Most Secure Dedicated Web Server Setup
Mar 18, 2008
I am seeking a little input from others who use multi-CPU machines with large memory as web servers and mysql servers.
I will be more than happy to give additional information I might have overlooked if you need it. Just ask.
We are starting to run more and more dedicated hosts running joomla applications. I've been trying to find the very best settings for both performance and security that I can for the servers to function well specifically with their joomla applications.
Serves are not used for *anything* else at all.
The servers are strictly used to serve up web pages. No need for anything other than what apache/php, joomla requires and a few other things such as ffmpeg, etc.
I would like to remove all tools which aren't needed for such a server, leaving a bare minimum server which is less susceptible to hacking.
I've never messed with the root account so wonder if I can simply not allow any access as root other than terminal, perhaps not even su by giving another account full root access and of course, while allowing the system to continue to function properly with the many things which must run as root.
I would like to do this on all of my public machines which are of course behind firewalls. I also have load balancers and cache devices in front of the web servers but at this time, they are not activated so aren't in the realm of this question.
Development is done in a separate environment and the data is pushed to the web server via private network to the web servers. This means no need for shared tools, FTP, or anything else which users would need in a shared environment.
The servers are 8-way IBM, running linux and apache, php/APC.
Servers have 32GB of memory and I can install up to 64GB.
Databases are run on separate machines which are also dedicated only to running mysql databases. Same machines as above.
Machines all run multiple network cards bonded as a single IP.
So, my questions are;
How can I best utilize my hardware to take advantage of their memory capacities.
For example, on the web servers, I'd like to find the best settings for httpd.conf which takes advantage of the machines resources.
On MySQL servers, I'd like to do the same as the above, taking the best advantage of the hardware/memory.
For web serving and for joomla, I seek the very best security settings I can possibly get. I say best because since they aren't used by users, there is no need to have a lot of tools and access to these machines so it should not be a problem to tighten these machines up a great deal.
Any input from those who have such experiences would be very welcome as I've been finding no one place for help on this.
View 0 Replies
ADVERTISEMENT
Oct 7, 2008
I'm trying to find a good hosting provider to host our company's website as our fallback option in case of disaster. One or two dedicated servers should do it, but it'll need the space/bandwidth to host a database of around 60-80 gigs, with the ability to rsync newer copies of the database on a regular basis. We also need to store a Tomcat website, which will take up much less space, but also need to be rsynced to be kept up to date on a regular basis, though less often than
Also, we probably need Red Hat Linux specifically, as opposed to other flavors of Linux.
Of course we need root access to install the other apps we'll need. My paramount concern is the security of our companies data, much of which not only has to be protected for our companies sake, but also for laws such as HIPAA, etc. Cost is a consideration, but security, dependability, and flexibility (root access to our machine, ability to rsync between sites) is more important.
I was wondering if anyone's got suggestions for me, hosting providers they've liked for these purposes? I'm looking at Media Temple's dpv Nitro option right now ...
View 6 Replies
View Related
May 12, 2009
I'm working on a research study at the University of Toronto and we would like to set up a website and dedicated secure server. I would like some recommendations on start packages that would be appropriate with prices. I'm hoping some could over their own experiences.
View 14 Replies
View Related
Jun 8, 2009
So when you setup a new server, what should I do. I will only be running 1 site for now (vbulletin forum site), should I just install Apache, MySQL, Php, setup the DNS, etc.
Or Should I just Install Plesk, and let that do it.
Most Likely will just be running a 2.53Ghz Core2Duo, 4GB 250GB. I have setup a webserver before just basically though but think I could manage. I think that Plesk would make it easier but would also eat up resources, on the other hand though not having it would use less resources but require more configuration.
View 6 Replies
View Related
May 10, 2009
I want to setup a dedicated within my home based business, what is the easiest and cheapest way to do this, I understand I would need a static Ip address from my Internet provider (is that right?) also Do i need a spare PC to do this or can I run my main PC and still be able to run it when it's switched off?
The reason I want to learn how to do this is:
1. Save on fee's every month
2. Provide more services at low cost to clients
3. Learn more about the hosting business.
View 8 Replies
View Related
Mar 20, 2007
I am really getting confused now. Some people tell me it is possible to set up a simple subdomain and add a SSL-certificate to this, while others tell me I have to set up a new account for the subdomain (subdomain.domain.com) in WHM and assign it to it's own IP-adress.
So, my queston is what is the best way to set up a secure subdomain, like [url]? I have already purchased a SSL-certificate for secure.domain.com.
View 14 Replies
View Related
Jul 25, 2009
setup FreeBSD 7.2 amd64 on my dedicated server remotely. There is only problem I havnt access to KVM, but I have access to rescue system (linux image loaded into memory of the server, which enables me to perform any actions with help of linux tools on hard drive, it's easy to install any linux distro on the server - just format hdd and load files of OS, but I really dont know how to install FreeBSD by this way).
