Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 08-25-2011, 06:31 AM   #1
LQ Newbie
Registered: Aug 2011
Posts: 24

Rep: Reputation: Disabled
Linux Webserver which distro and how to secure


I'm a complete novice to linux especially command line. i have used server for several years but generally at the graphic end like cpanel and webmin/virutalmin

I am now about to endeavor setting up my 1st linux box as a live webserver the isp will do basic install of the distro and provide SSH access.

But the advice i'm looking for is what i do beyond that the last server we had was compromised so i'm particularity wary of security to stop any future compromises. most websites are wordpress or joomla so i need to guard against SQL Injection.

I don't know if there is a good book / website i could use as a guide to the setup. Last server was Debian so may go with that or maybe centos.

Any advice be greatly appreciated


Old 08-25-2011, 08:49 PM   #2
Registered: Mar 2008
Posts: 17,952

Rep: Reputation: 2678Reputation: 2678Reputation: 2678Reputation: 2678Reputation: 2678Reputation: 2678Reputation: 2678Reputation: 2678Reputation: 2678Reputation: 2678Reputation: 2678
I'd run it off a CD/DVD. I doubt they could hack that much.

Secure usually is a BSD but even that is subject to any app. It is partly the app and partly how secure the default install is and then the holes tend to be put in from even simple apps. Common /bin apps have all sorts of holes.
Old 08-25-2011, 11:18 PM   #3
LQ Newbie
Registered: Aug 2011
Posts: 24

Original Poster
Rep: Reputation: Disabled
CD / DVD is not an option with most isp's It needs to be a HDD installation

I know generally there is no such thing as fully secure. but i'm sure people must configure servers to be quite secure beyond a standard installation. With extra say Apache modules, firewalls, Intrusion detection / prevention software.

So i was hoping someone might say. Well do this to Apache and use mod_security2 and xyz etc

See from a standard installation you can add abit more security to make it difficult to compromise and with the right monitoring software i'm sure you could detect a compromise and what was done and fix it thats all i'm after
Old 08-26-2011, 12:56 AM   #4
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,501

Rep: Reputation: 2411Reputation: 2411Reputation: 2411Reputation: 2411Reputation: 2411Reputation: 2411Reputation: 2411Reputation: 2411Reputation: 2411Reputation: 2411Reputation: 2411
You should head on over to the Security forum and start by reading the Sticky notes there.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting up secure apache2 webserver https access on suse linux 9.2 svanati SUSE / openSUSE 4 12-21-2004 08:07 PM
Looking for specific linux distro -- Help me set up a webserver flamesrock Linux - Software 7 03-04-2004 07:04 AM
Linux Distro for old hardware webserver neocryptek Linux - Software 5 11-13-2003 09:34 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:21 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration