FAQ Category: Server Management Service FAQ

As we are a US-based company, we do not charge VAT. If you require us to list your VAT number on the invoices you receive from us, please just let us know, and we will add it.

ModSecurity is an optional part of our hardening, and our staff will ask you if you want it before or after performing the initial server hardening.  If you do have us install it, schedule the installation for a time when you can test your websites.  ModSecurity can break certain websites. We may have to disable specific rules if they are breaking any sites or disable it entirely for particular websites.

Yes, we do this all the time for our customers.

Yes. We monitor the disk space for all active disk partitions. We will inform you when one of your drive partitions reaches an initial threshold of 90%.

Yes, there are several ways of doing this, even without a control panel.

Linux is our specialty, and we manage many servers without control panels. The reason we list our services by control panel is that most of our customers are in the hosting business and require the use of a control panel to host a large number of websites and email users. We want our customers to know we fully support their control panel.

Yes.  When provided, we will always access these before contacting a data center or you for hands-on reboot or troubleshooting assistance. 

No, there are no extra charges for this. Most of our customers migrate every two to five years. We manage both servers, one at no additional cost, until the migration is complete.

No. We do not require you to sign an NDA with us. But we are happy to sign one for you if you need it.

This, along with ModSecurity, is an optional part of the hardening process, and you have to request it.  Disabling certain PHP functions can prevent hackers from taking advantage of poorly written code and prevent them from gaining access to your server.  But it can also break certain websites.  If you have us perform this, schedule it for a time when you will be able to test your sites to ensure nothing has broken.

You need to open a ticket requesting the cancellation. We will then remove the server from our systems.

Yes, but you need to let us know this after you sign up for our server management service. If you have not already done so, we can lock versions of the software packages on your server to prevent them from being overwritten by automatic updates.

Yes, we can do this.

Our administrators go through a checklist with every server added to management. A non-inclusive list of things we check for is that the OS is not EOL (end of life), that the OS, control and all services are set up correctly and fully patched, that resources such as CPU, RAM, and disk space are adequate and that the server has not been compromised.

Yes. We have scripts that help us to quickly roll out such patches across all the Linux servers we manage.

We do not provide web development, website updates (for instance, WordPress or Magento updates) or programming services. We also do not design nor implement complex environments as part of our management, though we have made exceptions for customers both inside and outside of our server management agreement. Please contact our sales if you are interested in this.

Yes. We sign NDAs fairly frequently for our customers.

Yes, we can, with or without a hosting control panel.

Yes, we do support many servers running Magento, WooCommerce, and other e-commerce platforms. However, we cannot act as a replacement for your web developer or website administrator as we are not familiar with the advanced configuration of these systems. Nonetheless, if you are having an issue where an e-commerce site will not load or comes up with errors, we can generally determine the cause by reviewing server logs and help come up with a resolution.

Yes. There are multiple things we can do, depending on what service is being brute-forced.

Yes. Migrating to a different control panel is often possible, but some things may need to be done manually by you or your staff. It depends on the control panels you are moving from and to; certain aspects of your environment may not migrate automatically. If you have any questions, please inform our staff what control panel you are considering moving to, and they will advise you.

Yes, server migrations are a common procedure here and perform do them all the time.

Yes. The first thing we do is ensure your web and database server are optimized. If the issue is still active, we try to determine the cause. A server configuration can be at fault, as well as misbehaving web code, plugins, database queries, backup scripts, etc.

Yes. We do everything possible during an emergency to resolve the issue without your company’s involvement. We still ask all customers to provide us with a list of contacts we can call for outages that we cannot resolve without your assistance, for instance, a billing issue with the data center.

Yes. We charge only $10 a month to manage DNS mirror servers so long as they are used in conjunction with a server management service for a server that the DNS server is acts as a slave to. Contact us if you are interested in having such servers added to your account.

Yes. We also provide discounts for managing replication hosts. Contact our sales for more details on the discount.

Yes, we support many servers running WordPress, Drupal, and just about every other popular content management system. However, we cannot act as a replacement for your web developer or website administrator as we are not familiar with the advanced configuration of these systems. Nonetheless, if you are having an issue where a CMS-based website will not load or comes up with errors, we can typically determine the cause by reviewing server logs and help come up with a resolution.

