26 Nov 2011

Cherokee - Little Big Web

In Linux world the ubiquitous Apache web server has held position as undisputed big chief since inception, however technology, as it does, advances and amongst an ever increasing proliferation of realised Linux platforms there's many a sysadmin embracing the rise in popularity of it's biggest contender, Cherokee, still from the same open source 'reservation' but with a fresher, faster footprint and a substantially more user friendly admin interface (in that it actually has one). Could the days of cli admin and confusing .conf file editing be over? Well, I must admit since discovering Cherokee I honestly can't see me using Apache again.

25 Nov 2011

SSL Load Balancing on AWS EC2

In this post I'm going provide an overview for one of the most sought after AWS EC2 setups - A securely load balanced pool of instances with HTTPS pass through all the way from client to instance.
Not only does this solution offer secure pass-through, it also provides a method for using a single signed SSL certificate across multiple servers/IPs. 
Amazon may have their own way of doing things but the results you can achieve with the tools they offer in the admin panel alone are really quite splendid.

21 Nov 2011

Domain hosting - Easy as 1-2-3

I've had fun and games with various different web hosts over the years and service levels ranging from restrictive to blatantly annoying. The jokers who lost a full months worth of blog posts and IMAP emails because the "...hard disk has failed" were a particular set of idiots I'd rather forget (I mean, 'The' hard disk? Seriously?). However they're not all bad and in recent times I've settled quite happily with 123-Reg, for many reasons but predominantly due to their clean and simple options for self DNS management at NS (nameserver) level.

If you manage web hosting it's important to be able to point your domains NS records at nameserver names & associated IPs you manage, and create the relevant entries for doing so. Not all domain reg hosting companies will let you do this and of the ones that do I've yet to discover any who offer such an accommodating no-nonsense method of doing so than 123-Reg.

123-Reg provide a superb DNS overview which explains everything you need to know through A records to CNAME and mailserver (MX) entries in easy to understand stages. Download the free PDF HERE.

14 Nov 2011

OSSEC HIDS - Secure Protection for your Web Face

Running a server platform requires escalating levels of security awareness and best practice if you want it to keep functioning and your data safe. Business systems incorporate lock down policies which predominantly deal with threats from holes at user level, however if you're web facing, outside the snug protection offered by a corporate firewall, you'd better make sure you're zipped up even tighter. 
The internet is a very, very dangerous place and if you're open in anyway *they* will be in, there's nothing so certain.