Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
02-01-2011, 12:02 AM
|
#1
|
LQ Newbie
Registered: Jan 2011
Posts: 2
Rep:
|
Manage files and sites with server debian linux
Hi i'm very newbie! You will see. I know that i have to read manual, etc, but i don't understand also wich manual, guide, etc. So i try forum card!
My problem. I have a linux server with debian system. i'm not sya admin. i'm not programmer. I'm... nothing...
But i want to put in my debian server a site.
I installed apache php mysql and phpmyadmim.
I really thought that was more difficoult for me to put my site database. But now i can load on server my database with phpmyadmin after a very simply installation. I could not believe. Wow.
I'm studing how make ftp work (apt-get site-ftp?) and waiting from my host directadmin installed. But i try to manage linux console and was very exciting for a newbiest like me!
Now i can write text on my site server with echo etc,etc, i have a database, but i have not site files.
While i was studing tutorial to make apache work, i frequently read the directory /var/www and my debian console confirm that is an existing directory.
But... how can use this directory?
Can you give me the list debian linux server commands to:
copy, delete, paste from my pc desktop a file TO folder /var/www ?
It is possible without ftp?
Another question. Which bad errors can make a newbie like me configuring apache with linux?
I ask this becouse i read allwhere that i could not manage a server system if i'm not a sysadmin, but i have only to put in a site... what the real risk?
Thank's
|
|
|
02-01-2011, 04:56 AM
|
#2
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
Quote:
i read allwhere that i could not manage a server system if i'm not a sysadmin
|
Fine, you are now officially declared a sysadmin and you can manage your site.
Quote:
list debian linux server commands to: copy, delete, paste from my pc desktop a file TO folder /var/www
|
This depends on what you mean by copy to /var/www. If the files are on the same machine as the web server, you can simply use the commands cp, mv, and rm, mkdir, rmdir to copy, move, remove, create a directory and remove a directory in that order. Otherwise if these files are on a different machine you will need to do a form of remote copy. FTP is/was the default standard, however, by default it is extremely insecure in that login credentials are transmitted in plain text. If you have SSH capability, you would be much better off to use SCP instead. The syntax for scp is rather simple 'spc path/file user@remote.host:dest_path/file'
Quote:
Which bad errors can make a newbie like me configuring apache with linux
|
This is a very broad topic and greatly depends on what you are doing with your site. By default, serving up static web pages is quite safe, but isn't very useful, so often times scripting capabilities like PHP are added. Improperly coded PHP can get you in trouble, especially when combined with accepting user input. You mentioned using phpmyadmin. This is another area of concern. Is the myadmin site accessible from the www? You could consider running it only from an https site, add authentication methods to Apache such as requiring a client side certificate, or making it only accessible from the localhost interface so you need to SSH into the machine to access it.
As your capabilities increase and you start to develop your applications, you will find that your need to secure them increases. Make it a point to learn about the applications and investigate the means of securing them as part of this process. By becoming a sysadmin, you have accepted this responsibility whether you want it or not. There is no tool, or application you can install and run that will secure your system for you and there is no short cut.
If you do use SSH to access the remote system, at a minimum use a STRONG password or better yet use keybased authentication and do NOT login as the root user. In fact, keep this ability turned off. If you find you must work as root, which you should do only when required, first login as a normal user and then become root as needed.
Last edited by Noway2; 02-01-2011 at 04:59 AM.
Reason: added SSH paragraph
|
|
1 members found this post helpful.
|
02-01-2011, 12:01 PM
|
#3
|
LQ Newbie
Registered: Jan 2011
Posts: 2
Original Poster
Rep:
|
Quote:
Originally Posted by Noway2
If you do use SSH to access the remote system, at a minimum use a STRONG password or better yet use keybased authentication and do NOT login as the root user. In fact, keep this ability turned off. If you find you must work as root, which you should do only when required, first login as a normal user and then become root as needed.
|
I thank you very much! You are very clear and encourage me . Now i have shh and i will try to move files from my pc...
I think your words about keeping ability turned off is like gold. I understand thar login with user is more secure than login as a root.
And what about port? I read that sole server servis offer to newbie managed server with some ports closed to NOT make trouble to people like me. I recently learned that ares many ports, but i need some ports (ftp like a user, database user). I very like your encouragement, but i don't think that i can upgrade simple my experience level. Meanwhile, i think that if every ports unnecessary for me are closed (it is possible) i will be more sure..
Can you tell me if this is correct? And how can i lock an a not necessary port?
Thank You!
|
|
|
02-01-2011, 06:46 PM
|
#4
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
There are two aspects to this. First, as you probably know many functions, such as http, smtp, ssh, ftp, etc have standard ports associated with the protocols. This is to help ensure that one machine can find another machine's services and this is generally a good thing. One thing you may come across, especially with SSH is the recommendation to move the SSH server to a port other than 22. My personal opinion on this is that it is futile. A quick scan will reveal where you have moved it to and if someone is going to truly try to crack into your SSH server this will not even slow them down. I say don't bother. Instead take the steps I mentioned in my previous post and you shouldn't have problems with SSH.
Second, one thing to realize is that Linux is NOT Windows. In Linux, all ports are closed by default. The only time that ports are opened is if there is an application that is listening on that port. Unless you run a server, which you are, you will not have any open ports. This is where a firewall comes into play. The default firewall is iptables. Learn to use it. Putting a firewall up around your server helps to ensure that you only open the ports you desire to and allows you to customize your security settings. For example, if you know you are only going to SSH into the server from a known location(s), you can set it to accept port 22 traffic only from those locations.
Similarly with anti-virus. Viruses in the wild are not a problem on Linux. However, if you run a server that associates with Windows machines, running an anti-virus application to scan incoming and outgoing files will help prevent the spread of infections. This is a common usage of anti-virus on applications such as mail servers.
Quote:
I very like your encouragement, but i don't think that i can upgrade simple my experience level.
|
You won't learn everything overnight. It takes time, but you will be amazed at how fast you learn. As I said, as you develop your applications, your security needs will develop accordingly and you should make it a point to try and learn about how to secure the applications as you develop with them. Remember, there is no magic formula for "do this" and you will be secure. Each application has its own weaknesses and means of securing it.
Last edited by Noway2; 02-01-2011 at 06:47 PM.
Reason: typo
|
|
1 members found this post helpful.
|
All times are GMT -5. The time now is 02:25 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|