Current time: 04-24-2014, 03:11 PM Hello There, Guest! (LoginRegister)

Post Reply 
Pros + cons of multiple domains on 1 hosting plan
05-13-2007, 11:41 AM
Post: #11
Pros + cons of multiple domains on 1 hosting p
Excellent! Thanks for all the info!
Find all posts by this user
Quote this message in a reply
05-14-2007, 11:56 PM
Post: #12
Pros + cons of multiple domains on 1 hosting p
This is actually not true, all of your users will end up on the same machine and if you have a site that is very inefficient and is getting hit all the time by say googlebot or a comment spammer it will affect all of your sites and all of the sites of the other users on the machine.

The only reason we would ever place any limit on a user is to protect the stability of your machine. If you work to try and get around those limitations and tell others to do the same you will only succeed in slightly obscuring the overall problem. I say slightly because your account is a tree structure and we can easily look at usage by user and or account.

If you have free time to do things like trying to spread usage across many users, just use that time to improve the quality and efficiency of your code instead! =)
Find all posts by this user
Quote this message in a reply
05-15-2007, 12:07 PM
Post: #13
Pros cons of multiple domains on 1 hosting p
Michael.

*THANKS!* for clearing that up. I apologize for the misinformation and can only claim gross ignorance seasoned with stupidity; I'm not now even sure where I got that idea (and it is bugging me!) Wink

Please understand that I was specifically told via a support email that email quotas only impacted a given user when I had a script run amok a few years ago. And, in that instance, it was only a single of my users whose mail sending privileges were curtailed for a few hours until I whipped an errant form mailer into submission; the other users on my account were not impacted. Hence, to prevent all my sites from losing their ability to send mail should a single site get exploited, I began establishing new sites as separate users.

This, the email quota, actually, was my main reason for advising this, and I agree that it would be counter-productive to the whole program to use multiple user on the same machine to obfuscate CPU/Memory usage - the machine suffers from over use either way. Wink

I'm also in complete agreement that there are better ways to use one's time than managing multiple users in your account, though sometimes it really can't be avoided if you need to share access to a given domain, due to security concerns.

Hearing now, that *all* domains hosted under a given account, irrespective of the user, are *combined* when measuring CPU/Mem usage makes sense, but I am now again concerned about the management of email quotas. I also noticed this morning a recent edit to the DH wiki indicating this is also true with email quotas, and *that* is *really* discouraging.

It virtually *guarantees* that if you host more than a couple of domains that have interactive features (sign-up confirmations, lost password retrieval, new post or message notifications, etc.) you *will easily* run afoul of the email quota. A a few popular threads or two on a forum where several users wish to be notified of new postings could burn through this quota very quickly; God help you if a digg or /. reference sends a lot users who want to register to your site; when you most need the system to work it is likely to break and prevent them from receiving their "Welcome email" (which in some cases may contain their account information or an activation link).

The same type of traffic could be responsible for numerous "contact form" submissions (many of which are set up to email the site owner *and* cc the sender). It also pretty much precludes the use of any "tell a friend" interactivity; multiple sites with any traffic would combine to quickly exceed the *by account* quota. I'm afraid that even a single *busy* site would not be able to use these email features, and these are all commonly expected features of an interactive site.

If *all* users/domain etc on an account have their email usage accumulated into the single quota total....hosting multiple site with any degree of user interactivity at all would be become virtually impractical.

I agree with you on CPU/Mem usage, and I guess I must have just made a disconnect somewhere with that information, and am actually *glad* to have that clarified...I apologize profusely for the misinformation.

That said, can you please confirm/deny or further clarify the way the email quota numbers are accumulated? That is *critically* important to me, and my clients, and I don't want to remain confused about this *or* set my clients up for serious dissatisfaction if this jumps up and bites them! :O

Thanks!

--rlparker
Find all posts by this user
Quote this message in a reply
05-15-2007, 02:22 PM
Post: #14
Pros cons of multiple domains on 1 hosting p
rlparker -

Michael pointed me to this thread so that I could provide a little clarification on this stuff...

I'm not sure what the wiki edit is about, but as it is now we look at (and limit) email usage on a per-user basis. I do not know of any plans to lump multiple users all together and institute a throttle limit for them as a whole - and DreamHost Abuse are the ones who would be enforcing those limits, so we'd probably be in on it. Smile

Regarding the limits in general:

Most people never bump up against those limits, and those who do can contact us, explain their situation/needs, and then potentially have their limit increased. If they are using bulk email in any way we will likely need to independently verify that they are fully compliant with our anti-spam policies before doing so.

That said, this multiple user thing shouldn't be seen as a loophole. We've actually had people try to round-robin their email output through multiple accounts on the same server in order to avoid getting "caught" trying to send large amounts of bulk email. While this will likely work for a bit, eventually we will notice and such abuse will likely result in our tightening things up or adding restrictions for everyone. It's in everyone's best interests not to monopolize server resources more than necessary.

And no, its clear that you're not trying to game the system - I'm mostly mentioning that for anyone who runs into this thread down the road and gets some wild ideas... Smile

Anyhow, if you have multiple distinct web sites with different mail needs, if you put them all under different user accounts they will be relatively isolated and have their own limits. I recommend doing this anyhow as it limits the potential damage should an insecure script get exploited, a password sniffed, etc. It also lessens the amount of material to sift through and clear when securing such an account.

While there is some benefit to having a bunch of domains under the same login when it comes to convenience, I personally prefer the added security of keeping them separate. To each their own, though!

- Jeff @ DreamHost Abuse
Visit this user's website Find all posts by this user
Quote this message in a reply
05-15-2007, 03:15 PM
Post: #15
Pros cons of multiple domains on 1 hosting p
By default all of your shell users will be in the same group, so some configuration would be needed to have additional security from multiple user permissions.
Find all posts by this user
Quote this message in a reply
05-15-2007, 03:26 PM
Post: #16
Pros cons of multiple domains on 1 hosting p
Thanks so much, Michael, for the clarification. That helps a lot and, actually, *is* consistent with how I was led to believe (and have actually found) it works. Smile
Quote:That said, this multiple user thing shouldn't be seen as a loophole. We've actually had people try to round-robin their email output through multiple accounts on the same server in order to avoid getting "caught" trying to send large amounts of bulk email. While this will likely work for a bit, eventually we will notice and such abuse will likely result in our tightening things up or adding restrictions for everyone. It's in everyone's best interests not to monopolize server resources more than necessary.
I'm glad to see you recognize a legitimate use for those "multiple users" *and* that you are aware that some may attempt to exploit that to everyone's detriment. I hope you are able to continue to allow *user* based quota evaluation (rather than *account*) *AND* you are able to identify and deal with abusers without changing that segregation of users for quota purposes.
Quote:Anyhow, if you have multiple distinct web sites with different mail needs, if you put them all under different user accounts they will be relatively isolated and have their own limits. I recommend doing this anyhow as it limits the potential damage should an insecure script get exploited, a password sniffed, etc. It also lessens the amount of material to sift through and clear when securing such an account.
Outstanding! *That* is what I was trying to get clarified. I *thought* I understood it to work that way, but was confused after reading Michael's post. You also much better described what I was *trying* to say to the original poster. Thanks!
Quote:While there is some benefit to having a bunch of domains under the same login when it comes to convenience, I personally prefer the added security of keeping them separate. To each their own, though!
As you can tell, I feel the same way about this, though I admit I continue to run several domains under a single user which I initially set up that way a long time ago. That said, all my *new* domains get their own user, and I think I'll continue to go that route in the future for all the reasons (both quota and security related) you so well stated.

Thanks again for taking the time to set us straight on all this. Rock ON!

--rlparker
Find all posts by this user
Quote this message in a reply
05-15-2007, 03:43 PM
Post: #17
Pros cons of multiple domains on 1 hosting p
Quote:By default all of your shell users will be in the same group, so some configuration would be needed to have additional security from multiple user permissions.
Thanks for that! It's a particularly good point if all the users are full "shell users" as opposed to "ftp only" users.

To the degree that "security" is a somewhat relative term, I still think *some* additional "security" can be derived by using separate users given the operation of suexec, and I know that, for me, a "bad" script is much easer to locate if different domains run cgi as different users.

--rlparker
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump: