This tutorial will help you create an automatic backup on dropbox for your server.
Story time: I run one web server with 5 users. I wasn't really interested in allowing them to see the systems (and my personal) files even if they couldn't edit them. I posted a question about what to do on codingforums.com. The tutorial I was given there seemed faulty hence my post on linuxquestions.org. I eventually found several tutorials and got it to work. Here is a tutorial that is really a mix or several other tutorials and tips I have found on the net in my epic search.
NOTE: This tutorial is for attempting to jail users to their home directory and allowing them ONLY sftp access.
NOTE: This works and has been tested on centos 4.4
This will majorly increase security for a multi-user server. The main things it does are:
Lock users to their home directory
--This blocks their eyes from the rest of your system and from files like: system binaries, other users' files, backups, configuration files
Disable regular ssh access
--Many users just having a web site won't need an actual command interface. Its just one more thing to be hacked.
FTP already does this!!! right?
Yes, but your forgetting one thing... this is SFTP!!! It's encrypted and so it is much harder for hackers to sniff packets. Also, the user management is at the system level, so your server tells users what they can and can't do. If your FTPd runs as root or with a high permissions level and a ftp user hacks it, it means they have root or at least high permissions over the ENTIRE server? Not anymore.
This tutorial uses the /opt directory to install the necessary dependences. If you wish to install them anywhere else or do not have an opt directory on your server you may do so, but make sure to change all the paths in the code below.
All commands must be run as root
NOTE: The jailing setup for OpenSSH ver5 is much cleaner and uses less hacks then ver4. If you need to jail users, make sure to update to version 5.
NOTE: This setup is meant for installing on a fresh server. If you already have configuration files for the programs we will be installing (zlib,openssl, and openssh), they will not be overwritten, but you will have to copy them from their old paths to the paths you install with here (recommended: /opt/...).
NOTICE: Yum will not update these programs anymore (zlib,openssl,openssh). When a new version comes out, you will have to make your own install from a tarball again. Just follow the same directions.