+ Post New Thread
Results 1 to 8 of 8
*nix Thread, The perfect LAMP setup??? in Technical; Im just about to setup a web server for our website and moodle. Now ive had no problems in the ...
  1. #1


    Join Date
    Oct 2006
    Posts
    3,412
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    149

    The perfect LAMP setup???

    Im just about to setup a web server for our website and moodle. Now ive had no problems in the past setting up a LAMP using debian and ubuntu, well infact most *nix varieties but i tend to use debian. Ive never built one to be public facing so im after suggestions on;

    1. Which distro should i use? Is there any advantages to buying a commercially supported distro?

    2. Backup solutions... how should i do this? Bare in mind there may be several hundred GB of data to back up with it being a Moodle server.

    3. Any reasons why moodle shouldnt be on the same (physical) server as the website?

    4. Configuration. Apart from strong passwords and directory ACLs is there anything i may have missed here?

    5. Extra security software. Any suggestions on anything to beef up security?

    6. Chroot, should i or not?

    7. 64bit? Yes no?

    Any other suggestions or comments? :-)
    Last edited by j17sparky; 6th May 2008 at 12:10 PM.

  2. #2

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    1. Whatever you are comfortable with. If you think you need the safety net of comerical support then go for it.

    2. I just mysqldump + tar + gzip everything up and ftp it away personally. However if you need something a little more industrial, have a look at Bacula.

    3. Scalability and reliability. If you have a really big site you will need to seperate your database and web front end onto separate hardware to keep up with the load. you may need to have multiple machines in each role, with load balancing/fail over and caching as required.

    4. Not really. Whatever distro you chose, the default configuration for MySQL/Apache will be sane. As is Moodle when you install it. Obviously you can break the sanity of this setup if you don't know what you are doing. However, here are some articles on the subject of configuration.

    Securing Apache 2: Step-by-Step
    Securing PHP: Step-by-Step
    Securing MySQL: step-by-step

    5. mod_security, snort, bastile are obvious places to start.

    6. Always worth it.

  3. Thanks to Geoff from:

    j17sparky (6th May 2008)

  4. #3


    Join Date
    Oct 2006
    Posts
    3,412
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    149
    Cheers Geoff. Im comfortable with no commercial support but my successors may not be, ill have to have a think on that one but tbh Ubuntu's forums/howtos/etc and especially with version 8 LTS out with a fresh 5years of support that should be enough.

    On the performance issue, i believe we should be ok. Quad core xeon with 4gb ram, with room for 12gb more and another CPU. Id be extreamly surprised if i see the CPU maxed out in the time i have left here.

    Ive looked at mod_security in the past but theres a couple of things i dont/didnt quite understand. Its a firewall for your applications right? Do i need to read up on moodle and joomla exploits and set rules appropriately? Or is the default rule set quite comprehensive for my needs?

    Ill have a look at the other things you've mentioned


    Oh and thats another thing. What about backing up an SQL database, any pointers?
    Last edited by j17sparky; 6th May 2008 at 10:09 AM.

  5. #4

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Quote Originally Posted by j17sparky View Post
    Ive looked at mod_security in the past but theres a couple of things i dont/didnt quite understand. Its a firewall for your applications right? Do i need to read up on moodle and joomla exploits and set rules appropriately? Or is the default rule set quite comprehensive for my needs?
    Try it with the default rules. They should be sufficent. You should have a look at the 'core-rules' project if you want to keep up to date.

    ModSecurity: Open Source Web Application Firewall - ModSecurity Core Rules

    If you wish to go above and beyond the generic rules, have a look at the Got Root signatures.

    Got Root : mod_security rules

    Quote Originally Posted by j17sparky View Post
    Oh and thats another thing. What about backing up an SQL database, any pointers?
    Well manually, this will work.

    Code:
    /etc/init.d/mysql stop
    mysqldump --all-databases > mysql-backup.sql
    /etc/init.d/mysql start
    If your using Bacula, I believe there is some pre/post backup scripts that you can hook in that do basically what I just posted.

  6. #5


    Join Date
    Oct 2006
    Posts
    3,412
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    149
    Great! thanks alot, i think im getting there.

    One more, any problems with 64bit? As im guessing im best going 64bit or else we'll be stuck if we need to add more ram

  7. #6

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,653
    Thank Post
    1,257
    Thanked 781 Times in 678 Posts
    Rep Power
    236
    Quote Originally Posted by j17sparky View Post
    Which distro should i use? Is there any advantages to buying a commercially supported distro?
    I've gone for the virtualisation route - run Moodle / Web / etc servers on Xen-based virtual machines. I use CentOS 5.1 as the Xen server OS as I simply couldn't get Ubuntu 7.10 to not crash (or 8.04 to even boot), but Ubuntu seems to be doing fine running as a virtual machine itself.

    Backup solutions... how should i do this? Bare in mind there may be several hundred GB of data to back up with it being a Moodle server.
    I have each virtual machine mirror itself in real-time to a second computer with DRBD. Each VM has a seperate OS and data disk image. We have a nightly(ish) rsync job take a backup of the VM OS disk image, and a script that backs up the changed file to a central server every night, making a file system you can browse back in time with.

    Any reasons why moodle shouldnt be on the same (physical) server as the website?
    None apart from performance if you start getting heavy traffic - that's the nice thing about virtual machines, you can just move them around.

    --
    David Hicks

  8. #7


    Join Date
    Oct 2006
    Posts
    3,412
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    149
    I am considering virtual machines actually. A question i have on that is about performance loses, obviously you lose some performance but how much?

    I have been playing with Xen recently but i havnt been able to find a GUI manager which runs on windows. VMs will certainly make backups and restores far easier but not without a manager. Again Im fine with the CLI but i want to make it as quick and easy as possible for my successor to restore should things go tits up.

  9. #8

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Quote Originally Posted by j17sparky View Post
    One more, any problems with 64bit? As im guessing im best going 64bit or else we'll be stuck if we need to add more ram
    Yes the 4Gb limit is a hardware limitation. You cannot avoid it unless you move to 64bit.

    I personally have had no problems with our 64bit webserver. It runs Cacti, Moodle 1.9, PHPMyAdmin, Nagios.

    Quote Originally Posted by j17sparky View Post
    I am considering virtual machines actually. A question i have on that is about performance loses, obviously you lose some performance but how much?
    About 3-5%.

    I have been playing with Xen recently but i havnt been able to find a GUI manager which runs on windows. VMs will certainly make backups and restores far easier but not without a manager. Again Im fine with the CLI but i want to make it as quick and easy as possible for my successor to restore should things go tits up.
    Have you considered a web based interface?

    Enomalism - Xen Wiki

SHARE:
+ Post New Thread

Similar Threads

  1. The perfect base image...
    By djones in forum Windows
    Replies: 28
    Last Post: 4th February 2008, 11:39 AM
  2. Your Perfect ICT school setup
    By zag in forum Blue Skies
    Replies: 10
    Last Post: 16th November 2007, 11:18 AM
  3. LAMP Server
    By wesleyw in forum *nix
    Replies: 2
    Last Post: 23rd May 2007, 03:15 PM
  4. Word Perfect 12 Problems
    By Gambit in forum Educational Software
    Replies: 1
    Last Post: 12th April 2007, 07:13 AM
  5. The perfect IT Handbook
    By GrumbleDook in forum School ICT Policies
    Replies: 14
    Last Post: 13th December 2005, 04:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •