Other administration notes not included in other categories.
After installing the mysql server, the following error appears in the daemon.log log:
Jul 24 15:29:08 srv mysqld: 140724 15:29:08 [Warning] 'user' entry 'root@example.com' ignored in --skip-name-resolve mode. Jul 24 15:29:08 srv mysqld: 140724 15:29:08 [Warning] 'proxies_priv' entry '@ root@example.com' ignored in --skip-name-resolve mode.
In the old version putty 0.62 all htop colors were displayed as follows. In the latest version 0.63, some colors are not displayed. Or they are displayed, but only when you select the process with arrows on the keyboard or with the mouse. In general, it looks like this:
A proxy server is often a necessary thing. Applications of this wonderful tool - weight. For example, visiting a site where your ip address is blocked by the administrator. :)
Tinyproxy will be considered - a small but convenient proxy server. Let's try setting it up by spending no more than five minutes on it. First, install it:
# aptitude install tinyproxy
Task: prevent access to user files on the server from being read by other users. It can be useful if there are several users on the server, the first one has been hacked and on its behalf they are trying to view directories of other users.
The command to send all messages from the mail queue is: postsuper -r ALL .
The command to remove all messages from the queue: postsuper -d ALL .
The Debian Jessie repositories have an acceptable version of 0.9.7. We set it up with the add-on to work with mysql:
# aptitude install prosody
Next, you need to decide which database to use: mysql or sqlite.
If you use the Mozilla Firefox (Iceweasel) browser, you probably know about the great opportunity - data synchronization: passwords, bookmarks, settings, add-ons, etc. And having your own server on Linux, you can easily organize your own storage.
After setting up the nginx + php-fpm bundle, you may need phpmyadmin to manage MySQL databases. The most common practice is access through an alias. Slightly less - subdomain. Consider the first option.
If you have a static ip, and you administer the site exclusively from this address, you can restrict access to the admin panel of the site by ip. As a rule, site control panels are located in a folder (occasionally on a subdomain :) For example, WordPress has / wp-admin /. So, you need to restrict access only to this directory. In this case, the configuration code will look like this:
I bought a static ip from the provider and decided to allow access to ssh from this ip only. The advantages are obvious: no one except me can connect to your server via ssh. No one can pick passwords. And fail2ban becomes unnecessary. :) In short, from static ip some solid pluses. (Further…)