-7

I installed LAMP server on Ubuntu 13.04 using this tutorial word to word. It worked nicely. But I am hardly able to understand these steps :

$ sudo usermod -a -G www-data your_user
$ sudo chgrp -R www-data /var/www
$ sudo chmod -R g+w /var/www
$ sudo apt-get install php5-curl
$ sudo a2enmod rewrite
  1. What is this usermod?
  2. Why it is used here?
  3. Why is the group changed?
  4. What is this a2enmod?
  5. How secure is this installation?
  6. Is there anything else I have to do to make it more secure?
  7. If the original author has already taken care of security then how did he do it?
  8. Why did he change AllowOverride None to AllowOverride All?
Ladadadada
  • 25,847
  • 7
  • 57
  • 90
user58859
  • 518
  • 3
  • 7
  • 17
  • Please be aware your question does not meet most of the [quality requirements](http://meta.serverfault.com/questions/5720/why-isnt-se-inc-bothering-to-explain-all-the-changes-in-close-vote-reasons) and will likely be closed. All of your questions are easily answerable by reading some documentation. Please improve your future questions. –  Aug 01 '13 at 17:40
  • 5
    So let me get this straight: You (apparently) read no documentation other than a tutorial, typed in a bunch of commands with no clear understanding of what they do, and now you want Server Fault to tell you what thy all mean? OK... The thing you can do to make your environment more secure is to ***STOP AND THINK***, preferably ***BEFORE*** you start typing commands. – voretaq7 Aug 01 '13 at 17:46

1 Answers1

7
  • What is this usermod? Why is it used here?

Usermod is a tool for configuring and modify existing user accounts. In this example you are adding your_user to the www-data group. Typically the www-data group is used by the web server (see What are the best linux permissions to use for my website?).


  • Why is the group changed?

You're assigning the www-data group membership of everything inside the /var/www directory. Likely because that's the account used by the web server.


  • What is this a2enmod?

a2enmod is used to enable apache modules. In this instance, you are enabling mod_rewrite.


  • How secure is this installation?

This question is so broad it is off-topic.


  • If the original author has already taken care of security then how did he do it?

This is a slightly less broad question but it's still off-topic. Security is not something you just "take care of". It's a process. You'll need to read and understand your documentation and come back and ask specific questions related to that topic.


- Why did he change AllowOverride None to AllowOverride All?

AllowOveride. "When this directive is set to All, then any directive which has the .htaccess Context is allowed in .htaccess files." - Right from the documentation. It's enabling the use of .htaccess.

Community
  • 1