Managed ASP Web Hosts?

maumedia asks: "I'm hoping someone can help me here, as I'm nearing frantic on this issue. I need a good Windows/ASP managed host -- a company that will manage/troubleshoot a dedicated server for us. My research has turned up either shared hosts, or dedicated hosts, and not very much in-between. If we're not ready to hire a sysadmin and pay for our own backbone, but we've outgrown the massively-shared hosting system, where can we go? I'm really hoping for an answer that doesn't involve a move to PHP/Linux, as it makes much more sense to us to utilize the resources we have at hand."

ASP on Linux

[delirium+of+disorder]

I can't recommend a specific provider, but I would like to point out that moving to Linux does not mean abandoning your ASP code. Java System ASP is cross platform; you can provide ASP content using a Linux, Windows, Solaris, or other *nix server.

Re:ASP on Linux

[mkiwi]

I recently migrated a legacy ASP server in my company (previously all Windows and Cisco servers/firewalls) to a Linux box and have had no problems. If you need ASP .NET support on Linux then you're SOL, but as far as VBScript goes (ugh) it will run fine. You can also use your existing Access databases (which I assume you have) by connecting across the network. Sun's solution works, and I believe there are a few more implementations out there if you so wish to try them.

Really though, you should migrate to a more powerful programming language like Java, Perl, or PHP. You won't understand now, but when you get the order to build a huge website later on you will thank the gods that you went for one of those solutions.

Re:ASP on Linux

[imemyself]

If you need ASP .NET support on Linux then you're SOL,

That's not entirely true, mod_mono can do atleast some ASP.NET stuff on Linux. It may not run everything, but you're not totally SOL, especially if you can tweak the ASP.NET code to make it run on Mono.

Re:ASP on Linux

[Billly+Gates]

Not to start a flamewar but .NET was designed for vendor lockin as a solution to Microsoft's threat with Java Enterprise edition.

Mono is still alpha depending on which libraries you use. Does it even support winforms yet? .Net 2.0 is coming with VS.net 2005 and Mono has still not caught up with VS.net 2003.

C#.net is a great technology. Especially if your an MS shop that needs MS integration with win32 apps for your intranet servers.

But cross platform it is not and its a MS technology just like win32 is, though you can have limited success with wine.

Just use Windows. If the server is cracked its the ISP's problem. Not yours if you outsource the server.

Re:ASP on Linux

[batkiwi]

What does windows.forms support have to do with ASP.NET?

Re:ASP on Linux

[SanityInAnarchy]

Not to start a flamewar but

You just did. It wouldn't hurt to do a little Google research, as most of the things you say are so untrue that I'd mod you -1 Flamebait/Astroturf if I had the points.

Does it even support winforms yet?

Yes.

.Net 2.0 is coming with VS.net 2005 and Mono has still not caught up with VS.net 2003.

Most of the 1.0 code is complete. 2.0 isn't complete, but what's implemented should work.

But cross platform it is not and its a MS technology just like win32 is, though you can have limited success with wine.

I'd hardly call 4210 applications "limited". Now, I have no clue how many of those work, or work well without tweaking, but between Wine and Cedega, I rarely run into legit apps that don't work. Of course, tools for pirating stuff like Daemon Tools causes problems...

But maybe try it before you knock it? Recent Wines are actually getting pretty damn good. It's amazing how often I'll just download some random free app off the Internet and have it work flawlessly.

More importantly, are you familiar with the history of Linux? Unix was as proprietary an OS as they come, yet they actually published APIs and stuck to them. The GNU people were essentially doing what the WineLib people are doing -- reimplementing the APIs. They weren't shooting for binary compatibility, but they wanted people to be able to take any Unix program and, with a minimum of tweaking, recompile it for the GNU system.

And really, you don't need 100% compatibility. Getting 99% compatibility probably means you get 99% of people able to switch to Linux, which means the 1% stuck on Windows are about as relevant as the 1% currently stuck on DOS.

Mono is even easier, because it was designed to be cross-platform. The actual, official Microsoft .NET code has been ported to Linux, so we know it can be done. And no sane opensource person is afraid of it because it's Microsoft's tech -- if it comes to that, we can always fork it. The fact that it was designed by an evil/incompetent corporation doesn't necessarily mean the tech was a bad idea. Think about it -- how relevant is the original AT&T Unix compared to Linux these days?

Just use Windows. If the server is cracked its the ISP's problem. Not yours if you outsource the server.

I wouldn't count on it. If the server is cracked, the "ISP" (hosting provider, most of them don't sell Internet access) certainly has a problem. But who's going to answer why you went with that provider?

Re:ASP on Linux

[toadthetoad]

I've been with Brinkster for 4 or so now and I have never had a single problem. Their services are top notch including helpful FAQ's, code samples, great forums, and LIVE customer online or phone support. They are incredible. They offer both Windows or Linux services with just about every feature you could possible ask for. http://www.brinkster.com/

Re:ASP on Linux

[hey!]

And really, you don't need 100% compatibility. Getting 99% compatibility probably means you get 99% of people able to switch to Linux, which means the 1% stuck on Windows are about as relevant as the 1% currently stuck on DOS.

Not to denigrate what was otherwise a magnificent rant, but it could also mean that a 100% of the people get their applications to work 99% of the time, the 1% constituting what is technically known as an "intolerable pain in the ass".

WINE is supririsingly good. But until vendors start testing their software releases against it, it's not going to be good enough to bet your business on.

Re:ASP on Linux

[Billly+Gates]

Winforms is still not complete and Linus Torvalds recommends win32 users to use Windows instead of wine on Linux. Infact he used MS Office on windows exclusively at Transmeta and refused to touch wine.

