You are here
mishav - Tue, 2012/06/26 - 15:29
Or is it only for testing?
For example Xampp says that their stack is not secure enough for a production environment and should not be used as such. Is the case the same for this this stack or is it secure?
Forum:
I would consider it Production ready
Although you may wish to harden it up a little such as enable the firewall and disable any services you don't plan to use. Also make sure you set good passwords etc.
Yep, production ready...
Not much to add... But as Jeremy said, yes, TurnKey appliances are designed to be used in both development as well as production settings. All TKL appliances automatically install security updates on first boot and then after on a daily basis. For production deployments, its always a good idea to configure backups. Also, the tips Jeremy gave are recommended.
Enabling the firewall and disabling services?
As far as enabling the firewall and disabling services?
Can both be done from the administration control panel?
Yes I think so
Personally I mostly just use commandline these days, but both the Firewall (aka IPTables) and services can be controlled from Webmin.
and then you can make it even more secure if you want.
for instance use iptables to block the webmin interface port and only allow it from a specific ip address
Or only allow the webmin interface if a user is logged in using ssh
Or install knockd to allow access only after some kind of port knocking sequence.
Also you can do things like denyhosts, which detects failed ssh login attempts, and blocks the host, sent you an email... or whatever
Don't use passwords, use ssh keys, block all login attemps using passwords.
Just be critical in what you have running and if it is really needed.
If not, don't run it.
if only sometimes needed, don't run it, bring it up when needed
QUOTE: ech`echo xiun|tr nu oc|sed 'sx\([sx]\)\([xoi]\)xo un\2\1 is xg'`ol
Add new comment