Web and mail server Opinions needed
Posted 31 March 2010 - 03:35 AM
Posted 31 March 2010 - 12:25 PM
Postfix is quite secure by itself and can even be run chrooted so isn't really a security concern.
Apache itself is quite secure too, but can be rendered insecure by flawed php scripts, so it depends how you use it.
Ultimately it comes down to security versus less admin overhead, only you can decide if your specific intended use needs the extra security or not.
This post has been edited by tux99: 31 March 2010 - 12:25 PM
Posted 31 March 2010 - 01:45 PM
Posted 31 March 2010 - 06:36 PM
If it's for a business and especially if the web site uses any of the popular CMS systems like Drupal, Yoomla, etc. then I would definitely use virtual machines or separate physical servers, since the risk that someone who hacks the web site also gains access to confidential business email is too high.
Posted 31 March 2010 - 08:45 PM
Posted 02 April 2010 - 07:19 AM
So in reality, the virtual server will be less problematic in the event of an attack. Admin is the same, just that you have more servers to connect to but that is minimal.
Posted 03 April 2010 - 12:18 PM
Posted 03 April 2010 - 12:40 PM
This post has been edited by tux99: 03 April 2010 - 12:48 PM
Posted 03 April 2010 - 01:23 PM
Posted 03 April 2010 - 03:54 PM
That is factually incorrect, the LTS releases are supported for 3 years for UbuntuDesktop and 5 years for UbuntuServer.
Posted 03 April 2010 - 04:51 PM
Ok, didn't know that thanks for correcting me. I still wouldn't choose Ubuntu as a server (and not for a desktop either since on the desktop Mandriva is better), Redhat is the industry standard for Linux servers in a business environment and deservedly so, therefore CentOS (which is a free Redhat clone) is the best choice IMHO.
If it has to be a debian style distro then I would choose the original, i.e. Debian, rather than Ubuntu server.
This post has been edited by tux99: 03 April 2010 - 04:53 PM
Posted 03 April 2010 - 06:14 PM
Posted 05 April 2010 - 08:41 PM
I have two remainig vmare boxes destined for the trash heap this year
Posted 07 April 2010 - 12:38 PM
Posted 08 April 2010 - 12:04 AM
requires a vlan capable (Managed) switch for tagging and detagging etc
/etc/network/interfaces (snippet) # The primary network interface allow-hotplug eth0 iface eth0 inet static address 22.214.171.124 netmask 255.255.255.0 network 126.96.36.199 broadcast 188.8.131.52 gateway 184.108.40.206 # dns-* options are implemented by the resolvconf package, if installed dns-nameservers 220.127.116.11 18.104.22.168 dns-search interspeed.co.nz auto virbr1022 iface virbr1022 inet manual bridge_ports eth0.1022 bridge_stp off bridge_maxwait 5 host:~# ip add | grep 1022 34: virbr1022: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 35: eth0.1022@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP