[nycbug-talk] New Webserver
matt at atopia.net
Tue Apr 8 00:15:34 EDT 2008
Been sick for a day or so so if my email sounds a bit choppy, sorry!
I'm about to setup (well, ok, I actually did just setup) a new webserver
for my side ventures. This server will have managed and self-managed
In the past, I've never really chrooted and/or jailed processes - I have
to do it once or twice per customer request, but never on my own boxes as
a general security policy. I'm usually really good at keeping boxes
patched and up to date, etc. But this box is going to have about 20
webhosting customers - both managed and un managed. Some of these users
will of course be uploading their own content via SFTP or FTP, and for all
I know the security of their PHP scripts, etc. may be "not so good".
What does everyone here usually do in securing those boxes? Do you
usually setup jails/chroots for the webserver processes, etc., or do you
rely on internal settings in things like php.ini to maintain security for
your public webservers?
More information about the talk