[olug] LAMP PostNuke PHPNuke PHPix (long)

Eric Penne epenne at yahoo.com
Wed Jan 15 19:08:40 UTC 2003


Here is my situation.  I want to run a webserver for my family.  I want
weblogging to announce important family information like birthdays,
gatherings, births, deaths, etc..  I also want to have a picture
collection so that family members can send me their pictures and I can
add them to the website.

Last night I installed Debian Sid with AMP (Apache 1.3, MySql, Php4).  

I also installed phpix which will take images in a directory and
autogenerate thumbs, medium pics, etc automagically.  Does anybody have
any other reccommendations for PHP picture album backends?  I looked at
quite a few of them but this one looked the best to me.  

I plan on putting the pictures on my internal fileserver then doing a
nightly rsync to the external webserver.  Burchell wrote a perl script
that helps me take the huge digital cam images and convert them to
800x600 for web display.  PHPix will handle the rest when requested.

I installed PHPNuke since I saw that olug.org was using it.  Brian, how
easy is it to keep up on the security issues of olug.org?  I can afford
about 1-2 hours per week maintaining the website.  Is Postnuke any
better security wise or feature wise?  Any Olug people running
postnuke?

The problem is that I don't know much about the security of these
things.  Security will win out over good looks most of the time
especially if it means I can spend more time adding content and less
time fixing security issues.

This will be a very low traffic website (2-3 hits/day) for legitimate
purposes.  I'm not concerned about performance as much as security. 
What settings in php and mysql should I be looking for to maximize
security.  I can work on performance when I'm more comfortable with the
system.

I know performance will be an issue eventually.  This is kind of just a
test run.  The webserver is a p166 w/16MB Ram and 1.8GB HD.  The nice
thing is that I can back the whole damn thing up easily on my
fileserver.

The webserver is not external right now since it is much easier to do
testing on it when it is connected to the same 100Mbit switch as my
desktop.  I really want to make sure it is secure and working before
opening it up to the world.

If this works, I will start another website for my mothers side, wifes
side, and any other family members (not free of course).

Is there any suggestions on any other programs I should be running?  I
only plan on having ssh and http open to the outside world.  It'll
probably run djb's dnscache for internal use only.  Does rsync have an
external port?

Well that's enough for now.  Please suggest other programs that may
help me out.

Eric


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com



More information about the OLUG mailing list