Why you should fucking listen to your system admin

[This is a guest post by the ever-awesome cpaxton.]

 

The implementation and maintenance of a LAMP stack server (Linux, Apache, MySQL, and PHP), requires a broad base of computer knowledge. This includes some basic coding, database management, hardware, networking, DNS, cyber security, and SMTP knowledge. While very few of us are masters in any one of these fields, and there are exceptions, we have more passing knowledge than the laity. That is to say, unless you are an ace developer, database admin, computer scientist, networking administrator/work for an ISP, white/black hat hacker, or understand the entirety of the postgres and exim documentation plus a large amount about the major email providers like Microsoft and Gmail, fucking listen to your system admin.

Does this mean we make mistakes? of course we do. We are again experts in none of the above, but we have poked at them all in at least a cursory manner.

Generally, we are willing to admit our faults; if you say something isn’t working we will try and give you the answer and if that doesn’t work, we will keep looking to see what we may have missed. However, that is not an excuse to not listen to what we say.

When we tell you something is in relation to your code, look over your code. For example, while PHP memory limits can be configured by the server in a php.ini or a .user.ini, it can also be configured directly in the code which system admins will generally not touch.

Well why not? You said you have some basic coding skills earlier?

Why? Because we have basic coding skills. We know that as soon as we touch your code, there could be any number of issues. For those of you who don’t know, code is a complex system of telling the computer what you want it to do. Sometimes jimmying a piece of the code breaks nothing and will allow the entire system to work the way you want it. Other times this breaks every part of the code and causes more issues than any of us want. Not to mention, as we are not experts, we are not doing this to any sort of standard. An expert who looks at anything we edit may be confused as all hell and cause more work (i.e. more time/money spent to get it fixed) or worse break alterations that they need to make (even more time/money).

Other instances you should listen to your system admin? Whenever we tell you something.

When we tell you that this hacking is beyond our skills and you should hire someone with experience to review your website/server, do it. We can certainly help you with the basics and hell sometimes even find the exact POST request that started the hack. What we cannot always do is figure out how they are exactly getting into the server, what exploits they are utilizing, and how to prevent it from happening again. We can tell you the best thing to do, besides hiring an expert, is to keep everything up to date and make sure you use strong passwords.

Oh for the love of God please do not make passwords with “password” or “pass” or “mynameis” or anything else with only one case, no numbers, no special symbols and from the dictionary. These sorts of things break my heart and your bank account. For example, and while I don’t remember the exact password, I have seen something analogous to password123 as the ROOT PASSWORD to the server. This is the biggest “oh dear god you are fucked” thing there is, besides actually confirming you have been rooted.

So when we tell you to do something please do. Don’t argue with us unless you are an expert in the profession (have been doing the specific thing for more than 4 years). Then if you are, point out what we are missing, we will generally be happy to see where we made an error and would like to add that knowledge to our understanding.

Otherwise,

Fucking listen to your system admin.

Post navigation

Leave a Reply

Your email address will not be published. Required fields are marked *

34 + = 38