You can upgrade your subscription at any time. The credit balance of the current subscription will be credited to you when you order the upgrade.

Before your subscription expires, we will contact you several times by email.

• If you wish to renew your subscription, simply pay the invoice using your chosen payment method.
• If you do not want to renew your subscription, you still have enough time to backup your data from our data centers.

Yes, you'll get an independent virtual network interface for each IP address. Opposite to other providers we provide you as many IP addresses as you want. We even give you the possibility to use IP addresses out of a second network.
 

How can I get more IP addresses?

When ordering for the first time, you can specify the number of IP addresses you want. If the v-server is already in operation, you can send a request to our support. We will then make you an appropriate offer. We will fulfill requests for different subnets if possible. You can see the prices for additional IP addresses on the Softronics order pages.

Use the fullbackup to create a consistent copy of the entire file structure (an image) of your virtual server in its current state.

When restoring the virtual server, the image and data of the selected backup is used for the recovery. The server will be in the same state as when the fullbackup was created (system and data).

You can choose the maximum number of backups yourself and create or delete them manually at any time. If the maximum is achieved, you can create a new backup by deleting an existing backup or you can order additional number of backups.

The fullbackups are maintained until you manually delete them or cancel the option.
This feature is available for the Windows and Linux virtual servers.

Where is the fullbackup stored?

The fullbackup is written to a disk subsystem and not to the v-Server disk. As a result, your disk capacity is not affected by the full backups. Additionally, two backups of each full backup are created.

Hint: To ensure that no data loss (silent data corruption) occurs, the services should be paused briefly.

Create fullbackup

• Login at the Webinterface.
• Click Backup (x of n) at the desired server.
• In the window that opens, select + Create Backup.

Restore from a full backup

Recovery from a full backup is available for Linux and Windows servers.

• Login at the Webinterface.
• For the desired vServer, select Shutdown server.
• After that, shut down the vServer with Power down server (only in emergency).
  You can also skip step two in case of emergency and shut down the server directly.
• Click Backup (x of n) at the desired server.
• In the window that opens, select Restore for the desired full backup and follow the further prompts.

In the overview you see the number provided fullbackups and the number of possible fullbackups elective vServers. Further every fullbackup is shown with date and time. You can extinguish the available Fullbackups or provide a new Fullbackup.

You get access to your Linux Server via a secure SSH connection. You must have administrator rights to get full access to your Server.
SSH is connecting on Port 22 per default.

Registration via PC / Mac

SSH application for Windows:

For administration on a Windows environment, we recommend the free SSH client Putty, Download.

SSH with Linux:

The OpenSSH suite is usually installed on the Linux and is used to access the remote server.

SSH with MAC:

Mac OS X has a built-in SSH client called Terminal which can be used to connect to remote servers. By default, Terminal.app is located in Applications / Utilities folder and is connecting with the local username on Port 22.
To connect to your server fill in the following at the prompt: ssh IP-adresse -l username -p port

Registration via Smartphone / Tablet

SSH App for Android

Download the ConnectBot for you Smartphone / Tablet from Google Play or F-Droid

• Install and open the App
• Add a new connection
• Fill in your username and the IP-address

SSH-App für iPhone / iPad / iPod:

For your Apple device, download the SSH-client Termius

To customize your server, log in to the web interface. Then select "Change subscription" for the desired server.

Please note that the existing disc size cannot be reduced.

If your desired configuration is not listed, please contact us.

At this point, we would like to explain a few terms, just as these are used for our products.

A virtual server is often referred to as VPS (virtual private server), VM (virtual machine), v server, or virtual server. These are installed on a host server. On a host, several virtual servers can be operated with different operating systems. This means that more than one customer can be set up simultaneously on one host. The individual virtual servers are clearly separated from each other.

Dedicated servers are also known as root servers. The server is exclusively available to one customer. He thus gets the full performance and all resources of the host for himself and does not have to worry about the maintenance of the server or technical defects. The customer can therefore concentrate fully on his project.

A root server in the classical sense is a root name server and as such is responsible for the name resolution on the Internet. The root servers know the names and IP addresses of all nameservers of all top-level domains (TLD). The root servers are coordinated by the ICANN (Internet Corporation for Assigned Names and Numbers).


We do not use the term root server for our products.

Differences between virtual and dedicated servers

• Virtual servers do not have their own physical disk. A file with the appropriate size will be assigned to you and the vServer is installed here.
• The memory is virtually assigned to the v-Server. For the memory swap there is set up a swap partition on the disk.
• You can flexibly allocate vCPU. Only a reboot is required.
• The network interfaces are virtually assigned to the v server.
• Time: The time of the host is automatically synchronized with a time server and cannot be changed within the Virtual Server. Deviations are thus automatically corrected.

Just like any other server, a Virtual server can have limited recourses like RAM, CPU or Disk capacity. Here we teach you how you figure out what’s wrong and how you can do something about it.

How do I realize that my Virtual Server doesn’t have enough recourses?

• When a resource limit is reached, processes are terminated or not started. It is also possible that data can no longer be written. This can occasionally lead to randomly appearing error images.
• This can cause seemingly random error images to appear.
• When using Linux you can check your recourse values with the command: top
• When using windows you can use the recourse monitor resmon to check your recourse values.

What do about higher resource usage?

• Check if there are any processes running that aren’t really needed.(e.g PostgreSQL on a system that uses MySQL or SpamAssassin on a system that doesn’t receive e-mails.
• At high CPU usage, check the auto start. Are there any processes that are redundant to you? Remove them from auto start.
• If the server performance suddenly changes, can it be that the amount of users has risen? Is a third party abusing your server?
• Delete unnecessary data to regain free space on the disc.
• Can individual server services be adjusted so that they don’t need as much recourses? If these steps don’t give you your desired result you can always upgrade your Virtual server.

You get access to your Windows Server via a secure RDP connection.

RDP (Remote Desktop Protocol) is a proprietary protocol from Microsoft to control Windows computers remotely. The RDP service is normally provided on port TCP 3389 and has a 128bit encryption. It is recommended to change the default port 3389.

Changing the port TCP 3389

• You must have administrator rights to change the port
• Start the program regedit
• Got to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\
• Select the port 3389 and overwrite it with a free port of your choose (Wiki: Free Ports)
• In the next step you have to configure the Windows Firewall
• Open the Windows Firewall with Advanced Security
• Create new Inbound and a new Outbound Rules
• Set the new defined Port as fix Port for TCP and UDP for the RDP-connection

In this article we will tell you how you can set up the SSH-Login on a Linux Server by means of Public and Private Key. 

By default, the Linux Server get set up with a SSH-Login with username and password. To ensure more security, you can use an authentication method with key -pairs. In comparison to username/password authentication this method has several advantages:

• Fully automatic login (no need for passphrases
• Since a key -pair is being used for the Login, getting hacked by a Brute-Force Attack becomes impossible. However, the Passphrase login method must be deactivated.
• You can create a private key for every user and activate it on the Server.

Step 1: Generating a key -pair

The required key -pair can be easily generated in the Shell with a simple command:

ssh-keygen

Without any further specifications this will generate a key -pair using the RSA algorithm with a length of 2048 bit.

• rsa The RSA encryption method is a widely used encryption method, because it's very safe. It is one of the asymmetrical encryption methods. The keys have a length of 2048 or even better 4096 bits.
• dsa
• ecdsa
• ed25519

With the option -t you can define which algorithm is to be used and with -b define the length of the key.

ssh-keygen –t rsa –b 4096
ssh-keygen –t dsa
ssh-keygen –t ecdsa –b 521
ssh-keygen –t ed25519

Step 2: Creating the Key and the Passphrase

There are few questions that you need to answer after the command has been entered.

Enter file in which to save the key (/root/.ssh/id_rsa):

Press enter if the file shouldn’t be changed.

Enter passphrase (empty for no passphrase) :
Enter same passphrase again :

Decide whether you want to use a passphrase or not. When using a passphrase, the security provided by the key will increase. If the key should fall into the wrong hands one would still need the passphrase. The drawback is that the key -pair must be entered every time the key -pair is used.

Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ea:a1:ff:3b:ce:6d:af:b2:5f:34:10:35:7a:ee:4e:ed user@test.mydomain.tld

The key has been generated and has been saved in the defined file.

Step 3: Removing the Private key from the server

The private key has been saved in .ssh/id_rsa. We recommend you remove this file from the server and back it up in a safe place.

Step 4: Depositing the Public key for the Login

To make a Login with a Private key possible you will have to deposit the Public key in your home-directory in the sub-directory “.ssh” into the file “authorized_keys”. That way you can deposit multiple public keys into this file to enable Logins for multiple users.
The public key can be found in the directory /root/.ssh/ in the file id_rsa.pup.
The file must be renamed.

# mv id_rsa.pup authorized_keys

Now the permissions must be edited.

# chmod 0700 ~/.ssh –R

Step 5 Test the Login

Test the login with the private key. If it doesn’t work, then an error has occurred during the installation. Do you need assistance? Then please contact our Support.

Step 6: Deactivating the password login

After a successful ssh login with the key you can increase security by removing the SSH login with username/password.

Open the SSH-config-file

# sudo nano /etc/ssh(sshd_config)

Look for the line with PasswordAuthentification yes and change it to PasswordAuthentification no, to disable username/password logins.

To activate these changes, enter the command:

# restart ssh

Login with PuTTY

In the SSH client "PuTTY", a private key can be selected before attempting to connect.
To do so choose your private key in "Connection", "SSH", "Auth". After that you can make the connection as usual. If you have secured your key with a passphrase you will have to enter it each time the connection is established.

