CLOSED: Server security and updates
Posted: Sun Sep 11, 2016 2:18 am
So I know that Amahi does apply security updates as required to packages...
My question is more of a two part in addition to that one:
My son is running a minecraft (multicraft) server on the amahi box, using the excellent multicraft app. He also has a tiny joomla site for his minecraft server. My concern with that is that it opens us up to attack a little more than I would like. Is there a way to use mod_security and mod_evasive or some other iptables / firewall protection that I can install without stopping amahi from being able to do its job?
Secondly, Webmin (another excellent app) shows me a bunch of updates available, mainly to php, python and curl. Normally I tend to just update everything on whatever platform I use... but I do know from my xplane/fse install that python version numbers are really important. Does amahi have such a rigorous adherence to increment updates, or should I just leave well enough alone?
My question is more of a two part in addition to that one:
My son is running a minecraft (multicraft) server on the amahi box, using the excellent multicraft app. He also has a tiny joomla site for his minecraft server. My concern with that is that it opens us up to attack a little more than I would like. Is there a way to use mod_security and mod_evasive or some other iptables / firewall protection that I can install without stopping amahi from being able to do its job?
Secondly, Webmin (another excellent app) shows me a bunch of updates available, mainly to php, python and curl. Normally I tend to just update everything on whatever platform I use... but I do know from my xplane/fse install that python version numbers are really important. Does amahi have such a rigorous adherence to increment updates, or should I just leave well enough alone?