[thelist] Server Administration
Keith
cache at dowebs.com
Thu Jun 23 16:11:59 CDT 2005
At 02:30 PM Thursday 6/23/2005, you wrote:
>To start with, I'll definitely be using some flavor of Linux, as I
>wouldn't touch IIS with a ten foot pole after all the bad things I've
>heard about it. I've heard that a Linux/Apahce/Cpanel/WHM setup, if kept
>patched, is pretty well locked down without the admin needing to know much
>about server administration. Is this true?
You really need to get on some CPanel forums to get an answer to that. All
of the commercial control panels ship with default settings that need to be
tweaked for various reasons simply because there is no real "default" that
works for everybody.
That said, I recommend Plesk 7 Reloaded. It is a generation ahead of
everybody else for security. They've rethought the role of the "nobody"
user (and eliminated it) and the "world" permission bit. For example,
Apache runs on Group permissions rather than World permissions. That allows
PHP to be safely run as an Apache Module. For more detail info behind that
concept, http://lists.evolt.org/archive/Week-of-Mon-20030714/145126.html
I don't know if CPanel or Ensim (or other control panels) have evolved to
not using the World bit for Apache's permissions. Can anyone confirm that?
Keith
cache at dowebs.com
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.7.11/26 - Release Date: 6/22/2005
More information about the thelist
mailing list