So, maybe someone can help me? If you have any tools for FreeBSD install or special images of it -
View 2 Replies
View Related
May 8, 2009
I'm trying to help out a friend with a dedicated server setup however we both don't know too much about it. We've setup apache, perl, sql all the standard stuff but cannot for the life of us setup a CRON job for a particular script.
The dedicated server control panel is: WHM Accelerated.
Our current websites have been setup on the server under the same user account (master).
There doesn't seem to be the usual "CPANEL" options which you usually get with shared hosting however.
View 7 Replies
View Related
Jul 12, 2009
I would like to asking help about building dedicated server 2x hdd, i have person who advance in this but i want to get open wider suggestion from you :
1. which one better, "use 1 hdd for data and 1 hdd for backup" or "2 hdd for data and use backup service which is extra money"?
2. I have market already, but for starter is 80gb 2x hdd or 73gb scsi (little bit different in price) still enough until next year. I will expect to have 250Gb/500Gb sata, is it better make these new capacity replace the old one or just added into the box using raid?
3. if it is raid, is it no problem using two different ide/sata hdd and scsi hdd?
View 3 Replies
View Related
Jul 28, 2009
How long is a acceptable waiting time? just signed up to Dedishack - yesterday, Monday and been told I need to wait till Thursday.
Acceptable waiting time?
Not in a rush and I am not complaining just curious. First time I have had to wait for a dedicated server should be worth the wait though.
View 14 Replies
View Related
Jul 9, 2008
I am a good systems administrator but I have never setup a windows web server. Are there any tutorials out on the web that would show me how to do it. Is it true when a dedicated server is purchased the only thing I have to do is transfer the htm or asp files?
View 3 Replies
View Related
Aug 17, 2007
I bought a Virtual dedicated server from GoDaddy and I had lots of problems setting up the domain , e-mails, etc..
I'm looking for a hosting service where the team can do all the setup for me.
specs:
Linux
about 50GB space
500GB/m bandwidth
CGI, PHP, MySQL
Full root access (FTP)
No upload file size limit
100Mbps
View 3 Replies
View Related
Jan 18, 2009
I've trawled the sitepoint forums but haven't found anything relating to this subject. I'm hoping someone out there has found themselves in a similar situation.
As a brief summary, I work as a full time web designer for a company but also run my own web design business in my spare time. Within the next year I plan to go freelance which will hopefully leave with some spare time to learn dynamic web design as well as offer clients domain registration and hosting services.
As a web designer, my knowledge of hosting is not that great, but I intend to learn. Currently, I work with a guy who sorts all this out for me. He has a shared server and pays a certain amount per month and charges me £XX a year per client to setup domains and hosting.
I was wondering how much technical skill I need to set this up myself. With so many hosting packages out there, it's hard to know where to start. Should I buy a dedicated server and host my clients at home or go with the safer option and pay monthly for shared hosting?
View 2 Replies
View Related
Jul 31, 2008
As my clients' needs expand, they're asking for chroot ssh/sftp setup. I'm currently on a dedicated Linux setup but don't really have the time to set up a whole new box with full virtualization or investigate a full chroot solution (baby on the way), and to be honest it would be less hassle to move to a new provider than worry about down time with sites.
What I'm looking for:
- linux hosting
- hosting for 30+ accounts, some with several domains
- at least 6 IP addresses for SSL certs
- each account in a full chroot environment (ssh/sftp/ftp) so they can't poke around each others' files, or each account set up in a virtual machine setup (ie: openvz)
- maildir
- spamassassin
- php 5, mysql, perl 5.8.8
- suexec apache would be nice
View 3 Replies
View Related
Oct 6, 2009
I was looking at staminus dedicated hosting offers, and after I asked them about secure port packages prices. I would like to know, after I purchase a dedicated server, how to install secure port? Does it work like a protected DNS?
View 6 Replies
View Related
Jun 20, 2006
I work for a small web design firm with about 100 clients/domains and we are starting the search for a new hosting provider. We need a managed dedicated server with an offsite backup. We are also looking for a company that knows what they are talking about. If we have a Linux or server question they need to be able to give us a quick straight answer. Also, if they could help us transfer all our hosting accounts from our current server over to the new one that would be a BIG plus.
We have been thinking about Rackspace or 1and1.com but were wondering what the community thought. Any recommendations?
View 5 Replies
View Related
Jun 26, 2008
I would really appreciate some advice about changing from a VPS to a dedicated server and getting a good 24/7 server management service
I know I need more Ram than I’ve got now and I know I need a managed server. Beyond that I’m not sure what I need and all the info I’m reading is making me more uncertain and more worried about making the wrong decision.
I moved from shared hosting to VPS a year ago. I have now started to outgrow the VPS.
The VPS has 512 MB Ram, 10% Burstable Resources. The site has been up since the last crash for 78 days but it is maxing out the Ram during the busy parts of the day and has high load averages.
