Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Other Got me a brand new *FAST* VPS

  • This topic is empty.
Viewing 6 posts - 46 through 51 (of 51 total)
1 2 3 4
  • Author
    Posts
  • May 22, 2014 at 7:57 pm #170885
    __
    Participant

    This is admittedly more of a theoretical exercise.

    Thought so.

    I was thinking about a sub domain that isn’t indexed and requires login

    That’s what I usually do.

    And I use htpasswd, so it doesn’t rely on the application for authentication.

    Is it really an unchecked gateway though?

    Well, I wasn’t quite sure of the context of your question. If there were multiple people authorized to pull in changes, or if all commits were pushed to the server automatically (even if it was to a dev repo and not the live site), then it wouldn’t be a risk I would take.

    And, at the end of the day, if you auto-push from github, then an attacker doesn’t need your ssh keys: just to break into your account. It could conceivably bring your last line of defense down to the level of session hijacking.

    I would make a copy of your release server or setup a VM on my home network and get some ip addresses from my isp to link with my test domain name.

    I don’t think this level of effort is necessary. As long as your dev environment is reasonably similar to your live environment, you should be fine. And you certainly don’t need to buy extra IPs (just edit your hosts file, or run a local nameserver).

    The main reason I put an actual dev site on the server (as opposed to “just” a repo), is because it is an opportunity to do last-minute testing in a known identical environment.

    I think I found the answer to this question

    Hey, pretty cool.

    May 22, 2014 at 8:39 pm #170890
    nixnerd
    Participant

    All of what has just been said is super awesome…

    I think I’m going to use containers and contain/separate all my domains.

    Then, I’ll have a container just for tests. Although, apparently this isn’t suitable for testing package updates/upgrades. So… I’m going to just use VirtualBox for that. It seems like the easiest option. Test of VirtualBox before I update my PC. Test on my PC before I update Server. Then… update server.

    The nice thing about containers is each one has its own separate domain. So… a test container is no problem :)

    May 22, 2014 at 8:43 pm #170892
    __
    Participant

    apparently this isn’t suitable for testing package updates/upgrades.

    How so?

    May 22, 2014 at 9:02 pm #170893
    nixnerd
    Participant

    Well, as I understand it, containers share a common kernel. See, they don’t attempt to pretend they’re their own machine. They’re not a fully blown VM. So, they are separate, but the kernel is the one thing that links them. I would think a kernel update is the most prone to breaking all your packages… therefore, it just won’t work.

    May 22, 2014 at 9:03 pm #170894
    nixnerd
    Participant

    See, they don’t attempt to pretend they’re their own machine.

    For this reason, the performance server-wide is much better than with an emulator or VM. Containers don’t hog system resources that they’re not using… like a Xen or KVM situation.

    May 22, 2014 at 9:53 pm #170897
    __
    Participant

    Ah. gotcha.

  • Author
    Posts
Viewing 6 posts - 46 through 51 (of 51 total)
1 2 3 4
  • The forum ‘Other’ is closed to new topics and replies.