使用“开发人员背景”运行我自己的服务器?

发布于 2024-10-03 07:55:25 字数 1431 浏览 6 评论 0原文

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(9

半衬遮猫 2024-10-10 07:55:25

维护服务器只是另一件需要担心的事情,如果您是开发人员,您的重点可能应该放在开发上。也就是说,走托管路线需要具有财务意义。如果您只是从事玩具项目(我有一个每月 20 美元的 VPS,用于我的个人项目和主页,而且非常方便),或者如果您刚刚起步,VPS 可以提供便宜和给您大量环境控制的巨大优势。您甚至可以通过保留主动备份来降低一些风险,因为可以轻松快速地重新部署服务器。

但是,如果您这样做不会影响您的盈利能力,您可能应该认真考虑让其他人为您管理基础设施,无论是购买托管服务还是雇用某人为您做这件事。这完全取决于如果您获得 root 权限,您可以承受损失,以及您可以在服务器管理和恢复(而不是编码)上投入多少时间。

Maintaining your server is just one more thing to worry about, and if you're a developer, your focus should probably be on development. That said, it needs to make financial sense to go the managed route. If you're just working on toy projects (I've got a $20/month VPS that I use for my personal projects and homepage, and it's pretty hands-off) or if you're just getting off the ground, VPSes have the great advantage of being cheap and giving you lots of control of your environment. You can even mitigate some of the risk by keeping aggressive backups, since it's easy to redeploy a server quickly.

But, if you get to the point where it won't affect your profitability to do so, you probably should seriously consider getting someone else to take care of infrastructure for you either by buying managed hosting services or hiring someone to do it for you. It all depends on what you can afford to lose if you get rooted and how much time you can afford to invest in server management and recovery as opposed to coding.

两个我 2024-10-10 07:55:25

我不会。我们做了同样的事情,因为非托管 VPS 非常便宜,但除非您确实需要安装不属于标准共享主机设置的应用程序或库,否则根据我的经验,作为一名纯粹的开发人员,花费的时间是永远不值得。

当然,除非这是您自己的小博客,或者您只是想玩玩。

但是想象一下,您(或您使用的任何自动化程序)更新了 php,并且由于某些原因它失败了(或更糟糕的是,您使当前安装无法使用) - 您是否足以处理这个问题?如果是这样,你需要多长时间?您身边有朋友可以帮忙吗?

作为一家小公司,我们正在逐步摆脱我们的 VPS,转而使用由良好的托管提供商托管的经销商套餐。

不过,这是个好问题。

I wouldn't. We did the same thing because the non-managed VPS are sooo cheap, but unless you really need to install applications or libraries that are not part of standard shared host setups, in my experience, being a pure developer as well, the time spent is never worth it.

Unless, of course, it is your own tiny blog or you just want to play around.

But imagine you (or whichever automation you use) update php, and for some reasons it fails (or worse, you render your current installation unusable) - are you good enough to handle this? And if so, how long will it take you? Do you have a friend at hand who can help?

We, as a small company, are getting rid of our VPSs step-by-step and moving back to our reseller package, hosted at a good hosting provider.

Good question, though.

对风讲故事 2024-10-10 07:55:25

至于安全性,我已经成功地使用 Amazon EC2 完成了很多事情。它不是最便宜的,但在实例之间的共享数据存储、与 S3 的连接、在不同托管中心运行主机等、将主机分组到不同集群等方面非常容易理解。

它们内置了防火墙,您可以在其中将所有内容转换为关闭,除了 SSH 端口 22 上的 TCP 流量和 Web 端口 80 上的 TCP 流量。从安全角度来看,与 Ubuntu 之类的东西相结合,您可以轻松地运行更新,而不必太担心损坏。

As for security, I have successfully used Amazon EC2 for a number of things. It's not the cheapest around, but quite comprehensible in shared data stores between instances, connection to S3, running hosts at different hosting centers etc, grouping hosts in different clusters, etc etc.

They have a firewall built in, where you can turn all things off except say, TCP traffic on port 22 for SSH and 80 for web. That combined with something like Ubuntu, where you can easily run updates without worrying much about breakage, is probably all you need from a security point of view.

