Current time: 04-23-2014, 09:19 AM Hello There, Guest! (LoginRegister)

Post Reply 
Best compromise between security and convenience
03-22-2012, 12:15 PM
Post: #21
RE: Best compromise between security and convenience
I decided to go with the secured user solution and the password-less SSH rsync for backups. I wound up editing the keys and restricting the IP's to logins from the xxxx.dreamhost.com machine, my secured user is on. So I now have one backup user and one cron job for logging in, dumping databases and rsyncing.

The 50+ domains got dwindled down to about a dozen since the DreamWeaver based domains got eliminated from the mix since they are already "backed up" on the cloud network drive and changes are synced in DW to the live site.

That left a dozen or so WP, Joomla, Drupal sites. I modified the shell script to use the ssh key and now all that's left is to setup the off-site machine to suck down the archives and put them in the cloud drive.

BTW, another great resource for security focused folks here, if you haven't already stumbled-upon it, is http://AskApache.com. The mod_rewrite stuff is great.

Jw

A person who never made a mistake never tried anything new. - Albert Einstein
Find all posts by this user
Quote this message in a reply
03-22-2012, 03:52 PM
Post: #22
RE: Best compromise between security and convenience
AskApache! He's a Dreamhoster from way back. Think he got b& from the Wiki for hitting up excessive links to his own site or something (was before my time here) but there were still articles in it that he contributed to last time I looked. Found his site one day while Googling up some info on htaccess rules. Loads of good tidbits over there for sure.

Maximum Cash Discount on any plan with MAXCASH

How To Install PHP.INI / ionCube on DreamHost
Visit this user's website Find all posts by this user
Quote this message in a reply
03-22-2012, 04:10 PM
Post: #23
RE: Best compromise between security and convenience
Yeah he's got a cool little rsync ssh script idea I think I'll adapt to fit my needs to further secure the .ssh directory. I think that and LakeRat's checksum idea I saw in another thread will just about do it.

Put all that in my security-check cron job and I'll be a happy camper.

Jw

A person who never made a mistake never tried anything new. - Albert Einstein
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump: