Language Selection

English French German Italian Portuguese Spanish

Build a Secure Web Server with Mandriva 2005 LE

Filed under

In this build, like the last one, we are going to gear our server towards dynamic content. That doesn't mean that static sites can't be run from this server. We'll once again build a LAMP (Linux Apache MySql Php) driven site. Since things like blogging and PHP-Nuke are so popular this server will be just the ticket. Imagine not having to pay hosting fees for your site anymore. It's a great thing!! This build is even more secure then the last one, and it was pretty tight.

We'll start by obtaining the Official Media which is "Mandriva Limited Edition 2005". There are updated versions for the club members that contain updated versions of some softwares but none of those will be used here. The updates pertain to desktop apps. Besides we want to stick with the officially supported software from Mandriva. It will receive all patches and security updates whereas the club versions will not.

Let's insert the first CD and configure the BIOS to boot from the CD-Rom. We are going to cover the Differences from the Workstation build only. So the first difference is the security level. When you get to this screen be sure to pick "Paranoid". This will set us up a "Chain-Rooted" configuration. What does that mean??? Well it will secure certain directories and also include a whole host of security checks to keep our server up to snuff on the security side of things. It also shuts down all ports and installs Shorewall firewall. Of course we'll tighten it down even further!! Here is the Screenshot.

Our next page of concern after Security is the "Partitioning" screen. The only word I have here is that Mandriva puts the Sql data and the Web root in the /var directory so be sure to make the /var directory large enough to handle your sites along with their respective databases. You can experiment with the partitioning tool and configure it just the way you like. I make my /var directory anywhere from 4-15 Gig depending on how many and how complex the websites are that the machine will be serving. To put things into perspective....LinuxLoader is now just over 1 year old and its at about 250Mb including its database. For our example build I made the /var about 10G. Since /home really won't contain much data, make it small. Here is our example server.

Full Article.

More in Tux Machines

Security News

Red Hat and Fedora

  • Diamanti and Red Hat Announce OpenShift Commons Webinar Revealing CI/CD DevOps Breakthroughs With Container Converged Infrastructure
  • UKCloud Creates an Open Source Alternative for UK Public Sector with Red Hat OpenStack Platform
    Red Hat, Inc. (NYSE:RHT), the world’s leading provider of open source solutions, today announced that UKCloud, the foremost public cloud provider for UK government, has standardized on Red Hat OpenStack Platform with Red Hat Ceph Storage to lead its public sector customers through their digital transformation journey. The Infrastructure-as-a-Service cloud platform is designed to enable UKCloud’s customers to deliver digital services directly to citizens by providing the required levels of scalability, performance and assurance.
  • Rackspace Enhances Private Cloud with Red Hat CloudForms
    Rackspace (NYSE: RAX) today announced support for Red Hat CloudForms, an enterprise management platform. With this new capability, enterprise customers can now use the power of Red Hat CloudForms in conjunction with Rackspace Private Cloud powered by Red Hat, which is managed and supported by two leading OpenStack vendors in the industry. This is an important milestone for Rackspace customers who want to deliver a complete private cloud solution to their users across multiple cloud platforms. For Rackspace and Red Hat, it is a continuation of the companies' commitment to empowering customers by enhancing capabilities in the core OpenStack project, while also integrating value-added software when appropriate.
  • Pay Close Attention To These Analyst Ratings: Red Hat, Inc. (NYSE:RHT), Facebook, Inc. (NASDAQ:FB)
  • The perils of long development cycles
    As for today, latest version of systemd is v231, released in July 2016. This is the version that will be in Fedora 25 (to be GA in three weeks). That's quite a long time between releases for systemd – we used to have a new version every two weeks. During the hackfest at systemd.conf 2016, I've tried to tackle three issues biting me with Fedora 24 (v229, released in February this year) and F25. The outcome was… unexpected.
  • Switchable / Hybrid Graphics support in Fedora 25
    Recently I've been working on improving hybrid graphics support for the upcoming Fedora 25 release. Although Fedora 25 Workstation will use Wayland by default for its GNOME 3 desktop, my work has been on hybrid gfx support under X11 (Xorg) as GNOME 3 on Wayland does not yet support hybrid gfx,

Android Leftovers

Tizen News

  • Samsung’s Quantum Dot SUHD named ‘TV of the Year’ in UK
    It is evident that Samsung has been having a hard time to gain back customers’ trust after the Note 7 disaster. However, not everything’s going wrong for the South Korean Electronics giant. The company’s Tizen Based Quantum DOT SUHD (2016) TV was named as the “2016 TV of the year” by some of the top IT magazines in the UK. Samsung’s Quantum DOT SUHD TVs bagged 5 out 5 points from “WHAT HI-FI” internet tech magazine which also obviously had to be the top score.
  • FootLOL – Crazy Football game for Tizen
    Last week lots of games were added to the Tizen store. Zombie Derby 2 is one of them by Herocraft Ltd. Today they added another game in the Tizen Store named FootLOL – Crazy Football.
  • Putin’s standard for IoT is the new 1984
    As the Internet of Things gets more popular new questions arise: which protocol will become the open standard for supporting IoT networks across a huge array of devices around the world? Today we start hearing some answers from Russia. Igor Shchyogolev, former Minister of Telecommunications between 2008 and 2012, is thinking about a service that involves both an Internet card and a City card for citizen to use the Internet, hence named “Internet + City card” or just “Internet + City”. Long story short, Russia is contemplating the hypothesis of domestic regulation, rather than an intergovernmental agreement between major countries involved. Testament to this intent are Russian focus towards cryptographic protection and the plan of the country to substain such autarchics drives with national production of chips and direct control of both analog and digital TV frequencies.
  • App: ASMR Sounds by Dreamroad Production is available on Tizen Store
  • Samsung’s Announces its First 8GB LPDDR4 DRAM Package