Short Guide For Unmanaged Rackspace Cloud Server, Might Help the Users With Less Budget Who Are Unable to Bear the Cost of Managed Cloud. As because we might spin a different, a bit modified and hardened distro from Rackspace Mirror, we actually do not need all the precautions required for older non-OpenStack Cloud Servers. Practically, Rackspace delivers more than IaaS, it is towards Software Defined Data Center.
Rackspace, for the past four years; never endorsed us for writing for their materials. This is a very good point which usually people ( read blogger seeking affiliate link ) dislike. You can start from three articles :
- Hardening Rackspace Cloud Server for WordPress Part 1
- Hardening Rackspace Cloud Server for WordPress Part 2
- Full step by step guide to Install WordPress on Ubuntu 13.10 on Rackspace
Again, we will suggest to kindly try the Managed level, because it not only is safe but also might save your money on investing more on allocating the resources. Prohibiting factors for the most is not the flat $100 USD charge but the higher price of per hour charge. Meaningless articles exist :
How Google Search gives importance to an un-updated, wrong, misleading article; this is one of the example. There are not much difference between Amazon, Microsoft and Google by philosophy. All runs on Closed Source Software Models and injects Spywares – these spyware activities are now known to all. We want to say – a person can never become bigger by blaming and cursing the others, thats too wrongly. Write stuffs that works. If something has been changed, it should be strikeout
like this and disclaimer should be added. The ABC button is just beside B, I buttons in WordPress. Period. Back to the topic.
To Do List For Unmanaged Rackspace Cloud Server Owners
To Do List For Unmanaged Rackspace Cloud Server Owners Does Not Encourage Not Using a Managed Level. These are minimum things to check if you do not have much earnings to pay the extra premium :
- Install WordPress or any software in the way we described above. But kindly use at least two servers – MySQL server should be different and only port to connect to MySQL server should be kept open.
- It is very important to activate the Scheduled Image taking mechanism from control panel. Always check the taken image by spinning up a server with it. Keep some images forever – like every 6 months, replicate one image and save it. You will probably need to attach a networking storage.
- Install Firewall Software, VSFTD etc and create long passwords that contain upper and lower case letters, numbers and non alpha-numeric characters.
- For God sake; if you use PHPMyAdmin on the same server, add a .htaccess password and /or comment out the line to include PHPMyAdmin module to be loaded when you are not using the PHPMyAdmin panel.
- Also the same goes for Webmin, stop it if you are not using.
- Point 4 and 5 save the resource by reducing the number of running demons and closes the way to get hacked easily.
- Create long passwords that contain upper and lower case letters, numbers and non alpha-numeric characters. Riddles are good to construct hard passwords ==> if you are a female, probably you are aware that your husband is the biggest fool on this Earth. Actually, this is a constant RIGHT observation by all the wives => My Husband is a Fool => Changes to => m^hU$b@nDiZ1Fo0L:( <= My Husband iz 1 fool :( We hope, the hacker is also a husband. Do NOT use so easy sayings, though.
- Make use of Public/Private SSH keys for login.
- Disable Root Login
- Use SFTP, SSL as much as possible.
- Minimize the number of softwares installed. We discourage to install Git on production server running WordPress. Use separate server.
- Keep the Softwares Updated, do checking every 3 days.
- Reboot regularly, this is important. Reboot actually is a good practice (stop Apache, MySQL etc. softwares first) like our physical computers but first identify the time when the visitors are less in number or redirect them to another server and change the DNS. That is why point 2 is written – build a new server from the latest image, change DNS and work on your server. It is important to keep the IP constant. Never ever delete an old server, rebuild it.
- Remove the apt-cache, check and delete Apache logs.
- Do not keep any executables on the server. Delete after installation.
- This file is important => /etc/sysctl.conf file
- Harden Linux Kernel
- Mail Server should never run on the main server
- Think about using a Reverse Proxy Server
- Always test backups and take Backup of MySQL, FTP separately. You must not consider a Server Image equivalent to WordPress backup.
There are, actually lot of works to do, really.