UPDATE 17JUN2015: Shanock.com no longer offers services to outside parties. This document remains published for the sake of retrospection.

Welcome to Shanock.com! This document is meant to introduce you to the basics of the Shanock.com server’s features. If you are already experienced with Linux, you may want to skim over this document anyway so that you know what you have to work with. If you are new to UNIX-like operating systems, the learning curve can be steep, but you don’t need a formal education to be productive.

 

  1. Introduction
    1. About this document
    2. About the server
  2. Shell access
    1. What is a shell account?
    2. Accessing the shell
    3. Familiarizing yourself with the shell
    4. Uploading and downloading files
    5. Accessing the virtual desktop via RDP
    6. Accessing the virtual desktop via VNC
  3. Using your email account
    1. Accessing your email
    2. Email forwarding
    3. Spam protection
    4. Virus protection
  4. Setting up a website
    1. Getting started
    2. Web hosting features
    3. Where files go
    4. Creating your own web pages
    5. CGI scripts
    6. MySQL Access
    7. Website Security and SSL
  5. Addendums
    1. Technical support
    2. Availability of service
    3. Legal issues

 

  1. Introduction

    1. About this document
      • This document uses technical terms and acronyms where appropriate. If you are unfamiliar with any, you can look them up on Wikipedia for a crash course. This document is not intended to teach you everything you need to know, but it will give you a good starting point to do research on your own. UNIX has been around for a long time, and there are plenty of online tutorials and guides to help you along.
      • This document assumes that your personal computer is using Microsoft Windows, that you are familiar with general computer terms (download, execute, taskbar, Start Menu, etc), and that you are familiar with navigating your operating system. You should know with how to set up the browser and email client of your choice. If not, please consult your software’s documentation or third-party guides.
      • A convention of this document, when instructing the reader to type a command, will format the relevant text in a monospace and bolded font. Such text should be copied verbatim (with the exception specified in the next sentence), including any quotes and symbols, with attention to case sensitivity (you may ignore underlines or colors). Another convention is to use username in places where you should substitute your own account login name.
    2. About the server
      • Shanock.com utilizes an operating system called Gentoo Linux. Linux is designed to behave and interact like UNIX, leading to the classification of Linux as a UNIX-like operating system. Linux is extremely adaptable, able to be tailored to operate at peak efficiency on a wide variety of devices, including tablets, smart phones, servers, desktop computers, and more. Gentoo is, in turn, a highly flexible distribution of Linux and its attendant software, allowing for optimization towards any task on any hardware. In this case, the task is to be the Shanock.com server.
      • With your Shanock.com account, you receive 10GB of total storage space. This is absurdly plenty to take advantage of everything Shanock.com can offer.
      • The server specifications that may be relevant to you as an account holder can be found on the Shanock.com status page.
  2. Shell access

