For automated trading, discretionary ?
Forex only with Dukas, or also stocks, futures, options, ... with MBT ?
How many instruments/charts/bars per charts/... loaded ?
How much memory is used with MC on your office workstation with these ?
Hey Nismo, actually I don't use MBT, but it doesn't really matter what you use if your just offering VPS suggestions I suppose. I actually use these guys to run continuous open loop scripts for record keeping but they are honestly amazing. I picked up a VPS with them 8 months ago and I try to refer people to them when ever I can. I wasn't the best with linux at the time of sign up so I wanted someone to hold my hand to get everything running the way I wanted it to -- they fully manage it if you want some help at some point.
I would suggest for you to check out some reviews for them but all you will find is positives. They have a money back guarantee, not sure how long it is but either way I'm sure it would give you enough time to try them out. They have more info on their site and I'm sure someone is kicking around the live chat if you have any more questions. They always have some random special rolling so get in touch with them and see what you can work out, if you have any where close to my experience with them you truly wont be sorry you did.
It appears that there are some interests on running automated strategies on VPS. I am creating this thread to share experiences and to find help related to VPS.
First, VPS stands for Virtual Private Server. From a trader's point of view, it is like …
The reason I am asking for recommendations is because I'm currently using PhotonVPS who is recommened from MBT's website. At the end of the first month I noticed they hadnt licensed the server so I reported the issue to support and they said they will look into it and the next time I checked my vps they had closed Multicharts, maybe even rebooted the server and the problem wasnt even fixed! I followed up with them again and asked why they had closed my applications without warning and the only answer I got was 'the issue is no fixed' and when I checked again it was. If they need to close applications or reboot the server to fix the problem they should have notified me in advance.
Have been reading some of your posts regarding VPS. I'm looking to automate my executions however I am a discretionary trader. Can a discretionary trader interact with NT7 on the server remotely as if operating it on their local machine? This looks like a great idea for reducing slippage and eliminating disconnection risk.
Well, one mistake I made was going with a windows server 2008 VPS.
Make sure whatever your server is, that it can run excel. I can't export data into excel from my VPS. I can still do it from my home machine, but it's just another obstacle to disconnect the VPS and then connect from my home machine and then go back.
"A dumb man never learns. A smart man learns from his own failure and success. But a wise man learns from the failure and success of others."
With TS when I go to save a performance report, I can save it either as an .mht file or an .xls and in order to save as an .xls (which is easier for me to transfer the data/results into my own spreadsheets for further analysis) the server has to have excel. I've tried loading office/excel on 2008 and it's counfounded me.
"A dumb man never learns. A smart man learns from his own failure and success. But a wise man learns from the failure and success of others."
Just that Windows doesn't know what to do. Here is a quick and dirty fix.
[1] Make a text file with any thing in it and change the file ending from .txt to .xls
[2] Open the file by clicking on it. It won't know what type of file it is , so click on 'Select program from list'.
[3] Choose the program you want. You could use notepad or you could try Gnumeric , I use the 1.10.16 version and it works fine and installed easily. It Also, it is free. Make sure you click "always open file with this " ( or something similar ) and choose the program.
I have used this to export to excel with NinjaTrader and it works on Server 2008.
Yes: you launch a small program on your local machine (which can be a Windows PC, a Mac, a tablet, smartphone, Linux PC, ...) to establish the connection to the remote server in RDP (Remote Desktop Protocol).
Then, if you launch this program in full screen more, all your screen(s) is the remote server screen(s).
Just imagine having few hundreds/thousands miles mouse/keyboard/screen wires connected from your local machine to the remote server.
I'm not yet in the market for a VPS though I probably will need it someday. I have some (newbie) questions about a VPS:
(The above quote is from the Rithmic thread which went too off-topic)
But how about the security of a VPS? For example, some companies (like Sam's) offer VPS custom tailored to traders, but isn't that a big "present/gift" to hackers? I mean, if you're a hacker and want to steal money from live trading accounts, install market manipulative bots, or steal trading algorithms, you "just" need to target such a company.
Edit: Of course it's true they can also hack my home pc, but it's much harder to determine (I suppose) for an outside person that my home pc is a trading pc. Plus it might not be rational for a hacker to search for trading pc's in this way (i.e. a too low yield for his time/effort).
--
Does someone know of a Eurex data feed with it's servers in Frankfurt? There's not much point in using a VPS located near the Eurex order servers if one uses IQFeed (data from Nebraska, US), ZenFire (data from Chicago, US) or IB (data from London, UK), since then a lot of the VPS speed edge is lost.
Those who hack for profit are going to go after targets that involve the least amount of work with the most profitable gain.
So look at it this way...
