Updated question:
Assuming the setup of a "minimal" web server (apache2, php) - e.g. with the least features possible - I would like to know if the nscd is truly required for optimal functioning of the machine.
I have an apache2 server with an application that uses a postgres db on Debian/Linux. The server has 1.2 gigs of ram.
On the client side (browser), if I keep refreshing the window (F5) non-stop for a long period of time (about 1 minute), apache2 and postgresql end up crashing, and all comes back to normal after they recover. This is due to the poor programming of the application, aspect I don't have control over, and the fact that I'm hammering the server with requests and it's trying to answer to all of them.
My question, are there tools on Debian that can see an abusive IP and block it for a certain amount of time? Anything will help.
Update: this is from a server side standpoint, abstracting the inefficient/load-intensive actions that every HTTP request require to complete. Forget about the application, think of it from a server standpoint.
Thanks
If I generate two SSL certificates using the same key, am I diluting the strength of the certificates? (does it open the door for cryptanalysis or a possibility of compromising data across that channel)?
Thanks
Debian and other GNU/Linux systems often come with world readable logs/configurations/directories. For example, on a new install, these files are world readable:
/etc/passwd/var/log/lastlog- list of running cron jobs
Although being able to read those files isn't directly a threat, in a system where all users cannot be trusted, it's wise to minimize system visibility.
Is there a linux flavor / standard tool for avoiding those kinds of situation where new users can harvest that many details about the server they're using? Ideally, they should be limited to their own directories.
I've already set up chroot jails in the past, but I'm looking for an alternative solution or tricks some of you may have.
Thanks!
What's a good way of running a shell script as a different user. I'm using Debian etch, and I know which user I want to impersonate.
If I was doing it manually, I would do:
su postgres
./backup_db.sh /tmp/test
exit
Since I want to automate the process, I need a way to run backup_db.sh as postgres (inheriting the environment, etc)
Thanks!
Are there any configuration or installation hazards to setup both Postgresql-8.4 and MySQL on the same server and running them side by side, other than performance?
The server is running Debian etch.
Thanks
I have a debian etch server with php5 packages installed.
My issue is that I can't find any php executable to run scripts on the command line. Running "whereis php5" return folders with only config files, .so files and no executables and "whereis php" returns nothing.
I've googled and found out about php-cli. Is this the solution that I'm looking for? If so, what are the differences between php5 and php5-cli packages? Will installing the php5-cli package interfere with my current setup of php5?
Thanks for the help!
Wadih
I have a few named vhosts on my apache2 debian server and I want to have a mirror server that can pickup as soon as the first server goes down. We can assume I have total control over both servers and /www data on both servers is regularly and incrementally synchronized using rsync.
I can see ways of doing it at the DNS level, but I'd like to have a community input on that. Are there any solutions for achieving this out there already?
Thanks