[Chugalug] Running multi sites on one(non virt) machine
dwrudy at gmail.com
Mon Mar 17 15:25:04 UTC 2014
The good thing is that only about 2-3 of my clients actually use sFTP. All
of my other clients just go through me to make updates to their website
(and thus, I haven't even created user accounts for them).
I'll take a look at Virtual Users, Apache vhosts, and what-not. Thanks for
On Mon, Mar 17, 2014 at 10:55 AM, Eric Wolf <ebwolf at gmail.com> wrote:
> You hate cPanel buy what do your customers think of it?
> On Mar 17, 2014 7:55 AM, "David White" <dwrudy at gmail.com> wrote:
>> I'm digging up an old thread. Originally, I searched my Chugalug archives
>> for OSSEC, but this email thread (ironically) brings up the real reason I
>> was searching for OSSEC - figuring out a better way to secure my shared
>> webserver infrastructure.
>> Because right now, the single shared server I operate is anything but
>> secure other than a few scripts monitoring for file hash changes and having
>> password auth turned off, only relying on key-based auth, and blocking IP
>> addresses that repeatedly try to brute force the machine (I also manage
>> dedicated servers which is obviously much more preferable, security-wise).
>> I really need a way to separate permissions and visibility from 1 user's
>> directory to another's (user X shouldn't be able to see user Y's stuff when
>> they login via sFTP). Even though I have my user's stuff separated in
>> different directories, any user - if they wanted to and knew how, could
>> navigate *up* the directory tree and then over into another user's
>> Permissions are set so that they can't actually edit the files, but
>> reading the files is bad enough... This has always been in the back of my
>> mind as an issue I need to deal with - and I hate cPanel, and refuse to use
>> I'll take a look at the Webmin idea, as well as Apache vhosts... I think
>> I remember looking into that a year or two ago, and not getting anywhere
>> with it. I'll try another attempt.
>> On Mon, Jun 24, 2013 at 10:50 AM, Matt Keys <mk6032 at yahoo.com> wrote:
>>> Thanks for the tip on etckeeper! Tripwire / OSSEC hash files and tell
>>> you if the hash has changed but they don't give you the actual change. This
>>> should work much better!
>>> On 06/23/2013 02:52 PM, Jason Brown wrote:
>>> I like the way virtualmin <http://www.virtualmin.com/> (A webmin addon)
>>> handles this, even if I don't always use the software. You can use it for
>>> configuration, then shut it down when not needed if it's overhead is in the
>>> In short, each website / apache virtual host gets it's own user, unless
>>> it is a sub-server under and existing user. It's a good data segmentation
>>> For web site setup operations it is also a useful learning tool, change
>>> an option and see what it did in the configuration file(s). etckeeper + git
>>> is your friend here.
>>> Chugalug mailing list
>>> Chugalug at chugalug.org
>> David White
>> Founder & CEO
>> *Develop CENTS *
>> Computing, Equipping, Networking, Training & Supporting
>> Nonprofit Organizations Worldwide
>> Chugalug mailing list
>> Chugalug at chugalug.org
> Chugalug mailing list
> Chugalug at chugalug.org
Founder & CEO
*Develop CENTS *
Computing, Equipping, Networking, Training & Supporting
Nonprofit Organizations Worldwide
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Chugalug