Old, Boring and Popular ~ Server administration tips from Marco Arment

If you haven’t already you should subscribed to this wonderful podcast called Under the Radar. These tips are from episode 13 of this podcast:

  1. Pick a very popular but conservative Linux distribution (à la CentOs, Ubuntu)
  2. Turn on auto-updates for much of the system software as possible …. that will take care of most security problems for you.
  3. Take advantage of built-in isolation on Linux machines … If you only have one server make the internal stuff listen on localhost. So that you can’t login into MySQL/memcached from outside. If you have multiple servers, use private networking.
  4. Disable password authentication in SSH
  5. Collect as little user data as possible to get your job done. Worst case scenario somebody hacks into your server and take your database … if you can get away with not having people’s email address then don’t take it. If you are taking passwords from people then hash those using secure password hasing like bcrypt on strong setting … Google for more info.
  6. Have database backups and encrypt those backups. I write my DB backups to a write only S3 account, so credentials on the machine can only write to the bucket and not read from it so someone who hack into the machine can’t hack in and delete the backups.
 
3
Kudos
 
3
Kudos

Now read this

16" Bass Drum & Drum Set Coffee Table

I actually wanted to be a drummer, but I didn’t have any drums. -Stevie Ray Vaughan The 16" Bass Drum # While putting together an acoustic Drum Set with the choicest parts, I bought a set of used Toms consisting of 10" and 14" rack toms,... Continue →