First off DrKK, as so many have said, thank you very much for the guide and video. I really appreciate the instructional nature of the video (and the words "stream of consciousness"!). Very easy to follow, and I've watched the video twice now
I was wondering if I might ask a couple of quick questions:
1. In the very initial stages you untick VIMAGE - I am relatively inexperienced, but I found this prevented me from getting fail2ban working. The instructions I read on that seemed to require it...have you had similar experiences? Not sure what the impact is. I found I could ban IP addresses on the LAN side, but was unable to access OC from the WAN side at all
2. Any thoughts on PHP cache (php-apc)? I previously installed OC on a Raspberry Pi and it certainly helps, but to your point on system resources...Anyone out there used it and does it take a lot of resources?
3. I had an unexpected result - when I specified www as a hostname in my A record, I lost access to my email. Taking that out seems to have resolved the issue and now I can access OC at domainname.com and emails at
chris@domainname.com - I'm really lost when it comes to specifying this stuff, I've tried googling, but to no avail.
4. I've made your suggestion on page 1 of the tutorial to use the mod_access module, I've installed and tested fail2ban, and have set SSL only are there any other suggestions as to common loopholes to plug in terms of security before opening this up to the interwebs? My goal is very light file sync usage and calendar and contacts, so I'm not super worried, but always a little concerned....
5. I used the Virtual Host below in Apache playing around on my RasPi (thank you to Sam Hobbs), in order to block people from entering the ip address directly, as it is unlikely that someone goes to your site via the ip address vs. the domain name, is something similar possible with Lighttpd?
Code:
<VirtualHost *:80>
ServerName default.only
<Location />
Order allow,deny
Deny from all
</Location>
ErrorLog ${APACHE_LOG_DIR}/spam/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/spam/access.log combined
</VirtualHost>
Edit: Just discovering your video on dns - maybe this will answer question #3!
Thanks again for a great guide!
Cheers
Chris