Yes. Our monitoring will alert us of this if it frequently detects CPU, memory, and disk space thresholds being reached. Additionally, our staff can observe this when looking into an issue with the server.

Yes, we can do that. Many customers are opting to use Let’s Encrypt, which provides free SSL certificates.

We fully support cPanel, Plesk, DirectAdmin, Virtualmin, and Webmin.  We also support CentOS Web Panel, ISPConfig, Kloxo, H-Sphere, and Hosting Controller.  There are about ten other less popular control panels, and we will support servers running them as well.

Yes, there are many things we can do to optimize your database servers. What we do often depends on what you are hosting, how large the databases and tables are, how many database queries are being executed per minute, etc.

Assuming you have provided us access to your data centers support console, we log in and first check if there are any open tickets regarding a billing issue or a security incident with the server. For billing issues, we then call the list of emergency contacts you provided us at the time you signed up. For security incidents, we will ask the data center to grant us access to remove the security issue and then put the server back on the network. For the more common server crashes, we will invoke a reboot from the support portal or an external device such as IPMI, iLO, or DRAC. If that is not available or fails, we will ask the data center to reboot the server and, if needed, attach a crash cart to the server to determine what error is preventing the server from restarting. We will continue to work with the data center to get the server back online and functioning normally. It is vital to ensure we have your correct data center contact information on file. If you ever change it, please update us. Otherwise, we need to call your staff during an emergency.

At this point, we do not, but this request comes up frequently. If you are a data center and have a large number of servers requiring our server management service for your customers, please contact our sales department, and we can discuss coming up with a way to assist you.

No. We rely on your data center for this. If you colocate your servers and need hands-on support, we would recommend calling the colocation facility and ask them if they offer this service or if they can refer someone who does in the area. You might even directly ask the security officers who grant you access to the data center. They will often know of freelance system administrators who come in and provide this type of support at a better price than the data center.

We install the CSF firewall, which includes the Login Failure Daemon to prevent brute force attacks. The firewall has a user interface that integrates nicely with cPanel, DirectAdmin, CentOS Web Panel, Webmin and Virtualmin control panels.

Yes. You can also ask our system administrators as to what the fastest web server setup would be for your environment and server resource availability.

Yes, we can do this.

Yes. We can install and configure software such as SpamAssassin, which is free, or MagicSpam, a paid solution. We can also configure the use of Realtime Blackhole Lists to block known spam sources and recommend the use of external mail filtering companies for customers requiring a much higher level of protection. But we can never solve the issue of spam entirely.

Yes. Please see the appropriate server management page on our website for the type of server we will be managing (for instance, cPanel or Plesk) to see some of the options. You can always ask our support as to what your best options are, given your environment, server resources, and traffic levels.

The most common are CentOS, CloudLinux, RHEL (Red Hat Enterprise Linux), Ubuntu, Debian, OpenSUSE, Fedora, Virtuozzo Linux, Amazon AMI Linux, and NixOS. There are over 250 other versions of Linux available, usually derived from one of these, and we will support them all, but we are not experts with them.

We ask that all support be done through our ticketing system, either online or through email. Our support department will take phone calls on business days between 7 AM until 5 PM Los Angeles time. However, we ask that you always open a ticket for an issue, even if you intend to call support later. All our work is performed on support tickets and tickets are responded to 24/7/365. We are considering adding chat support to our services.

We fully support it as we do MySQL.

Yes, we can assist with anything relating to DNS, even if your DNS is hosted external to your server.

We cannot provide this as part of our server management plan but we do have in-house experience with most AWS services.  Contact our sales department if you need more information.

If your data center allows it, then we can. Most data centers will allow this so long as the new server is on the same network or switch as the old one. For the migration, we use a temporary IP address on the new server so we can migrate the data to it. When we are finished migrating, we swap the IPs. Access to the old server is then available through the temporary IP until it is taken offline.

Yes. We set up an outbound spam monitor on your server to alert us when the outbound mail queue is growing, often indicating an outbound spam attack. We can also advise you on preventing the server from being listed as a spam host, such as securing web forms with CAPTCHA or reCAPCHA and disabling mail forwarding to specific domains (which can result in getting listed in blackhole lists or getting blocked by large mail providers). Our server hardening assists greatly as well, detecting rogue processes that may be sending spam, blocking brute force login attempts to SMTP accounts with weak passwords, blocking bots from abusing web forms, and more.

