiple file systems, it’s ok with one file system, but in my case I have 4 disks with 4 encrypted file systems on them.

Once you have the file systems mounted, you should have something like this

# df -h

Filesystem              Size  Used Avail Use% Mounted on

udev                    704M   12K  704M   1% /dev

tmpfs                   144M  1.4M  143M   1% /run

/dev/dm-0               457G  7.3G  427G   2% /

none                    4.0K     0  4.0K   0% /sys/fs/cgroup

none                    5.0M     0  5.0M   0% /run/lock

none                    720M   76K  720M   1% /run/shm

none                    100M   32K  100M   1% /run/user

/dev/sde1               236M   85M  140M  38% /boot

/dev/mapper/truecrypt1  3.6T  1.9T  1.6T  55% /fs2

/dev/mapper/truecrypt2  3.6T  1.9T  1.6T  55% /fs3

/dev/mapper/truecrypt3  1.8T  1.4T  365G  80% /fs4

/dev/mapper/truecrypt4  1.8T  1.4T  365G  80% /fs5


As you can see I have 4 File Systems, I have 2 x 4TB Disks and 2 x 2TB Disks in my system.  The nice thing is if I lose any 1 disk, it won’t impact me in anyway. If I lose both of my disks (either the 2TB or the 2 4TB) I am hooped, but the likely hood of that is low.


File System Mounting Script

I have a  very simple script which I run after I boot up my machine. I think I read there is a way to load a key file but I kind of think this defeats the purpose if someone else can potentially mount the disks. Not sure, feel free to comment. I like to manually mount my disks and enter in the passwords, makes it feel more secure. The downside is if I ever forget the password (I am getting old), I will lose everything.

#!/bin/bash -x

df | grep fs2
if [ “$?” -ne “0” ]
truecrypt /dev/sda /fs2

df | grep fs3
if [ “$?” -ne “0” ]
truecrypt /dev/sdb /fs3

df | grep fs4
if [ “$?” -ne “0” ]
truecrypt /dev/sdc1 /fs4

df | grep fs5
if [ “$?” -ne “0” ]
truecrypt /dev/sdd1 /fs5

Disk Replication / Rsync Disks

In order to keep your disks in sync, put a rsync script in cron which syncs your file systems

# m h dom mon dow command

00 01 * * * /fs2/

Replication Script (

#!/bin/bash -x

rsync -a -v –delete /fs2/ /fs3 rsync -a -v –delete /fs4/ /fs5

Samba / File sharing

Once you have your disks up and running, you now need to setup samba.

  • Edit /etc/samba/smb.conf and add your shares.
  • Restart Samba /etc/init.d/samba restart
  • Try connecting from your PC to your NAS Server IP and your share name.



# more /etc/samba/smb.conf
workgroup = MYGROUP
server string = VMS Server
hosts allow = 192.168.2., 192.168.1.
; printcap name = /etc/printcap
load printers = yes
printing = lprng
; guest account = smbuser
log file = /var/log/samba/%m.log
;max log size = 0
security = user
encrypt passwords = true
smb passwd file = /etc/samba/smbpasswd
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
log level = 2
debug level = 2
unix extensions = No
spnego = no
stream support = no
ea support = no
darwin_sreams:brlm = no

path = /fs2/Folder
writable = yes
valid users = root,smbuser,[your username]
browseable = yes
public = yes


path = /fs2
public = yes
only guest = no
writable = yes
valid users = [your username], root
browseable = yes
public = yes



path = /fs4
public = no
only guest = no
writable = yes
valid users = [your username], root
browseable = no

comment = Home Directories
browseable = no
writable = yes
create mask = 0700
directory mask = 0700



Please comment below and let me know what you think of this article and if there is anything I could add to improve it.


Thank you

Raid 5 vs Raid 10 Comparison Chart

RAID 5 vs. RAID 10

A RAID (redundant array of independent disks) combines multiple physical drives into one virtual storage device that offers more storage and, in most cases, fault tolerance so that data can be recovered even if one of the physical disks fails.

RAID configurations are organized into levels such as RAID 0, RAID 1, RAID 5, RAID 6 and RAID 10. RAID levels 0 through 6 are called standard levels. The most common RAID configurations are RAID 0 (striping, where data is split into blocks stored across different physical disks), RAID 1 (mirroring, where multiple copies of data are stored on separate disks for redundancy), RAID 5 (distributed parity, which includes striping plus storing parity information for error recovery), and RAID 6 (dual parity).

This comparison looks at RAID 5 and RAID 10 in detail

Comparison chart

Raid Comparison 5 vs 10

How I’d Hack Your Weak Passwords

How I’d Hack Your Weak Passwords

Internet standards expert, CEO of web company iFusion Labs, and blogger John Pozadzides knows a thing or two about password security—and he knows exactly how he’d hack the weak passwords you use all over the internet.
Note: This isn’t intended as a guide to hacking *other people’s* weak passwords. Instead, the aim is to help you better understand the security of your own passwords and how to bolster that security.
If you invited me to try and crack your password, you know the one that you use over and over for like every web page you visit, how many guesses would it take before I got it?
Let’s see… here is my top 10 list. I can obtain most of this information much easier than you think, then I might just be able to get into your e-mail, computer, or online banking. After all, if I get into one I’ll probably get into all of them.


  1. Your partner, child, or pet’s name, possibly followed by a 0 or 1 (because they’re always making you use a number, aren’t they?)
  2. The last 4 digits of your social security number.
  3. 123 or 1234 or 123456.
  4. “password”
  5. Your city, or college, football team name.
  6. Date of birth – yours, your partner’s or your child’s.
  7. “god”
  8. “letmein”
  9. “money”
  10. “love”


Statistically speaking that should probably cover about 20% of you. But don’t worry. If I didn’t get it yet it will probably only take a few more minutes before I do…
Hackers, and I’m not talking about the ethical kind, have developed a whole range of tools to get at your personal data. And the main impediment standing between your information remaining safe, or leaking out, is the password you choose. (Ironically, the best protection people have is usually the one they take least seriously.)
One of the simplest ways to gain access to your information is through the use of a Brute Force Attack. This is accomplished when a hacker uses a specially written piece of software to attempt to log into a site using your credentials. has a list of the Top 10 FREE Password Crackers right here.
So, how would one use this process to actually breach your personal security? Simple. Follow my logic:


  • You probably use the same password for lots of stuff right?
  • Some sites you access such as your Bank or work VPN probably have pretty decent security, so I’m not going to attack them.
  • However, other sites like the Hallmark e-mail greeting cards site, an online forum you frequent, or an e-commerce site you’ve shopped at might not be as well prepared. So those are the ones I’d work on.
  • So, all we have to do now is unleash Brutus, wwwhack, or THC Hydra on their server with instructions to try say 10,000 (or 100,000 – whatever makes you happy) different usernames and passwords as fast as possible.
  • Once we’ve got several login+password pairings we can then go back and test them on targeted sites.
  • But wait… How do I know which bank you use and what your login ID is for the sites you frequent? All those cookies are simply stored, unencrypted and nicely named, in your Web browser’s cache. (Read this post to remedy that problem.)


And how fast could this be done? Well, that depends on three main things, the length and complexity of your password, the speed of the hacker’s computer, and the speed of the hacker’s Internet connection.
Assuming the hacker has a reasonably fast connection and PC here is an estimate of the amount of time it would take to generate every possible combination of passwords for a given number of characters. After generating the list it’s just a matter of time before the computer runs through all the possibilities – or gets shut down trying.
Pay particular attention to the difference between using only lowercase characters and using all possible characters (uppercase, lowercase, and special characters – like @#$%^&*). Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.

How I’d Hack Your Weak Passwords


Remember, these are just for an average computer, and these assume you aren’t using any word in the dictionary. If Google put their computer to work on it they’d finish about 1,000 times faster.
Now, I could go on for hours and hours more about all sorts of ways to compromise your security and generally make your life miserable – but 95% of those methods begin with compromising your weak password. So, why not just protect yourself from the start and sleep better at night?
Believe me, I understand the need to choose passwords that are memorable. But if you’re going to do that how about using something that no one is ever going to guess AND doesn’t contain any common word or phrase in it.
Here are some password tips:


