Electric Embers: Handcrafted hosting, powering the fires of change

Private Web

Our Private Web hosting places your account inside its own virtual private server, with any number of MySQL databases and free SSL encryption, and is suitable for hosting sites built on open-source applications including WordPress, Drupal, Joomla, and CiviCRM.

Your account information page

Your SFTP/SSH connection settings, MySQL database settings, and site access statistics are available at your own account information page, accessible at the web address of the form:


Substitute your own username in the URL, and enter your web hosting username and password when prompted.

Uploading/accessing your files with SFTP

The HTML and PHP files that make up your Website go in the public_html directory inside your home directory (or in other _html directories if you have more than one site).

To upload files, connect to your account using SFTP (SSH File Transfer Protocol) or SCP (Secure Copy) on your custom private port; your web hosting account does not support the unencrypted FTP protocol. If you are moving your Web site from a previous host, you’ll need to first connect to their server and download all your site’s files, then upload them to EE. Connection settings are available on your account information page.

Many free and commercial file transfer programs support SFTP. If you use MacOS, Transmit, Yummy FTP, Cyberduck, and Flow are among your options, or you can use the built-in command line “sftp” program via Terminal. Windows users can choose Cyberduck or WinSCP (or possibly FileZilla, although be sure it’s fully updated and beware of this authentication problem if you use SSH keys for any other connections), and Linux GUI apps include Nautilus and gFTP, or you can use sftp or scp on the command line.

If you need to build or preview your EE-hosted site before going live under your domain name, let us know and we will set up a temporary dev URL for you to use in the interim.

Logging in via SSH

Using an SSH (Secure SHell) client, you can connect directly to the UNIX shell to do many things with your account such as move, rename, edit, or delete files, change permissions or your password, view logs, create cronjobs, etc. Connection settings are available on your account information page.

SSH clients are built into Mac OS and other UNIX-like operating systems, while for Windows we recommend Putty. In Mac OS, you can find Applications–>Utilities–>Terminal, then substitute your custom SSH port and username in this command:

        ssh -p port username@web.electricembers.net

If you need another MySQL database, simply contact us and we’ll create one for you. You can then work with your database(s) using the command line tools (via an SSH connection) or using the friendly graphical user interface of PHPMyAdmin. MySQL settings are available on your account information page.

To migrate a database from a previous Web host to EE, you should first create a database dump on the old host, then download that dump file along with the rest of your Web site files and upload it to EE, where you can import it into your new database. You can export and import the database via PHPMyAdmin, or use command line tools (the dump command at the old host should be something like:

     mysqldump --host db --user username --password databasename > dumpfile.sql

with your username, password, and database name at the old host substituted. Once you’ve uploaded the dumpfile to EE and we’ve created the database, the import command should look like:

     mysql --host db --user username --password databasename < dumpfile.sql

with your EE database username and database name substituted.

Changing your password

You have two different passwords associated with your Web hosting:

  1. To change your SSH/SFTP login password, log into your account via SSH and issue the command passwd.
  2. To change your MySQL database password, log into PHPMyAdmin and click the SQL tab. Enter a query like
     ALTER USER 'your-username-here'@'10.%' IDENTIFIED BY 'new-strong-password';

Next, you must also change the password in all installed database-backed applications to the same new password – until you do so, those applications will have the wrong old password and won’t work.

To change your password for any other service (eg. Mail or Groups), see the instructions for that service. In all cases, we strongly recommend choosing a multi-word passphrase.

Statistics and logs

You’ll find statistics for your website’s traffic on your account information page.

After connecting via SSH or SFTP, you can access the current Apache access and error logs at weblogs/your-domain.org and weblogs/error/your-domain.org, or the PHP error log at weblogs/error/php.log. (7 days’ access log archives are stored at weblogs/old/your-domain.org.[1234567].gz.) These record the IP address, date, time, and filename of each request. It can often be useful when debugging your site to keep an eye on the error logs with a command like

       tail -f weblogs/error/your-domain.org
SSL and httpS://

Secure Sockets Layer or SSL (also known by its newer name Transport Layer Security or TLS) is a way of encrypting communications over a network, changing the old plain text protocol http:// to httpS://. Securing HTTP traffic is absolutely vital if you request sensitive data through your website (e.g., credit card numbers), or if you want to protect login usernames and passwords, but is also become de facto as a way of generally enhancing privacy and security on the Internet.

Free SSL Certificates from Let’s Encrypt!

We are pleased to integrate Let’s Encrypt into our Web service, offering unlimited free SSL certificates upon request – no more purchasing https certificates from third-party Certificate Authorities! This means if you want your site protected by SSL, all you have to do now is let us know, and we’ll make it happen.


To protect your data from catastrophic events, and to some extent from human error on your side or ours, we back up all user data (files and databases) every night. The backups are stored both on a separate server in our main data center in San Francisco and on a remote server near Sacramento, CA. We can recover data from any of the following points in time:

  • 1-6 nights ago
  • 1-6 weeks ago
  • 1-6 months ago

Please let us know immediately if you discover a need for restoring any data from our backups.

Making your own backups in addition can still be useful for some purposes, but often represents wasted disk space, disk churn, and CPU time, so we suggest not using any automated backup tool within your account. If you do have a specific need to make your own backups under your direct control, please do not store more than one backup of the same data here at any time. If you’d like to make multiple backups of the same data, you should transfer them offsite to your own PC or another storage system, which will be much more effective and secure anyway, and delete the EE-hosted copies.

CMS Caching

Static page caching can be useful in making large, dynamically generated websites load faster while reducing the amount of resources required to serve them. However, it also introduces a layer of technical complexity and risk, and we believe that very few sites hosted here will see any real improvement with caching versus the baseline performance on our systems, due to plentiful resources and careful provisioning. We therefore suggest that Electric Embers clients not activate any caching behavior on their sites, unless they’ve seen a real and specific need for it, and that if any caching is used, it should be configured to automatically delete cache files older than 3 hours.

CGI scripts

Executable CGI scripts written in perl, PHP, python, or any other language should be placed in the cgi-bin directory inside your home directory (alongside the public_html directory.) For reference in your scripts, the paths to common executables on our system are:

Password protecting pages

If you want to keep a folder (or a whole site) private with a password we’ve created a script that will guide you and set up Apache authentication. To run this script, you will need to log in to your Web account via SSH (by following the directions above), then type the command protect-web.

Sending email from your website

There are four ways your website code can generate and send email:

  1. Your code can use the PHP function mail(), or another similar function in whatever language you’re using;
  2. Your code can directly call the sendmail binary at /usr/sbin/sendmail;
  3. Your code can submit mail over unauthenticated SMTP by connecting to web.electricembers.net on TCP port 25;
  4. Your code can submit mail over authenticated SMTP by connecting to your own email server, whether hosted here or elsewhere.
Hosting a Git repository
Please see this detailed tutorial on hosting a Git repository on EE’s web hosting service, graciously provided by Jonathan Kissam, formerly of Webskillet Cooperative.

Software Versions

We are currently running Apache 2.4, PHP 8.1, MySQL 5.7, Perl 5.32, Python 3.9, and Ruby 3.1.

Using WP-CLI

If you run WordPress, and want to install the wp-cli.phar tool as instructed at https://make.wordpress.org/cli/handbook/installing/, the details will need some adaptation for your web hosting environment here. You don’t have write access to system directories (/usr/local/bin), so where that page says “To be able to type just ‘wp‘, instead of ‘php wp-cli.phar‘…”, change their instructions to the following:

chmod +x wp-cli.phar
mkdir ~/bin
mv wp-cli.phar ~/bin/wp

Note the tilde “~” at the start of the pathname in the last two commands – that is shorthand for “my home directory”. You will then be able to run ‘wp-cli.phar‘ by typing just ‘wp‘.

Using Python and Pip and virtual environments

Python comes with venv https://docs.python.org/3/library/venv.html so you can do things like this to set up a “Python virtual environment”, and then use Pip to install whatever Python modules you like to that environment:

python3 -m venv testenv
cd testenv
source bin/activate.csh (exact command here depends on which shell you use)
pip list
pip install --upgrade pip

Frequently Asked Questions:

Why am I getting a "Unable to negotiate a key exchange method" error when connecting over SFTP/SSH?

This error indicates that your SFTP/SSH client software requires an older, less secure connection protocol than our servers are configured for. If you are able to update your client software to the latest version, that may eliminate this error. If not, please contact help@electricembers.coop and we will loosen the protocol requirement on your account to enable you to connect.

I lost my password. How can I retrieve it?

An authorized contact on your account should email help@electricembers.coop to request a password reset.

Do you have a Web-based control panel for Web/DNS management or one-click application installation?

No, sorry, we don’t currently have that sort of interface for DNS or Web hosting. For most purposes we believe you won’t feel the lack, as you can make any technical requests to us and have them fulfilled promptly and unfailingly, and with the benefit of our wide-ranging technical knowledge, which may save you from innocent mistakes. We do recognize that one-click installation of Web applications (CMSes, blogs, etc.) is a valuable service, but most of these applications have their own very easy command-line installers, and we will assist as much as we can if you run into difficulties.

Will my web site pass PCI compliance scans required by my credit card processor?

Unfortunately, we cannot always guarantee your web hosting environment here will be 100% PCI-compliant. For your site to pass PCI compliance scans, you would have to have more control over the hosting environment than we are able to grant you as a hosting customer.

We run a fully updated and secured version of FreeBSD operating system, and we update all installed software with any available security fix as soon as we feasibly can. But sometimes a vulnerability rated as critical by PCI compliance vendors is given a much lower priority by the developers of the affected software, so there is no available fix for some time. In other cases, in order to preserve compatibility and usability for all our users, we have to move slowly and carefully in switching the version of a given piece of software in response to a very low-risk vulnerability. During any of these intervals, there is no way for us to offer PCI compliance.

But if you must accept credit card payments, we would strongly encourage you to avoid any such PCI requirement by accepting payments a different way. Your current credit card processor may offer a different type of software integration where 100% of payment info is accepted and handled (transparently to users) on the card processor’s server instead of yours, or you could try using a third-party payment gateway like PayPal, Square, etc. These services are required to be PCI compliant and may offer a much simpler solution for your organization.