Re: Please I'd like to install 2 websites on my un managed VPS on CentOS6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 02/23/12 11:05 AM, Wuxi Ixuw wrote:
> Please suggest a one as I am keep goggling and all result bring books
> dealing with linux as a real server and not a vps.

you could do worse than starting here...
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/

VPS and real hardware work exactly the same once the software is installed.

my base level suggestions:

  * start with a *minimal* install of the latest release (currently 6.2)
  * create your user account, give both user and root account different
    secure passwords
  * secure the SSH server (no root, key instead of password
    authentication, only allow ssh from your home/office networks or a
    few secure 'bastion' hosts, etc)
  * yum update right after install and reboot
  * install *just* the services you need, only from trustworthy yum
    repositories
  * secure the services you install as appropriate
  * document your configuration, including what packages you needed to
    install
  * script a secure backup of your configuration specific conf and data
    files to reliable offsite storage.
  * plan on regular yum updates, and staying up on security alerts, such
    as CERT


by far the biggest threat to servers are things installed on top of 
them, like web applications...  for instance the very popular WordPress 
has a long and checkered history of security exploits, ranging from 
annoying to root elevation...
http://www.wordpressexploit.com/

ANY user written web code has to be designed with security in mind, no 
matter how insignificant your little web server is, its valuable to the 
black hats as a proxy for their evil, and the worms and exploit scanners 
will find a wide range of poor design

http://xkcd.com/327/



-- 
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux