VServer Setup Hardening: Unterschied zwischen den Versionen
| Zeile 1: | Zeile 1: | ||
| − | + | I (@manuelmaly) would wish for a presentation on vServer setup + hardening, because vServers have become cheap options at almost all hosting services, yet it surely is a very bad idea to just slap on some OS, hack Rails and MySQL onto it and press upload - I'm talking of installation issues and security aspects. | |
| − | + | My usecase would be: Rails (or Java, should be similar) web server with maximum security. The server also hosts a database and SSH server - an all-in-one web server machine, so to say. | |
| − | + | ||
| − | + | Since I'm already making wishes, I would wish for the following setup to be explained: | |
| − | + | ||
| − | + | * CentOS (Linux) | |
| − | + | * Apache (for rewriting) | |
| − | + | * Ruby & Rails 3 | |
| + | * MySQL or PostgreSQL | ||
| + | * OpenSSH | ||
| + | * Some Firewall (don't know which is advisable) | ||
| + | * Most crucial configuration and hardening actions (block ports, scan packets, remove unnecessary services,...) | ||
| + | |||
| + | I guess most of the installations will require one bash line, what I'm really interested in is the configuration (e.g. Apache rewrites for maintainance etc.). | ||
| + | I wouldn't care too much about Mailserver etc., though it would be interesting if it could be squeezed in :) | ||
| + | |||
| + | Please tweet me at @manuelmaly if I have forgotten anything. | ||
Version vom 18. Januar 2011, 17:11 Uhr
I (@manuelmaly) would wish for a presentation on vServer setup + hardening, because vServers have become cheap options at almost all hosting services, yet it surely is a very bad idea to just slap on some OS, hack Rails and MySQL onto it and press upload - I'm talking of installation issues and security aspects. My usecase would be: Rails (or Java, should be similar) web server with maximum security. The server also hosts a database and SSH server - an all-in-one web server machine, so to say.
Since I'm already making wishes, I would wish for the following setup to be explained:
- CentOS (Linux)
- Apache (for rewriting)
- Ruby & Rails 3
- MySQL or PostgreSQL
- OpenSSH
- Some Firewall (don't know which is advisable)
- Most crucial configuration and hardening actions (block ports, scan packets, remove unnecessary services,...)
I guess most of the installations will require one bash line, what I'm really interested in is the configuration (e.g. Apache rewrites for maintainance etc.). I wouldn't care too much about Mailserver etc., though it would be interesting if it could be squeezed in :)
Please tweet me at @manuelmaly if I have forgotten anything.
