The parts of this install article: (1) Disk partiton; (2) Install PostgreSQL 9.4; (3) Auto Start of Services; (4) Security.
1. Network Settings
Address:
IP Address: OOO.OOO.OOO.OOO
Subnet Mask: 255.255.255.0
Hostname: www (some thing like that)
2. Disk Partition
/boot 2GB
/swap 12GB swap (similar to size of RAM)
/ 100GB ext4
/home 1.7TB ext4
/var 120GB ext4 (preferably SSD)
3. Install PostgreSQL 9.4
Add http://download.opensuse.org/repositories/server:/database:/postgresql/openSUSE_13.2/ to repositories.
Install through YaST:
postgresql94
postgresql94-server
4. Services Autostart at Boot
systemctl enable apache2.service
systemctl enable sshd.service
chkconfig --add postgresql
--
Use
chkconfig --list to list all available services run-level status
5. Security
(1) Disable root ssh access
Edit
/etc/ssh/sshd_config
Set and unmark
PermitRootLogin no
Restart
systemctl restart sshd.service
(2) Restrict swith user (su)
Add to the gorup of wheel
usermod -a -G wheel username
Edit
/etc/pam.d/su
Add this line below "auth sufficient pam_rootok.so"
auth required pam_wheel.so use_uid
6. Apache
1. Configuration:
/etc/sysconfig/apache (Include Modules)
/etc/apache2/ (configuration)
2. Edit default conf (/etc/apache2/default-server.conf)
TraceEnable off (Disable HTTP TRACE method)
3. Service setting
vi /usr/lib/systemd/system/apache2.service
PrivateTmp=false
7. PHP
Edit php.ini (/etc/php5/cli/php.ini)
short_open_tag = On
output_handler = ob_gzhandler
upload_max_filesize = 8M
memory_limit = 512M
date.timezone = 'Asian/Taipei'
session.cookie_httponly = 1
session.cookie_secure = 1
8. Firewall
Enable HTTP Server
Custom Rules for SSH
Edited 14 time(s). Last edit at 11/09/2017 07:21PM by mepoadm.
(
編輯記錄)