Tests and procedures to make sure that everything is working correctly

Started by tallship, May 17, 2013, 01:35:03 AM

Print
Go Down Pages1
User actions

tallship

May 17, 2013, 01:35:03 AM
I'm interested in gathering ideas and suggestions for methods of testing and procedures to double check that a HostBill installation is operating correctly, and that a site is fully functional.

This is perhaps most significant and important since HostBill is known to commonly introduce bugs and breakages into previously working installations following updates, and I think it would be beneficial for everyone to have a list of procedures and checks in order to be proactive, so we don't have to wait for our customers to tell us by flooding us with tickets, phone calls, and emails

Your thoughts, suggestions, and recommendations are greatly appreciated.

Kindest regards,
Bradley D. Thornton - Manager Network Services, NorthTech Computer   TEL: +1.310.388.9469 (US) | +44.203.318.2755 (UK) | +61.390.088.072 (AU) | +41.43.508.05.10 (CH)
Registered Linux User #190795 - "Ask Bill why the string in [MS-DOS] function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that." - Dr. Gary Kildall.

Lawrence

#1
May 17, 2013, 01:47:52 AM
Well here's just a summary of what I have setup.


  • A HostBill install for a live environment and a dev environment.
  • Dev environment is .htaccess restricted to 3 IPs, all under my control.
  • Before I upgrade, I update the dev environment's database with the current live database. The dev environment is an exact copy (Files and database) of the live enviornment, other than the paths, which are of course private, but easily updated in the database nonetheless.
  • I verify features, check error logs (Which almost always are generated during the upgrade), see if live chat is working, etc,.

This upgrade process is done every upgrade. If I'm upgrading multiple versions at once, then I'll just copy the database over once. I take the good with the bad, and if the good outweighs the bad, I'll take that leap to the next version. If I don't like the next version, I'll wait until the other.

Here's the kicker, if the Development environment passes all checks and upgrades without any issues, I perform a quick upgrade to the live environment after making a backup. I don't upgrade the dev environment and transition everything over due to the fact that I could lose that one sale that happened on the fortieth second of the eighth minute. :P Everything is upgraded on the live website in a matter of 10 seconds.


  • Extract files
  • Visit install path
  • Upgrade
  • Delete install files and attachments / templates_c / downloads folders
  • Visit admin area

If it fails, I jump right into a backup which is restored within 30 seconds.

I suppose this isn't the very best method, but it's worked for me since the beginning. I know many people have a lot of issues with upgrading, but I've yet to experience one. (Few bumps yes, but often due to my mistakes)

Probably the very best advice I can give in regards to upgrades....

Use bash scripts! If you've made a template change such as the CSS, have a bash script add that text at the end of your .css file. This is very easy to do. You could also make such changes in other files. Writing a bash script isn't hard, only downfall is when the new install changes the code you're targeting or the line changes, you may have to update your bash script. If code stays uniform though, the process should be straight forward.

Also, a bash script is great for moving / deleting the install files. Most system techs can be replaced with a bash script, it's rather funny.
Skype: sociallarry | AIM: [email]larry.aim@aim.com[/email] | Forum Rules & Information

These forums are hosted by me with no intentions to ever monetize them. These forums are here solely for the benfit of the HostBill community.

tallship

#2
May 17, 2013, 08:38:17 AM
Exellent!

Thanks Lawrence, most of what you posted is confirming that the methodology I'm using is correct, but that is just as important as if I didn't have any, and I'm sure it will benefit many others that come through here.

In my case, however, I'm unable to do the dry run on the staging server method, since I only have a single owned, unbranded license. I had asked in a ticket back in November how to set up a staging/devel server so I could test such things, and was told that I can't run a devel or any other second install without purchasing another license, but I could get a 10% discount on that second license.

If there was a way I could run a staging server that would be prudent way.

Right now, what I do is check the logs and if I don't see any activity then I firewall off the port, do my backups, and then the upgrade, a quick (very quick) check to see if it looks okay, and then I open the ports again.
Bradley D. Thornton - Manager Network Services, NorthTech Computer   TEL: +1.310.388.9469 (US) | +44.203.318.2755 (UK) | +61.390.088.072 (AU) | +41.43.508.05.10 (CH)
Registered Linux User #190795 - "Ask Bill why the string in [MS-DOS] function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that." - Dr. Gary Kildall.

Lawrence

#3
May 18, 2013, 12:07:01 AM
Definitely an inconvenience, I feel a developer's license should be included upon request with each owned license. Other billing scripts offer it, and usually the only requirements are that it's blocked off from the rest of the world (With .htaccess).

I guess the only thing we could do as a community is encourage Kris to offer up Developer licenses for owned versions. They are after all a natural process of development. If the auto-upgrades were flawless, then I can understand, but a developer license is a must for manual upgrades.

Anyhow I'm glad you've found my post insightful, it also confirms that I'm doing something right as well. :) (This information helps a lot!)
Skype: sociallarry | AIM: [email]larry.aim@aim.com[/email] | Forum Rules & Information

These forums are hosted by me with no intentions to ever monetize them. These forums are here solely for the benfit of the HostBill community.

