[CentOS] Please I'd like to install 2 websites on my un managed VPS on CentOS6
Wuxi Ixuw
w7u64xi7 at gmail.com
Thu Feb 23 20:29:21 UTC 2012
thanks a lot for these steps, I will follow them and hope to find all up
and running.
On 23/02/2012 09:41 PM, John R Pierce wrote:
> On 02/23/12 11:05 AM, Wuxi Ixuw wrote:
>> Please suggest a one as I am keep goggling and all result bring books
>> dealing with linux as a real server and not a vps.
> you could do worse than starting here...
> http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/
>
> VPS and real hardware work exactly the same once the software is installed.
>
> my base level suggestions:
>
> * start with a *minimal* install of the latest release (currently 6.2)
> * create your user account, give both user and root account different
> secure passwords
> * secure the SSH server (no root, key instead of password
> authentication, only allow ssh from your home/office networks or a
> few secure 'bastion' hosts, etc)
> * yum update right after install and reboot
> * install *just* the services you need, only from trustworthy yum
> repositories
> * secure the services you install as appropriate
> * document your configuration, including what packages you needed to
> install
> * script a secure backup of your configuration specific conf and data
> files to reliable offsite storage.
> * plan on regular yum updates, and staying up on security alerts, such
> as CERT
>
>
> by far the biggest threat to servers are things installed on top of
> them, like web applications... for instance the very popular WordPress
> has a long and checkered history of security exploits, ranging from
> annoying to root elevation...
> http://www.wordpressexploit.com/
>
> ANY user written web code has to be designed with security in mind, no
> matter how insignificant your little web server is, its valuable to the
> black hats as a proxy for their evil, and the worms and exploit scanners
> will find a wide range of poor design
>
> http://xkcd.com/327/
>
>
>
More information about the CentOS
mailing list