Topics

Security

Setup postgreSQL RDS using Ansible

Setting up PostgreSQL on RDS using ansible is a bit tricky because the main user on RDS is not a SUPERUSER and roles membership is not automatically granted for ex: “ERROR: must be member of role ..” is quite common. Here is a working solution:

Install Sphinx 2.0.4 on CentOS 6.2

– Make sure to check CentOS, PHP-FPM, Nginx, memcached and MYSQL posts.

– Get fresh RPM from sphinxsearch.com

– Install Sphinx

rpm -Uhv http://sphinxsearch.com/files/sphinx-2.0.4-1.rhel6.x86_64.rpm

– Create sample MySQL database

Configuring vsFTPd on CentOS with different port

Check Installing CentOS 6.2 on VMware post.

– make sure SELINUX is disabled and iptables is configured for FTP

– add ftp user

adduser ftpuser -g ftp -s /sbin/nologin -d /server
#set password
passwd ftpuser

– configuration, more info

disable root login

Check Installing CentOS 6.2 on VMware post.

This should make the server more secure, review creating admin users post

– this will disable logging in ssh as root

vi /etc/ssh/sshd_config 
#add
PermitRootLogin no
#restart ssh
/etc/init.d/sshd restart

increase linux file descriptors

Check Installing CentOS 6.2 on VMware and mounting partitions with noatime posts.

This is very important performance tuning for any web server more information here

#adduser www first http://gadelkareem.com/2012/02/26/adding-new-users-and-admins-to-linux-server/
ulimit -n unlimited - www
#check default number of concurrently open file descriptors 
cat /proc/sys/fs/file-max
#set the number to high value depending on server config
echo '1773914' > /proc/sys/fs/file-max
echo 'fs.file-max=1773914' >> /etc/sysctl.conf
/sbin/sysctl -w fs.file-max=1773914