Best practice for web server setup?
Tony
ttiger at lineone.net
Wed Feb 2 23:08:55 UTC 2011
"Wipe_Out" <wipe_out at users.sourceforge.net> wrote in message
news:AANLkTikFt2PqiePkCftOU16RzC+PPybeqX5qsv08fFKy at mail.gmail.com...
> Hi All,
>
> I am wondering if anyone can point me to a "best practice" guide for
> setting
> up my company web server..
>
> The basics are that I am setting up an Ubuntu 10.04 web server on a VPS
> hosted on the internet.. The server will run our internal web based
> applications and database being accessible from all our business
> locations..
> It will also at some point in the future host the company website with a
> customer portal so customers can manage their requirements themselves (in
> other words the site will link to the company database on the server)..
>
> In addition to this I want to setup a development site for continued
> development and testing of the applications and website that can then be
> copied to the live site when testing is complete..
>
> Setting up the Ubuntu box and using "tasksel" to create the LAMP server is
> easy enough.. What I am looking at more specifically is setting up the
> virtual hosts for the various sites..
>
> Is it recommended to create user accounts for each function, i.e apps, web
> and dev, and then setup a public_html directory in each home directory and
> get apache to serve the files from there? or should I just create
> subdirectories of /var/www and put them all there to avoid problems
> running
> the sites (permissions etc.. )??
>
> Any suggestions or things to look out for would be appreciated..
>
As you have asked some very basic questions, I would suggest that you don't
do it! You really need to know about security and just setting up a lamp
server on a VPS is a very insecure way of doing things if you don't know
what you are doing. You run the risk of getting the websites hacked and
also the company database/sites hosted on it.
You will also need a DNS server if you want the domain found on the internet
and probably some sort of mailing program installed to process mail sent
from the websites.
If you are determined to do it yourself, I would suggest installing
something like ehcp (http://ehcp.net/) , ISPConfig
(http://www.howtoforge.com/perfect-server-ubuntu-10.04-lucid-lynx-ispconfig-3)
or DTC http://www.gplhost.com/software-dtc.html
It is not a good idea to run internal web based applications on a server
that has public access unless you really know what you are doing. These
should be run on a server on the internal LAN that is firewalled from the
outside world with access by VPN if remote access is required.
Remember that unless you are using a SSL, data being sent to and received
from the server can be easily intercepted.
Tony
More information about the ubuntu-users
mailing list