Page 1 of 1

CLOSED: Server security and updates

Posted: Sun Sep 11, 2016 2:18 am
by wilholt
So I know that Amahi does apply security updates as required to packages...

My question is more of a two part in addition to that one:

My son is running a minecraft (multicraft) server on the amahi box, using the excellent multicraft app. He also has a tiny joomla site for his minecraft server. My concern with that is that it opens us up to attack a little more than I would like. Is there a way to use mod_security and mod_evasive or some other iptables / firewall protection that I can install without stopping amahi from being able to do its job?

Secondly, Webmin (another excellent app) shows me a bunch of updates available, mainly to php, python and curl. Normally I tend to just update everything on whatever platform I use... but I do know from my xplane/fse install that python version numbers are really important. Does amahi have such a rigorous adherence to increment updates, or should I just leave well enough alone?

Re: Server security and updates

Posted: Sun Sep 11, 2016 6:28 pm
by bigfoot65
So I know that Amahi does apply security updates as required to packages.
OS updates are not applied automatically. You have to do them manually. Amahi only applies updates to the Amahi platform, not the OS itself. That is a choice for the user.

Any security updates can be applied via:

Code: Select all

sudo dnf update
Is there a way to use mod_security and mod_evasive or some other iptables / firewall protection that I can install without stopping amahi from being able to do its job?
This may be possible, but we don't have any guidance on doing it. If you attempt it and are successful, please add it to the Amahi Wiki for others to benefit.
Does amahi have such a rigorous adherence to increment updates, or should I just leave well enough alone?
Such updates should have no affect on Amahi. They should be safe to do.

I keep my HDA updated with all the latest OS updates and nothing has broken yet.

Re: Server security and updates

Posted: Mon Sep 12, 2016 12:28 am
by wilholt
Excellent - exactly the info I was chasing. If I can get evasive and security working correctly I will write it up.

Re: Server security and updates

Posted: Mon Sep 12, 2016 5:58 am
by bigfoot65
I presume this thread can be closed.