Dont drink the koolaid. C# is an excellent language but I would not bet my job on a cross platform web site with it. For that I would use java or php. ASP.Net is a great Windows based solution and I have not seen one single application that is available for Windows and Unix written from teh same codebase in .NET. How many ASP.Net websites have you seen that use Mono on Linux?

Basides for a few utilites from Mono I would be very skeptical that this is more as a way to fool developers into writing for mono only to be trapped into win32 later. This happened with VMS as it supports a limited win32 api and many developers ended up going to NT.

Also Unix is open and documented and Windows and .NET is proprietary. Oh yeah its ISO compliant bla bla. But what about the libraries for APS.NET? Proprietary.

Re:ASP on Linux

[SanityInAnarchy]

it could also mean that a 100% of the people get their applications to work 99% of the time, the 1% constituting what is technically known as an "intolerable pain in the ass".

This is true. It's also possible that 99% is good enough. It depends what your business is, but let's say you can do everything in Office but save a Word doc as HTML. Fine, you're on Linux already anyway -- have Beagle or a Cron job run a WordML-to-XSLT converter. Or have it done when you upload it.

Even without programming, I've found that many people have a 1% "intolerable pain in the ass" with their current OS anyway. Most of the Windows work systems I see are so intolerably clogged with spyware that I'm surprised they run at all. Thus, a 1% intolerable-pain-in-the-ass on Linux may be tolerable, because all else being equal, there's always the free-as-in-beer, no-molesting-our-users, free-auto-updates-forever.

WINE is supririsingly good. But until vendors start testing their software releases against it, it's not going to be good enough to bet your business on.

Until people start using it (and betting their businesses on it), vendors won't start testing their software releases against it.

Fortunately, IT departments should already be prepared for exactly the kind of problems Wine might have. You'd have a Windows image on demand, in case it crashes intolerably. You have automated incremental backups, in case data gets obliterated. And remember, it works flawlessly 99% of the time, so this may actually be an acceptible amount of work, considering your other savings.

It also means you can call up their company and bitch until they test their releases against Wine, at the very least. (Not like it's hard to fire up Knoppix every now and then.) Maybe you can even get a Winelib build, or a full port.

But remember, in a chicken and egg situation, one of you has to change -- you or your software provider -- and the only entity you can force to change is yourself.

Re:ASP on Linux

[SanityInAnarchy]

Linus Torvalds recommends win32 users to use Windows instead of wine on Linux. Infact he used MS Office on windows exclusively at Transmeta and refused to touch wine.

Citation, please? Oh, and how long ago was he at Transmeta? Wine has been getting much better lately (past year or two), and so has OpenOffice.

Dont drink the koolaid. C# is an excellent language but I would not bet my job on a cross platform web site with it. For that I would use java or php.

And I'd use mod_perl or mod_python. Point is, if you've already got a C# codebase, better to give mod_mono a shot, rather than calling it koolaid right off the bat.

Also Unix is open and documented and Windows and .NET is proprietary. Oh yeah its ISO compliant bla bla. But what about the libraries for APS.NET? Proprietary.

Which is why I only use the bits of Mono that are actually open and documented. Believe it or not, this isn't a huge problem -- I'm writing a game, so all I really need (so far) is SDL/OpenGL.

Think of it this way -- it's easy to bind to C, so it's at least as open as C. But unlike C, it's compile-once-run-anywhere. That means most of the porting work has been done for you (just like C), but in the code you're writing yourself, you don't have to be nearly as careful as with C.

But again, if you've got an existing codebase in ASP.Net, you may as well try Mono first. It's a hell of a lot easier to try that and fail than to try writing it in PHP and have to scrap the project halfway through because of how much PHP sucks.

Sorry, I should replace PHP with *exciting new language*, so as not to start any religious flamewars. It's just that WordPress has been pissing me off lately, and it's not the limitations of WordPress that are the problem.

I'm confused!

[CaymanIslandCarpedie]

You say you need a dedicated hosting, but can only find shared and dedicated hosting. Isn't the second of those what you want? Seems everywhere I look offers what you are looking for unless I'm misunderstanding something. GoDaddy.com offers ASP/ASP.NET hosting as either shared, dedicated, or even dedicated virtual servers. I'm confused I guess on what your looking for.

Re:I'm confused!

[Bitsy+Boffin]

Submitter wants a fully managed dedicated server - essentially a dedicated server that is looked after by the host just like a shared server would be. Most dedicated servers are not fully managed.

If I were submitter, I'd be asking the host they are with now if they can supply a dedicated server and do all the management on it, at what cost.

Re:I'm confused!

He doesn't want a dedicated server, he wants a managed server that isn't shared typically referred to simply as a "managed server". There are still lots of hosts that do this if you just know what word to use in your search. The word of course being managed.

Anyway, the proper place to ask or research this topic is web hosting talk as the whole site is dedicated to this topic. There are reviews, special deals, etc. Often you get tech support, owners, and other members of the hosting companies themselves posting on those forums.

Good Luck

[Foofoobar]

Not to be a negative Nancy but since Apache is 70% of the market (not including domain parking), it's not really a profitable area for people to do managed hosting for such a small market. It's funny because I get this same run around from people when I tell them I run Linux... but in this case, the reverse is true; LAMP (linux, apache, mysql and php) are the standard that the web revolves around and having gone with ASP and IIS sort of leaves you in a bind.

Honestly, I can also say that it is not going to get any better. More and more hosting companies are lowering their IIS support do to the costs it incurs and mainly because a LAMP architecture can host more domains with fewer resources, lower costs and lower amount of day to day maintenance.

Maybe PHP isn't your best bet and maybe you'd like to even try Apache Tomcat instead of Apache but honestly, it is in your companies best interest to move their architecture over to something more commonly used in order for them to lower their costs in the long run and take advantage of a larger and cheaper employee pool.

Re:Good Luck

[boldtbanan]

Um, 30% of the market is still an astronomical amount of webhosting. And most of that 70% is geared toward extremely basic static pages because it's so cheap to host basic stuff on a free platform. On the other hand, I'd be willing to bet that a larger chunk of the 30% is geared toward production ASP/ASP.Net hosting for the same reason.

Re:Good Luck

[CastrTroy]

This is true, but if you have a lot of code already written in ASP, then it can be hard to move to PHP. However, I'm sure all the functionality is there, and that it can be done. There's probably even some automated tools that could switch all the code for you. But then what. You're current developers will not only have to learn PHP, but have to learn how to use it effectively enough to support your new application. Retraining everyone can be costly and time consuming. Also you can't get rid of these people, because they know the logic of the application, its ins and outs, and are very valuable to your company. Although I think they should try to get away from ASP. That's super old technology. It has many problems that will help them in the future when they want to expand their business.

Re:Good Luck

[ScentCone]

I agree that uprooting the technology just to make shopping for hosting doesn't make much sense - especially if things are working, right now, with people that are using and maintaining it. However:

Although I think they should try to get away from ASP. That's super old technology. It has many problems that will help them in the future when they want to expand their business.

I don't know if you can say, without knowing more, whether ASP is inadequate for their use. A healthy, well-designed ASP app can accomplish a lot, and can run in an n-tier load-balanced environment, complete with all sorts of SOAPy stuff, etc. "Super old" isn't, by itself, a bad thing. Think PERL, or... wheels.

Re:Good Luck

[Billly+Gates]

The phb's like integration and think going with an all MS solution can somehow save them money. Especially with a MS salesmen selling IIS and .NET.

So the geeks are usually told what to use and to do it. Also believe it or not an MS solution can be the appropriate one. It can integrate with access and w2k domain logins nice.

Re:Good Luck

[Planesdragon]

Not to be a negative Nancy but since Apache is 70% of the market

Apache is 0% of the market. IE, Firefox, and their peers are. When you sell webhosting you aren't selling a product -- you're selling space on mall, and virtually no one cares if you use FedEx or UPS to get your books to your store, so long as they're in English (HTML) when they get them.

In contrast, if you write for Linux, you CANNOT just give your app to Windows users and have them get as much out of it as Linux users. (While if you write for Firefox / Apache, you CAN get the IE user to pick it up and use it. Same for most IE / IIS / ASP pages going to FIrefox.)

Re:Good Luck

[Foofoobar]

Not even 30% and the gains made ever so recently were due to deals made with hosting companies doing domain parking... not ACTIVE sites. I'd be willing to bet that basic sites still get more hits than a parked domain anyday. :)

Any web server can handle a parked domain that gets no traffic.

Besides lets not forget the last time Microsoft made a big push with IIS; tons of people switched then too and they actually had 35% of the market. Thats when people realized that their servers couldn't handle the load and crashed all the time and switched. In under 5 years, they lost all the gains they made.

Why do you think they are making bargains with domain hosters of parked domains? They can't handle the load.

You can spin it anyway you want but the fact still remains that Apache is far better, far faster and far more secure than Microsoft has ever been... which is why they have always had the market.

Re:Good Luck

[Foofoobar]

All web servers and lanmguages can. LDAP is an open protocol. We run a LAMP architecture at work that I integrated with the Windows network logins.

Re:Good Luck

[Foofoobar]

Your metaphor is mixed. If you choose to compare the web to delivery of packages, then Firefox and IE are method for accepting that delivery; little more than mail slots in that since.

When a company wants to deliver that 'packet' (excuse the pun), the want a delivery method that is reliable, sturdy, inexpensive and a carrier that can handle the load of packages that they send on a daily basis. This decision is made by the business owner sending those packets... not the end user.

To the end user, this is all transparent.

But business is about reliable delivery, and if you can't deliver reliably, businesses will find someone who will. Because unreliable delivery means lost business.

Knowing that and knowing Apaches market share, who would you say is more reliable?

Re:Good Luck

[toadlife]

"...the fact still remains that Apache is far better, far faster and far more secure than Microsoft has ever been... which is why they have always had the market."

Better? What exactly do you mean by "better"?

Faster? Perhaps, but by who's measure? I've never seen a useful (yes, Microsoft's don't count as useful) Apache/IIS performance comparison.

More secure? Why do you think that? IIS6 has never had a critical vulnerability discovered for it. In the same time frame you can't say that for Apache 1.x and 2.x.

Since you claim that your assertions are "facts", I can only hope that you've got some "facts" to back it up, right?

Re:Good Luck

[ultranova]

Apache is 0% of the market. IE, Firefox, and their peers are. When you sell webhosting you aren't selling a product -- you're selling space on mall, and virtually no one cares if you use FedEx or UPS to get your books to your store, so long as they're in English (HTML) when they get them.

The bookstore manager cares. And the customers start caring if the bookstore rises its prices to cover the inefficiency of the delivery method, or if the store is closed every now and then because the deliveries couldn't be made.

Apache has a marketshare in the same way UPS has a marketshare.

Re:Good Luck

[Planesdragon]

Knowing that and knowing Apaches market share, who would you say is more reliable?