John

#4
May 19, 2013, 07:24:11 AM
Quote from: Lawrence on May 18, 2013, 12:07:01 AM
Definitely an inconvenience, I feel a developer's license should be included upon request with each owned license. Other billing scripts offer it, and usually the only requirements are that it's blocked off from the rest of the world (With .htaccess).


I second this. All other billing systems have a free developers license, and it only seems natural.
John McCarthy
inertianetworks.com
john@inertianetworks.com

Patrick

#5
May 19, 2013, 11:11:20 AM
We IP block our admin area directly via httpd.conf.  We find it's a far more secure method as our ssh is restricted via ssh keys and also IP restricted.  It's worked well and we do this for the admin area on the live environment.  Any staff are all provided a VPN account. 

I also second this.  I didn't feel comfortable buying it at $300.  I haven't checked recently but i hope that price has dropped back down too
Patrick - Forum Rules
Insanity: doing the same thing over and over again and expecting different results. - Albert Einstein

tallship

#6
May 19, 2013, 11:53:15 AM
securing via .htaccess is a good method for an added layer of security. It doesn't have to be anything fancy either, since it should be an URL that only your staff knows anyway, and then once you validate your credentials with the basic auth mechanism w/a .htpasswd you still have to login to the admin control panel.

For the SSH portion, I have a nice little write up here, for those who it might benefit:  northtech.us/content/2011060...

Easy to remember as "TinyURL.com/lockdown-ssh"

Kindest regards,
Bradley D. Thornton - Manager Network Services, NorthTech Computer   TEL: +1.310.388.9469 (US) | +44.203.318.2755 (UK) | +61.390.088.072 (AU) | +41.43.508.05.10 (CH)
Registered Linux User #190795 - "Ask Bill why the string in [MS-DOS] function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that." - Dr. Gary Kildall.

Lawrence

#7
May 20, 2013, 01:06:21 AM
Tallship, that was a very good read! I don't use SSH keys as much as I should, but definitely learned something here today.

Quote from: tallship on May 19, 2013, 11:53:15 AM
securing via .htaccess is a good method for an added layer of security. It doesn't have to be anything fancy either, since it should be an URL that only your staff knows anyway, and then once you validate your credentials with the basic auth mechanism w/a .htpasswd you still have to login to the admin control panel.

Naturally a good option. In most cases, deny all and permit only a few is a very strong method as well; unless your employees have dynamic IPs.
Skype: sociallarry | AIM: [email]larry.aim@aim.com[/email] | Forum Rules & Information

These forums are hosted by me with no intentions to ever monetize them. These forums are here solely for the benfit of the HostBill community.

Patrick

#8
May 20, 2013, 01:08:43 AM
Quote from: Lawrence on May 20, 2013, 01:06:21 AM

Naturally a good option. In most cases, deny all and permit only a few is a very strong method as well; unless your employees have dynamic IPs.

OpenVPN works very well for employees :)
Patrick - Forum Rules
Insanity: doing the same thing over and over again and expecting different results. - Albert Einstein

Lawrence

#9
May 20, 2013, 01:13:33 AM
OpenVPN is a very good choice, but some companies wouldn't setup something such as that. Everyone will always have their own means of doing business and how their employees interact with the services they provide. Shame there aren't such standards universal to all businesses. Alas, if only it were that easy! :)
Skype: sociallarry | AIM: [email]larry.aim@aim.com[/email] | Forum Rules & Information

These forums are hosted by me with no intentions to ever monetize them. These forums are here solely for the benfit of the HostBill community.

Patrick

#10
May 20, 2013, 01:18:48 AM
Quote from: Lawrence on May 20, 2013, 01:13:33 AM
OpenVPN is a very good choice, but some companies wouldn't setup something such as that. Everyone will always have their own means of doing business and how their employees interact with the services they provide. Shame there aren't such standards universal to all businesses. Alas, if only it were that easy! :)

true :)  I'm very crazy about security after we moved away from a competing product and their security flaws.  Since then we block every avenue possible in any possible direction.  VPN just works well for us specifically because we include managed services on some products so rather then having home IPs logged of course company IP's are far more professional of course.
Patrick - Forum Rules
Insanity: doing the same thing over and over again and expecting different results. - Albert Einstein

tallship

#11
May 20, 2013, 02:16:58 AM
Quote from: Lawrence on May 20, 2013, 01:06:21 AM
Tallship, that was a very good read! I don't use SSH keys as much as I should, but definitely learned something here today.

Thanks Lawrence :)

Knowing that it helps people out from time to time makes the time it takes to do a tut a worthwhile endeavor everytime!

Kindest regards,
Bradley D. Thornton - Manager Network Services, NorthTech Computer   TEL: +1.310.388.9469 (US) | +44.203.318.2755 (UK) | +61.390.088.072 (AU) | +41.43.508.05.10 (CH)
Registered Linux User #190795 - "Ask Bill why the string in [MS-DOS] function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that." - Dr. Gary Kildall.
Print
Go Up Pages1
User actions