Building a Secure Linux Server
Having threat-modeled the Mathaholics platform in Chapter 2 and determined which of the industry standard frameworks best applies to our project in Chapter 3, we are now ready to build our Moodle server. At the time of writing, approximately 80% of servers run a flavor of Linux, so in this chapter, we will be building a Linux-based server. Specifically, the examples given in this chapter use the Debian-based Ubuntu operating system, but the techniques and tips we’ll describe will apply to any Linux flavor. More generally, the security concerns we’ll address in this chapter will certainly apply to any operating system.
Using a cloud-hosting provider to create a new server (which can also be referred to as a virtual machine, or VM) is a straightforward process. Cloud hosting providers offer the tools to create a new VM with just a few clicks. We also assume you have the skills to install a web server – a Linux, Apache, MySQL, and...