Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: bakedjake
My website is running with 3 servers and all of them are exactly the same. What I mean is they have same softwares installed.
So here's my question. What's the best way to handle this 3 servers the most efficiently? Right now, if a security fix must be applied for apache for example, then I need to re-install apache 3 times and it's kind of annoying :D
I think there is a better way to do that? At leat I hope so.
Right now, if a security fix must be applied for apache for example, then I need to re-install apache 3 times
What distro are you using? Is there a reason you aren't using the inbuilt package-management tools?
I've got all my linux boxes set to auto-update, so I never have to re-install anything by hand. Can't you do this?
i do not have the latest release
In my experience, on a production box, you should NOT work with the latest release, you should work with the latest patched release of the ORIGINAL version of the package that shipped with your distro.
For example, I've got one particular production server which runs SuSE 10.0. It's currently running 'apache2-2.0.54-10.5' which is the latest patched apache2 that comes from SuSE for SuSE 10.0 boxes.
I'm aware that I could go and get either a source tarball of version 2.2.3 or 2.0.59 direct from httpd.apache.org - but why bother? SuSE's advisory [novell.com] tells me that, to fix the security hole, the version I need is 2.0.54-10.5.
The best bit? YaST does all the patching for me while I'm doing something far more interesting... and in fact by the time I'd read the mod_rewrite security advisory, this particular box had patched itself. Can't beat that :-)
As for updating 3 servers, that's minimal if you use the package managers. I use mandriva's built in gui once a week on all my machines to install all new bugfixes and security updates. Takes me about 3 minutes to start up the automated process on 4 seperate machines. Mandriva has a 'show all bugfixes and security updates available' feature, I'm sure other distro's do as well.