Received: by 10.52.67.209 with SMTP id p17mr21243829vdt.0.1330867243005;
Sun, 04 Mar 2012 05:20:43 -0800 (PST)
X-BeenThere: ec2debian@googlegroups.com
Received: by 10.220.3.135 with SMTP id 7ls4512685vcn.8.gmail; Sun, 04 Mar 2012
05:20:42 -0800 (PST)
MIME-Version: 1.0
Received: by 10.52.89.235 with SMTP id br11mr2752600vdb.9.1330867242458; Sun,
04 Mar 2012 05:20:42 -0800 (PST)
Authentication-Results: ls.google.com; spf=pass (google.com: domain of
ands...@gmail.com designates internal as permitted sender)
smtp.mail=ands...@gmail.com; dkim=pass
header...@gmail.com
Received: by k6g2000vbz.googlegroups.com with HTTP; Sun, 4 Mar 2012 05:20:42
-0800 (PST)
Date: Sun, 4 Mar 2012 05:20:42 -0800 (PST)
In-Reply-To: <eb66b886-d75a-4b14-a8c1-3d464969631f@w5g2000vbv.googlegroups.com>
References: <05df88ab-9145-4302-bd1a-ab1b7b68f0c3@q12g2000yqg.googlegroups.com>
<eb66b886-d75a-4b14-a8c1-3d464969631f@w5g2000vbv.googlegroups.com>
User-Agent: G2/1.0
X-HTTP-UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3)
AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11,gzip(gfe)
Message-ID: <c8803448-2698-4876-a975-445141e80f95@k6g2000vbz.googlegroups.com>
Subject: Re: Security and Ongoing Maintenance
From: andsens <ands...@gmail.com>
To: ec2debian <ec2debian@googlegroups.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
I mean apt-get update && apt-get upgrade of course. The former will
only update the list of available updates.
On Mar 4, 3:06=A0am, andsens <ands...@gmail.com> wrote:
> Honestly: apt-get update. That's all. If you configure your apache
> configuration fairly restrictive and it is the only open port in your
> firewall (plus ssh & ftp), you shouldn't have any problems.
> That is, if you are not running some kind of custom installed cms that
> needs updating.
> I would recommend that you let your users access the website via sftp
> though, and not ftp. It's one less dependency to worry about.
> You should chroot them and give them a private key for login, then
> disable password login to ssh entirely.
>
> On Mar 2, 3:16=A0pm, Ammianus <brian.las...@gmail.com> wrote:
>
>
>
>
>
>
>
> > Hi all, I am using debian-6.0-squeeze-base-x86_64-20110417
> > (ami-80e915e9) for some months for my own small projects. After
> > initially setting up a few web sites running in Apache, I haven't
> > really touched anything in terms of configuration for some time.
>
> > I recently set up a new website in Apache, and installed vsftp to
> > allow my user to upload files directly to their site's folder.
>
> > Just brought to mind the fact that I haven't actively logged in to the
> > machine in months, nor ran any kind of updates for the OS, or
> > software.
>
> > What should I be doing for keeping up to date with security fixes,
> > especially for Apache / Debian?
>
> > Looking through the Apache access logs I see the random requests from
> > strange IP#s with no browser details. I am worried about someone
> > trying to compromise my system as I don't generally monitor it every
> > day.
>
> > Are there general ways I can keep it relatively secure, but still
> > functional so i can upload files to the sites I am hosting?
>
Message from discussion Security and Ongoing Maintenance
| Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy |
| ©2013 Google |