Language Selection

English French German Italian Portuguese Spanish

Build a Secure Web Server with Mandriva 2005 LE

Filed under
MDV
HowTos

In this build, like the last one, we are going to gear our server towards dynamic content. That doesn't mean that static sites can't be run from this server. We'll once again build a LAMP (Linux Apache MySql Php) driven site. Since things like blogging and PHP-Nuke are so popular this server will be just the ticket. Imagine not having to pay hosting fees for your site anymore. It's a great thing!! This build is even more secure then the last one, and it was pretty tight.

We'll start by obtaining the Official Media which is "Mandriva Limited Edition 2005". There are updated versions for the club members that contain updated versions of some softwares but none of those will be used here. The updates pertain to desktop apps. Besides we want to stick with the officially supported software from Mandriva. It will receive all patches and security updates whereas the club versions will not.

Let's insert the first CD and configure the BIOS to boot from the CD-Rom. We are going to cover the Differences from the Workstation build only. So the first difference is the security level. When you get to this screen be sure to pick "Paranoid". This will set us up a "Chain-Rooted" configuration. What does that mean??? Well it will secure certain directories and also include a whole host of security checks to keep our server up to snuff on the security side of things. It also shuts down all ports and installs Shorewall firewall. Of course we'll tighten it down even further!! Here is the Screenshot.

Our next page of concern after Security is the "Partitioning" screen. The only word I have here is that Mandriva puts the Sql data and the Web root in the /var directory so be sure to make the /var directory large enough to handle your sites along with their respective databases. You can experiment with the partitioning tool and configure it just the way you like. I make my /var directory anywhere from 4-15 Gig depending on how many and how complex the websites are that the machine will be serving. To put things into perspective....LinuxLoader is now just over 1 year old and its at about 250Mb including its database. For our example build I made the /var about 10G. Since /home really won't contain much data, make it small. Here is our example server.

Full Article.

More in Tux Machines

Embedded Development with ARM mbed on Linux

The ARM CPU used in the BeagleBone Black and other single board computers is designed to interface with half to a few gigabytes of RAM and allow a full operating system such as Linux to be run on the computer. (See my long series of reviews on Linux.com of ARM-based computers that run Linux). By contrast the ARM Cortex-M is a microcontroller level chip which might run at 16-100Mhz, contain 2-100kb of RAM, and some flash memory to contain only the program that you want to execute. Read more

Confessions of a systems librarian

These are just two examples of serious flagship projects, but even on a day-to-day level there are plenty of opportunities for systems librarians to interact with open source software. A large amount of vendor software runs on Linux, so there’s plenty of systems administration to do. I work in a relatively small library, and even here we run five Drupal websites: one as a portal for library services, one as the primary repository for our archive, another provides the public interface for an aboriginal research center, and one to manage safety information for our bio sciences lab. Read more

IoT, Revolution In Personal Computing, or FLOSS Taking Over the World of IT

What can you say? In a few short years, that other OS has gone from mainstream to niche and Android/Linux and GNU/Linux are stepping up to displace it as the goto OS of the world. It’s all good. This is the right way to do IT with the world making its own software throughout the whole stack: OS on client and server and a ton of applications too. There is no need for a monopoly in IT. The world wants a revolution not lock-in. Read more

Political parties favour openness to reconstruct Greek productivity

Ahead of the parliamentary elections in Greece last week, the Greek Free/Open Source Software Society (GFOSS) contacted all political parties to ask about their positions [in Greek] with regard to open software, open data, open hardware and open government. The four parties to respond all came out generally in favour of openness. Some of them were even able to present very detailed planning on how to improve the current institutional and legislative framework and outlined how openness could help reconstruct Greek productivity. Read more