Yes. There are multiple things we can do to determine the cause of this. On servers that mysteriously crash, we always install a monitoring tool we wrote that logs the output of specific debugging commands a system administrator would otherwise run when logged onto a server having an issue. The logging includes the process table, memory usage, disk and CPU statistics, active network, as well as other things such as the MySQL process list. If the server crashes, our administrator can restart it then review these logs to see what occurred to cause the crash.

Yes, so long as the operating system installed on the server is Linux based and not Microsoft Windows.

Yes, we can. Our hardening installs the LFD Login Failure Daemon, which performs the same task. But we are happy to replace it with Fail2Ban.

Yes, we can set up and manage Digital Ocean Droplets. We also provide discounts for customers with very low-end Droplets utilizing 8 gigabytes of RAM or less, 2 CPU cores or less, and hosting only one or a few domains. Contact our sales department for details.

Yes. Amazon provides this capability, and so do most other cloud providers. As with any 3rd party backup, we cannot monitor the status of the backups after they are setup. You need some way of monitoring and checking the results of the backup in the event it fails sometime in the future.

Yes. We have been configuring Linux server environments for over 18 years. Please let us know what you need on your server.

Yes, we can restore a server or any part of a server from the backups you have.  If you do not have an adequate backup plan in place, please consider using our Linux Server Backup, which can be purchased as an add-on when you buy management.

Yes. The data center will typically send you an email notifying you to fix an issue like this within a specific time before shutoff, depending on the severity of the outbound attack. You can forward those to us ahead of time. But if you do not and the server is turned off by the data center, our monitoring will alert us, and we will access the data center support portal and see the cause. In almost all cases, the data center will put the server back online for us so we can stop the outbound attack.

Yes. If you are not already using CloudLinux but considering having it installed on your server, you may want to ask our support for the advantages and potential disadvantages of using it in your particular environment. We also provide licenses for CloudLinux.  Please contact us for details.

We can. If you are a hosting company hosting many domains, we ask you not to utilize our support each time you need to provision a website. There are tools for this, and we can install those tools for you. If you, however, only host a few domains for your business, we’d be happy to install the website software for you.

Very fast. We operate 24/7 and perform migrations almost as soon as you tell us to begin. But most customers open a ticket ahead of time, providing us a time to start the migration or at least a time to complete it, so they can test their sites on the new server before going live. Depending on the number of domains and the amount of data to be transferred, a migration can anywhere from 5 minutes to 48 hours. Most servers with 150 to 200 domains take somewhere between six and twelve hours. Sometimes it takes longer depending on how much data is stored for each domain.

Yes, we can assist you. We have many customers who are not technical as far as hosting goes but own a “brick-and-mortar’ business or any other entity requiring the use of a Linux hosting server. Call us if you have questions, we would love to help you.

No, we are not HIPAA compliant. If you require HIPAA compliant support for your health care business, we suggest you host at and obtain support from a HIPAA compliant data center such as Rackspace or Atlantic.Net. HIPAA compliance is not easy to achieve and is expensive. If a server management company claims to be HIPAA compliant, be very cautious and ask for a copy of their HIPAA Business Associate Agreement; unless they have one, they are not HIPAA compliant.

In most cases, we can unless the attacker has maliciously removed files or data; in that case, we would need a backup. But many attacks, including very disruptive MySQL injection attacks and website defacing hacks, can be restored by a careful administrator who understands what the hacker did and can remove that action from the files and database. Nonetheless, it is always advisable to have a backup in place. If you do not have a monitored backup solution, please consider using our Linux Server Backup.

Yes. Disaster recovery is a significant part of what we do.

Yes, we can restore from any backup solution you have. A note of caution with any backup solution is to have a way of monitoring the backups to ensure they are consistently working. We had many customers using various backup solutions that worked when initially set them up, but found they had been failing for some time when they finally needed them.  If you do not have an adequate backup, please consider using our Linux Server Backup, which can be purchased as an add-on when you buy the management.

Yes.  We will not manage servers that knowingly host or engage in spam, pornography, warez, get-rich-quick schemes, malicious software, drug sales, or any illegal activity. 

