Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [best-practices]

Questions asking for best practices in a given field. Be aware, that sometimes there might be no generally accepted best practices, in which case the question is likely to be closed for being subjective.

351 questions
33
votes
12 answers

Active Directory: delete vs. disable departed employees

When an employee leaves your organization, do you delete or disable their Active Directory account? Our SOP is to disable, export/purge the Exchange mailbox, and then after "some time" has elapsed (usually quarterly), delete the account. Is there…
Matt Rogish
  • 1,512
  • 6
  • 25
  • 41
31
votes
6 answers

How can I prevent accidentally jacking with a production database?

Just recently, I had a developer accidentally try to restore a database to production, when he should have been restoring to a staging copy. It's easy to do, given that the db names are similar, i.e., CustomerName_Staging versus…
Chris B. Behrens
  • 671
  • 1
  • 6
  • 12
31
votes
7 answers

What would you do if you realized your email hosting provider could see your passwords?

We received an email last year from our hosting provider regarding one of our accounts- it had been compromised and used to deliver a rather generous helping of spam. Apparently, the user had reset her password to a variation of her name (last name…
Austin ''Danger'' Powers
  • 1,180
  • 6
  • 21
  • 51
31
votes
4 answers

Maintenance page on nginx, best practices

I want to configure the server to show a maintenance page when it exist. I tried this code and works: location / { try_files /maintenance.html $uri $uri/ @codeigniter; } But I noticed it would be served with a 200 status code, and it can cause…
NeDark
  • 463
  • 1
  • 6
  • 10
29
votes
4 answers

Best Practice: vCPUs per physical core

I am trying to find some documentation or best practice guides for virtualization with respect to provisioning vCPUs per physical core (of a CPU). If it matters, I am looking at vmWare for the virtualization implementation. For example, an Intel…
Dr. Watson
  • 393
  • 1
  • 3
  • 7
27
votes
5 answers

Where do companies typically store SSL certificates for future use?

We recently bought a wildcard SSL cert for our domain. We converted all of the certs to a Java keystore, but now we are asking ourselves where we should store these for later use. Do people use source control like BitBucket for these types of files…
AmericanKryptonite
  • 281
  • 1
  • 3
  • 6
23
votes
3 answers

Naming a new Active Directory forest - why is split-horizon DNS not recommended?

Hopefully, we all know what the recommendations for naming an Active Directory forest are, and they're pretty simple. Namely, it can be summed up in a single sentence. Use a subdomain of an existing, registered domain name, and pick one that's not…
HopelessN00b
  • 53,795
  • 33
  • 135
  • 209
23
votes
9 answers

A partner wants a copy of our written IT security policy and I'm not sure what to do

My company is working with another company and as part of the contract they are requesting a copy of my company's written IT Security Policy. I don't have a written IT security policy, and I'm not exactly sure what I want to give to them. We're a…
reconbot
  • 2,455
  • 3
  • 25
  • 30
22
votes
4 answers

Is there any reason to allow SMB over the internet?

I'm an admin at a hosting company and I deal primarily with Linux machines though we have plenty of customer with Windows servers. In my capacity I have only ever used SMB for a file / print server on my local LAN. Is there any reason to leave SMB…
MadRush
  • 221
  • 1
  • 2
  • 4
22
votes
1 answer

Usermod -aG vs gpasswd -a as a best practice

I am aware that usermod -g is not best practice from many posts like this however they normally explain the usermod should not be used as it changes the primary group of a user. These posts don't seem to take into account the -aG switch which just…
ZZ9
  • 888
  • 3
  • 16
  • 47
21
votes
2 answers

Is it bad practice to declare MX from differing networks?

We're using a 3rd-party service provider to send transactional email. I recently noticed increased failure rates for a given receiving domain. The sends fail with the error "498 No MX for example.com". The sends are retried after a given delay and…
Oliver Salzburg
  • 4,635
  • 17
  • 55
  • 82
21
votes
9 answers

Best practices for backup checking?

It is a common situation, when administrator makes system for automatic backuping and forgets it. Only after a system fails administrator notices, that backup system has broken before or backups are unrestorable because of some fault and he has no…
Kazimieras Aliulis
  • 2,324
  • 2
  • 26
  • 46
20
votes
6 answers

Bad to be logged in as admin all the time?

At the office where I work, three of the other members of the IT staff are logged into their computers all the time with accounts that are members of the domain administrators group. I have serious concerns about being logged in with admin rights…
poke
  • 1,079
  • 4
  • 11
  • 21
19
votes
1 answer

How to correctly move a server inside a rack up and down

Maybe a bit stupid question, but Sometimes (rarely but it happens) I need to move a server in a rack 1-2U up or down. What do you think, which of the ways is the most correct and useful and why? remove a server from the rails, detach a rails,…
disserman
  • 1,850
  • 2
  • 17
  • 35
17
votes
8 answers

What is the system administration equivalent to dogfooding?

Software developers have the concept of "dogfooding", which is where they personally use the software that they are developing, often on a regular basis. For some projects, the direct interaction it provides can be invaluable in debugging the…
Nic
  • 13,425
  • 17
  • 61
  • 104
1
2
3
23 24