Saturday, January 19, 2013

How hard is it to run a secure Linux server, with Apache, PHP, MySQL, and mail services?

Q. I will be getting my own dedicated server soon and while I have a functional knowledge of the concepts of Linux, I don't know everything. Will my server be reasonably secure if I am sure to keep everything updated and patched (assume there are no PHP scripts vulnerable to SQL injection etc.)

A. Make sure you have strong passwords for everything. This includes your database. Use SSH to connect, scp or some other secure program to transfer files (not vanilla FTP, since it transmits passwords in the clear).
If your database doesn't need to talk to other hosts, configure it so it only listens on the loopback interface.
Be careful when configuring your mail server, so it isn't an open relay.
Get a cert for the web server, so you can use SSL to protect information that gets sent over the net.

The biggest potential source of vulnerabilities will be from whatever web apps you install. Subscribe to the announcement/security mailing list(s) for those apps (and for the Linux distro you use), so you don't get blindsided. Before you install something, you might want to check out a security site (like Secunia) and search to see what advisories have been issued for that software w/in the recent past. This will give you an idea about just how worried you should be about potential issues down the road (and what current issues there are that haven't been fixed, yet).

If you're rolling your own web apps, there are a whole bunch of things to watch out for, especially if you're doing things with user data (file uploads, SQL searches, form processing, etc).

How do I upload a folder recursively via SSH through a linux terminal?
Q. The problem is quite simple actually. I have a folder in my desktop which I want to be able to upload to my server via SSH. I want to be able to do that using only the linux terminal. Thanks
I don't know about import/export functions. I just want to upload via SSH. I know it's possible, I just don't know how.

A. See the SCP command (syntax in source link). It copies files over ssh. As you can see, it has an option to put an entire folder over at once.

Alternatively, there's SFTP (secure-ftp) which tunnels a ftp connection through ssh (valid only if the target server also has ftp service in addition to ssh).

How do I transfer files to and from my computer I'm remotely connected to through SSH?
Q. I want to be able to transfer files to and from my home computer remotely while accessing it from an SSH connection...How do I do this? Do I need to set up an FTP server on my home computer? It's running Debian Linux and I access it from my Android phone using ConnectBot.

A. If it's running an ssh server that will include scp and usually sftp.
You can connect with any scp/sftp client like winscp, rsync. If you set up SSH keys access you need not bother with passwords (though it's still a good idea to have some passphrase in case you lose the phone)

ftp is less secure, unless you use SSL



Nec Projector Review

Plastic Shed Reviews

Ati Graphic Reviews

Nurse Uniforms Reviews

Cabochons Reviews

Inflatable Water Slides Reviews

Barcode Scanner Reviews

No comments:

Post a Comment