When migrating to servers that will assume the IP address of the old server after the migration is complete, the downtime will generally be less than one minute. When the new server has different IP addresses and requires a change in DNS, downtime is limited for the time it takes the DNS change to propagate across the Internet. If DNS propagation time is of concern, you can ask us to lower the DNS TTL (time to live) for all your domains to be 5 minutes at least 24 hours before the switch to the new server is made. This prevents DNS servers on the Internet from caching the DNS for your domains longer than 5 minutes, and the IP change will be seen very quickly after the migration If you ask us to lower the TTL before the migration, be sure to ask us again to raise it to 24 hours after the migration. This is proper Internet etiquette and lowers the amount of DNS queries your server has to perform every day.

Often we can, but it is always better to have a backup. If we cannot restore a crashed database in its entirety, we can often restore most or parts of it and give you access to that so a developer can fill in the spots. You may also have a local automated backup configured as well without knowing about it, and we will look for these. Periodically, backups are performed automatically by your content management system, the control panel on the server, or the control panels auto-installer, such as Softaculous.  If you do not have a backup plan in place, please consider using our Linux Server Backup, which you can purchase as an add-on when you buy management.

It depends on what the provider does as part of its server management. Many hosting providers consider themselves managed hosting providers because they maintain the hardware of the server, the operating system installation, and ensure the server has power, cooling, and network connectivity. Others offer a limited amount of support for you but would not help you, for instance, during a disaster, a migration, a hack, an issue with website, DNS or email configuration, etc. You would have to ask your provider what their management entails and what SLA you have with them. Some customers left us when moving to a managed provider only to return, saying the server management service is not the same as our Server Management Service. You would have to ask the provider what their management entails.

Yes. Security is a significant part of what we do, and we assist our customers with security issues and concerns every day.

Yes, we have monitors that check your servers CPU and memory usage every five minutes. Our staff will log in to your server to determine the cause of the issue and, when needed, let you know that it’s time to increase the resources on your server.

No. We do not have an adequate way of monitoring the results of any backups outside our own Linux Server Backup. If you are using a control panel, third-party, or homegrown backup solution, always ensure you have a way of monitoring the results of the backups. We had many customers using various backup solutions that worked when they were initially set up, but found they had been failing for some time when they actually needed them. Consider how important your data is to your business and what it would cost if you lose the data entirely.

We do, but we cannot assist with configuring the game servers running on them.

We migrate all the data on the live server to the new server without making the new server live right away. We then send you instructions on testing your websites on the new server, which involves tricking your testing computers DNS into thinking the domains are hosted on the IP addresses of the new server. When you are happy things are working correctly, you give us a time and date to go live with the switch, often during the middle of the night or on the weekend when server traffic levels are lower. At that time, we perform a final fast data sync, copying over files and databases that were altered or newly added since the initial data transfer, so no data is lost since the initial migration. If the new server is not retaining the old server’s IP addresses, we change DNS to point to the new server’s IP addresses. Otherwise, we have the data center swap the IP addresses causing the new server to go live. In this case, there is very minimal downtime if any. When changing DNS, downtime is limited for the time it takes the DNS change to propagate. If DNS propagation time is of concern, you can ask us to change the DNS TTL (time to live) for all your domains to be 5 minutes at least 24 hours before the switch is made. This will prevent DNS servers on the Internet from caching the DNS for your domains longer than 5 minutes and the IP change will be seen very quickly after the migration. If you ask us to lower the TTL before the migration, be sure to ask us to raise it to 24 hours after the migration. This is proper Internet etiquette and lowers the amount of DNS queries your server has to perform each day.

Often, we can. The overall process is to install a new hard disk on the server and then attempt to mount the old drive so that we can restore the data from it. There are times when a drive cannot be mounted or read at all, and no data can be extracted from it. In these cases, when the data is valuable enough, you may be able to have the data center send the physical disk to a data recovery specialist who may be able to assist.  If you do not have an adequate backup plan in place, please consider using our Linux Server Backup, which can be purchased as an add-on when you buy management.

Not currently. We do have many customers whose first language is not English but have sufficient reading and writing knowledge of the English language for communicating with our staff. Some customers even use someone they know to provide a translation of their requests and our responses.

Yes. We monitor your server 24/7/365 and will reboot your server within 10 minutes of it going down.  If we cannot contact the data center or access your servers remote reboot interface, we will call a list of emergency contacts you provided us when you started the management process for assistance.

Yes, we do this for all our customers. We need your data center support login and, if required by them, our company name or support email address listed as an authorized support contact for you. For data centers that have two-factor authentication, we recommend you disable that or create a sub-account for Server Surgeon that does not require it. Otherwise, every time we access the data center for support, they will send a text message to your cell phone with an access code, and we will need to contact you to get the code.

Yes. We do require access to your AWS console for this.

No.  We only manage Linux servers.

Yes. We are very familiar with all these packages and can install them on your control panel server.

Yes, we can assist with this. It would be best to outline your needs in a ticket to our support department and ask for their advice.

No. The only exception we make to providing end-user support is if your customer is leasing a dedicated, virtual, or cloud server from you and which we manage. In that case, we can make them a listed contact for the server, and they can then contact us directly.

Yes.  We monitor about 15 things on most Linux hosting servers, including checks for all running services as well as for CPU, memory, and disk usage thresholds.  Our monitoring performs these checks every 5 minutes, and we will respond within 5 minutes of receiving an alert from it.  Responding to monitoring alerts is one of the most important things we do.

Yes. We ask every customer to provide this when they sign up. Although we take care of almost all server emergencies without your involvement, at times, there are situations we need to get in touch with someone.

Yes, so long as you have a license for the control panel if it requires one. We also resell cPanel and Plesk licenses. Contact us for details.

We resell cPanel, Plesk, MagicSpam, CloudLinux, Immunify360, and KernelCare licenses at our cost when requested. Contact our sales department if you are interested.

In many instances, we can. If your server is running a control panel such as Plesk or cPanel, this is not possible. If that is the case ad you are concerned this may lead to a prolonged outage, we would recommend you maintain a secondary server running the same control panel as the active server and have the active server copy it’s backups to that server each day. In the event of a major outage, we can then restore the backed-up data already in place on the inactive server and change your DNS to make it the active server. We also manage the clone or backup servers at a very nominal fee, provided we also manage the active server. Contact our sales for details on the discount.

We can advise you on this.

We do not provide 24/7 support for non-managed servers, but we can perform per-incident support. You need to contact our sales department for a quote on the work. Our sales department is not available 24/7. Alternately if you are in an emergency, you can order our server management service, but we do require you stay at least three months. It is time-consuming to add a server to our Server Management Service, and bringing in a server just for one month does not cover our costs.

If you have a website that is becoming non-responsive or gets into a bad state and delivers server errors, you can ask our system administrators to set up a custom URL monitor for the site. Our monitoring server will download a webpage from the website every five minutes and alert us if it is erroring out, becoming non-responsive, or not returning the expected content. We will log in to the server to determine the cause of and fix the issue. These issues are often easier to debug and resolve permanently when an administrator can see the error while it is occurring, and the monitors enable us to do this.

If a customer brings a server into our server management service, we require that they stay at least three months.  If you only need a one-off task or setup performed, please instead ask us for a quote to complete the work.

There are no other costs for our support work. We do charge additional for our recommended Linux Server Backup service though.

Yes. For bare-metal servers, we require KVM, IPMI, iLO or DRAC to be setup and accessible to our network to perform the installation. For virtual and cloud servers, we need either the login to the virtualization host or the login to your hosting provider’s control panel. Where access is extremely limited, we can use Team Viewer or other remote desktop software to access a Windows computer on your network that has access granted to the server.

Yes. Many of our customers require PCI compliance for their e-commerce websites. You will still need an external PCI scanning company to perform the scans and grant the PCI compliance. But you can forward us the PCI scan reports, and we will fix any vulnerabilities found in them. Customers requiring PCI compliance run the scans every several months to ensure their websites comply with the latest PCI rules as the rules do frequently change, and so can the software on your server.

Yes.  We can configure a VPN connection from our monitoring and access server to your server.

We can if the shared hosting provider uses the same control panel as your server. If this is not the case, we are happy to migrate one or a few sites from a shared hosting provider to your server, but as this is a very manual and time-consuming process, we cannot do it for many domains.

Yes. Please contact us for a quote. The cost of the second server is generally very nominal.

Yes, we can. We can also provide advice and perform server configurations to help you stay off blackhole lists.  Note Server Surgeon will not assist customers who are purposely spamming.

We can if the server or servers are lowerend virtual or cloud server with no more than 8GB of RAM, 2 CPU cores, and hosting three domains or less.  These setups often include less powerful Amazon AWS and Google Cloud servers as well as Digital Ocean Droplets.  Please contact us for details on the discount.

Yes. We provide a 5%, 10%, and 15% discount to customers who pay quarterly, semi-annually, and annually.

Yes. We can configure almost any 3rd party backup software, and we can test it to ensure it works. However, we cannot provide ongoing monitoring of it. Unmonitored backup solutions can break for a variety of reasons, including lack of disk space, a change in file permissions, an unmounted disk volume, forgetting to pay the backup service bill, etc. Make sure the backup is monitored actively or consider using our Linux Server Backup.

Yes. You need to contact our sales department for a quote. Alternately if you are in an emergency, you can order our Server Management Service, but we require that you stay at least three months. It is time-consuming to add a server to our management, and bringing in a server just for one month does not cover our costs.

You can contact our sales department with the requirements of the project.  You came to the right place, but we have to look at each project and determine if we have the available resources and what fits into the scope of our management plan and what does not.

 Yes, we can. We highly recommend keeping your website installations, including content management systems and e-commerce platforms up to date. Older versions will have security holes that hackers utilize to upload their malware to your server.

Yes.  Please contact sales with details, and they can provide you with a quote.

Yes.  We take monitoring very seriously and can monitor almost anything for you, even accepting documentation from you on how to resolve complex situations unique to your environment.  You can also provide us a list of emergency contacts such as your developers or in-house administrators to call for certain complex problems unique to your environment that we cannot resolve.

No, there are no extra charges for the number of domains you host on your server.

We provide discounts for customers who have five or more server management or server backup plans with us.  We also offer discounts to data centers and customers who provide virtual or bare metal servers to their customers. Contact our sales department for more details.

Yes, we fully support Webmin servers.

Yes, server hardening is one of the most important things we do at Server Surgeon. This is included in the management at no extra charge, but if you want only the hardening and security, please contact our sales department for a quote.

Yes. We can configure all these in addition to other mail best practices to increase mail deliverability rates.

Yes. We support servers running any Java applications, including Tomcat.

Yes. Please contact our sales department if you are interested.

We can.  It would be recommended you call or contact sales outlining your environment and your specific requirements.  We will try to tailor something to your exact needs, and if we are not the right fit for your environment we will tell you.

No, we have no contracts. Our support is month to month but has a three month minimum.

Yes. We manage lots of them.

We do manage media streaming servers and have set them up as well for many customers who hired us to do so. Note our Terms of Service does not permit us to manage servers hosting pornography, but we are happy to help in other cases.

Google Cloud, Digital Ocean, Amazon AWS, and OVHcloud are the most popular with our customers, but we support cloud and virtual servers from every provider.  See our Linux Cloud Server Management page for more details.

Yes, in many cases, we can. Removal from files is more straightforward than removal from the database.

Yes. What version we can update you to, or older version you want to downgrade to, may depend on the operating system version on the server. Older operating systems will not run the newer versions of PHP or MySQL, and later operating systems will not run all the older versions.

We require your company contact information which you provided at sign up. We also need either the server’s root login or alternately you can create our user for us and install our user’s SSH public key to grant us access. In the latter case, we need a way to switch to the root user. If you limit login access via a firewall, you need to whitelist our monitoring and access servers IP address, which will be given to you when you sign up. We also ask for your data centers support login and, if required by them, list our company name or support email address listed as an authorized support contact for you. You do not have to provide this, but then you will become our first point of contact during a server emergency when the server becomes unresponsive. Beyond this, we ask for and recommend you provide us a list of names, email addresses, and phone numbers, including off-hours numbers, of those we can call in a server emergency. We usually use this when we do not have the data center login information, or the login information has been changed without informing us, or when a server has been disconnected from the network due to a security or billing issue.

Yes.  You can access our Nagios monitoring system via our support portal. Nagios provides a variety of historical data and reports for your servers.

Non-urgent tickets are typically responded to within 15 to 30 minutes, often faster, depending on the current ticket volume, while emergency tickets are responded to within 5 to 10 minutes. However, there is no way to promise that all tickets will be answered within this time frame because ticket volume does vary at times.