Language Selection

English French German Italian Portuguese Spanish

Build a Secure Web Server with Mandriva 2005 LE

Filed under
MDV
HowTos

In this build, like the last one, we are going to gear our server towards dynamic content. That doesn't mean that static sites can't be run from this server. We'll once again build a LAMP (Linux Apache MySql Php) driven site. Since things like blogging and PHP-Nuke are so popular this server will be just the ticket. Imagine not having to pay hosting fees for your site anymore. It's a great thing!! This build is even more secure then the last one, and it was pretty tight.

We'll start by obtaining the Official Media which is "Mandriva Limited Edition 2005". There are updated versions for the club members that contain updated versions of some softwares but none of those will be used here. The updates pertain to desktop apps. Besides we want to stick with the officially supported software from Mandriva. It will receive all patches and security updates whereas the club versions will not.

Let's insert the first CD and configure the BIOS to boot from the CD-Rom. We are going to cover the Differences from the Workstation build only. So the first difference is the security level. When you get to this screen be sure to pick "Paranoid". This will set us up a "Chain-Rooted" configuration. What does that mean??? Well it will secure certain directories and also include a whole host of security checks to keep our server up to snuff on the security side of things. It also shuts down all ports and installs Shorewall firewall. Of course we'll tighten it down even further!! Here is the Screenshot.

Our next page of concern after Security is the "Partitioning" screen. The only word I have here is that Mandriva puts the Sql data and the Web root in the /var directory so be sure to make the /var directory large enough to handle your sites along with their respective databases. You can experiment with the partitioning tool and configure it just the way you like. I make my /var directory anywhere from 4-15 Gig depending on how many and how complex the websites are that the machine will be serving. To put things into perspective....LinuxLoader is now just over 1 year old and its at about 250Mb including its database. For our example build I made the /var about 10G. Since /home really won't contain much data, make it small. Here is our example server.

Full Article.

More in Tux Machines

today's leftovers

  • OpenRA C&C Reimplementation Gets New Stable Release, Here Is What's New
    Oliver Brakmann from the OpenRA project, an open-source and cross-platform initiative to offer a reimplementation of the popular Command & Conquer games, announced the availability of a new stable release.
  • Pisi-Linux-2.0-Beta-KDE5
  • Arch-Based arkOS Linux Being Discontinued
    arkOS, the Arch-based Linux distribution focused on "securely self-hosting your online life" with aims to make it easy to deploy servers for web-based services, is being discontinued. ArkOS since 2012 had been working to make it trivial to deploy your own Linux web server, your own personal cloud (ownCloud), and making it easy for other services to be deployed while being done so securely and easily. You probably haven't heard of arkOS making the news in a while and sadly now it's making news again, but only because it's being discontinued by its lead developer.
  • SUSE Hack Week 15
    Back in February the fifteenth SUSE Hack Week took place. As always this was a week of free hacking, to learn, to innovate, to collaborate, and to have a lot of fun. I didn't have the full time, so I worked on a couple of small things and a few projects I maintain. I did want to summarize that, so here you go.
  • How To Use SD Card As Internal Storage On Android | Adoptable Storage On Android
  • Anbox - Android in a Box
  • Your CEO’s Obliviousness about Open Source is Endangering Your Business [Ed: Jeff Luszcz says nothing about the risk of proprietary components with back doors etc. and instead 'pulls a Black Duck']
    But what caused these issues? Itis what happens when an open source component is integrated into a commercial software product and violates its open source license, or when it contains a vulnerability that was previously unknown. As technology evolves, open source security and compliance risk are reaching a critical apex that if not addressed, will threaten the entire software supply chain.
  • Mentor tips Azure IoT support and Linux-driven self-driving tech [Ed: Azure is a patent trap with back doors]
    Mentor announced Azure Certified for IoT compliance for Mentor Embedded Linux, and unveiled a Linux-based “DRS360” self-driving car platform.

Leftovers: Software

  • 3 signs your Kubernetes distro is built to last
    It's hard to turn around these days without bumping into a Kubernetes distribution. For example, Mirantis recently buffed its OpenStack distribution to use Kubernetes as an internal component and for container management. Major Linux server distributions include it now. For Kubernetes adopters, it's all good news. It means the most remarkable development in the container world since, well, containers themselves is enjoying strong uptake and acceptance.
  • Cockpit – An Easy Way to Administer Multiple Remote Linux Servers via a Web Browser
    Cockpit is a free and open source web-based system management tool where users can easily monitor and manage multiple remote Linux srvers. It is very thin and light weight utility & directly interacts with the operating system from a real Linux session and doesn’t require any difficult configuration so just install it, it is ready for use.
  • Some Useful Indicators: Ayatana, Clipboard-Autoedit, Diskstat, Files, Bulletin and Udisks
    Panel Indicators always comes in handy when you have to do some productive work on your desktop computer, to access quick functions of different applications these indicators saves you a lot of time, some indicator give you information you want to receive, it all depends on your needs. Today presenting you some useful indicators which may help you and makes your desktop experience much better. Following all the indicators are developed by just one guy and available through his PPA.
  • SRT Video Transport Protocol Open-Sourced
    In aiming to enhance online video streaming, the SRT video protocol has been open-sourced and an alliance forming around that for low-latency video. SRT is short for Secure Reliable Transport and is a low-latency video transport protocol developed by Haivision. The SRT protocol is being opened under the LGPL license.

today's howtos

Linux and Linux Foundation