There is one site on the VPS with static HTML pages. Last month’s figures were approximately 186,000 MB of Data transfer and 4,362000 page views. Average of 30,000 visitors per day
I want to add another 4 or 5 sites small sites. Some of those will be XML feed sites. No forums, chat or reselling.
So what to choose?
1.Operating System
CentOS or Fedora Core Linux 6
2.Control Panel
cPanel 11 or Parallels Pro
3.Processor
Single Core or Dual Core
4.Ram
1GB or 2GB
5.Hard Drive
Single with backup, RAID or RAID with backup drive
Server Management Services and Monitoring 24/7
I’m using WebSite Pulse for monitoring at the moment and I’m very happy with them but they don’t do server management. I need a company to secure, protect, update and keep the server running 24/7
platinumservermanagement.com seem to offer a good service for only $29 per month. Don’t know what they are like. They only manage cPanel, don’t know if that’s a good thing or a bad thing. Would appreciate other suggestions.
Basically I’ve got to decide do I stick with current hosting service and move to a dedicated server choosing from the options I have listed or move to another hosting service offering managed VPS with more resources like wiredtree.com. Don’t know what Wired Tree is like just read about them in the forum.
View 4 Replies
View Related
Mar 25, 2009
i have question about securety of our DNS Server.
View 8 Replies
View Related
Apr 25, 2008
My server hacked!
my server hacked for tow time in less than one month (both times they were similar to each other), and my previous securing company work on my server in previous hack but the server hack again!
anybody can work on my server? this is very URGENT because my server and all of our sites are down!
View 3 Replies
View Related
Mar 14, 2008
so while we all obsess over hardening our servers against sophisticated hacking attempts, how many of us consider the security of our own host's control panel?
Just today i'd forgotten my login for my host's helpdesk. I couldn't find their password recovery form, so i opened their public support chat and asked support for a link to their password recovery form. Apparently they didn't have a password recovery form. Here is the chat transcript:
Support: Hello
Tom: Hi, where is your password recovery form for the helpdesk?
Support: How may i help you?
Tom: Did you see my message?
Support: Yes
Support: Let me know your email address
Tom: [REMOVED]
Support: Okay Let me check
Support: Your new password is [REMOVED]
So, the only think really stopping someone from logging into my helpdesk and posting a server cancellation ticket is a little bit of research to find my email address and a traceroute to find my host.
View 4 Replies
View Related
Nov 11, 2007
I see that one of the most important things nowadays is the security of our servers.
I would like to know from people here that are running big and small servers what they have done to secure their servers. What tips, what softwares they have used, which applications using and are more secure than others.. generally everything that could make good in the protection and security of our servers.
Even if you asked helped from a company doing that work, what changes they have done to your servers? which options they changed?
I am making this thread so as to collect all info we know in one place.. One knows about that tip.. the other one knows another tip.. having all of them somewhere could make a tremendous difference..
Moderators please dont move that thread in any software discussion or other forum as this is one of the most active ones and also has instant relation with the dedicated servers we buy.
View 11 Replies
View Related
Dec 6, 2007
I have a friend that works in the IT. He is about to start his own business, something in the line of network connection or something like that. I was telling him that I'm planning on getting my own dedicated server but that I have no idea how to secure the server. He told me that most linux desitributions come with their own build in firewall and that I don't need to worry about security. He told me to just ask my dedicated server provider to make sure the firewall is enabled and that's it. When he told me that I thought to myself, either this guy has no idea what he's talking about, or those guys at Webhostingtalk have no idea what they are talking about!
View 14 Replies
View Related
May 23, 2008
Which is the best company to secure my web server?
View 8 Replies
View Related
Sep 8, 2007
Is anyone have a ebook or article about secure linux server and apache .
I want to secure own server and my vps customer
my linux system : Centos
also i have cpanel control panel
View 3 Replies
View Related
Dec 4, 2008
i want to secure my server that scanner tools can not scan my site . because of one of my site is very important to do not scan of folder.
my server os : linux Centos 5
View 3 Replies
View Related
Mar 27, 2007
I have a unmanaged server, and i want to have it secure harden.. how do i do it?
View 5 Replies
View Related
Jul 27, 2007
I would like to know if it's possible to secure a server used only for streaming.
Here is what I have on my server :
- Gentoo,
- FlashMedia Server,
- and the following services are enabled : ftp, ssh, named and web ssl
Is it possible for instance to install Mod_security?
View 3 Replies
View Related
Mar 25, 2009
I came across this very detailed step-by-step tutorial on how to secure a Plesk based VPS. It's up-to-date and was just written so the info is accurate.
Here's the link to the full tutorial: ...
View 1 Replies
View Related
Mar 25, 2008
I have a cPanel dedicated server and have a lot of spam attacks on this server. It's getting so bad that our IP is being added to Yahoo & AOL blacklists and my emails are bouncing to these accounts.
Is there anyone on here who can do a thourough check on our server and install anything necessary to stop this kind of activity?
View 5 Replies
View Related