Reliability and Usability are not the same thing--and neither is market share. Apache has the size of the market it does because, more than other resons, the cost of an Apache box is hardware + setup, not hardware + setup + software fees. (And the fee to get anything as good as Apache is well more than the cost to pay someone to setup Apache.)

If there were NO reasons to choose IIS over Apache, we wouldn't be having this discussion. But there are, more even than IE over Firefox. ("because it works with MS Office", in case you're wondering about the latter.) And because there are things that IIS does, and people want their server to do, that Apache (or any other OSS app) doesn't do, there's a rather profitable market for IIS webhosting.

Re:Good Luck

[Foofoobar]

Reliability and Usability are not the same thing--and neither is market share.

So immediately you say reliability and market share don't matter? Well maybe if I didn't own a business or wasn't a government agency and reliability of my data from a known market leader didn't matter, then yes... those two wouldn't really matter. If all I worried about was sharing pictures of my family with others members of my family then yes. You are 100% correct. If having a website that only got hit by 5 friends, then yes. reliability isn't that big of a deal.

Apache has the size of the market it does because, more than other resons, the cost of an Apache box is hardware + setup, not hardware + setup + software fees

Cost is the only REASON? Well yes, when you take reliability out of the equation, that is true. If you don't consider how reliable Apache is, then price would be the OTHER reason why it has such a high market share.

But now lets say I'm insane. Lets assume that as a company or government agency, I LIKE having my web server crash and get hacked regularly. And lets also assume I want to pay for the privilege of having my machine die under the load of a couple hundred hits and have viruses plague it on a regular basis. Who would I choose then?

...because there are things that IIS does, and people want their server to do, that Apache (or any other OSS app) doesn't do, there's a rather profitable market for IIS webhosting.

So there you have it folks. Apparently, people DOI like having their websites hacked and crashing. Apparently the rest oif the market has been wrong this whole time.

Thank you kind sir, Thank you for showing us the truth. I myself know that I look forward to my site crashing regularly now that you have made me so aware of what fun it is.

How could I have been so so very wrong for so long? DAMN YOU RELIABILITY AND LOW COST!!! Do you not realize that as consumers, we like to pay high prices for crap??

Re:Good Luck

[Foofoobar]

Faster? Perhaps, but by who's measure? I've never seen a useful (yes, Microsoft's don't count as useful) Apache/IIS performance comparison.

Meausre yourself. Apache doesn't have the same overhead. Use the exact same computer and install IIS on Windows. Do the same with Apache on Linux. Optimize them both as much as you want; for Linux, run without Xwindows and shut down all other unecessary services. Now see which handles 1000 concurrent requests better. You will find that the Apache webserver can run using 25-50% fewer resources. Windows cannot as it requires the GUI to be able to run, has several other services running that it can't shut down and cannot vitualize well nor fill as many requests as fast.

Try it if you don't believe it.

More secure? Why do you think that? IIS6 has never had a critical vulnerability discovered for it. In the same time frame you can't say that for Apache 1.x and 2.x.

How about a buffer overflow exploit? Doies that count?
http://lists.grok.org.uk/pipermail/full-disclosure /2005-April/033445.html

How about this long list as compiled by a Microsoft MVP?
http://msmvps.com/blogs/bernard/archive/2004/06/10 /7882.aspx

How about these honorable mentions as well?
http://www.aqtronix.com/Advisories/AQ-2003-02.txt (unannounced by Microsoft)
http://isc.sans.org/diary.php?date=2005-10-11
http://www.securityfocus.com/bid/9409

Oh really? Must we forget that IIS before that had vulnerabilities every MONTH that were so bad that it allowed several different viruses and exploits destroy any market gains they had made over 5 years??

Lets also not forget that it is IMPOSSIBLKE to run IIS without Windows and thus several vulnerabilities to underlying systems and DLL's caused IIS6 to be vulnerable as well. Look through the long long list of Windows vulnerabilities and you will find several that claim they affect IIS as well. Others you won't see even though hacks, viruses and exploits directly affect DLL's that it needs to run. Does Microsoft count that as a hack? Nope. It's to an underlying system that they consider Windows and NOT IIS (even though IIS would crash in a heartbeat).

And finally, let us not forget the long list of security experts that mention these exploits and only get them fixed AFTER a published exploit is released or after the security expert threatens to release the information to the public.

Re:Good Luck

[toadlife]

When I said critical I meant vulnerabilities that could cause the server to be compromised. IIS6 had never had any.

Now lets analyze your last post...

"How about a buffer overflow exploit? Doies that count?
http://lists.grok.org.uk/pipermail/full-disclosure /2005-April/033445.html"

Sorry, but that one does count because it's not real.

"How about this long list as compiled by a Microsoft MVP?
http://msmvps.com/blogs/bernard/archive/2004/06/10 /7882.aspx"

That list counts every vulnerability in Win2k3 since it was released, and is not relevant. IE/Media PLayer/Flash/SMB vulnerabilities cannot be exploited via IIS6.

"How about these honorable mentions as well?
http://www.aqtronix.com/Advisories/AQ-2003-02.txt (unannounced by Microsoft)
http://isc.sans.org/diary.php?date=2005-10-11
http://www.securityfocus.com/bid/9409"

Hmm. The first is a IIS5 vulnerability. Try reading past the first line next time.

The second one is not an IIS6 or IIS5 vulnerability. Not sure WTF you posted that for.

The third one is an Exchange Vulnerability. Exchange != IIS6

"Lets also not forget that....several vulnerabilities to underlying systems and Dlls caused IIS6 to be vulnerable as well."

Just because some dll or binary is vulnerable in Windows does not necessarily mean it can be exploited via IIS. You are grasping for straws here.

