[conspire] Running your own Web server (was: Bay Area ISPs for servers/hosting)

Rick Moen rick at linuxmafia.com
Sat Nov 16 14:06:39 PST 2019


Quoting Paul Zander (paulz at ieee.org):

>  Rick:
> Time for you to repeat your description of typical web "security"
> being like a bank guard with photos of Al Capone and Matt Dillinger,
> but not photos of Bonnie and Clyde because they are new.

Heh, yes, so many good metaphors.

I boggle when I hear people say they don't know enough of system
administration and networking to safely run a Web site.  You know what
my professional background was when I started running Unix servers?  I
was a staff accountant at CPA firms.

As the saying goes, it's not friggin' brain surgery:

1.  Do backups.
2.  Learn from your mistakes.
3.  Follow the KISS principle.

Around 2006, my Red Hat Linux (4.0 I think) server in San Francisco got
remotely compromised, because I'd been inattentive and had not heeded
the KISS principle.  (This was in the bad early days of RHL, when it
default-installed with a huge number of vulnerable network services
fully exposed to public networks, and this was before RHL had
semi-automatic package updating.)

The site compromise was embarrassing, but I had backups, and was willing
to learn from my mistakes.  So, a few hours later, I'd blown away the
compromised system, rebuilt it on a new installation, and did better
that time.

It's really not difficult.  People who give up and claim the only
reasonable choice is to outsource everything really haven't tried in any
serious way, and thus I politely call bullshit when I hear it.




More information about the conspire mailing list