search

HumanDynamics / MassScaleSocialSystems

For TweetPing Collaboration on Mass Scale Participatory Projects
1 stars 1 forks source link

Implement and Test website and database security and backup #6

Open DarkSymmetry opened 9 years ago

DarkSymmetry commented 8 years ago

@jwalsh : Do you think we are secure enough?

jwalsh commented 8 years ago

I have one outstanding task to scan the production host...

jwalsh commented 8 years ago

The exposed port seem reasonable: Port Scan has started…

Port Scanning host: 18.85.11.93

 Open TCP Port:     22          ssh
 Open TCP Port:     80          http
jwalsh commented 8 years ago

Added PaperTrail for monitoring general log events.

jwalsh commented 8 years ago

Running daily reports on the system state:

0 5 * * 1 logwatch --mailto jasonwalsh@gmail.com --output mail --format html --range 'between -1 days and today'

jwalsh commented 8 years ago

Updating to receive the logwatch report at 8:00AM daily.

jwalsh commented 8 years ago

Added New Relic for monitoring the system:

https://www.dropbox.com/s/ql1j7vy4o27km3s/Screenshot%202015-10-13%2007.11.41.png?dl=0

jwalsh commented 8 years ago

The final validation should be that completing a survey on production will be replicated in a backup on -dev. This is a a full db dump hourly which could provide some performance impact but it's likely of little concern immediately: each of the records is less than 10k (meaning we would need to have more than 10000 users before we would need an incremental approach for the backup). At that point we could look at not having the backup performed hourly or use changes from the previous backup (as understood by Postgres; the network backup is already incremental).

id | name | game | region | world | platform ----+------------------+------+--------+-----------+---------- 1 | pdxjoe | bfhl | | | pc 2 | mzkaribe | bf4 | | | pc 3 | millionaire-rosa | bfhl | | | pc 4 | -atup-ricardo | bf4 | | | pc 5 | xtreme | wow | eu | frostwolf | 6 | ssh | lol | euw | | 7 | ssh | lol | lan | | 8 | ssh | lol | eune | | 9 | ssh | lol | br | |

jwalsh commented 8 years ago

@DarkSymmetry Could you confirm that you're seeing any production data changes on -dev:

ssh shostekofsky@projectgamr-dev.media.mit.edu 'ls -la ~/backup'

As the deploy user on production I've added the task for backing up to your account on -dev.

DarkSymmetry commented 8 years ago

@jwalsh I don't understand the question. What do you mean?

jwalsh commented 8 years ago

I confirmed that the backup is occurring: 

ssh shostekofsky@projectgamr-dev.media.mit.edu 'less ~/backup/gamr.sql'

Keeping this open to track the website monitoring and alerting.