Best VPS setup

markham breitbach markhamb at corp.ssimicro.com
Wed Aug 6 01:52:09 UTC 2014 

Personally, I prefer the security of jails to apache/mysql shared hosting.

I setup a system based on our in-house implementation of jails that
allows us to create virtual hosts based on a single "instance" of
apache/php/mysql.

In essence the instance is mounted into each jail by the host as a
read-only file system.  All the configs/logs/etc are setup as symlinks
back to a local config directory that is mounted read/write for each
jail, and the home directory is also RW.  This has the advantage that
even if apache/php is exploited it is impossible for the attacker to
mess with the base system, and this also gives me the advantage that I
can update or patch all 20 (in my case is more like 80) jails at the
same time.

-Markham


On 2014-08-05, 7:06 PM, Anders Jensen-Waud wrote:
>  Mon, Aug 4, 2014 at 2:09 AM, Goran Tepshic <purpleritza at gmail.com> wrote:
>
>> I'd like to know what would be the most reasonable setup for VPS hosting 20
>> domains.
>> Separate jail for each domain with Apache/PHP/MariaDB instance in each of
>> them (*sounds somewhat overkill*) or just Apache with virtual hosts or
>> maybe a jail with apache and multiple vhosts?
>>
> that depends on the configuration and level of flexibility needed for each
> web site.
>
> If each web site simply needs the same Apache/PHP/MariaDB version, then I
> would recommend starting out with one Jail with 20 vhosts.
>
> Should there be a need to branch out from the standard setup then you can
> always clone the jail, make the necessary amendments (e.g. MySQL instead of
> MariaDB or an older/newer PHP version) and easily move the vhosts to that
> Jail.
>
> Starting out with a base Jail means that you get the flexibility "baked-in"
> for free without additional overhead.
>
>
>> _______________________________________________
>> freebsd-questions at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to "
>> freebsd-questions-unsubscribe at freebsd.org"
>>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list