Install Services and applications (Wordpress, Vtiger CRM)
-
I'am a sysadmin beginner I need to install some applications like Mailtrain , WordPress and Vtiger CRM. I want to know : What are all the services needed (apache ...)? I want to use MySQL , Can all applications use the same mysql server ? What is the best linux server that I need (ubuntu vps , other ...) ? How to secure this new server and it's applications ? Thanks
-
I'am a sysadmin beginner I need to install some applications like Mailtrain , WordPress and Vtiger CRM. I want to know : What are all the services needed (apache ...)? I want to use MySQL , Can all applications use the same mysql server ? What is the best linux server that I need (ubuntu vps , other ...) ? How to secure this new server and it's applications ? Thanks
Wow.
Member 14292504 wrote:
What are all the services needed (apache ...)?
So, for starters, basically any application that you install should provide a list of dependencies. Most distros will attempt to auto-resolve dependencies, but there might be some (such as your SQL instance or, as you mention httpd) that you want to directly manage.
Member 14292504 wrote:
I want to use MySQL , Can all applications use the same mysql server ?
Yes, that's part of the point. The concern is partially capacity, but mostly utilization.
Member 14292504 wrote:
What is the best linux server that I need (ubuntu vps , other ...) ?
I suggest CentOS for these purposes. Opinions will obviously vary.
Member 14292504 wrote:
How to secure this new server and it's applications ?
I have a one week class that I teach that covers about 1/3 of what it could/should for DoD RMF security compliance for Linux. You're not going to get an adequate summary in a forum post. But, this being the interwebs and knowing you're unlikely to buy a book: Assign file/folder permissions based on Least Privilege Password complexity via PAM Cracklib Learn to use iptables or firewalld and close everything you aren't actively using Lock down root, utilize sudoers, and require passwords for sudo Don't switch SELinux to permissive; learn to use semanage instead Get a real TLS cert and enforce strong standards (TLS 1.1+, AES256, etc) Setup an update script with a post-update notification for systemctl --failed Extra Credit: If at all possible, containerize all apps Use a jump box and limit ssh access to that box (no VNC or DM, that's for plebs) Do not let apps run as root, segment permissions Learn to leverage AIDE Encrypted data partitions to avoid side-channel exfiltration Backup strategy Logs...dear god don't forget the logs... By no means take this list as comprehensive; it's the baseline for what I'd consider a "security attentive" system that is exposed to the public internet today.
"Never attribute to malice that which can be explained by stupidity." - Hanlon's Razor
-
I'am a sysadmin beginner I need to install some applications like Mailtrain , WordPress and Vtiger CRM. I want to know : What are all the services needed (apache ...)? I want to use MySQL , Can all applications use the same mysql server ? What is the best linux server that I need (ubuntu vps , other ...) ? How to secure this new server and it's applications ? Thanks
Use should be using nginx on Ubuntu with iptables for security