TurnKey Linux Virtual Appliance Library

Can the Turnkey Lamp Stack be used in a production environment?

Or is it only for testing?

 

For example Xampp says that their stack is not secure enough for a production environment and should not be used as such. Is the case the same for this this stack or is it secure?

Jeremy's picture

I would consider it Production ready

Although you may wish to harden it up a little such as enable the firewall and disable any services you don't plan to use. Also make sure you set good passwords etc.

Alon Swartz's picture

Yep, production ready...

Not much to add... But as Jeremy said, yes, TurnKey appliances are designed to be used in both development as well as production settings. All TKL appliances automatically install security updates on first boot and then after on a daily basis. For production deployments, its always a good idea to configure backups. Also, the tips Jeremy gave are recommended.

Enabling the firewall and disabling services?

As far as enabling the firewall and disabling services?

Can both be done from the administration control panel?


Jeremy's picture

Yes I think so

Personally I mostly just use commandline these days, but both the Firewall (aka IPTables) and services can be controlled from Webmin.

Hans Harder's picture

and then you can make it even more secure if you want.

for instance use iptables to block the webmin interface port and only allow it from a specific ip address

Or only allow the webmin interface if a user is logged in using ssh

Or install knockd  to allow access only after some kind of port knocking sequence.

Also you can do things like denyhosts, which detects failed ssh login attempts, and blocks the host, sent you an email... or whatever

Don't use passwords, use ssh keys, block all login attemps using passwords.

 

Just be critical in what you have running and if it is really needed.

If not, don't run it.

if only sometimes needed, don't run it, bring it up when needed

 

QUOTE:  ech`echo xiun|tr nu oc|sed 'sx\([sx]\)\([xoi]\)xo un\2\1 is xg'`ol

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)