I have been reading a tutorial on configuring and securing a CentOS 6.2 machine: http://www.howtoforge.com/perfect-server-centos-6.2-x86_64-with-apache2-ispc...
This tutorial bases the configuration on an application called ISPConfig. I am not sure that I like the idea of disabling the stock firewall and SELinux as the tutorial suggests, even with all the troubles that SELinux has given me in the past. What do those wiser than myself think about this?
For some background, I will be setting up a rather bland server for serving a few websites. Thy will all be served via Apache, coded in PHP. I am concerned about correctly configuring a safe firewall for the system. So any advice particular to that would be much appreciated.
Thank you!
Dotan Cohen
On 05/10/2012 04:56 PM, Dotan Cohen wrote:
I have been reading a tutorial on configuring and securing a CentOS 6.2 machine: http://www.howtoforge.com/perfect-server-centos-6.2-x86_64-with-apache2-ispc...
This tutorial bases the configuration on an application called ISPConfig. I am not sure that I like the idea of disabling the stock firewall and SELinux as the tutorial suggests, even with all the troubles that SELinux has given me in the past. What do those wiser than myself think about this?
For some background, I will be setting up a rather bland server for serving a few websites. Thy will all be served via Apache, coded in PHP. I am concerned about correctly configuring a safe firewall for the system. So any advice particular to that would be much appreciated.
In distant past I though of SELinux as burden. Now, I use it on every system I install.
Take a look at Virtualmin (GPL). I prefer it instead of ISPConfig, and it has regular repository you can install and update from.
On Thu, May 10, 2012 at 6:30 PM, Ljubomir Ljubojevic office@plnet.rs wrote:
In distant past I though of SELinux as burden. Now, I use it on every system I install.
Take a look at Virtualmin (GPL). I prefer it instead of ISPConfig, and it has regular repository you can install and update from.
Thanks, Ljubomir. I will take a look at Virtualmin.
On 05/10/2012 06:48 PM, Dotan Cohen wrote:
On Thu, May 10, 2012 at 6:30 PM, Ljubomir Ljubojevicoffice@plnet.rs wrote:
In distant past I though of SELinux as burden. Now, I use it on every system I install.
Take a look at Virtualmin (GPL). I prefer it instead of ISPConfig, and it has regular repository you can install and update from.
Thanks, Ljubomir. I will take a look at Virtualmin.
Just a little warning, it might be that it has problems with DNS files. I am still on CentOS 5.8 with Virtualmin/Webmin on servers, so had no real-world experience on C6. There was the tread in last 2 days abot it.
On Thu, May 10, 2012 at 9:35 PM, Ljubomir Ljubojevic office@plnet.rs wrote:
Just a little warning, it might be that it has problems with DNS files. I am still on CentOS 5.8 with Virtualmin/Webmin on servers, so had no real-world experience on C6. There was the tread in last 2 days abot it.
Thanks. I'll keep that in mind, I hate Bind! (oh, I should be more kind, maybe unwind, or I may find, that sanity has dined, on my own behind!)
-
Dotan Cohen -
Ljubomir Ljubojevic