Most of the time it is just cheaper to pay the fine rather than practice good security. I recently read about a health organization that had a million records compromised. They were fined $3.5 million, so about $3.50 a record. Alot of companies figure it is better to just take the chance and even if you do get hacked it is still cost less than having a good security program.
That's often the case. Same thing with credit cards. Cheaper to pay for bad transactions than to pay for better security in the cards.
Yeah. These companies get rewarded for not having security. Just because you have terrible security, doesnt mean you will get breached either. How many are flying under the radar that we don't know about?
No the bigger question is, how many have been breached that they aren't aware of it, and the effects are low enough that it's not tripping any alarms?
Any good breach will be that way - no one knows except that data is out there, somewhere.
I thought about making a new VM using Fedora 25 as the one @scottalanmiller provided the group works so well. I'm just afraid I won't be able to successfully migrate the data.
It's all just a database and filesystem. I've not done this, but should not be bad.
Would this still be possible if you've chosen to enable encryption? I would assume that your encryption key would be different in a new install. I don't remember reading anywhere about how to migrate data from one install to another if it was encrypted (although maybe I've never read it because it doesn't matter). Has anyone done this? Moved users and data to a new install with encryption turned on?
Doing the migration would decrypt on the source before doing the move. So it should be the same. The key would change or not depending on if you move the key.
Start with old Desktop with Virtualization extension, something that you can install OS and dont have to remove cause of free space or you need it for something else.
Cause learning Linux or Centos or anything else needs environment, and virtualbox can work but it wont allow you play with KVM, and thats for me the big part of the fun.
Also you need to keep learning that means its is process some day you will leave it 4-5 days dormat cause your stuck in an issue the other day bulb lights up mainly due to reading this site and you get back on it.
@jaredbusch Thanks for the steps. Do you know if you are able to dynamically expand the block storage?
Use LVM with it, doesn't matter weather it's dynamically enabled by Vultr or not, it just is.
I actually didn't know LVM would dynamically allocate it in this situation. Interesting.
Just stop and think about it for a minute and I think you'd get it.
Need to add space, plug in a block device and expand the LV. Need to remove a block device, that's just fine as well (just be sure the VG has enough space to hold all the data after that block device is removed.)
learning question here - when you remove a block device from a VG, does LVM move the data as part of the process of removing the block device?
Yes, so long as there is enough storage space left in the VG, it will move it off the device being removed. Disclaimer: I haven't actually tested this in years.
I tried this out this morning. The Docker container isn't responding to https/443 traffic, but is responding to http traffic. I'm assuming that's the cause of getting an error in my NextCloud11 install "ONLYOFFICE app not configured. Please contact admin". Haven't collected the relevant logs yet, so more info to come or as requested.
@scottalanmiller why install a proxy when Apaches here and working what is the benefit to having a proxy on the same server. Let’s Encrypt perfectly with Apache
Security and flexibility typically. Here is the admitted marketing material from Nginx on security: "Security and anonymity – By intercepting requests headed for your backend servers, a reverse proxy server protects their identities and acts as an additional defense against security attacks. It also ensures that multiple servers can be accessed from a single record locator or URL regardless of the structure of your local area network."