Generate key on local computer for the server

The key pair can be generated on a local Linux computer as well. The procedure is the same as described above. However, in this case, the key must be copied and activated on the server. Step 3 can be skipped. You can instead copy the key on the server

SSH-copy-id user@host

We use true full virtualization, also known as bare-metal virtualization, for our virtual servers, which provides very high performance and security. Unlike other virtualization products, with us you have an independent server instance that completely isolates you from other customers. Our full virtualization emulates a complete computer with virtual hardware that can be accessed by the guest operating system like real hardware. In doing so, the guest operating system layer is omitted. The commands of individual virtual servers, fully encapsulated from each other, are directly forwarded to the hardware. This makes full virtualisation very performant. Therefore you can also install and run unmodified operating systems.

We provide you with a large selection of Linux distributions and versions as standard. You can also choose from many versions for the Windows operating system.

Yes, a VPN can be set up and operated on a Linux as well as a Windows Virtual Server.

For the Windows Virtual Server, the use of PPTP is the easiest method to build a VPN. This connection type is not as secure as L2TP or IPsec, but it is sufficient for many applications.

PPTP-based VPN traffic consists of a TCP connection to the TCP port 1723 on the VPN server and GRE (Generic Routing Encapsulation) -coded packets for the VPN data. However, PPTP traffic can cause problems with firewalls, NATs, and web proxies. To avoid this, firewalls must be configured to allow both the TCP connection and GRE-encapsulated data.

With Linux Virtual Server, For example, the tunnels are built using OpenVPN.

Yes, you have unrestricted access to all network interfaces including the local loopback interface. You can also use special network tools.

In order for you to make settings on the network interfaces, you need administrator rights. In order for the adjustments to take effect, the v server must be rebooted.

We recommend creating a fullback before making any adjustments to the network settings. This allows you to restore the server from the full backup.

Yes, you can use any kernel. We offer a wide range of Linux distributions or even different versions of Windows Server. If the operating system you are looking for is not listed, please let us know. Send a mail to Support.

We are using a real virtualization for our virtual servers (KVM). You can also use unmodified kernels.

Yes, our Linux Virtual Server contains all the usual kernel modules.

Since iptables are run as root, you need to have appropriate administration rights for the server and can edit the appropriate modules (iptables / netfilter, tun / tap, etc.). The iptables are installed on most Linux systems as /usr/sbin/iptables. In the man pages you will find further documentation about the iptables, if they are installed. Since the kernel 3.13 released in January 2014, there is a new, additional packet filter with nftables, which can be used as an alternative to iptables.

A small hint: Before setting up the iptables or a firewall, be clear about what you want to achieve. What should be blocked and what should be allowed. The security of the server is not increasing just by starting a firewall. Or by a poor configuration you get less security or you are blocking yourself.

You can also compile your own kernel modules or use a self-compiled kernel.

Yes, this is possible in our web interface at any time and is independent of the state of the virtual server. You can find the web interface at https://vserver.softronics.ch/.

The following options are available for the reboot:

• Shut down virtual server and restart it automatically.
• Shut down virtual server.
• Shut down virtual server. You should only use this function in an emergency.
• Virtual server boot.

Yes, our Linux premium server can be reinstalled using the web interface. Please contact us if you have a Windows server.

How do I reinstall my server? Follow the instructions below:

1. Sign into the web interface at https://vserver.softronics.ch/
2. After that, shut down the vServer with Power down server (only in emergency).
3. Now select Reinstall Server (must be powered down).
4. On the next page, select the distribution you want. If the distribution you want is not available, please contact us.
   Confirm that all data on the server will be deleted. Then confirm with Start Reinstallation and your vServer will be installed with the selected OS.

Restore from a full backup

If you have created full backups of your Virtual Server, you can restore it to this state accordingly. You can read more about this here under the Restoring from a Fullbackup section.

Recovery from a full backup is available for Linux and Windows servers.

DDoS-attacks (Distributed-Denial-of Service) are an unfortunate part of today’s everyday life. These attacks attempt to overload the bandwidth of the internet connection or server recourses. These attacks are often supported by a botnet (a network of malware-infected computers). These botnets can create massive data traffic which leads to long loading times on your website and can even lead to the system crashing.

Preventive measures

• You know the "normal state" of your networks and systems and recognize anomalies (e.g. intrusion detection systems IDS, centralized log evaluation). A DDoS attack should be detected before your customers can notice it.
• Your systems are hardened (no unnecessary services, strict permissions, strong authentication, etc.) and at current patch level. SYN cookies are enabled, etc.
• Check the possibilities of GeoIP blocking. For example, if your customers are mainly from Switzerland, you can predefine a profile that only allows IP addresses from this region. In the event of an attack, you can activate these profiles and thus very quickly gain options for action and additional protection.

Our Safety solution for DDoS-Attacks

The data stream is constantly being monitored and immediately interferes with anomalies. If an attack is detected, the dataflow gets redirected through the Threat-Management-System (TMS). The TMS are in the so-called «scrubbing centers» inside the global network. Inside of these «scrubbing centers» the dataflow of the attack gets separated from the traffic. After the separation the desired dataflow gets passed on. That way we can protect the bandwidth and the server infrastructure very well.

Yes, for the latest Virtual Server products we offer a CLI console on the web interface at https://vserver.softronics.ch/. So you have access to your Virtual Server in case of emergency or for maintenance work. To do this, select Open server console.