[Chugalug] Running multi sites on one(non virt) machine

David White dwrudy at gmail.com
Mon Mar 17 15:25:04 UTC 2014


The good thing is that only about 2-3 of my clients actually use sFTP. All
of my other clients just go through me to make updates to their website
(and thus, I haven't even created user accounts for them).

I'll take a look at Virtual Users, Apache vhosts, and what-not. Thanks for
the suggestions.


On Mon, Mar 17, 2014 at 10:55 AM, Eric Wolf <ebwolf at gmail.com> wrote:

> You hate cPanel buy what do your customers think of it?
> On Mar 17, 2014 7:55 AM, "David White" <dwrudy at gmail.com> wrote:
>
>> I'm digging up an old thread. Originally, I searched my Chugalug archives
>> for OSSEC, but this email thread (ironically) brings up the real reason I
>> was searching for OSSEC - figuring out a better way to secure my shared
>> webserver infrastructure.
>>
>> Because right now, the single shared server I operate is anything but
>> secure other than a few scripts monitoring for file hash changes and having
>> password auth turned off, only relying on key-based auth, and blocking IP
>> addresses that repeatedly try to brute force the machine (I also manage
>> dedicated servers which is obviously much more preferable, security-wise).
>>
>> I really need a way to separate permissions and visibility from 1 user's
>> directory to another's (user X shouldn't be able to see user Y's stuff when
>> they login via sFTP). Even though I have my user's stuff separated in
>> different directories, any user - if they wanted to and knew how, could
>> navigate *up* the directory tree and then over into another user's
>> folder.
>>
>> Permissions are set so that they can't actually edit the files, but
>> reading the files is bad enough... This has always been in the back of my
>> mind as an issue I need to deal with - and I hate cPanel, and refuse to use
>> it.
>>
>> I'll take a look at the Webmin idea, as well as Apache vhosts... I think
>> I remember looking into that a year or two ago, and not getting anywhere
>> with it. I'll try another attempt.
>>
>>
>>
>> On Mon, Jun 24, 2013 at 10:50 AM, Matt Keys <mk6032 at yahoo.com> wrote:
>>
>>>  Thanks for the tip on etckeeper! Tripwire / OSSEC hash files and tell
>>> you if the hash has changed but they don't give you the actual change. This
>>> should work much better!
>>>
>>> Regards,
>>> Matt
>>>
>>>
>>> On 06/23/2013 02:52 PM, Jason Brown wrote:
>>>
>>> I like the way virtualmin <http://www.virtualmin.com/> (A webmin addon)
>>> handles this, even if I don't always use the software.  You can use it for
>>> configuration, then shut it down when not needed if it's overhead is in the
>>> way.
>>>
>>> In short, each website / apache virtual host gets it's own user, unless
>>> it is a sub-server under and existing user. It's a good data segmentation
>>> model.
>>>
>>> For web site setup operations it is also a useful learning tool, change
>>> an option and see what it did in the configuration file(s). etckeeper + git
>>> is your friend here.
>>>
>>> --Jason
>>>
>>>
>>>
>>> _______________________________________________
>>> Chugalug mailing list
>>> Chugalug at chugalug.org
>>> http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
>>>
>>>
>>
>>
>> --
>> David White
>> Founder & CEO
>>
>> *Develop CENTS *
>> Computing, Equipping, Networking, Training & Supporting
>> Nonprofit Organizations Worldwide
>> http://developcents.com
>> 423-693-4234
>>
>> _______________________________________________
>> Chugalug mailing list
>> Chugalug at chugalug.org
>> http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
>>
>>
> _______________________________________________
> Chugalug mailing list
> Chugalug at chugalug.org
> http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
>
>


-- 
David White
Founder & CEO

*Develop CENTS *
Computing, Equipping, Networking, Training & Supporting
Nonprofit Organizations Worldwide
http://developcents.com
423-693-4234
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://chugalug.org/pipermail/chugalug/attachments/20140317/531c867b/attachment.html>


More information about the Chugalug mailing list