[typo] Newbie Question 3: Secure Typo installation
nrich123 at mac.com
Tue Oct 30 08:16:34 EDT 2007
Sorry - more questions from ignorance!
I'm hosting a few typo blogs for fun. I have an ADSL line, a domain
and a spare Mac OS X box. I would like to ensure that I'm not
opening up some nightmare security hole on my network.
- My db is Postgres which runs under an unprivileged user, u1.
- My typo install folders are owned by an unprivileged user, u2 ,
which also runs my mongrel instances, which listen only on localhost
- My apache install runs under an unprivileged user, u3, which
proxies to the mongrel cluster.
- My firewall is closed to inbound traffic except for my apache port 80.
Does this sound like a sensible scheme? Any gapingly obvious holes?
Anything else I should be doing? I'm completely *not* a sysadmin
expert, so I probably can fool around enough to be very dangerous :-)
More information about the Typo-list