JayAld

On 13/02/2019 at 3:06 PM, InfinityFree said:

Having some logs would be useful, but access logs on their own don't tell any conclusive information about CPU/EP usage, because they only tell which pages are being requested and not how much resources those pages take to load. Even unfiltered access logs are too simple to be useful.

Thanks for your thoughts @InfinityFree. My suggestion of basic Access Logs was based on my experience that, in the case of my WordPress site certainly, traffic appears minimal (handful of people an hour), and yet I see these spikes where the site uses 100% of a resource limit (there's no WordPress updates going on at the time). My feeling is that, given free hosting only supports small traffic volumes, Access Logs can be used to see what changed in that period as there's so little overall traffic. Hopefully this would help identify spikes in traffic from a search engine bot, or a particular (problem) page being accessed only in the day the resource usage was being hit.

Even better thinking about it, would be if the resource usage captured the full history . It looks like it updates every 15 minutes. Knowing at least the hour of the issue, would help site owners review the handful of traffic in that period within the Access Logs.

I appreciate iFastnet isn't going to want to spend a lot creating deep analysis for free sites, I was just shocked to be suspended for resource limits on a site with so little traffic, and to be told that there's no server based logs for me to understand what was being accessed at the time.

Happy to be a guinea pig if iFastnet fancy trying some logging out on my account.

Recommendation: Re-enable Access and Error logs on free hosting

Hi,

I've now had enough days with iFastnet to realise that the Daily Entry Process failure is super sensitive and a mystery to all.

I've kept an eye on it today... logging into Wordpress admin portal saw an obvious jump, maybe 25% of the daily limit from logging in and updating a few post tags. A few hours later however the graph jumped to the red line (using remaining 75% of todays allowance in one go, although CPU usage remains < 10% for the day). I get the impression that the graphs are updated every 15-30 minutes, so I don't believe it was my login that caused it, but something big happened (high process volume, but low CPU) in that short window.

I see others raising that they get suspended over this metric too. I raised it with iFastnet as a ticket, and pointed out that my Access and Error logs weren't working, so I couldn't investigate what any bot or user was doing at the time on the site. They replied that they turned off the Access and Error logs for performance reasons.

I get this is a free service, but without metrics, I don't think people are able to help themselves or iFastnet.

I recommend basic Access and Error logs are re-enabled, to help people understand their traffic. This would be particularly helpful to identify anything that causes sudden spikes in usage.

Jay

Hi,

Does anyone know of any way to investigate CPU usage on the free hosting solution?

I've just had my account suspended, and having raised a support ticket, they told me that the high usage was today. The graph is 24 hours behind so just shows I'm below the green line!

Any idea on what the CPU limit actually is, and whether there is a way to get any information that could show what caused the most usage? Feel rather blind to track down what they saw to suspend my account.

Jay

2 hours ago, himani said:

Hi @PCTipsGR

I tried using Cloudflare software inside CPanel and while enabling the feature for a domain, I got this error

CLOUDFLARE ERROR :An error occured creating a cloudflare user for you, the error was

The unique_id 'fa5_14591974' has already been assigned to a different user.

Can you explain what went wrong here and how I can solve it. Thanks

Himani,

From what I can see as a customer myself, it looks like the Byet CPanel system has a basic interface with CloudFlare that will try to create an account with your Byet login details. The issue is that it looks like your Byet username is already a username on the CloudFlare services. I too had an error setting up CloudFlare from the CPanel so did it directly myself....I assume you have your own domain name, I'm not sure if it will work with subdomains or not:

Just goto cloudflare.com, signup, then on the home screen, click "add a site", and add your domain name. Choose the free package (assuming that's all you wanted), and follow the steps to point your domain at CloudFlare.

Worked well for me, though must admit I'm not sure if you can do this for a Byet subdomain or not.

Thanks everyone for your help on this... I implemented CloudFlare last night, and turned on SSL, but turned off caching, to remove previous issues I've had with CloudFlare.

It's all looking good today! CloudFlare is using it's own certificate, which seems to be making all browsers I can test happy enough. On that basis, I'm not sure there's any point in getting a domain specific certificate at this time, I'll monitor and see if I find any weakness of letting CloudFlare worry about it for me (no renewal for me to worry about this way)!

I'll raise a couple of enhance ideas on the relevant forum, as its not great having to use CloudFlare for this, but I'm happy it means I no longer means I have to run insecure domains!

Thanks everyone, that was really helpful.

Hi Jazz,

Thanks for checking my site with your browser.

It maybe worth checking CloudFlare's configuration (and Googling your issue, as CloudFlare is popular so your issue maybe too :)). It maybe your certificate has only been applied to your main domain and not the WWW sub-domain... just a guess, but there may an option for each in CloudFlare.

Intermediate Certificates are just the ones "in the middle". Browsers have a set of high level trusted ones, and these are used to "sign" other certificates which may in-turn be used to sign ones below them again. For security and logistics, end customer site certificates aren't signed by the high level ones... there's effectively a chain of certificates (like a baton being passed in a relay race) if that makes sense... so my certificates are a couple of layers off those my browser trusts... the ones in the middle are "intermediate certificates", needed to prove that my certificate really has Comodo's signature!

18 hours ago, PCTipsGR said:

Hi Jay and welcome to the forums!

You can use CloudFlare's SSL (by activating CloudFlare from either the vPanel or by transferring it to their nameservers).

Also, most browsers, including the latest versions of Chrome, Firefox and Opera, do not need the CA Certificates to trust a website so you shouldn't have problems. Could you post a screenshot?

Thanks PCTipsGR, I appreciate the welcome!

I've found CloudFlare to really mess with site metrics in the past, due to it's own cache of the site, so was planning to avoid if I could. Certainly an option I'll consider again though, as visitors need to be able to get to the site ideally 

I attach a screenshot of the first site I migrated. It's fine in Chromium (the engine behind Chrome), but Firefox doesn't like it due to SEC_ERROR_UNKNOWN_ISSUER ("Peer’s Certificate issuer is not recognized"). I won't post the mobile view, as you'll notice I'm a Linux man, and my mobile (running LineageOS) throws no error, just won't visit the site. Firefox is the bigger concern, though it would be interesting to hear what results others get from iOS and Android (site is findamanandvan.co.uk) as mobile visitors are 80%+ of the traffic normally.

Still baffled as to why Byte don't just installed all immediate certificates for LetsEncrypt and Comodo, given they are the obvious providers many will be using. I imagine premium customers will slowly demand they add them over time, which will cost them more than doing a planned upload now.

Jay

Hi,

I signed up last night for the free hosting, and have migrated a couple of domains today. Just wanted to see if anyone has managed to successfully use SSL on the free hosting.

I read up about the LetsEncrypt block after having issues with that, so tried Comodo's free offering instead.

I've got the Comodo certificate installed which works on some browsers nicely, but am seeing issues with other browsers (including an outright refusal to visit on my phone) for security reasons. These are caused by the server only having the certificate and not intermediate ones (to link my certificate cleanly to the trusted certificates the browser holds). The server is missing these:

Sectigo RSA Domain Validation Secure Server CA
Fingerprint SHA256: 7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676
Pin SHA256: 4a6cPehI7OG6cuDZka5NDZ7FR8a60d3auda+sKfg4Ng=
RSA 2048 bits (e 65537) / SHA384withRSA

USERTrust RSA Certification Authority
Fingerprint SHA256: 1a5174980a294a528a110726d5855650266c48d9883bea692b67b6d726da98c5
Pin SHA256: x4QzPSC810K5/cMjb05Qm4k3Bw5zBn4lTdO/nEW/Td4=
RSA 4096 bits (e 65537) / SHA384withRSA

I raised a ticket with support, but just got a reply back saying "intermediate certificates are not supported on free hosting".

This obviously now draws into questions whether the free package is usable, given HTTPS is a must for security (and search engines will downgrade any references without it), and I can't run a certificate on my site that results in some browsers blocking the site completely. Has anyone found a provider where Byet servers have all the intermediate certificates they needed?

Jay