Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I'm currently testing all ways to get it done.
I will host a website project inside a Linux cloud server with dedicated resources and CentOS 6.
Now I'm stuck with apache and nginx, which should I choose?
I read some tests, saying nginx is a lot faster.
But I have a lot more experience with apache.
Also what should I use to load balancer, Linux tools like Hearbeart, peacemaker. Or should I go with nginx upstream?
Also I looked at nginx plus LAMP where nginx serve load balancer.
Please help me to decide.
Thanks
Based off your question and the comment you made above I'd recommend going with apache. I cannot claim to be an expert with nginx or apache, but do know that nginx is very well known for its super fast serving of static content. Apache will get the job done just fine, and being as you said you know more about apache there is nothing wrong with going that route.
As far as load balancing....it would be my opinion based off what you've said to not worry about load balancing unless you have a need for it. It might be more helpful for you to increase the size/memory/etc of your server if you are experiencing an inability to keep up with demand.
Also based off what you've said I would take a look at what problems you see in your set up and try attack those on an individual basis. Looking at the whole set up and wanting a solution will be difficult for you and anyone helping to really give you good solid advice without knowing what specifics you are having difficulty with.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
Can I use XAMPP for real to serve to WWW, not just my localhost? I see some warnings in some articles on internet not to do that and that XAMPP is for testing only and that hackers will screw it up... If so, what kind of SPECIFIC security holes and problems does it have that is not secure to serve for real?
I don't want some lose answers. I want SPECIFIC answer about the security holes or weaknesses of XAMPP. Thanks!
This is not an answer, more a long comment.
Here be Dragons:
The issue with the 'out of the box' XAMPP setup is that all the passwords are defaults and everyone knows them. You need to change every password. If you are not using certain services then disable them if you don't want to bother changing the password.I disabled DAV for this reason. I use XAMPP as an internet facing server and never have bother. I am on version 1.7.7. been using it for years.
If you are using it on a 'home' network with dynamic ip. If you want a domain name then you need to use a service that provides support for your ip address changing regularly. i use 'dyn' but there are others.
As #Braders has commented. Security is a major issue! Get it wrong and your server will be used for all sorts of nasties, both to your pc and others on the internet. I would suggest an external scan for security issues before you leave it permanently connected to the internet.
I set my server up a few years ago and i am starting to remember all the checks i made at the time. It took many days before i could 'trust' it. Lots of time looking at the access logs etc.
If you are not sure then do not do it. It is very easy to get the setup wrong.
The major issue with running any server is that you are making 'holes' in the firewall and that can be 'interesting' as to what comes in.
As was also mentioned by Braders, you really do need to check with your internet provider to ensure it is allowed by your agreement.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am just thinking of moving a website from a VPS to Windows Azure Web Sites. After doing a load test, I accidentally took down my test website, using around 30MB over the daily bandwidth.
This made me wonder what would happen if my website was suddenly hit by a DDOS attack? I'm pretty sure everything would max out the daily and hourly limits in no time, even worse, redirecting all the users to the azure over limit notification.
Is there anything that can be done about that? I know the daily bandwidth limit will be harder to reach after I put all the images on a CDN, but I'm afraid what would happen if there's a spike or something.
Sorry for such an answer with no head and tail. I hope you guys will understand.
Windows Azure has built-in load balancers that will stave off most (if not all) DOS type attacks. The truth is, Microsoft is very hush-hush on the specifics of how their load balancers protect against malicious attacks (as they should be).
An added benefit to hosting your applications in the cloud is that you can take advantage of auto-scaling when you get heavy loads (malicious or otherwise) so your site won't go down.
You might want to check out the Security Best Practices For Developing Windows Azure Applications document for more information on this.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I have quite a few domains that I manage (100+) and I'm getting tired of GoDaddy's management. Whenever I need to make changes shifting things around to DreamHost or Heroku to Google App Engine or my own VPS and private servers things eventually get hairy and it's tiresome to have to go to multiple locations in order to manage things.
I was curious if there was a solid option for developers that need robust domain management. I don't really (and PLEASE correct me if I'm wrong) see an answer with DynDNS or EasyDNS options. Perhaps I'm overlooking something.
I'm really looking for a single console to rule them all (i.e., register wherever and set NS entries to the master service) and to then be able to go into a domain and, by using a template split everything out to where I want it go go. In other words by setting up my own DNS templates I could with one fell swoop set up Google Apps sub domains, development dyndns cnames, AWS CDNs, etc. etc. etc.
Anyone aware of such a comprehensive solution?
I'm quite happy with DynDNS but I'm equally satisfied with Zerigo. Templates, AJAX interface, migration tools, an API...
Short of deploying your own infrastructure or piggybacking off something like Dynect, I'd hazard that Zerigo should do everything you want. The fact that it's recently been acquired by 8x8 suggests other people agree.
[I don't work for them if this sounds like a plug ;)]
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have a hosting account with GoDaddy, but it does not support Haskell.
I recommend amazon web services, $15/month for a micro instance for testing/devel, and the costs go up from there depending on your needs. For the love of all that is good and wonderful in this universe, however, do not use godaddy for anything but SSL certificates and domain names. This just seems like an absolutely horrible idea. They're just not the kinda people you want to work with on things like that.
As alternative VPS providers go, there are slicehost, linode, rackspace cloud, and I'm sure some others too. In my experience with rackspace cloud, slicehost, and AWS, AWS has been best by far.
NearlyFreeSpeech is a web hosting provider that supports Haskell as CGI language (list of languages supported).
I'm hosting my personal webpage with them, although I don't have experience with the CGI part, because my site is entirely static.
GHC compiles Haskell code to a UNIX executable, so anything that can run an arbitrary executable file and has some kind of front-facing server (e.g. nginx with mod_proxy) capable of proxying to your Haskell process is all you need.
If you are planning anything serious that is a little non-standard, get a VPS somewhere. It’s ~350$/year and you have a little virtual machine on which your are alone and you are root
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am searching for a host for a new commercial website. Among other things, I'd like to know what the various OS - Webserver combinations have in terms of vulnerabilities. What are the vulnerabilities of Redhat + Apache?
See: http://httpd.apache.org/security/vulnerabilities_20.html
Poor system admins is the biggest in my experience.
The biggest risk to any web application server is vulnerabilities in the web application its self. Linux Apache MySQL and PHP (LAMP) is a very secure platform. RedHat's Fedora core is very secure because it uses SELinux, this is somthing that does not exist for Windows. However vulnerabilities such as SQL Injection and XSS can still result in your server getting hacked.
Its kind of a difficult question to answer, the development life cycles are so active you're asking for something that's likely to have been solved already ( and if its been reported so that we know of it, the likelihood its fixed is really high )
What you need is a 0-day hack for them, and asking this list really wont get you those.
Any system is only as strong as its weakest link. Invariably that will not be the OS or the server software, it will be the end application you develop or install.
As suggested here, I could check out the CERT Database.