    1. What is a shell account?
      • The basic user environment for UNIX-like operating systems is called the shell, which at first looks like nothing more than a text-based command prompt. If you are new, think of DOS. While you may have seen demonstrations or personally tried distributions of Linux with pretty graphics, windows, and buttons, that’s not what Linux really is. What you saw was one of many optional graphical interface programs running on top of a shell. All file management, email, editing, and configuration needs can be handled using the shell alone.
      • The beauty of UNIX-like operating systems is that because of the simple but all-powerful text-based interface, using your account from home can be virtually the same as if you were physically accessing the server’s keyboard and mouse.
    2. Accessing the shell
      • To log in to your Shanock.com shell account, you must use a SSH (Secure Shell) client. An excellent yet free SSH program is PuTTY. It is highly configurable and feature-rich. Instructions concerning how to use PuTTY, are beyond the scope of this document, but here is a simple guide to get you started:
      • A Beginner’s Guide to SSH
      • In the past, Shanock.com supported telnet and web-based shell access, but no longer. While telnet is easy and convenient, it is not very secure, lacks features, and behaves oddly sometimes.
    3. Familiarizing yourself with the shell
      • Once you’ve logged in, you’re greeted with a text logo and a short welcome message. Near the bottom, you see something like:
      • username@shanock ~ $
      • Before I tell you what you can do from here, I should tell you where you are. The tilde (~) is a shorthand symbol for your “home directory”, which is /home/username. This is your personal space, where all of your files and configuration settings are stored. There are many other files and directories on the server, but most of them are restricted in various ways. Your home directory is the only place where you have full control over files.
      • You should consider learning the basics of the shell use before continuing with this guide. For a beginner’s tutorial on how to use the shell, see:
      • LinuxCommand.org : Learning the Shell
      • Here’s a list of useful commands (that may or may not have been mentioned in the tutorial):
        • man – view an on-screen manual for a command (press q to exit)
        • passwd – changes your password
        • alpine – check your email
        • nano – simple, easy text editor (beginner)
        • emacs – full-featured text editor (advanced)
        • vi – efficient text editor (advanced)
        • mc – file manager
        • gftp – FTP client
        • irssi – IRC chat client
        • 7z7-zip efficient file compression (The command 7zip Is provided for simplicity)
        • crontab – task scheduler
        • quota -su username – check your remaining disk space
      • There are a great deal more commands available, but you can accomplish most common tasks with these. Also be aware that Shanock.com provides the GCC compiler and a number of other programming/scripting languages (perl, bash, python, etc.) that allow advanced users to compile their own programs. In the event that you need a specific program that is not already provided, please email me before installing it yourself in your home directory – I may be able to install it system-wide, thereby making the program available to everyone and saving you account space.
    4. Uploading and downloading files
      • Shanock.com provides three primary means of transferring files to and from your home computer. These are File Transfer Protocol (FTP), Secure FTP, and Secure Copy (SCP). Windows Explorer built-in support for two-way FTP by typing the following into an explorer address bar: ftp://www.shanock.com
      • There are several good third-party programs available that grant access to FTP, SFTP, and SCP. If Windows Explorer is not to your liking, I recommend you try the free program, WinSCP.
    5. Accessing the virtual desktop via RDP
      • A slower but more feature-rich way to access general tools on your Shanock.com account is via Remote Desktop Protocol. When physically accessing a Linux system, many people use fancy graphical user interfaces for ease of use and image-dependent applications. While you are unlikely to ever access Shanock.com physically, RDP will simulate the experience by creating a window on your computer which will act as an imaginary monitor connected to the Shanock.com server. Any commands you input in this virtual desktop will be executed on the server.
      • To access a virtual desktop, look in your Windows “Accessories” menu folder, or search for the term “Remote Desktop Connection”. Connect to the address, shanock.com, and a window should pop up and prompt for a “module”. Select your desired virtual desktop resolution and color depth, and press “OK”, at which time you will be prompted to log in. Do so, and you will be presented with an empty desktop. Right-click anywhere, and you will see a menu with the various applications that are available to you. The speed of this method depends on the bandwidth and latency between your computer and the server. If you find that the desktop is too slow for you, you may want to try more conservative settings.
      • Please be aware that these are forwarded VNC sessions, and will terminate upon disconnect. The last two options on the modules list are sesman-Xvnc and custom-vnc. The sesman option will create a traditional RDP desktop that will match the resolution and depth settings of the client, and persist on disconnect. If using sesman, please remember to right-click on the desktop and log out of the session when you are finished. The custom option is intended to allow connections to manually managed VNC desktops on the Shanock.com server.
    6. Accessing the virtual desktop via VNC
      • There is one more way to access the virtual desktop, if RDP is undesirable or for some reason unavailable, through Virtual Network Computing. To access a virtual desktop, download the latest copy of TightVNC. Install or extract the client program, then execute it. You will be presented with a prompt asking for a VNC server and other options. For the server, you will enter one of the following:
        • shanock.com:50 for a 640×480 window with 8-bit color
        • shanock.com:51 for a 800×600 window with 8-bit color
        • shanock.com:52 for a 1024×768 window with 8-bit color
        • shanock.com:53 for a 1280×1024 window with 8-bit color
        • shanock.com:55 for a 1024×600 window with 8-bit color
        • shanock.com:56 for a 1280×720 window with 8-bit color
        • shanock.com:57 for a 1366×768 window with 8-bit color
        • shanock.com:60 for a 640×480 window with 16-bit color
        • shanock.com:61 for a 800×600 window with 16-bit color
        • shanock.com:62 for a 1024×768 window with 16-bit color
        • shanock.com:63 for a 1280×1024 window with 16-bit color
        • shanock.com:65 for a 1024×600 window with 16-bit color
        • shanock.com:66 for a 1280×720 window with 16-bit color
        • shanock.com:67 for a 1366×768 window with 16-bit color
      • Smaller and lower resolution desktops will work faster, and should be selected based on the connection speed between the Shanock.com server and your computer. Log in when prompted, and you will be presented with a clean desktop. Please be aware that VNC sessions terminate upon disconnect.
  3. Using your email account

    1. Accessing your email
        • Your email address is username@shanock.com. Shanock.com provides a variety of easy and secure ways to access your email. You can use POP3, IMAP, POP3-SSL, IMAP-SSL, secure webmail (https://mail.shanock.com), Alpine (when logged into the shell), and Thunderbird (when logged in via RDP or VNC). Any modern (and most old) email client can be configured to work with one of the available protocols. Please consult your email client’s documentation.
        • Whichever access method you choose, the server name for all methods is mail.shanock.com. If you wish to use the Shanock.com SMTP service, be sure to enable SMTP Authentication in your email client, and use your normal login and password.
        • I would recommend using IMAP over POP3, unless you are having server space issues or use an email client that doesn’t support it. The reason for this is that IMAP leaves copies of your email and folders on the server. You can access your email from home, through the web, or from the shell, and still be able to use the same set of folders. Furthermore, Shanock.com utilizes a RAID array to protect against hard drive failure, helping to keep your email safe from data loss. POP3 clients, on the other hand, generally download the messages to your computer and delete them from the server.

      • If you use your Shanock.com account for purposes other than email (i.e. via the shell or FTP), note that your mail is saved in the ~/.maildir directory. Try not to accidentally delete it, because I will likely not be able to recover it.
    2. Email Forwarding
      • If you already have an email account and don’t want another, Shanock.com can forward email (including administrative notices) to your existing address. If you would like to enable mail forwarding, create a file named .forward in your home directory with the email address you would like to forward to. One way to do this would be, at the command prompt, to type the following command with the address you want mail forwarded to, followed by the enter key:
      • echo “email@domain.com” > ~/.forward
      • Alternatively, you can use FTP, SFTP, or your favorite text editor to upload or create the .forward file with your email address.
      • Note that this may cause problems if the receiving server is strict about checking SPF records. I will implement SRS in the future. Also, some email services, notably gmail, don’t like it when you forward its own emails to itself.
    3. Spam protection
      • Shanock.com utilizes a few simple techniques that drastically reduce spam without endangering your legitimate emails. None of them require any interaction on your part – they are enabled automatically. However, you should be aware that one of the methods used is greylisting, which may delay the first few emails you receive from any individual by several hours. After the Shanock.com server trusts that the sender is not a spammer, email will be instantaneous.
      • Note that while most spam is blocked, you will still receive some. Shanock.com is configured so that if there is any possibility that an email is legitimate, it will be delivered, and you will never miss a message. Since I cannot predict how you will use your email account, Shanock.com does not run content-based spam filtering (such as SpamAssassin) which may produce false positives. This means that the remainder of spam-filtering responsibility rests on you, the user. Programs such as Thunderbird and SpamAssassin (configured for your own needs) will help you virtually eliminate spam forever.
      • It should also be noted that Shanock.com uses a soft SPF record to prevent spammers from pretending to send mail for the Shanock.com server. This partially protects you from bounce-back spam and flood attacks. However, this also means that you may only be able to send mail from your @shanock.com address through the Shanock.com services. If you are using Shanock.com webmail or SMTP services for sending mail, you will not have this problem. This will also cause some forwarding schemes to fail (this is a problem on the part of the forwarding and receiving servers).
    4. Virus Protection
      • Shanock.com does not offer server-side virus protection, which uses a great deal of processor power, can produce false positives, and does not replace a true virus scanner installed on your own computer. Since you should have a virus scanner on your PC anyway, running one on the server would be redundant. I’d highly recommend installing the free edition of Microsoft Security Essentials, a virus scanner that does not use many resources or slow your computer unreasonably. Note that ClamWin, an open-source alternative, is also an option, buy may not yet support on-access scanning.
  4. Setting up a website

