4

I am in the process of setting up an Ubuntu LAMP server (cloud hosted) to run a few small websites. I am in the process of configuring the security settings, etc. Once I have it ready for production what types/amount of maintenance will I need to be doing?

markle976
  • 147
  • 4

1 Answers1

4

This is by no means a complete list but here's a few things to start with.

  • Once you think you have it secure I would run something like Nikto2 or W3AF against your server to verify that you have things buttoned down reasonably well.
  • Subscribe to the Ubuntu Security Notices mailing list or RSS feed. So that you are aware of any security issues that come up that may affect your system.
  • Keep the system up to date. Pay careful attention to any CMS, web frameworks, or web applications that you are using. As the popular ones such as Wordpress, Joomla, Drupal, etc are targeted by hackers when vulnerabilities are discovered.
  • Make an effort to routinely review the log files. Something like Splunk or octopussy may help.
sebthebert
  • 1,234
  • 8
  • 21
3dinfluence
  • 12,449
  • 2
  • 28
  • 41
  • For my edification, what advantages does W3AF or Nikto2 offer over Nessus? (Or am I comparing apples and oranges). – Stefan Lasiewski Apr 01 '10 at 18:10
  • Nessus is a good option as well. But it's only free for personal use any commercial use technically requires a commercial license. If I recall correctly Nessus actually runs nikto2 as part of its tests. Another option is OpenVAS which is a fork of Nessus based off the Nessus 2.x engine which was opensource before Tennable change the license for versions 3.x and newer. – 3dinfluence Apr 01 '10 at 18:34
  • Also I should have mentioned this in my original answer. Before running any vulnerability scan make sure that it's ok to do so. I know that most cloud hosting sites do not allow it as it can put a high load on the server and in some cases even crash a server. So you should probably create a local virtual machine copy of the server setup to run that sort of testing against. Doing it this way is not perfect but better than nothing. – 3dinfluence Apr 01 '10 at 18:37