[Herts] CENTOS 5.1 LAMP
nicolas at jetblackjelly.com
nicolas at jetblackjelly.com
Thu Jun 26 10:02:50 BST 2008
Hi,
Time for a new dedicated server - in preparation I have been building a test server at home. Based on Centos 5.1 the aim is to install the minimum amount of services and a tight configuration to help keep the server secure.
I have based my configuration on the following sets of notes.
http://www.howtoforge.com/centos-5.1-server-lamp-email-dns-ftp-ispconfig
http://www.phpvs.net/articles/blakes-centos-lamp-server-guide-single-page/#Preamble
http://www.rayheffer.com/linux%20web%20server.shtml
Although they do not always agree.. :(
Observations / Questions!
1. Various Howto's advise or curse SELinux - Any thoughts?
2. One of the howto's recommends removing a long list of packages to tidy up the install, fair enough. Until I try to remove indexhtml which insists on taking 35 other packages with it - including the kernel. It seems all these dependencies are by design. Very strange!
3. FTP - Spent way too long looking at the options for Proftpd which I currently use, but it is not in the Centos base distro and VSftpd, in the Centos distro but no official webmin module, configuration etc.. I have solved the problem now.. The server won't have an FTP server - SFTP only.
4. Firewall - My current server uses the KISS firewall script which has worked well. http://www.geocities.com/steve93138
So, this was my first choice. The scripts tests for - ipt_state, and ipt_multiport - but these tests fail!
Although
modprobe ipt_state
modprobe ipt_multiport
Work fine. I have removed the tests from the script, but it would be nice to fix it properly
http://www.geocities.com/steve93138/kiss.txt
I am also puzzled as to why a number of the Modprobe commands are duplicated in the script and the effects of not loading the other modules mentioned in the script.
Thanks again for any thoughts.
Regards
Nicolas
More information about the Herts
mailing list