Yes, add me to your new blog post notifications list. Terms of Service and other policies. Managed Solutions. SSL by brand. SSL by Type. Table of Contents. Excellent article mate, implementing this suggestions right now. This is very useful. Does this apply equally to PHP 7. Yes, you should be able to implement this on a server with PHP 7. This is the very useful for me, thx for sharing :.
Depending on the type of content that is to be delivered to web page visitors, however, a high-performing system may be needed.
Services offering online streaming media, for example, may not be able to forego such high-end equipment. The number of users should also be taken into account before the hardware is purchased. Once the hardware has been accounted for, the next task is to determine which of the many Linux distributors is right for the job.
The following steps are a guide to the Debian-based operating system:. Ubuntu has now been fully installed. In the case that the Apache web server was not successfully installed during the Ubuntu installation, Execute the following command:.
The following adjustments should then be made:. The database management system MySQL operates as a server that allows multiple databases to be created on it; many data tables can be set up for each database.
One or multiple clients send queries to the MySQL server, which is installed with the following command:. The next step deals with MySQL security.
MySQL Secure offers the options of changing passwords , removing anonymous user accounts or test databases, or preventing all root logins from the local host. Here is the installation command:. These are installed with the following command:. Through this process, the user receives more informative error reports and better performance. Saving errors in the error. Next, a log directory has to be made for PHP and the Apache server needs to be given ownership rights. A further plus of open source software is, as its name suggest, that every user has access to its development code.
This process involves generating an RSA keypair using the command ssh-keygen and passing the public key to the server generally using ssh-copy-id. This ensures that you can log in to the server via SSH only using the generated keys and not the weaker password authentication system. Warning: Make sure you are able to log in using key-based authentication on the non-root account with sudo permissions before disabling password authentication.
Disable open indexes: Open indexes can expose your directory structure which may prove to be fatal. Or just add Options -Indexes in the. To install these, give the following command:. While the standard installation should be enough for most people, you might have to configure it separately to set things according to your needs.
Deny access to certain directories: You might want to deny access to certain directories, in which case we can use the Deny from all directives for this in the apache. You can also get domain-validated certificates from Letsencrypt for free. Once you get the signed SSL certificate, you can add it to your new virtualhost configuration:. Although setting up the security of MySQL can be done at a later time, after installation, we should ideally start installing it in the most secure way possible.
Then we set up the mysql-server by creating a directory layout for our databases:. After that, we run the following command to run a wizard that will help us remove some potentially dangerous defaults. This will remove the ability for anyone to log into MySQL by default, disable logging in remotely with the administrator account, and remove some test databases that are insecure.
Tweaking this, we can lock down the MySQL server. In the [mysqld] section, set the bind address to the local loopback network device.
This will make sure only this machine can access this MySQL instance and not remotely. We will now shut off a function that allows access to the underlying file system from within MySQL, which can be potentially dangerous if allowed, by using the following command:. Logging: Logging is important to check for events and suspicious activities. This is usually enabled by default, but we can set where the log file is stored, as follows:.
We should also make sure that neither other users without high privileges, nor the public, are able to view the file. User access control: As per our previous rule of thumb, we should provide users access to only those resources that are absolutely necessary.
Noob is given an isolated database — MirrorDB — which mirrors the actual production database to teach the structure to it. Creating the noob user: Use the following command to create the noob user:. These are a few baby steps we can take to ensure minimal security in our database.
The number of improvements in terms of security and performance in PHP 7 is enormous, and it has been getting better with every update.
One of those selections is a LAMP server. All you need to do is mark LAMP server for installation scroll down with your arrow keys and then hit the space bar to select. You will have to answer a single question when you get to the MySQL portion of the install what you want to use for the admin password.
Your LAMP server is ready for you. Of course all you have is a bare-bones LAMP server. Since this article does not dive deep into the trenches of any of the packages, you will want to familiarize yourself with these tools before you really start playing around with them. But — even with what you have, you can now overlay a tool like Drupal, Joomla, or Xoops!
And remember, when placing any server in the eye of the public, make sure that server is as secure as possible. About Us. Sign in. Forgot your password? Get help.
0コメント