So lets sum your glorious rebuttal to my claim that IIS6 has had no critical vulnerabilities.

* You've posted a fake (Here's your sign!) vulnerability.
* You've posted a list of all of the vulnerabilities in Win2k3, and insinuated that they all can be exploited via IIS6
* You've posted two vulnerabilities that had nothing to do with any version of IIS, and one IIS5 vulnerability.
* You repeatedly brought up IIS5, when in fact I never brought up IIS5 and was specifically talking about IIS6.

Re:Good Luck

[Foofoobar]

Wow. Denial isn't just a river in Egypt is it?

1. you say #1 is a fake when it was patched before a exploit was published? If you say so. After all you know the inner workings of Microsofts patches better than security experts.

2. In link #2, They specifically explain where those explots affects IIS6. Feel free to read and follow links. You can read can't you? I'm beginning to doubt it.

3. Link #3 again specifically states IIS6. Again, you ability to read is lacking.

4. Bringing up IIS5 is important because people base opinions of current products on past experiences with older products. You unfortunately can never say this about Apache cause consumers have always been happy. Changes are made monthly, patches fixed in 24 hours, ZERO major vulnerabilities.

And if you don't want to believe me, they you probably don't want to believe the multimillion dollar companies that use this every day, the millions of Microsoft customers that switched from 2000 to current (check Netcraft stats) or the list of Windows vulnerabilities to this day (yes you still can't run IIS on any other server).

Yes, everyone must be so wrong and those stats must be inflated and you must be right and those vulnerabilities are all wrong and security experts are all wrong and everything is fine and dandy with Microsoft. Do you feel better now?

Re:Good Luck

[Planesdragon]

So immediately you say reliability and market share don't matter?

no. Please go back to grade school, and spend some time on reading comprehension.

The current version of IIS (6) is far better than the previous version (5) when it comes to just about everything. And while there are probably still a few holes here and there, the same is true of an Apache-based LAMP setup. Is IIS better than Apache, when it comes to serving static HTML or PHP? No, not at all. Is IIS more expensive, if you count the OS cost as well? Hell yes.

Does this mean that, as the grandparent post said, there's no reason to ever sell IIS webhosting? Hell no. Did I say that there was no reason to use Apache? No. All I said was that there are things that IIS can do -- namely, native-windows web hosting and ASP.NET -- that Apache cannot. And for a "webhost" -- not a company setting up their own server, but someone selling space to others -- ASP.NET is a big enough selling point to leave room in the market for it.

Oh, and btw -- low cost and reliability mean nothing if the job doesn't get done. A horse might never break down and be amazingly cheap, but you'll never get the USAF to use a horse to do a jet fighter's job.

Re:Good Luck

[Foofoobar]

You still neglect to talk about reliability. Apache uptimes are CONSISTENTLY 2-4 times greater than IIS. This is still true for 6. This is a dual problem of the OS and IIS... and since IIS is tied into the OS (yes there are DLL's loaded at runtime even if you are NOT running IIS), issues with the OS are often issues for IIS.

And sure, I think that there is a market for all web servers. I know of one still being sold using 'server side javascript' (no joke). But when you get something for free, that has better uptime, better security (you can sandbox Apache better), better virtual hosting, better online support and loads and loads of documentation plus the fact that you have the ability to modify it and extend it at will, why buy something that performs worse?

That is the question.

As to my reading level, if you didn't mean to imply something, learn how to write above a 3rd grade level.

Re:Good Luck

[toadlife]

You make too many assumptions about me. I administer both Apache and IIS machines. IIS5 was crap (I hated looking after those boxes), but IIS6 is decent. I've never had any issues with Apache. I'm just happen to not a zealot* like some other people.

And BTW. You should not talk about denial. That first exploit is not real. It was posted as a joke to troll gullible people like you. Why don't you actually read the exploit carefully, and if you're still not sure read the *reply* to the posting.

*like the fuckhead who modded my first post flamebait. Gee, I happen to have five mod points right now. Perhaps I'll find a story I don't care to post in and mod down opinions I don't agree with.

Re:Good Luck

[Foofoobar]

I'm just happen to not a zealot* like some other people...

In the face of overwhelming evidence, denial is still the default state. One must admire you ability to equate fact with zealotry. I salute you sir and the fantasy world in which you live.

Re:Good Luck

[toadlife]

"In the face of overwhelming evidence, denial is still the default state."

The only thing I've seen overwhelming evidence of, is that you don't have very good reading comprehension, you view open source software as a panacea, and you are a card carrying member of the ihatemicro$oft club.

"One must admire you ability to equate fact with zealotry."

I'm equating your denial of facts with zealotry. By posting exchange 2003 vulnerabilities and claiming that they are IIS vulnerabilities, you are not being honest with yourself. Should I post links to a ton of mysql and php and perl vulnerabilities and claim that they make Apache in insecure? No of course not. Even though Apache would be the prime avenue of exploitation for the above vulnerabilities, that would be dishonest as they are not really problems with Apache. I've meticulously destroyed every single one of your points by pointing out obvious errors ([b]the proof being in the very links you posted![/b]) in them, and instead of addressing my points you've replied with a post reeking of faux confidence saying that I'm a zealot and living in a dreamworld.

Oh, BTW, are you finally going to admit that you were duped by and posted a fake vulnerability? For all the talk you spew about denying facts, I would expect you to jump right out and acknowledge such an obvious blunder.

Re:Good Luck

[Foofoobar]

The only thing I've seen overwhelming evidence of, is that you don't have very good reading comprehension, you view open source software as a panacea, and you are a card carrying member of the ihatemicro$oft club.

