• GoDaddy Community
  • VPS & Dedicated Servers
  • VPS & Dedicated Servers

    cancel
    Showing results for 
    Show  only  | Search instead for 
    Did you mean: 
    Helper II

    Suggestion for improving GoDaddy's VPS...

    Hello,

    If this is the wrong sub-forum, I apologize.  Perhaps someone could point me to the correct sub-forum.   I have an issue that I'd like addressed.   I had tried calling tech support via the telephone a few months back and it was extremely frustrating.   The tech support person I talked to (late at night) didn't understand my issue but felt that they did.   They essentially tuned me out because of this.  Every time I tried explaining it, I believe they felt they knew what my problem was and just decided not to listen because of that.   It was very frustrating.

    I run ConfigServer Security & Firewall.   This program integrates nicely with cPanel, which comes with my VPS.   It has some nice features and it's free.   It adds a few extra layers of security and is extremely powerful, to the point where even the cPanel support team are aware of it.   The GoDaddy tech support person I talked to had never heard of it.   When I go to install, I run a perl script that's included with CSF.   The perl script checks for the needed iptables modules to see if they're available.   Unfortunately, this is where the problem is.  GoDaddy does NOT have all the available modules enabled.   This is the command I run and the response I get:

    Testing ip_tables/iptable_filter...OK
    Testing ipt_LOG...OK
    Testing ipt_multiport/xt_multiport...OK
    Testing ipt_REJECT...OK
    Testing ipt_state/xt_state...OK
    Testing ipt_limit/xt_limit...OK
    Testing ipt_recent...OK
    Testing xt_connlimit...OK
    Testing ipt_owner/xt_owner...OK
    Testing iptable_nat/ipt_REDIRECT...FAILED [Error: FATAL: Module ip_tables not found.] - Required for MESSENGER feature
    Testing iptable_nat/ipt_DNAT...FAILED [Error: FATAL: Module ip_tables not found.] - Required for csf.redirect feature
    RESULT: csf will function on this server but some features will not work due to some missing iptables modules [2]

    Those last two iptable modules are important.   ipt_REDIRECT and ipt_DNAT.   csf.redirect is extremely useful.   I will give an example.   Let's say someone goes to my website and hits the refresh button multiple times really quick like.   CSF will think that this is a synflood attack and block the attacker.   They will never be able to go to my domain at all, unless I unblock them.   If I have the csf.redirect stuff working though, instead of blocking them, I can redirect them to a page saying hey, you've been permanently blocked from this website.   If this is a mistake, please e-mail me at blah.

    For some reason, the tech support person thought I didn't know how to use iptables and said I had two choices essentially.   I could get rid of my server or hire GoDaddy to set it up for me.   I tried explaining this is something I have no control of.   I needed the tables enabled at the main node, not inside the VPS.   He talked to a few people, did some internet search and suggested I run ismod.   Right there shows us that he doesn't really know what he's doing because I feel anyone who's providing support for Linux should know the command is actually lsmod.   Needless to say, as expected, it showed no modules loaded.

    There's a website located here: http://hasibul.info/blog/2014/08/08/configserver-installation-iptables-problem-in-openvz-or-virtuozz...

    It's meant for providers like GoDaddy and gives them instructions on how to enable the various modules for CSF on the main node.   I would like to know if the missing modules could be enabled and if not, why not?   It would suck to have to switch providers because of a few missing modules, but I don't think it'd be fair to users to block them because they accidently did something wrong and CSF mistook it as a malicious activity.

    Thanks!

    6 REPLIES 6
    Employee

    Hello @SporkSchivago.

    I'm sorry you had that kind of experience with support. This is something our Server Support team would need to check on the server itself to see if those modules are installed. I'd recommend reaching out directly to server support. They can raise a ticket to see if those modules are installed or not. If they're installed, they can be enabled.

     

    Heather - GoDaddy | Community Moderator
    24/7 support available at x.co/247support

    I was able to get a hold of GoDaddy via chat and this time, the support was excellent.   They got a hold of the admins and gave me a reasonable explanation as to why those two modules aren't enabled.   If I understand them correctly, the kernel's default configuration doesn't have those two modules enabled by default.   The kernel would have to be custom compiled.

    That was my understanding at least.

    Thanks for the help!

    Helper I

    Hi 

    Why there is no custom storage options for godaddy VPS hostings?

    Like if we require more disk space on VPS hostings why there is no option to add it?

    http://services.vintagepornbay.com Editor

    It's sad, but I can't even use iptables in my VPS! This is very bad for GoDaddy.

    I tried to contact support by chat, but they are useless. Already tried to destroy & provision fresh new VPS, still the same. Looking for solutions, I found that GoDaddy uses OpenVZ and needto enable some kernel modules ate OpenVZ level to make this work. The problem is that support doesn't understand that! I dn't want support to configure my iptables, just enable modules at OpenVZ so I can use my iptables!

    This is the page that describle this issue: http://stallion-theme.co.uk/godaddy-vps-review/comment-page-1/#comment-48469

     

    I just need GoDaddy to enable these modules:
    ip_tables
    ipt_state
    ipt_multiport
    iptable_filter
    ipt_limit
    ipt_LOG
    ipt_REJECT
    ipt_conntrack
    ip_conntrack
    ip_conntrack_ftp
    iptable_mangle

    New

    Isn't it great how they mark it solved - yet it's not.

     

    I cant tell you how long I've been with Godaddy. It's been a long time!!

     

    But issues like these should be resolvable and we should have the best available resources to protect our server - doing the work ourselves. Not paying each time there is an issue.

     

    Sorry for the rant - Support is always gracious and nice and for the most part effective but not always

    Dealing with this issue now. They have completely removed the Server Support team. I attempted to ask these questions of support, and I was told "I've been here 3 years, and I've never heard of iptables, which means we don't support them" or something to that effect.

     

    Definitely moving my server when time comes for renewal.