  1. Randomly substitute numbers for letters that look similar. The letter ‘o’ becomes the number ‘0′, or even better an ‘@’ or ‘*’. (i.e. – m0d3ltf0rd… like modelTford)
  2. Randomly throw in capital letters (i.e. – Mod3lTF0rd)
  3. Think of something you were attached to when you were younger, but DON’T CHOOSE A PERSON’S NAME! Every name plus every word in the dictionary will fail under a simple brute force attack.
  4. Maybe a place you loved, or a specific car, an attraction from a vacation, or a favorite restaurant?
  5. You really need to have different username / password combinations for everything. Remember, the technique is to break into anything you access just to figure out your standard password, then compromise everything else. This doesn’t work if you don’t use the same password everywhere.
  6. Since it can be difficult to remember a ton of passwords, I recommend using Roboform for Windows users. It will store all of your passwords in an encrypted format and allow you to use just one master password to access all of them. It will also automatically fill in forms on Web pages, and you can even get versions that allow you to take your password list with you on your PDA, phone or a USB key. If you’d like to download it without having to navigate their web site here is the direct download link. (Ed. note: Lifehacker readers love the free, open-source KeePass for this duty, while others swear by the cross-platform, browser-based LastPass.)
  7. Mac users can use 1Password. It is essentially the same thing as Roboform, except for Mac, and they even have an iPhone application so you can take them with you too.
  8. Once you’ve thought of a password, try Microsoft’s password strength tester to find out how secure it is

By request I also created a short RoboForm Demonstration video. Hope it helps…
Another thing to keep in mind is that some of the passwords you think matter least actually matter most. For example, some people think that the password to their e-mail box isn’t important because “I don’t get anything sensitive there.” Well, that e-mail box is probably connected to your online banking account. If I can compromise it then I can log into the Bank’s Web site and tell it I’ve forgotten my password to have it e-mailed to me. Now, what were you saying about it not being important?
Often times people also reason that all of their passwords and logins are stored on their computer at home, which is safe behind a router or firewall device. Of course, they’ve never bothered to change the default password on that device, so someone could drive up and park near the house, use a laptop to breach the wireless network and then try passwords from this list until they gain control of your network — after which time they will own you!
Now I realize that every day we encounter people who over-exaggerate points in order to move us to action, but trust me this is not one of those times. There are 50 other ways you can be compromised and punished for using weak passwords that I haven’t even mentioned.

I also realize that most people just don’t care about all this until it’s too late and they’ve learned a very hard lesson. But why don’t you do me, and yourself, a favor and take a little action to strengthen your passwords and let me know that all the time I spent on this article wasn’t completely in vain.
Please, be safe. It’s a jungle out there.

EDIT: You might also want to listen to my interview on Connecticut Public Radio about password security.

AWS Hosting for a Personal Website ?

This article is about evaluating whether AWS Hosting is a viable solution for personal websites vs another hosting solution.

A bit of background, I was in search of a hosting site for my WordPress Blog. I am a technical person, so one of the requirements was SSH access in case I needed it. Most of you won’t need to care for SSH access, but if you want to get down to to the nuts and bolts it may be something you want to consider. I setup a Linux PC at home with Mint Linux to get me started, but soon realized I needed something for stable, faster and realizable so started looking at web hosting providers. This will be a live overview of my experiences.


In search of a web hosting site and did a bit of research to find the best place to host a website. One of the things I considered was hosting on a personal PC even if I went out and bought a reasonably beefy PC but decided against it for various reasons, first it would probably be against my TOS from my internet provider although I could look into whether they would allow it. I will try not take too long before I jump into the AWS pieces. I will be talking about


  • A2 Hosting
  • Blue Hosting
  • AWS Cloud Hosting


Other factors such as power outages, slowness, security etc came to mind. Also I was looking for a long term strategy where I didn’t have to worry about power outages etc. After several hours of searching and one of my requirements was SSH access was a must for me. Two names stood out, A2 Hosting and BlueHost as the real contenders for me. This is a good site to look at the list of contenders.


List of top 10 hosting providers with SSH Access


Both are well known names in the hosting industry and I can probably recommend either one. I actually ended up choosing A2 Hosting even though everything in my gut was telling me to go with BlueHost. At the end I chose to go with A2 Hosting and regretted literally almost immediately, first thing I noticed it had used my domain name as my login credentials, this is bad, what if I wanted to change my domain, I actually didn’t think I would be locked into a domain name for my site, but everything was based on this. I am not sure if BlueHost does this as well ? Maybe someone can confirm for me. OK fine, so I logged a support ticket, thinking no problem, it can be changed.


So I waited and hour, 2 hours, 3 hours ? Geese I thought as a new client, I would get some sort of immediate attention should I run into any sign up issues. OK fine, maybe they busy so I take the dogs for a walk, thinking when I come back, I would of gotten a response, Nope! This was now 5 hours later and now I am just plain frustrated, so I login and CPANEL looks great, many icons/options (bear in mind I am relatively new here to web hosting, I did some many many years go, probably 10 to be host)


SSH Access


Anyway looked like they had many options. I thought let me test shell access while I am waiting, again my user name from my domain embedded everywhere, in the path, in the DB if I wanted to create a table, it had to be prefixed with my user name, all of this left a bad taste in my mouth, I tried to do a ‘who’, all of this has been disabled, I get the box is shared but too the point I couldn’t do a who on the server. For those looking for true SSH Shell Access .. these types of web hosts might not be the right fit.


