Open DarkSymmetry opened 9 years ago
I have one outstanding task to scan the production host...
The exposed port seem reasonable: Port Scan has started…
Port Scanning host: 18.85.11.93
Open TCP Port: 22 ssh
Open TCP Port: 80 http
Added PaperTrail for monitoring general log events.
Running daily reports on the system state:
0 5 * * 1 logwatch --mailto jasonwalsh@gmail.com --output mail --format html --range 'between -1 days and today'
Updating to receive the logwatch report at 8:00AM daily.
Added New Relic for monitoring the system:
https://www.dropbox.com/s/ql1j7vy4o27km3s/Screenshot%202015-10-13%2007.11.41.png?dl=0
The final validation should be that completing a survey on production will be replicated in a backup on -dev. This is a a full db dump hourly which could provide some performance impact but it's likely of little concern immediately: each of the records is less than 10k (meaning we would need to have more than 10000 users before we would need an incremental approach for the backup). At that point we could look at not having the backup performed hourly or use changes from the previous backup (as understood by Postgres; the network backup is already incremental).
id | name | game | region | world | platform ----+------------------+------+--------+-----------+---------- 1 | pdxjoe | bfhl | | | pc 2 | mzkaribe | bf4 | | | pc 3 | millionaire-rosa | bfhl | | | pc 4 | -atup-ricardo | bf4 | | | pc 5 | xtreme | wow | eu | frostwolf | 6 | ssh | lol | euw | | 7 | ssh | lol | lan | | 8 | ssh | lol | eune | | 9 | ssh | lol | br | |
@DarkSymmetry Could you confirm that you're seeing any production data changes on -dev:
ssh shostekofsky@projectgamr-dev.media.mit.edu 'ls -la ~/backup'
As the deploy user on production I've added the task for backing up to your account on -dev.
@jwalsh I don't understand the question. What do you mean?
I confirmed that the backup is occurring:
ssh shostekofsky@projectgamr-dev.media.mit.edu 'less ~/backup/gamr.sql'
Keeping this open to track the website monitoring and alerting.
@jwalsh : Do you think we are secure enough?