Does it make more sense for a for profit hacker to spend hours on end probing trading companies servers for vulnerabilities or does it make more sense for a hacker to quickly build a spoof/phishing solution that targets customers of a specific company (whether it be a trading company or bank, etc.)? Its the latter because social hacking is much easier than technical hacking.
For example, someone could quickly build a website that spoofs a bank or trading companies customer login page and send out an email to hundreds of thousands of those customers stating something like: "Important message from Your Trading/Bank Provider. Please login right away to eliminate your account from being disabled!". Many people will not verify or question the source of this email if it "looks legit enough" and will quickly attempt to login to the fake site and probably receive an "innocent" server error page or "thank you for verification" page and never realize they just provided their login credentials to a hacker.
Yes it's important that hosting companies and their customers ensure their machines are patched regularly and limit browser usage on these machines, ie. no surfing porn/questionable content sites, but I would be more concerned about phishing attempts or browser vulnerabilities. Both of which are more widely cast nets.
The following 2 users say Thank You to MrYou for this post:
This is an old thread but posting since I think it is an important issue which has not been discussed.
My concern is what stops Sam028 (or some other VPS provider) from copying all my strategies? Since server admins have full access to all the data/strategies stored on VPS. So, if I run my strategies on Multicharts, server admin has access to the powerlanguage code and my workspaces.
Is there a way around to prevent server admins from accessing the intellectual property stored on VPS? Thanks.
The following 3 users say Thank You to Rajiv for this post:
It's never wrong to be paranoid in that matter. I don't think that anybody can easily grab your strategy from simple watching the executions. But the attackers can do front running your trades. The main attack surface are the binaries of your …
I think everybody who has made serious development with a succesfull outcome, has this issue in mind. I can't share every detail, but i want to mention some basic stuff for a beginning algo trader who wants to secure the execution environment (in …
Nowadays i would tighten my 5. point and would get the complete settings (strategy settings per instrument) at runtime from my own home based server. This adds a lot of work for the attackers.
Koepisch
The following user says Thank You to Koepisch for this post:
Site Administrator Swing Trader Data Scientist & DevOps
Manta, Ecuador
Experience: Advanced
Platform: Custom solution
Trading: Futures & Crypto
Posts: 50,094 since Jun 2009
Thanks: 32,558 given,
98,593
received
That is not really accurate. The site owner (ie: sam028) will provide you with an initial password to your box. It is a password for the Administrator account in Windows.
You then login to Windows, and change the password to something only you know. You can also then check the Users/Groups on the box to confirm there are no additional accounts. You can also check Services and Firewall to confirm there are no back doors. All of this goes hand in hand with using a reputable vendor.
Sam028 would not have access to your system. Technically speaking, if someone had physical access to the server at the datacenter, then there are brute force / password recovery tools to break in without the Windows administrator password. In that case, you could use an Encrypted File System - but if you are this paranoid, then you have a major problem no matter what you do really.
Short answer, sam028 does not have access to any of your stuff or files unless you don't change the password (which would be stupid on your part), or unless you specifically give him the new administrator password (ie: you need his assistance with something).
Thanks Mike - I won't worry about bruteforce physical access thing. If you are correct that once I change the admin password and make sure there are no more accounts on the box, then Sam028 has no access. Then it is great and it addresses my concern. It will be great if Sam028 can confirm this (Sam if you are reading this).
Let me point to another thread outside of futures.io (formerly BMT) (hopefully it is ok) that has caused me to wonder on this aspect of the security. The writer below runs a VPS firm. He clearly suggests that staff at the firm have a "support" password. He explains in detail about the processes that they typically have at VPS firm to ensure some staff doesn't steal IP from the virtual machine. However, he nowhere mentions that something as simple as just changing the admin password will render it impossible for VPS company staff to access the VM. So, it appears from reading his comments, that even after changing admin passwords to your VPS, admins retain access to it through some support password. If my understanding is wrong on this aspect, I will be happier.
Site Administrator Swing Trader Data Scientist & DevOps
Manta, Ecuador
Experience: Advanced
Platform: Custom solution
Trading: Futures & Crypto
Posts: 50,094 since Jun 2009
Thanks: 32,558 given,
98,593
received
That is just that company insisting on having a backdoor. I wouldn't use such a company. No one has access to my boxes but me, and I am sure @sam028 is the same way.
I can confirm that I'm asking each new user, when he begins its one week trial, to change this password.
I also mention in the introduction email that we are not doing backups of our users VPS, so we can't have access to their data. A small tool is installed on our VPS to block each IP trying to log in more than 3 times with a wrong password.
