--On Wednesday, July 23, 2008 11:06:30 +0200 VeeJay <[EMAIL PROTECTED]> wrote:

Really good contribution....

I would of course go with ports but have a question in mind....

What should be installation sequience?

1. Apache 2.2.9
2. MySQL 5.1.26
3. PHP 5.2.6

Install Apache before you install php. Mysql doesn't matter. The default installs of all three should be fine unless you're doing something unusual. You'll also need to install php-extensions. Run "make config" first and decide which ones you need to have installed (after installing php5 of course.)

And are there any options you guys would like to suggest to avoide for
performance or security reasons?

Setup mysql to listen on localhost only *or* to not listen on tcp at all and use unix sockets instead. Mysql, by default, comes with four accounts with blank passwords; [EMAIL PROTECTED], [EMAIL PROTECTED], ""@FQHN and ""@localhost (yes, that's "blank" @.) Remove all those accounts except [EMAIL PROTECTED] and then set a very good password for root. Create *new* and separate accounts for *every* database you create and grant only the rights needed to perform the task. Most applications only need select, insert, update and delete. Test it with those and add other rights if necessary.

Install portaudit and aggressively update when security issues are found in any of the apps on your server. Do not enable any services that are not needed to do the job, and restrict access to ssh to only those networks and accounts that really need access.

Paul Schmehl
As if it wasn't already obvious,
my opinions are my own and not
those of my employer.

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to