...and because you can pigeonhole and troll, it must mean that facts don't matter. I may have flaws with my reading comprehension but IO at least make up for it with my understanding of logic and the ability to detect dubios logic. Sadly, the fantasy world in which you live would crumble to the house of cards it is should you accept what business and governments around the world have already come to understand.

They say that ignorance is bliss. You sir must be one blissed out individual. :)

Re:Good Luck

[toadlife]

You are confusing me now. You say that I live in a 'fantasy world'. That would imply that I've said and believe something that is not true. What have I said that is untrue? My main point has been that IIS6 has never had any serious vulnerabilities since it was released. Is secunia living in a fantasy world too?

Re:Good Luck

[Foofoobar]

You are confusing me now. You say that I live in a 'fantasy world'.

Someone get this man a cup of coffee! I think he's regaining conciousness.

My main point has been that IIS6 has never had any serious vulnerabilities since it was released. Is secunia living in a fantasy world too?

And from that webpage...

The Secunia database currently contains 0 Secunia advisories marked as "Unpatched", which affects Microsoft Internet Information Services (IIS) 6.

Recognize the word 'unpatched'? Notice that it does not say 'has zero exploits'. It says zero UNPATCHED. Now you are a semi-intelligent ape being with relatively few scabs on your knuckles. What do you suppose they are trying to say? Hmmm... I wonder.

Why not trying out others security experts websites? I'll bet you'll find that IIS is affected by other exploits as well. Gee, didn't I say this to begin with? And didn't you say they had ZERO?? And didn't you also say none that were critical???

I love the fact that you are doing my work for me by showing how wrong you are but dude... have some pride. At least do the Microsoft thing and deny deny deny even in the face of overwhelming evidence.

I'd hate for you to have integrity this late in the game.

Re:Good Luck

[toadlife]

"Notice that it does not say 'has zero exploits'."

Do not put words in my mouth. I never said that IIS6 had no vulnerabilities. I said it had no critical vulnerabilities. The highest rated vulnerability listed on that secunia page is listed as moderately critical - It only poses a DoS threat. By critical, I simply meant none that could lead to the server being compromised. I actually clarified that point waaaaaaay back in this post, but apparently you missed it. You missing things seems to be a common theme.

"Why not trying out others security experts websites? I'll bet you'll find that IIS is affected by other exploits as well. Gee, didn't I say this to begin with?"

Secunia is a pretty well respected resource in the security community. Are you saying there are other known vulnerabilities for IIS6 that secunia doesn't have listed? If so how many do you think they are missing for Apache 1.x and Apache 2.x. I hope not many as both versions of Apache have had quite a few more vulnerabilities (two of them "critical" by my definition) discovered than IIS6 in the last three years.

Yes, you attempted to find other vulnerabilities, but you failed. but all you found was a fake vulnerability, and a few that were not actually IIS6 vulnerabilities. Yes, you found some vulnerabilities that could be exploited via IIS6 (like the Exchange one), but the fact remains that they were not native components of IIS6 - just like php/mysql are not native components of Apache.

Re:Good Luck

[Foofoobar]

Do not put words in my mouth. I never said that IIS6 had no vulnerabilities. I said it had no critical vulnerabilities

And when I pointed them out, you casually dismissed them. Even though they WERE vulnerabilities, some of which were critical and ALL of which had an effect on IIS.

But that didn't count cause I stepped over the line and it was a Tuesday and you had your fingers crossed... right?

Re:Good Luck

[jbplou]

Your on crack. There are managed web hosts all over the place for Windows/ASP/.NET I could post a few but everybody can use Google. Most major hosts over both. Also Apache has 70% because of domain parking.

Re:Good Luck

[unborracho]

Unfortunately I don't have enough mod points do mod you both down -1 trolls on all of your posts.

A few choices..

[T-Ranger]

Look at the top of your screen. Ive been seeing rackspace banner adds for a decade. In the Internet world, that means something. Go with them, or one of their high-volume cookie cutter competitors.

A better choice might be a local "solutions" company. They might not have backup generators, or n+1 AC units, but there are plenty of places better then your closet.. If your in a city with, say, >500,000 people then you have at least a couple of consulting shops who would do hosting. Their "management" might be only monitoring, with time/materials for actual responses/requests. With an SLA that clearly states what is their fault, and thus part of the monthly bill, then even if you get hit for $100/hr calls, they will be minimal, and worth it. With more-and-more VMWare hosting partners popping up, the hosting itself could be very minimal.

For something that is "important", and by that I mean making money for someone, I couldnt recommend shared hosting under any circumstances. Rackspace somewhere will almost definitly be cheaper then a last-mile connection with a good SLA.

well... to be obvious...

[moochfish]

it just seems to me like you guys are being stubborn about going the route you should be going. If you've out grow the shared environment,it's time to contract a sys admin. there are plenty out there that are willing to work on a contract basis.

That said, i've encountered data centers that have system administration services for an additional cost. I would suggest you start by talking to your data center and see if they offer this service or if they know of contacts you can talk to. If they don't do it, then they've only got to gain by referring a friend that wouldn't mind administrating if it means you might pick up your server and leave.

Re:well... to be obvious...

[CastrTroy]

There's lots of sysadmins out there. The problem is finding a good one. I know lots of people who do sysadmin work. Even Microsoft Certified Systems Admins. A lot of these people have no idea what they are doing. A good sys admin is hard to find, and they are expensive. Not only that, if you aren't a sys admin yourself, then it's hard to interview one and really get a sense if they really know their stuff. I'm not aware of any agencies that will conduct interviews for you for positions you don't know how to fill. How do you interview an accountant when you don't know anything about accounting?

Re:well... to be obvious...

[ScentCone]

Not only that, if you aren't a sys admin yourself, then it's hard to interview one and really get a sense if they really know their stuff

Yes. And using an outside agency to find, interview, and recruit said person is going to cost you more, just once, than a whole year of co-lo hosting of a box and some periodic rent-a-brain time from a pro.

Rackspace

[beavis88]

Fairly expensive, but they seem to know what they're doing, and most importantly to a company like mine without lots of dedicated tech staff, they give a damn about solving your problems quickly and correctly.

Re:Rackspace

[yddod]

I totally agree this parent. Having been a Rackspace customer for over 3 years, they are nothing but fanatical! They never cease to amaze me when I need to call and ask a question. They are worth every peny for sure. We currently have 5 servers hosted behind a load balancer and the transition to this setup was flawless. Rackspace is literally another employee in our company. With the level of Rackwatch support that we have, I get emails/sms AFTER they have fixed the problem and before I even know it happened!

Re:Rackspace

korksoft.com

- Rackspace are on WAYYYYY to many RBL because of the amount of spam that comes out of them. korksoft have a "spam from us and your host is toast" attitude...

Maybe

[Kawahee]

Maybe www.2advanced.net might be up your alley.

Rackspace

[zburner07]

I would definitely recommend Rackspace. As part of my job I have dealt with them for several setups for both our own projects and projects. They're not kidding when they say that they have fanatical support, they've always been super responsive, given clear warnings about anything going on that might effect our service, and have proven extremely knowledgable. In addition to maintaining your server they are also very good at helping you grow and scale your enviroment as you need.

Rackspace is definitely not cheap but they are absolutely worth every penny and are perfectly targeted for your situation.

Sorry if this sounds like an ad but I truely have been amazed by my experiances with rackspace and will always recommend them to anybody in this situation.

Stay away from godaddy.com

[Billly+Gates]

Reason?

Go lookup last week's (or 2 weeks ago news) under the spam section here on slashdot? Godaddy has done some unethical things with leaving their sendmail relay's open and then closing your account and hijacking your domain for punishment for spamming even though someone else spammed by using their open relay under your domain name. Sleezy and could be expensive for several days of downtime while your legal team faxes threatening documents until your domain name is released back.

Even if you own your domain name its still not a company I would want to do business with.

I've used

[hsmith]

www.webhost4life.com and www.serverintellect.com. I have been happy with both. While not having used their dedicated services ( i went straight to colocation ), i have been more than happy with their shared/virtual services.

INetU

[Bill+Dimm]

We have been using INetU for 6 years and have been very happy with them. We are hosted on FreeBSD/Apache, but INetU offers Windows/IIS too. Tech support has always been very responsive (usually can get someone on the phone immediately) for FreeBSD, and the machines have been very reliable.

I am seeing red lights, alarms, sirens, the WORKS!

[diamondmagic]

One, you are asking a linux-based culture about windows and ASP. I could tell you ahead of time that it won't work.
Two, (Wait, I just thought of one. 1and1 is where I get my LAMP hosting, but reciently they have been doing Win2003 hosting.) ASP is not the industry standard, so seriously consider porting your code to work with ASP-on-linux or even better Perl or PHP on GNU+Linux. It will save you a lot of time in the end.

Seriously.

check out webhostingtalk

[WankersRevenge]

Though Slashdot does cater to the tech heads, I recommend you check out webhostingtalk.com being it caters exclusively to webhosts and webmasters with a gazillion members. Not only will find the answer to your question but you'll also have a good place to research any hosts hosts - sketchy or otherwise. I'm not affiliated with them, but I've found all my hosts through them. It's a great community. Good luck!

Re:check out webhostingtalk

[gbjbaanb]

This is the answer you are seeking.

Ignore most of the uninformed comments on /. about this subject - go to WHT and get a proper, considered answer from people who have your same issue. (and you'll get good, informed, unbiased answers from Linux users too)

Re:I am seeing red lights, alarms, sirens, the WOR

[pilot1]

I would _not_ recommend 1and1 for anything.
In my experience their support has been awful, even when the problem is their fault. I had a situation where they refused to place a bad hard drive (DMA suddenly stopped working), and finally had to move to a new host.

Re:I am seeing red lights, alarms, sirens, the WOR

[ONU+CS+Geek]

I'd stay away from 1and1 like the plague.

They completely lost one of my colocated servers, and pretty much told me to go screw myself in the process.

Then, had the audacity to send my account to collections because I didn't pay for the month of service that I didn't use.

Me

[xnixman]

I use and like goDaddy.

Cheap and reliable. They do Linux/php and Windows/asp.

Maybe Mosso?

[miller60]

Mosso uses server clusters lets you run both ASP and PHP on the same setup for $100 a month. No root access, but an interesting blend of features. Might be more accessible than VPS, which is the other choice between shared and dedicated. It's owned by Rackspace Managed Hosting.

MaximumASP

[backtick]

I've worked with folks who work at this place for years (No, I don't work there, thanks for playing *grin*) and they do good work. Been in business for several years, host several thousand servers (not just several k v-sites), and actually have people with a clue, a real 24x7 NOC, etc. They're who I recommend to people for ASP stuff. http://www.maximumasp.com/

Headhunters

[Kadin2048]

I'm not aware of any agencies that will conduct interviews for you for positions you don't know how to fill. How do you interview an accountant when you don't know anything about accounting?

