Re: Silicon Image SIL680 RAID Controller
From: Fred Jones (freddydynip_at_yahoo.com)
Date: 07/05/04
- Next message: Conrad J. Sabatier: "Re: help me on CVSup"
- Previous message: Lowell Gilbert: "Re: samba, slow write speed"
- In reply to: Steve O'Hara-Smith: "Re: Silicon Image SIL680 RAID Controller"
- Next in thread: Steve O'Hara-Smith: "Re: Silicon Image SIL680 RAID Controller"
- Reply: Steve O'Hara-Smith: "Re: Silicon Image SIL680 RAID Controller"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 5 Jul 2004 13:50:47 -0700
Steve O'Hara-Smith <steveo@eircom.net> wrote in message news:<20040705072841.7cf8e45a.steveo@eircom.net>...
>
> > Ultimately, I need to configure the following services:
> > httpd
>
> Install an apache port - unless you want minimal features and high
> performance in which case go for thttpd.
Steve,
Many thanks for the assistance.
Out site currently receives between ~2,500-5,000 visitors/day. We host
a handful of smaller sites and run alot of cgi scripts. Aside from a
couple of flash intro pages, no streaming data, large database or
processor intensive apps.
Would there be any benefit to using thttpd or some other higher-end
web server (e.g., tux)?
Do you know if there's some type of simple (bulleted?) list describing
the exact procedures required to setup and configure a web server
under FreeBSD? I'm a bit dyslexic and, based on how long it's taken me
to get this far, I'm a bit worried that I may be reading and man pages
for the next 2 years while my 1 August deadline passes me by.
> > mail
>
> Enable sendmail (sendmail_enable="YES" in /etc/rc.conf) - possibly
> pick a POP3 and/or IMAP server and install the appropriate ports.
Yes, I saw that. I guess the reason I asked about running mail, ssh
and DNS from the same server that's running apache is because one of
the books I've been reading (sorry, I can't recall which) strongly
recommended against running -any- other services from the machine
that's running apache. The author suggested that doing so creates a
security risk in case someone hacks into the server.
It would be a great deal simpler (and less expensive) if I can
[reasonably safely] run everything from one physical PC. But, again,
my prime concern (because we've been targeted by hackers previously)
is security.
> > ssh (optional, but it would be nice to know that I can check on things
> > if I'm traveling)
>
> Standard.
Yes, I see that it's running on the server now.
> > DNS (optional, but I'd
>
> Configure and enable - see man named and man named.conf for details,
> then add named_enable="YES" to /etc/rc.conf.
Yes, I saw that as well. Unfortunately, I see that that's the least of
it. From the little I've read about DNS, configuring a DNS server
makes configuring apache seem like child's play. I'm hoping to be able
to use my aDSL provider's DNS servers, but I'm not sure yet, so I want
to have a backup option ready.
> > Can I ask a few more questions?
> > 1) Can I [safely] run all of these services on one PC?
>
> Sure (unless you're expecting a *lot* of traffic - hundreds of hits
> per second for example).
I doubt we'll ever see that much traffic.
> You probably should enable a firewall as well. Read man firewall for
> more details.
Yes, I read that and I definitely will use a firewall. I've already
got a firewall built into the aDSL router, but someone else suggested
that I setup a firewall in FreeBSD as well. This makes alot of sense,
because I've had a handful of hackers breach the router/firewall
that's supposed to be protecting our (separate) Windows-based LAN from
the Web. If we hadn't been running ZoneAlarm or BlackICE on each
users' workstation, it could've gotten very nasty.
Unfortunately, configuring the FreeBSD firewall appears to be ALOT
more complex than ZoneAlarm or BlackICE.
Again, I've got "The Complete FreeBSD" book, which contains a chapter
on Firewalls, but it's very confusing to say the least.
> > 2) Which version of apache is best in terms of security--1.3 or 2.0?
> > "The Complete FreeBSD" book (which is confusing me about as much as
> > it's helping) recommends 1.3, but apache recommends 2.0.
>
> Arguments rage on this subject. I've never got into any trouble
> running apache 1.3 on a busy site.
That sounds good. I'll go with 1.3.
> > 3) How do I install apache from the FreeBSD 4.10 CD without installing
> > the entire Packages section (I don't see it listed in any of the
> > Package sections)?
>
> cd /usr/ports/www/apache
> make install clean
I actually did that and got apache installed (though I couldn't get it
to start!). But, to get apache, I had to install the entire Packages
set. Apache doesn't appear as a separately installable component in
the list of Packages, and I thought that having all of them installed
was a potential security risk. So I deinstalled apache and then
Fetch'ed the sources from apache.org and compiled those.
Unfortunately, I couldn't get that to run either. When I run
"apachectl start", I got "httpd could not be started".
- Next message: Conrad J. Sabatier: "Re: help me on CVSup"
- Previous message: Lowell Gilbert: "Re: samba, slow write speed"
- In reply to: Steve O'Hara-Smith: "Re: Silicon Image SIL680 RAID Controller"
- Next in thread: Steve O'Hara-Smith: "Re: Silicon Image SIL680 RAID Controller"
- Reply: Steve O'Hara-Smith: "Re: Silicon Image SIL680 RAID Controller"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