铁憨憨 2024-10-10 07:55:25

您需要将云计算视为可用性的声明,而不是成本。您可能会对最终的成本感到非常惊讶。
我已经选择使用 VPS 托管。好的 VPS 主机价格昂贵,如今您可能会找到比 VPS 更便宜的专用主机。看看 hivelocity.com – 我喜欢他们的服务。

关于安全性,大多数 VPS 主机公司都会在基础设施级别为您提供安全保护,有些可能会在文件上使用防病毒软件。在专用主机上,您需要自己照顾或签订合同管理的支持服务:这是一个权衡。
LAMP 服务器到处都很便宜。您可以租用一个私人 VPS 并拥有一定的安全性,您也可以依赖 DNS 托管等服务 – 这配置起来很麻烦。 VPS 可能是您的第一步,因为您对此心存疑虑并且没有托管经验。此后,当您发现拥有自己的服务器的优势时,您将直接迁移到专用服务器。

You need consider cloud computing as a statement of avaibility, not cost. You can be seriously surprised about the cost at the end.
I already have optioned to use VPS hosting. Good VPS hosting is costly, these days you may find cheap dedicated host compared to VPS. Have look at hivelocity.com – I like their services.

About security, most VPS host company takes care of security for you at the infra-structure level, and some may use antivirus software on files. On dedicated host, you need to take care by yourself or contract managed support services: a tradoff.
LAMP server is cheap everywhere. You can hire a private VPS and have some security, you may count on services like DNS hosting too – this is trouble to configure. VPS can be your first step as you're doubtful and has no experience on hosting. Thereafter when you find out the advantages of having your own server, you'll migrate straight to dedicated server.

稍尽春風 2024-10-10 07:55:25

从安全角度来看,可接受的内容会有所不同,具体取决于所涉及的人员、您想要保护的内容以及产品/服务的要求。

对于开发服务器,我通常不太关心,所以我通常对服务器进行一些基本的保护,然后不再关注它。我主要关心的是有人参加会议并使用我的周期来运行某些东西。我通常不关心知识产权,所以这对我来说不是一个问题。

如果我正在设置一个必须满足 Sarbanes-Oxley、Safe Harbor 或其他我必须满足的 PII/PCI 标准的盒子,我可能会仅仅因为我不想要额外的安全工作负载而进行托管。

介于两者之间的判断是基于我是否想要投入所需的时间来将服务器保护到我想要的安全级别。如果我不想自己做,我就会花钱请人做。

我会谨慎地假设您仅仅因为花钱请人来管理您的服务器而获得了一定程度的安全性。我见过很多商店,安全确实是事后才想到的。

What is acceptable from a security standpoint will differ depending on the people involved, what you want to secure and requirements of the product/service.

For a development server I usually don't care so much, so I usually do some basic securing of the server and then don't pay attention to it again. My main concern is more of someone getting a session and using my cycles to run something. I don't normally care about IP so that's not a concern for me.

If I'm setting up a box that has to meet Sarbanes-Oxley, Safe Harbor, or other PII/PCI standards I must meet I would probably go managed just because I don't want the additional security work load.

Somewhere in between is a judgment based on if I want to commit the required time to secure the server to the level I want it secured at. If I don't want to do it myself I pay someone to do it.

I would be careful about assuming your getting a certain level of security just because your paying someone to manage your server. I've come across plenty of shops where security is really an afterthought.

缪败 2024-10-10 07:55:25

如果我理解正确的话,您正在考虑从网络主机迁移到 VPS,并且想知道您是否有能力确保操作系统在您的控制下保持安全?

我想这是一个开放式问题。您正在从托管环境迁移到非托管环境,是否维护环境安全取决于您。如果您运行自己的服务器,那么您需要确保未使用默认密码(用于数据库、操作系统和顶部的任何服务)、快速识别和应用补丁、正确配置主机防火墙以及可疑活动警报会立即发送给您。等等,您当前的网络托管服务商会为您做这些吗?如果没有有关当前网络主机和计划的 VPS 的详细信息,您几乎是在将苹果与橘子进行比较。

顺便说一句,我有点担心我的 LAMP 服务器安全性,但坦率地说,我更关心开发错误(SQL 注入、XSS)和在我的服务器上运行的包(默认密码 + 开发错误)。

If I understood you correctly, you are considering a move from a web host to a VPS, and wonder if you have the skills to ensure the OS remains secure now that it's under your control?