When a guy is losing its Administrator password (like someone in this forum who decided to change its password after a long party with a lot of alcohol it seems ), we usually re-install a new VPS.
So the support do not have our customers password, and if they want us to take a look at their VPS, they change the password and we check what we have to check. It can be done with the customer seeing what we're doing, but most of the time I do this alone, with their approval. It's also because they know me a bit, enough to trust me.
In my case, I'm also selecting my customers: I have to trust them (no pirated software, IRC servers, game server, torrents download, ... on the VPS, it's made for trading), so they should trust me a bit too.
I won't go into details, but it should be possible to crack a VPS Admin password, when you're admin of the physical server. Not easy and long, but possible.
But let's see what happen, if someone have access to, let's say 200 systems.
What next?
Use all these systems? Backtest and opimize them one by one?
What are the good parameters/instruments?
Ready to risk real money with someone else ideas, risk tolerance and start capital?
Nobody will do that, unless being really insane.
Just for the story, on of my customer asked some help and advice for his strategy, which was running in simulation on a VPS. After some time we talked a bit, I help him to check his results (which were very good), and to thank me he offered me to use his strategy myself, for my own accounts. I told him that I won't use it, because the contract traded was too big for me, it was not my idea so I'll never 100% trust it, and for few other logical reasons.
If a system thief can think a bit, he'll do the same, that's why I don't think it's so critical to have a strategy/system stolen, if it happens. The real risk is someone connecting on your account, and blow it for fun, or trying to steal the money's account, but with only an access to the machine, it's impossible (if you have to give, like for IB, your birth date, your first pet name, and a ton of personal questions).
BTW, I'm not sure to understand why the other VPS company needs to have an access, but I don't think we have the same kind of users, as it seems to be more Forex/MT4 oriented (small accounts, young guys who wants some fun an emotions losing $0.002 ), and they accept everybody.
I don't think I have a single MT4 customer, but mostly futures/stocks/options traders, and some small hedge funds.
And last word (I didn't expect to be so loooong....), if you're really paranoid with a server, just unplug the power cord and the ethernet cable .
Success requires no deodorant! (Sun Tzu)
The following 7 users say Thank You to sam028 for this post:
Thanks Sam for this thoughtful response. I'm not yet in the market for a VPS, but you almost already sold me one.
On a more serious note, would it be possible to limit the VPS log-ins to a certain range of IP Addresses? For example, wouldn't it be safer for your own VPS if you exclude all non-French visitors from accessing the VPS in the first place? Or would this give a false sense of security, since a hacker can than use a French pc to attack you?
You can allow the connection to only some specific IP ranges, so if you have the IP range of a single country, that's is possible (in theory). But these IP geo-location stuff is not 100% reliable.
The best solution is, IMHO, to let your VPS act as VPN server, and then connect to your VPS using your client VPN network interface to log in.
I started to write what's in place to avoid hacking, but finally I won't give too much details for security purposes.
Success requires no deodorant! (Sun Tzu)
The following 3 users say Thank You to sam028 for this post:
I'm sorry but it would be a project of undertaking beyond my time and means. I think it's better to be honest about this than promise anything and fail to deliver. Thanks for your appreciation.
The following 3 users say Thank You to artemiso for this post:
Sam, I am having some issues related to loss of information in high data times, the CL EIA report, for example. I have been talking to my ISP about bumping up my service, but already run at 20mbps service and receiving about 16mbps on a test to Chicago or New York from Orlando. Pingtest shows me to be about 70-80 ms.
Would running on a VPS help me get better resuts than I am getting now? I just leaned about it this morning, and your thread here was the first thing I saw that made some sense to me. I saw the "free trial" mentioned and am curious. Thanks.
Your problem is maybe not the bandwidth itself, but the latency and the quality of your data feed provider.
16 mb/s is more than enough for market data burst.
Send me a PM if you want to try a VPS, or use the contact page on my (ugly) web site, futures.io (formerly BMT) fellows are always welcome .
Success requires no deodorant! (Sun Tzu)
The following 4 users say Thank You to sam028 for this post:
i've some difficulties to find an reliable VPS hosting provider in the UK to be close to the CQG Gateway. Can anybody recommend some firm's or share their experiences?
Hi,
I plan now to test on sim account NT7 my semi-automated strategy execution will be made by bloodhound but stop order will be managed manually by me korean futures (mini kospi 200 futures ) KRX server for derivatives is located in Busan latency is from my country to Korea 0,320ms. Interactivebrokers has server in Hongkong from Hongkong to Busan its maybe 0,112ms. If this strategy will be working i would need VPS server in Hongkong. Was looking Beeks financials cloud they have server in hongkong, any recommendations?
I have some (newbie) questions about a VPS:
.
