Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

General Linux (CentOS) and Apache Questions

Posted on 2013-11-20
3
Medium Priority
?
686 Views
Last Modified: 2013-11-26
Firstly please excuse my lack of knowledge - I'm from a Microsoft Background, so I'm on a steep learning curve.

1. My server has SSH Access, would it be considered 'best practice' to remove SSH access and have a different user for shell access then either su to root or make them add them to the sudoers?

 a. If so how do you remove ssh access form the root account?
 b. Also how do I check which other usernames/accounts have ssh access and remove those rights?

2. I've been told that Apache out of the box will need some 'tweaking' to accept a lot of connections etc? what needs to be done? (of do you have a link to a good article).

3. When setting up a Linux box to serve my website (and ultimately my mail server, but that can wait), what typical errors am I bound to make?

Thanks in advance

Pete
0
Comment
Question by:Pete Long
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 36

Assisted Solution

by:Kimputer
Kimputer earned 1000 total points
ID: 39662143
0
 
LVL 62

Accepted Solution

by:
gheist earned 1000 total points
ID: 39662548
1. You can limit access to SSH using tcp wrappers (man hosts.allow) or sshd configuration (man sshd_config) either way take care to not lock out yourself i.e. check if you still can make new connection.
a. in /etc/ssh/sshd_config add line or change existing PermitRootLogin without-password
probably you might want to confirm public key auth works beforehand. manual has more options, usually you need a user in wheel or sudo group to become root after
b. all have the access if they have password set. You can allow ssh connections based on system group membership

2. you might want to change from httpd.prefork to httpd.worker (/etc/sysconfig/httpd)
then you might need EPEL repository to get multithreaded versions of server modules
nginx is even smaller and faster

3. Apache: make one huge unmaintainable conf file, allow apache more access than needed
Apache: get familiar with yslow, pagespeed etc content analysis tools
Mail: read about open relays and DNS setup before forwarding your first mail
CentOS: compiling your own package when system provides good and supported one
CantOS: start from "minimal server" install template. The very minimal template expects you to configure network manually
0
 
LVL 57

Author Closing Comment

by:Pete Long
ID: 39679265
Thanks All
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question