I guess it's an open-ended question. You are moving from a managed environment to an unmanaged environment, and whether you maintain your environmental security is up to you. If you're running your own server then you need to make sure that default passwords aren't in use (for the database, OS and any services on top), patches are quickly identified and applied, host firewalls are configured properly and suspicious activity alerts are immediately sent to you. Hang on, does your current web host do any of this for you? Without details about your current web host and the planned VPS, you are pretty much comparing apples to oranges.

BTW, I would be somewhat concerned about my LAMP server security, but frankly I would be much more concerned about development errors (SQL injection, XSS) and the packages running on top of my server (default passwords + dev errors).

无可置疑 2024-10-10 07:55:25

对于灯组,我可能不会这样做。如果您使用像 Windows Azure 这样的平台即服务提供商,情况会有所不同 - 根据我自己的经验,操作开销很小,您只需上传应用程序,它就会在虚拟机中运行(是的,它支持 php) )。

但据我所知,对于 Linux,没有这样的提供商,这意味着您必须管理操作系统、应用程序框架、Web 服务器以及安装在实例上的任何其他内容。我自己不会这么做。我会考虑的选择是雇佣一个有相关经验的人来为我做这件事,而不是选择 vps 提供商的托管服务成本,然后选择这两者之一。

For a lamp stack, I would probably not do it. It would be a different case if you were using a Platform-as-a-service provider like Windows Azure - by my own experience there is minimal operational overhead and you just upload the app and it runs in a vm (and yes it supports php).

But for Linux there are no such providers that I know of, which means you will have to manage the Operating system, the app frameworks, the web server and anything else that you install on the instance. I wouldn't do it myself. I would consider the options as hiring a person with the relevant experience to do this for me vs the cost of managed services from the vps provider and go with one of those two.

笑忘罢 2024-10-10 07:55:25

我不会给您关于应该做什么的建议,或者告诉您会做什么,我只是要解决您的问题“现在期望我的服务器(LAMP,真的)是否现实”通过运行开箱即用的东西并保持最新来保持安全吗?”这个问题的答案,在我看来,基本上是肯定的。

当然,diebuddha 是对的:什么构成可接受的安全级别取决于上下文,但对于除最安全敏感的目的之外的所有目的,如果您使用当前(即支持的)发行版,具有合理的默认值,并保持最新状态有了安全更新,那么你应该没问题。

我有两个 VPS,每个当前都运行 Ubuntu 10.04 服务器。在其中之一上,我花了一些时间安装和配置 Tiger、tripwire,并采取了各种其他安全措施。另一方面,我只是安装了fail2ban并将安全更新设置为自动,然后就这样了。现在它们已经运行了几年了,我对它们都没有任何问题。

Rather than give you advice about what you should do, or tell you what I would do, I'm just going to address your question "is it realistic nowadays to expect that my server (LAMP, really) will stay secure by running out-of the box stuff and keeping it up-to date?" The answer to this question, in my opinion, is basically yes.

dietbuddha is right, of course: what constitutes an acceptable level of security depends on the context, but for all but the most security-sensitive purposes, if you're using a current (i.e. supported) distro, with sane defaults, and keeping up with the security updates, then you ought to be fine.

I have two VPSs, each of them currently runs Ubuntu 10.04 server. On one of them, I spend some time installing and configuring tiger, tripwire, and taking various other security measures. On the other, I simply installed fail2ban and set security updates to automatic, and left it at that. They've been running for a few years, now, and I've had no problem with either.

冷︶言冷语的世界 2024-10-10 07:55:25

您应该出于乐趣和学习目的而这样做。除此之外,不要;你正在浪费你自己的时间和很多其他人的时间。

我这么说是因为我在设置 EC2 实例来托管我的 SVN 服务器和其他一些东西上浪费了很多时间。我的意思是,我喜欢设置一切并搞乱服务器;我学到了很多东西,特别是因为我以前从未在 LINUX 服务器上做过任何事情。然而,回想起来,我浪费了很多时间,不得不继续向 @Jordan S. Jones 寻求帮助。

You should do it for fun and for learning purposes. Other than that, don't; you're wasting your own time and a lot of other people's time.

I say this because I've wasted serious time setting up an EC2 instance to host my SVN server and a few other things. I mean, I loved setting everything up and messing w/ the server; I learned a lot especially because I'd never done anything a LINUX server before. However, looking back, I wasted a ton of time and had to keep buggin @Jordan S. Jones for help.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文