On 1/25/2014 6:20 AM, Always Learning wrote:
On my setup I have all web pages in a special root directory
/data/web/do/domain-name/sub-domain-name/files .....
with a non-standard user having rw-r-r
Apache can't write to anything except
/data/web/logs/
I have self-created web site defences which, instantly after the first hacking attempt, block the hacker's IP address. I am not giving hackers unlimited opportunities to continuing trying to break-in.
and you have configured SELinux to allow all this?
FWIW, I usually put websites in /home/someuser/html where each virtual host has its own user account who owns said files, and manages his own stuff. even if that user is really me, I use sudo to log on as a given user to edit that site's files.
re: your intrusion detection system, mod_evasive is a useful tool for creating such.