3

So as a bit of background, I am completely new to server admin.

I am a web designer, and generally know quite a bit about computers.

Until a few months ago, I had never used LINUX.

Now my desktop runs Mint, and I have moved to an Ubuntu Linux cloud server with Rackspace.

Essentially I have followed the following guide: http://www.symana.com/2010/12/setup-a-lamp-rackspace-cloud-server-running-ubuntu-10-10/

to get to a point where I have apache, phpmyadmin etc. set up.

Given that I have set up the server thus far, and I appreciate this is massively unknowledgable.. but everyone has to start somewhere.., but can I now just use the server like i used my shared hosting account at hostgator?

I have bought myself a book about Ubuntu server administration such that I can essentially learn as I go..

The reason I have moved to rackspace is because i like the easily expandable nature of their cloud server offering which is exactly what i need for some of my growing websites. At the same time, I dont want to be prone to massive security breaches, inefficient loads, bad database connections etc. on the basis of me not knowing much about server admin.

Could anyone advise on my situation, the suitability of my setup, and how I could perhaps improve my setup..?

Cheers

Thomas Clowes
  • 141
  • 4
  • In short: no, you can't just use it like a shared hosting account. You're now a sysadmin, with all that that entails (thousands upon thousands of things, which is far too much to cover in a single serverfault answer). – womble Mar 24 '12 at 19:33
  • A large extent. – user9517 Mar 24 '12 at 19:58

1 Answers1

7

Some security defenses:

The first one is a well documented Intrusion Detection System the second one is a tool to make firewall rules, it runs on top of netfilter.

Backups

Always make backups (half daily, daily or hourly) I use rsync

Hardening SSH login

You can dissable SSH login for root and use sudo instead to become root: In /etc/ssh/sshd_config:

PermitRootLogin no

Or if you want to allow it with key authentication:

   PermitRootLogin without-password

Monitoring

If you want some monitoring (this is not necessary, but sometimes is handy to monitor load trends). Some tools are:

  • munin
  • cacti

Test before you deploy

Always test everything new in a Virtual Machine or another sandbox before deploying it on your production machine. You don't want it to go down because of something you were testing.

Quick mistakes

I always change the font color of my root user to see a clear difference between when I'm running as root or as a regular user. Further more I change this per server (it's only doable when you have a small amount of machines).

Some advice

I suggest before deploying your machine as a production machine, you learn a bit more. You learn the most by making mistakes (which you want to avoid on a production machine). Set up some mailservers, webservers, ftp servers, ... . Be comfortable with it before risking your business on it. You will have to become a ... System Administrator

And MUCH MUCH more I can't cover in the answer

Lucas Kauffman
  • 16,818
  • 9
  • 57
  • 92
  • Awesome. Very comprehensive answer. Much appreciated. I suppose the way I will approach this then is by setting up some of my none important information based websites on a rackspace server and well.. just playing whilst I learn. Thanks ! – Thomas Clowes Mar 24 '12 at 20:54