[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Philip Radford wrote: > > We have funding set aside for mentoring, so we are specifically looking for > advice on online security and locking down the servers. Does anyone on this > list know of a company or someone in the field within the Devon & Cornwall > area who could provide mentoring/advice in this field of expertise.? Sort of thing I do, have done, but I typically do it and haven't mentored, so not sure expertise is the appropriate phrase. It is also potentially a big topic, I don't have the skills to advise on PHP coding specifics assuming you mean PHP for the P in LAMP, there are folks here that do (Gemma springs to mind - although she has been quiet recently, I'm sure there are others), I don't have the skills to advise on SELinux, which might be vital to you depending on the sort of threat you anticipate, our local expert on that got married and moved away, although again we may have gained some more since. What are you hoping to gain by looking for local expertise, are expecting people to go to Redruth? Are their specific tools you are looking at? Are there specific packages you expect to support (Wordpress/Drupal/MediaWiki), or is it in-house code? The main gotcha with Debian PHP is the default php.ini is intended for development. Debian also package Sushosin, install it early for PHP and lock it down so you are relaxing things, as retrospectively tightening up those sorts of permissions never works (you break stuff and people complain, where as if it never works in the first place they either ask or do something different). The other aspect is that "locking down" beyond the well trodden paths often creates additional burdens on maintenance and development, and good security is picking the right balance between locked down tight, and not unduly restrictive, which depends on the threat model. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq