Thank you for that, I found the firewall section very useful. I am new here, having come from managed servers where all that was done for me, the only time, before, that I had fiddled with iptables, I managed to lock myself out oompletely! I need a little bit of advice. I have followed those instructions and locked out all ipv6 and all ports except ssh. I now want to open up port 80 for apache. I assume I just copy and edit the line from the guide to read:
 
sudo iptables --append INPUT -p tcp --dport 80 -j ACCEPT
 
and then add that (obviously before the drop rule!). Uploading the site files will be done through sftp, and that port is opened. What other ports should I open? It is only going to be straight http not https and no mailserver etc.
 
And if I may, one more question. I want to use public/private key login. I read a really interesting article recently about using this with the private key kept on a usb key for added security on a machine that others may use. OTT for me, but do I edit the conf file for openssh to add the public key or can I do it in the control panel (security tab). i know I could submit a ticket to ask for it to be done, but would rather do everything myself (that's how you learn)
 
Then it's just down to configuring apache and mysql, but I am a lot more competant and confident about them
 
Thanks in advance
 
Keith Williams


--
Keith

The most dangerous strategy is to jump a chasm in two leaps.

www.westnorfolkrspca.org.uk