Actually, there are lots of companies, small and large, that do just this. The proper term is usually "recruitment and placement firms," but most people just call them "headhunters." Basically you find one that specializes in your business area (technology, education, whatever) and explain to them the kind of person you're looking for, and they find you a person (for a significant fee).

They have sort of a mixed reputation generally (hence the whole 'headhunters' name), but in some cases they can really be a benefit, particularly if you have a high-value position to fill, and you don't have the resources to recruit and interview yourself (e.g., you only have to fill this position once every few decades or something).

Like most things in life, good ones don't come cheap though, so it all depends on what you want to pay for.

Servermatrix

[firegate]

I've hosted a number of various machines with ThePlanet through Servermatrix - they have some of the best pricing on the market and their backbone speed, network stability and uptime are comparable to a lot of the more expensive providers like Rackspace. They have managed solutions available for their windows servers last I checked.

HostMySite

Hostmysite will do a lot for you as far as helping you troubleshoot problems with your site. They're not there to write the code for you, but generally go beyond the average host

I am loathed to recommend a company that...

laid me off, but after the Dot.Bust I was eventually laid off by what is now known as Navisite (navisite.com) and they have always specialized in managed hosting for both Windows and *nix. When I was there up through 2003, they had more Windows admins than *nix admins.

AdHost!

[MikeSweetser]

I would highly recommend AdHost, a company in Seattle, which specializes in colocated and dedicated servers with great managed hosting plans. They have friendly and knowledgeable staff and in my experience have been very good to deal with.

Recommendations here are important for everyone.

[Futurepower(R)]

A company that is great at providing dedicated hosting will almost certainly be excellent at providing shared hosting. So, the recommendations here have a VERY wide audience.

Yes, it's probably time to get away from GoDaddy. People are reporting a lot of different areas of abuse.

--
The U.S. government is so superior that Arabs should be happy to be killed by it?

Daemon Tools

[Decker-Mage]

Off-topic but not off-reply. There are legitimate uses for tools such as Daemon-Tools. After buying my fourth set of Diablo II/LoD CD's, I got more than a little irritated and that is not the only copy protected game that I have had to replace over the years. Now I use Daemon-Tools and play from an image file on my hard-drive and if Blizzard or anyone else doesn't like it, tough. They have enough of my money already. I do not pirate.

I'm not surprised that Daemon-Tools doesn't work though on Wine given that it is a kernal level driver. There is a way around that if you can use iSCSI. Use a iSCSI initiator on the Linux side and something like StarWind on the Windows side to present the Daemon-Tools virtual CD to Linux. It'd be very weird, but it would work. [Why you would want to do that, I have no idea unless you have no, or s-l-o-w, Windows boxen and are running Daemon in a VM. REAL weird!]

viawest.net

Check out Via West. they are keen about providing whatever you want with the background to support it. viawest.net

Colocation - CyrusOne

[janvo]

I don't know what your geographic area and complete requirements are, but... buy a box, or two, or three, or four... and get a co-located setup with a provider such as CyrusOne. I am not associated with them in anyway but have done enough due diligence to know that these people are experts. http://www.cyrusone.com/

They have both Windows and *nix professionals on hand 24x7x365 and there's various levels of 'management'.

I hope this helps.

Brinkster seems amateurish.

[Futurepower(R)]

The Brinkster web site seems very amateurish to me. Look at the all caps: "TRAFFIC STATS (coming soon)". They don't yet have traffic statistics?

Re:Brinkster seems amateurish.

[outcast36]

I agree with you on that, they are lacking features that more established hosting companies can provide. I am however, a happy customer, and they will give you raw log access if you ask nicely, (or bitch & moan).

Meta-Obvious

[carpeweb]

If you've out grow the shared environment, it's time to contract a sys admin.

Isn't that what a hosting provider is? Don't the companies that offer shared, dedicated or managed servers "admin" them?

That might beg the question of what specifically a sys admin does, but that goes beyond the scope of this thread, maybe. Or maybe the answer to that would help define "managed" host.

Managed dedicated servers

What you're looking for is a managed dedicated server..

GrokThis.net is a pretty good host, they're Linux-centric and only advertise unmanaged dedicated servers, but they've worked out custom quotes for me in the past with management included.

As for ASP.. they offer Mono for ASP.NET hosting (on Linux), and they're very comfortable with Xen if you need Windows for something (such as MS SQL Server). You could install Sun's ASP engine if you need to support 'classic' ASP apps.

If you're not too scared of going down the Linux route, they can probably both provide the environment you're looking for, but also the management services you need.

Re:porting, asp, perl

I have been looking for a good asp.net host.

Oh yeah? Well I have been looking for an AMD to P3 adapter, and I don't want your uninformed zealotry about how this wont work and how I should buy a whole new motherboard. Everything else in my computer's set up for a pentium 3, and it'd take me days to swap out motherboards and hook things back up, so this is completely out of the question.

Meanwhile, maybe you should consider that the grandparent poster is right, regardless of what the submitter wants to hear, and whoever decided that the application was to be in ASP.net be sacrificed on a bloody altar so that the application can be rewritten in a language that people actually use in the real world. If there was a demand for ASP.net hosting, then why do you have to ask slashdot for asp.net hosts?

I know, you can start a company and host for yourself and the submitter. And whoever else eventually shows up.

Hébergement dédié

Hébergement dédié
Très bonne connectivité
Configuration performante à la carte
Haut débit
Bas coût
Très bonne qualité de service
Support technique extrêmement compétent
Aucune limite d'utilisation

C-Dedie !

good dedicated hosting site

[atomiczach]

I have been using 1asphost for a long time maybe three years now. I just use the free service, but I highly recommend them.