    1. Prerequisites
      • While Shanock.com provides web space, it does not provide any web-based content creation tools for beginners, such as those you might find on commercial sites. In order to create a web site on Shanock.com, you must either know the appropriate web programming languages (HTML, XHTML, PHP, CSS, etc.), know how to use a web-authoring tool (Dreamweaver, KompoZer, etc.), or find someone who has one of the aforementioned skills to do it for you. Furthermore, any word processor that can save HTML files can be used to create rudimentary web pages (Libre Office is provided via RDP/VNC). The Shanock.com server is also capable of supporting WordPress, and other content management systems (Security note: CMSes often require that passwords are typed in a plain text file. It is recommended that you change your MySQL password to something different from your login password.)
    2. Web hosting features
      • Explaining the function of the following features is beyond the scope of this document. If you don’t know what these are, then you probably don’t need to worry about them yet. If you do know what they are but need help, there are plenty of online guides detailing what they are and how to use them.
        • PHP – a programming language for creating dynamic web pages
        • CGI – an interface that allows execution of internal programs
        • Server-Side Includes – allows CGI to be inserted into web pages
        • Virtual domains – enables http://username.shanock.com subdomains
        • .htaccess support – enables customization (like passwords) to your website
        • MySQL – database for CGI and PHP
        • Domain hosting – additional charges may apply
      • Shanock.com does not currently offer DNS services. If you need them for any reason, you will need to set them up on your own. I recommend ZoneEdit, which offers free DNS hosting for up to 5 domains.
    3. Where files go
      • When you log in to your account via the shell or FTP, you might notice some pre-supplied directories, one being ~/public_html. This is the directory where all normal web content is stored, including HTML documents, CSS files, PHP, images, downloads, and almost anything else you want to be available from the web. You can create new directories inside of this one, which is good for organization of web content. Files in ~/public_html can be read, but not executed by visitors.
      • If you look inside ~/public_html, you will find a placeholder file called index.html. To build your web site, you will need to edit or replace this placeholder. This file is the default page that will be loaded any time someone visits your website without requesting a specific file. If index.html does not exist, the server will look for index.htm, index.php, or index.shtml. If a visitor accesses http://username.shanock.com but there is no index page, then the server will automatically generate a directory listing of the files in ~/public_html.
      • A second directory is ~/cgi-bin. CGI scripts are programs that can be executed on-demand as a web page loads. They are often used for dynamic content such as hit counters, guest books, and much more. Since such wide-ended programs are a potential security risk, they are kept in the ~/cgi-bin directory which is outside of ~/public_html, and can be executed but not read or downloaded by visitors. The server fakes the location of this directory so that a visitor will see ~/cgi-bin at http://username.shanock.com/cgi-bin.
      • Under normal conditions, any files that are not inside ~/public_html or ~/cgi-bin will be inaccessible to visitors.
    4. Creating your own web pages from scratch
      • Teaching you how to create web pages is beyond the scope of this document. However, there are numerous HTML tutorials and web creation tools available on the Internet. Here are some tutorials that may help you get started:
      • Small Planet Communications: Create Your Own Webpage
      • PageTutor.com: HTML Tutorial
      • W3Schools.com: Introduction to HTML
      • You will need a text editor to create plain HTML. A word processor such as Microsoft Word will not work correctly unless you use very specific settings. For the sake of simplicity, I recommend using Notepad or EditPad Lite for your HTML-editing needs.
      • Note that while HTML files are typically in plain-text format, in order to be accessed as a web page by a visitor’s browser it needs to have one of the following extensions: .html, .htm, .shtml, or .php. If in doubt, use .html. If the file has a .txt extension, visitors will see the HTML code instead of the design you had intended. Most other extensions will be treated as a file download.
      • From personal experience, I find that the best way to learn web design is simply to observe what others have done to achieve various effects. You can view the HTML code of almost any website by using the “view source” function of your browser.
    5. CGI scripts
      • Again, teaching you the ins-and-outs of the various web programming languages is beyond the scope of this document. There is an example hello.cgi file in your ~/cgi-bin directory that can be accessed at http://username.shanock.com/cgi-bin/hello.cgi
      • This said, there are some things you need to know that a tutorial may not mention. First, CGI scripts must be saved in UNIX text format or you may encounter errors. You can either specify UNIX in an advanced text editor like EditPad, or after uploading a CGI file you can edit and save it using a linux-based text editor like nano.
      • Second, you need to set read and execute permissions on CGI files or else you will encounter errors. This can be done with most FTP clients, including Windows Explorer (right-click > properties). Alternatively, you can use the shell command chmod, i.e. chmod 755 hello.cgi.
      • Third, you can execute a CGI script directly from inside a web page, so that dynamic content is transparently added to your websites. This is called “server-side includes,” and you can see a working example by placing the following in a .htm, .html, or .shtml file:
      • <!–#include virtual=”/cgi-bin/hello.cgi”–>
    6. MySQL Access
      • You may wish to create or install programs that require database access. Unless your account is extremely old (in which case, contact me and I’ll set it up), you already have an account on the Shanock.com MySQL database and can access it with the same username and password that you use to log into Shanock.com’s other services. If you wish to manage your database manually, you may use RDP or VNC to access Shanock.com’s graphical interface and run MySQL Workbench or LibreOffice Base. Alternately, you can use the phpMyAdmin web interface (you will be required to login twice, once with your Shanock.com password, and once with your MySQL password.).
    7. Website Security and SSL
      • Simple HTML websites have no security issues. The problem comes when one wishes to create something more complicated and dynamic. In particular, CGI scripts tend to be less secure than PHP, any kind of insecure code will create an attack vector for hack attempts, and software that provides login access will create an opportunity for guessing passwords. It is important to create and/or select software with security in mind. If using WordPress, Shanock.com is already configured to work with the WP fail2ban plugin (you still need to add the plugin to your individual WordPress installation), which will temporarily ban automated programs that try to guess at your passwords.
      • It is safe to set most of the files in your home directory to be accessible only by the owner (chmod [1-7]00), with the exception of .maildir and .mysql_db, which are already set up with secure permissions. You will need to make public_html and optionally cgi_bin readable, and perhaps writable by the “apache” user. This can be done by setting all directory permissions to 755 and files to 644. However, some files containing passwords (like wp-config.php in WordPress) need to be simultaneously readable by apache and hidden from other users. Shanock.com supports Access Control Lists for this purpose; use chmod 600 wp-config.php to restrict access to everyone but yourself, and setfacl -m u:apache:r wp-config.php to enable read access only by apache.
      • Subdomain users will see the www.shanock.com-issued certificate used on their HTTPS connections. This will provide encryption, but not identity verification. I will not be providing validated certificates for every subdomain because of the limited nature of the free service from StartSSL. I also cannot allow my users to create certificates for Shanock.com subdomains on their own, because they need to own the domain to do so. Self-signed subdomain-specific certificates may become an option in the future. For those who own top-level domains hosted by Shanock.com, a default self-signed SSL certificate set has been copied to /home/username/.ssl/, and this can be replaced with properly authenticated certificates by the domain owner at his/her own convenience and expense. Alternately, the self-signed certificates can be regenerated at any time using the following commands:
      • openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /home/username/.ssl/ssl.key -out /home/username/.ssl/ssl.crt -extensions v3_req -config /home/username/.ssl/info.cnf
      • openssl rsa -in /home/username/.ssl/ssl.key -out /home/username/.ssl/ca.pem
  5. Addendums

    1. Technical support
      • If you are experiencing difficulties with a service of Shanock.com and have good reason to suspect that the problem may be a server-side issue, contact me at shanock@shanock.com. Common problems may be permissions errors (i.e. files in your home directory being marked as belonging to someone else), MySQL access issues, and programs with broken dependencies.
      • If you forget your password and fail 5 login attempts in a day, your computer will be banned for 3 hours. This is a security measure to deter hackers from using brute force attacks to guess someone’s password. If you try and fail again, the ban time will become increasingly longer, so if you really have forgotten your password, use a third-party email account to contact me for support.
      • Note that I DO NOT provide instruction for any software you find on the server or technical support for your personal computer or any software installed on it. Please seek online support. That’s where I learned everything I know and where I would find any answer that I could tell you. If the internet can’t help you, I can’t either.
    2. Availability of service
      • As I use Shanock.com for my personal email, webhosting, and internet needs, I try my very best to keep the server up and running 24/7 at full capacity.
      • However, Shanock.com is a piecemeal computer built from spare parts, running on a budget infrastructure, and connected to the Internet through a residential cable modem. That’s not a great deal of bandwidth, certainly not enough to handle commercial traffic. Storms often cut off the power supply (sometimes for hours), and Oklahoma tornadoes constantly loom on the horizon. This server is not a significant source of income for me and I, as the sole maintainer, cannot always be available to fix immediate problems.
      • Let’s face it. This is, at best, a third-rate hosting service. You probably only have an account on Shanock.com because you know me personally, need a feature that other services don’t provide, or enjoy the low expense that the trade-off of unreliability provides. As such, I can offer no guarantees about anything. Make regular backups of all your data, and if Shanock.com becomes unstable or goes FUBAR altogether, find another provider. I only charge for delivered services, so if at any time you decide to leave, please accept whatever service time I hadn’t yet billed you for as a parting gift.
      • That said, I have run this server for many years and intend to continue until the day I die. And maybe a little after, if I can help it.
    3. Legal issues
      • The Shanock.com system does not utilize any proprietary software. All services and utilities are open source, and usage is provided at no additional charge. All of them can be downloaded and run on a modern Linux system, and many even have free Windows versions available from the authors. All third-party programs explicitly recommended in this guide are legally free. Any fees that may be associated with your Shanock.com account are intended to cover labor, maintenance, and bandwidth costs.
      • As previously stated, the server can die at any time, and while I make a reasonable effort to prevent data loss, there are no guarantees. This server employs RAID hard drive redundancy (similar to a real-time backup to protect from hardware failure), numerous methods to resist hacking, and is frequently updated with the latest software fixes. However, there is no such thing as 100% security. Do not make a habit of storing sensitive information on the Shanock.com server.
      • In conclusion, don’t sue me, because I don’t have any money. If I did, I could afford more reliable hardware and a support staff.

 

~Walter Heitman Jr.

Your friendly neighborhood Shanock.com admin