The big lie of computer security is that security improves by imposing complex passwords on users. In real life, people write down anything they can't remember. Security is increased by designing for the way humans actually behave. -Jakob Nielsen
Published by: Kage, on 03:12 am Thursday December 13th, 2012 - Source:
As stated in the announcing news post and our "Under the Hood" page, we're giving a behind-the-scenes look at what runs the infrastructure of HackThisSite. As time progresses, this blog series will cover various aspects of the backend functionality of HackThisSite. We'll first start with our replication and distribution of services, then dive into particular configurations and layouts for specific service groups, as well as other miscellaneous things that come up.
To start, we'll begin with a little bit of history...
For the first few years of HackThisSite's life, it ran on various methods of shared hosting. In the early-to-mid 2000s, dedicated server hosting was extremely expensive, and affordable Virtual Private Server (VPS) hosting was not as prevalent as it is today. Thus, often, HackThisSite was hosted on shells or servers donated by members of the community. This continued well into the late 2000s, until the ever-expanding resource requirements of HackThisSite prompted the need for dedicated servers. As HackThisSite was passed down through the hands of various administrators and managers, so too were the servers that ran the organization.
In late 2007, then-administrator Silent-Shadow was stepping down. Custodianship of the organization eventually fell upon Kage, where it has remained through today. Kage took over the FreeBSD dedicated server Silent-Shadow had been using for HackThisSite, but eventually that system had to be replaced.
Throughout the next 5 years, Kage would upgrade HackThisSite's hardware at least once per year. This was partially due to ever-growing needs for larger resources, as well as for practical purposes (aging hardware, future scalability, etc.). It was also through these hardware changes and upgrades that the internal functions of HackThisSite's backend services would evolve to be more efficient and follow modern-world models. Indeed, as the hardware was upgraded, so too were security postures and configuration practices.
These upgrades, while necessary, were costly and required a considerable amount of effort every year. For the entire history of HackThisSite on dedicated servers, it had always leased systems in data centers. This was due to the affordability of low-end servers which kept HackThisSite within budget, but it also did not allow for much growth beyond the immediate needs at the time of upgrade. To allow for multiple years of scalability, as well as to satisfy various new needs for HackThisSite, Kage purchased HackThisSite's only tangible asset in late 2011: a 4U server colocated in Denver, Colorado with 32GB RAM and four quad-core AMD Opteron processors, 5x 2TB drives in RAID-10, and various other levels of failover redundancy. This server, codenamed Deus Ex Machina ("God from the Machine"), is what presently and primarily powers HackThisSite.
The upcoming chapters of the Engine Room series will go into more detail about Deus and what runs on it. Stay tuned!