A linux primer
This guide is meant to provide information to those that may still be teething on linux and are not yet familiar with the differences it has with other operating systems. I am also going to cover some of the basic things that should be done about security and the often overlooked importance of backups. Since most of my articles are targeted at people within the hosting industry I am going to write the guide slanted more towards that group. If you have any more ideas or suggestions as to what I should add to this article please give me some suggestions! I am going to gradually try to add some more information, like in the area of how to use ssh.
*Updated August 8th* Fixed some typo’s and added a little bit more
Let me start off my saying that if you are completely unfamiliar with linux when you first get your server be careful with what you do! Unlike windows which has some protections in place to prevent you from completely destroying your computer without realizing it linux does almost nothing to stop you from doing what you want when logged in as root. There are many different single commands that can easily take your server offline in a matter of seconds. I am not trying to scare anybody away from learning, just be careful with what you are doing and respect the power at that being logged in as “root” caries. If you are not familiar with whom the root user is it is the highest administrator account on the server.
Many people decide to get a control panel on their server to ease the process of adding clients and allowing the clients to manage their own site. Though having a control panel is really nice it does not mean you never have to login to ssh! Having a control panel gives you a nice gui to manage the end user stuff but for the most part does little to help protect your server and keep it updated at a core level. Even with a control panel you still have to make sure that the operating system is kept updated and just as importantly secure. Though different control panels come with more or less security out of the box there is still a lot you can do to any control panel to make the server more secure. Do not assume that just because you have ensim, plesk, cPanel or any other control panel, that your server is automatically secure, it is not. Stuff like upgrading your kernel can only be done via ssh. I have a lot of information built up on my website that contains some of the things that can be done to harden your server and should be pretty easy to follow even if you are not very familiar with linux. Though it may sound differently I am not trying to scare people away from using ssh, yes it is dangerous but if you are careful it is fine to use.
Coming from a windows environment people are used to having all of the system resources in an easy to read percent out of 100. When you start working with linux you will very quickly find that this does NOT apply to linux. Many people think that a load average of 1.00 is equal to 100% for a single CPU, it is not. The load average is not simply a percent of the processing power but a number that is created from a measure of the number of active processes. The load average can be used as a guestimate to the cpu utilization. As a general rule if you keep a server below a load of 1.0 for every cpu, with cpu being defined as the number shown in /proc/cpuinfo (so 4 for a dual xeon), the server will probably run at an acceptable speed. Depending on the server configuration and what is slowing the server down the load will be able to go a little higher then this for short periods of time without too many problems. As the numbers get higher the system starts to slow down more and more. If you are going above 10 more any time at all you are going to notice a large decrease in performance. Though every person is going to tell you differently I like to try and keep a server around .4-.6 loads on average which will allow enough room to spike if the server suddenly gets busy. If you are running a server that consistently has the same amount of traffic then you can watch your server for what the ideal load is for that server. So out of all this you should now realize that the load on a system is not simply just a percent but rather it is an inexact number that gives you a really good idea on load. When you look at the output of uptime you are seeing the 1 minute, 5 minute, and 15 minute load averages.
Another thing that people are always wondering about is RAM usage. In a windows environment RAM is also seen as a percent but in linux you have to look at the bigger picture. Linux is very efficient about how it manages RAM and if you have any available it will do the best job it can to speed up the server, which drastically will help the server performance. To do this there are 2 different ways that linux uses the RAM using a buffer system. Let’s look at an example, to get the actual RAM usage use free –m as shown:
# free -m
total used free shared buffers cached
Mem: 1003 746 257 0 103 419
-/+ buffers/cache: 222 780
Swap: 1027 52 975
This particular system has 1003 Mb of RAM which is basically 1Gb of ram. We can see that there is 257 Mb of ram free, this free ram is completely free and not even being used. In an idea world every server would have free RAM but in the real world that is rarely the case as RAM is quickly consumed. The important number that we need to look at is what the buffer says. This server is using 222 Mb of ram while 780 of RAM is being used to cache. The 222 Mb of RAM is being used for important system processes and cannot be reallocated without causing the server to significantly slow down. The 780 Mb of RAM being used to cache is a different story, it is not being used for anything important and can be reallocated if needed. Linux is very efficient when it comes to RAM and will try to use as much as possible, in this case it may be caching webpage, mysql information, really anything that is commonly accessed. Since the server does not have to send a request to the hard drive the server it is a lot faster. However, say that the server suddenly becomes busy and it needs the RAM for apache, the server will remove the non-essential information and start to use it which will cause the 222 number to increase. This allows the server to maximize the RAM usage while still giving you a stable server. Where this all ties in at is that many control panels will only show you the literal amount of RAM free, in this case 257, which is often close to 0. A lot of people are often confused as to why there is so much RAM usage on a free machine but it just has to do with how linux uses the memory, it is just being more efficient but still has plenty of memory to spare. The lesson of this is to never trust the control panel completely, take a look for your self!
Many people first learning linux to not understand just how powerful a shell is on a server. Unless you have hardened your server specifically for allowing shell users, and even then it is still risky, I would highly suggest that you do not just give a bash shell to anybody. Giving a shell to a person gives them a very powerful way to interact with the server in a manner that may possibly be used to damage the server. Many systems are vulnerable to a number of attacks if a shell is gained, the biggest vulnerability is running a kernel which is exploitable. With the proper tools it could only take a few minutes for even a script kiddie to gain root access! Different control panels have taken some steps to help prevent the problems associated with shells and you should look in to what your particular control panel offers. For instance Ensim has a very secure shell in high security mode but it sacrifices usability because as more features are enabled so does the number of possible ways to exploit a system. cPanel has also integrated a jailed shell which is a much better alternative to a bash shell. One important thing to think about is that even if you give a bash shell out a person does not have to necessarily use it to hack your server; they could use it to try and hack another which may in turn cause trouble with your ISP. The important point here is that you should be aware of what is happening on your server and be very cautious as to just WHO you give shell out to, perhaps even taking the step of getting a photocopy of a drivers license from those requesting access as some hosts do.
So why do you really need backups if everything is running fine? Well what happens when a client of yours deletes the wrong file from his site, or somebody running a script gets his website defaced, or even in a worst case scenario the server you are using is completely fried. For these reasons and many more you should highly consider having some sort of backup system in place. At the bare minimum you should have a second drive in your system which is used for backups. If your information is more valuable to you I would also suggest you look at some sort of a remote backup solution, possibly in a different datacenter or state. If for some freak reason a tornado spawns near where your server is hosted and destroys everything how much trouble would you be in? Or what if the server has some serious power supply problems which fries all of the drives in the system? Yes these are worst case scenarios but they have happened too many of people. Though many do not take backups all that seriously you should consider doing something to keep the information on your server backed up. Depending on just how much that information is worth to you should determine just how much you do to protect it.