If you looking for an easy to manage WordPress host with easy access to service without the fuss, then take a look at BlueHosting, I can’t in good conscience recommend A2 Hosting only because of my recent experience, but I also have nothing against them, I do believe they are are competitive hosting provider providing a service which is completely suitable for the novice person who doesn’t need or want SSH Access. They refunded me my money, no questions asked and this was one of the reasons I did sign up with them so I give them kudos for that and the zero fuss in getting my money back. Definitely take a look at them as an option.

On to AWS as Hosting Provider


Everything I saw, just didn’t leave a good feeling in my stomach. So I started thinking whether AWS would be a contender in this space. My immediate thoughts was AWS is too expensive, way more than I needed, probably didn’t offer the CPANEL that would make our lives easier, but thought why not. I remember looking at them for a little while ago and remembered they had a free tier service. What this essentially means is they will give you a certain amount free stuff before they start charging you for anything.



Before we get started. I am not trying to sell you on AWS, I don’t earn any commissions or sales and won’t make any money. I will discuss with my you my impressions and experiences. Ok now that the elephant is out of the room. The short end of the story is I do recommend AWS for personal hosting, there are many things I do like about it and some things I don’t, but it is going to be aimed at users who don’t mind using the command line like myself, but I will get more in to it. Continue reading if you I haven’t lost you yet.


OK first things first let’s talk about the Free Tier Service AWS offers. Head over to AWS if you want to understand more or click ont the below image.


List of free items you will get from AWS


Create an Account

Go check it out for yourself, you will need to supply a credit card before you can build anything (this was my biggest concern, but my fear is unfounded). They have a  great billing interface and you can also setup alerts and notifications for your budget. I put $20 to be alerted as a maximum. I have had an AWS account and so far I have only been billed 1c (one cent) for playing around with snapshots. FYI, don’t create snapshots unless you need to, although I wouldn’t worry, it’s still very cheap so it won’t hit your pocket too much should you decide to, but just know you do get charged for Snapshots. Snapshots are basically a copy of your Environment / Virtual Machine as a backup.


Second thing is, before I forget, any file you edit make a backup off. For example if you start editing httpd.conf, make a backup first. I messed this up and ended up need to restore it from a 2nd image hence the snapshots, just backup any file to a backup first, do something like cp httpd.conf httpd.conf.orig and so on.


Ok once you login to your AWS account, you going to see a screen like this


First screen you will see once you logged into the AWS Environment



You going to want to click on the Launch Virtual Machine. This will allow you to create a Virtual that you can test and play around on. I decided to go with the LightSail virtual image vs the EC2. I liked the price and it allowed me to remain in the $5 per month budget I had. From what I understand Light Sail is basically a simpler way to deploy a micro EC2 image without all the fuss and confusion around buckets, I wanted to keep it simple and looks like this was the route to go. Light sail is basically an EC2 Image.


Here is what they say so an explanation as the difference.

EC2 Instance vs LightSail

EC2 vs Lightsail Instances


The next option is the type of Image you going to want, I went with the $5 and currently they offering the images free for the first month, so if you don’t like it, this is a great way to test it out and get rid of it if it doesn’t suit your needs to you hate it.


WordPress Instance or OS only ?

Overview of options to pick to setup your virtual machine


The first thing you going to want to choose is either Linux or Windows. Windows is $10 a month vs Linux which is $5. I recommend the linux option, but whatever suits your needs. If you purely looking to run a WordPress setup and do not want to run any other websites, pick the WordPress Setup (this the one I picked). Next time I would likely pick just the OS, since I do have a need for another setup and having wordpress as the main setup complicated things slightly. I have found so far the micro or $5 instance is very responsive, I don’t notice anything slow about it whatever. If you need to upgrade, you can upgrade to a more beefier EC2 instance if you need.


I have read if you want a CPANEL for your environment, there is something called ZPANEL. I haven’t looked into it too much, but it is available, but does not work with a bitnami setup, so I would suggest again to select a bare OS to begin with and not pick the WordPress setup if you think this is something you may need.




I can’t talk too much about price as this is a big concern for me as to what this will cost. I don’t have the answers yet but will report back. So far I know it it’s going to cost me $5 US a month Basically what they means is they will charge you up to $5 for the use as long as you don’t exceed the basic plan. It’s all going to depend how busy your site is and how much in resources you will consume.


I will come back and talk about this, once I have had a few months or my first month on what it is costing me so far. I have a WordPress Blog and a Website for my affiliate marketing which I use, so it is going to be an interesting experiment on how much this will cost me at the end of the day.

Cost Calculator

There is a cost calculator which is very overwhelming when you first use it, but perhaps I will come back and visit that as well for you folks who are interested, but I do recommend you take a stab at it if you want to to try work out some estimated costs. You can get it here AWS Simple Cost Calculator 


Ok next things, once you have select a image, you will need to select a location, it will default to one near you, I was defaulted to Oregon which is fine since I am on the West Coast. I don’t think is going to matter too much, and I believe you can move it should it become and issue down the road. But for blogging purposes it really should matter too much as the access is going to be quick no matter which data centre you are in.

Next things, head over to your service. Click on Services and select either Light Sail or EC2. It is not too intuitive and the Dashboard is a little confusing, but you basically can head over to LightSail if you chose that as your service.

All services

EC2 Container Service
Elastic Beanstalk


You will then be presented with a nice Dashboard of your Services, they keep it nice and simple to manage.


Dashboard of your Services


Overview of Virtual VM list on AWS


From this point on you can now manage your Virtual Machine, reboot it etc. A free static IP is provided with the Lightsail service which is nice, so I recommend you use it. You can make snapshots, look at metrics to see how your VM is doing. Most of the time you will not need to come here often, but it’s a good idea to keep an eye on things.


Keep in mind you can only create 3 Free DNS Zones and they have to be top domains, basically you can attach 3 Domain names to your environment if you need. If you need more AWS has a DNS service which you can subscribe to. At the end of the day you probably not going to need more than 3 domain names.


Use only one Domain per site

From a google indexing perspective, you should never have more than 1 domain pointing at your site anyway else you will get penalized for duplicated content. I know it is tempting to point all your domains to a single site, but as much as I read, this is a very bad idea. FYI


Here is a screenshot of the managing the Environment and one of many of the metrics that you can look at. They have about 5 different metrics from networking, performance etc, it is pretty cool and allows you break it down from 1 Hour, 6 Hours, 1 Day, 1 Week, 2 Weeks to see how it is doing


Overview of Metrics screen on AWS


Connecting to your Instance


Connecting to your instance is pretty easy. They take security in mind and show you how to setup a SSH tunnel. The HOW-TO articles are pretty easy to understand and pretty straight forward in the most part. Connecting, configuring is easy. It is setup with a bitnami image which is basically a preconfigured setup, so your username is bitnami, your home directories are all /home/bitnami. Apps reside in /opt/bitnami/apps and /opt/bitnami/apache2, so it is all relatively easy to find and access if you comfortable at the command line.




AWS really provides the simplicity in setting up a environment that belongs to you. If you do not sharing it with anyone else from a VM perspective, this is the environment for you. The environments do likely reside on shared infrastructure like the blade or piece of hardware you reside on, but the instance is 100% yours, you can do with it what you want. You can do ‘who’ and df and all they good stuff. I really think this is how web hosting should be today.


It may not be as cost effective for hosting companiues, but ultimately that is what I am looking for.  Hosting companies should not be forcing you to have prefixes in my databases (meaning my tables don’t have to begin with username_) which is just silly and makes writing or using already created scripts problematic.I do recommend you check out AWS and try it for yourself, essentially it is free to try and you can quit up to a month if it is not for you. If you want real true SSH access with no strings attached, this is the setup for you.


If you looking for a web hosting provider which is much simpler, then checkout BlueHosting as an alternative. Would love to hear the feedback around your bluehost experience.


Personally I am loving the AWS experience so far, I feel I have full control and access to my environment. Over it still concerns me with costs and what this will cost me, but this is the type of environment I want. No strings attached, I can connect via SSH, I can backup and copy my files from local machines OSX, Linux without any problems. I take backups all the files I have modified and updated just in case something happens or I need to move to another provider. 95% of my development has happened directly on my image and I don’t feel it is slow at all.


I will report back in the next few months what my 1 month and 2 month costs have been. As well as other technical articles about setting up. Backing up with your script and share with you what I do to keep up my environment up and running. Feel free to comment and ask me any additional questions or if you feel I missed anything in this article. Also feel free to recommend and I will update it or create a separate post should I feel it warrants it.


Thank you