• Working with CF for 16 years
• 8 years Foundeo Inc.
• Consulting: Server Lockdown, Code Review, Development
• Products: FuseGuard
• Services: HackMyCF
• Husband and father of 3 kids
• Blog: petefreitag.com
• Twitter: @pfreitag

• Platform Differences
• Linux Basics
• Installing CF
• Configuring Apache

• Linux File System is Case Sensitive
• Check your links, images, file operations, etc.
• Use Application.cfc not application.cfc
• Can be the biggest pain point if you were careless about case.

• CF on Windows allows either / or \ to be used in file paths.
•  c:\abc/123\ works on Windows 
  
• CF on Linux does not allow \ in paths:
  
• /opt\coldfusion11 does not work on Linux
  
• Always use a forward slash /  because it works on any platform.
  

• Fonts available may be different. 
• Check usage of fonts in cfimage, cfdocument, etc.

• Platform specific code will not work
• cfexecute - executables are platform specific
• .NET integration will not work
• C++ CFX tags need to be recompiled

• Java is platform independent.

• URL Rewriting often needs attention.
• You may need to translate your rewrite rules into apache mod_rewrite rules.

• Tons of Linux Distributions to choose from, pick a popular one.
• For Servers RedHat Enterprise Linux (or its free counterpart CentOS) is a good choice.
• For Servers & Desktop Ubuntu is also a good choice.

• No GUI Needed
• Everything can be configured through the shell, from the command line.
• No GUI's, wizards are necessary.
• If you want to use a GUI use Windows.
• Takes a little time to get over a small learning curve

• Secure Shell Protocol
• You will use this to connect to and login to the server
• If on a Mac
• Open Terminal.app and type ssh user@hostname
• If on Windows
• You will need to download and install a SSH client, putty is a popular/free one.
• SSH is akin to Remote Desktop on Windows, it is how you will connect and administer the server.

• Similar to Command Prompt or PowerShell on Windows
• dir some\path  -> ls some/path  
  

• more: paginates output, typically piped | eg: ls -l | more

• tar: creates or extract archives (typically tar.gz) 
• tar -czf archive.tar.gz /dir  
• tar -xzf archive.tar.gz
• tail: last n lines: tail log.txt  
  
• head: first n lines: head log.txt
  
• grep: searches (regex): grep '201[0-4]' log.txt
• if you don't need a regex use fgrep (fast grep)
  
• find: lists files recursively:  find /var | fgrep log  
  

• You need to know how to use a text editor in order to edit config files.
• vi - very popular, powerful, installed by default
• nano - perhaps easier to use
• emacs - very powerful

• Open a file: vi filename
• Run a vi command: Esc :some-command
• Insert Text: Esc :i
• Save file: Esc :w
• Save file and exit: Esc :wq
• Exit a file: Esc :q
• Exit without writing: Esc :q!
• Go to line 8: Esc :8

• root - sometimes called the superuser, equivalent to Administrator on windows.
• You should use your own user account instead of root, as much as possible.
• After logging in you can become root by running: su
• You can use sudo to execute privileged commands
  
• Configure SSH to deny root logins
• Users can belong to multiple groups.

• To view permissions of files in a directory run ls -l 

-rw-r-----  1 user group 3631 Oct 7  2013 style.cssdrwxrwx---  6 user group 4096 Oct 22 2013 folder

• / - the root (there are no drive letters)
• /etc - stores configuration files for most stuff
• /var - files that change during runtime  /var/log
• /root - the home directory for the root user
• /home - home directories for other users

• The SSH service provides a SFTP subsystem
• No need to install any extra FTP software it runs on the same SSH port (22 by default).
• You can use scp to copy files from server to server or from a mac to your linux server.
  
• Most FTP clients support SFTP.
• If you really need FTP/FTPS consider vsftpd

• Lots of options, sendmail and qmail are popular.
• Also consider third party SMTP servers like SendGrid, Mandrill, etc.

• You can create shell scripts that run on a periodic basis
• Create a shell script, mark it executable and drop it in:
• /etc/cron.daily/
• /etc/cron.hourly/
• /etc/cron.weekly/
• /etc/cron.monthly/
• The /etc/crontab file for more advanced timing

• Look in /etc/httpd/ or /etc/apache2/
• The main configuration file is typically called httpd.conf
• Depending on the distribution httpd.conf may have Include somefolder/*.conf
  
• Lines that start with # are comments
• Apache is a modular web server, you can pick and choose which modules you want, look for LoadModule directives.
  

• A site is typically configured in a <VirtualHost>  directive.
  
• Minimally specify a ServerName and DocumentRoot
• Make sure NameVirtualHost and Listen
   are used to define the ip/port mappings.

<VirtualHost *:80>    DocumentRoot /var/www/example.com/wwwroot/    ServerName example.com</VirtualHost>

• Monitor Log files 
• Most logs are under /var/log (CF's logs will be in its own dir)
• Install logwatch (yum install logwatch) or similar to email log summaries 
• More advanced options like splunk
• Manage local firewall
• Use iptables command 
• Dome9 - firewall management service
• Update, add yum update to a cron task.

• Duo Security:  Smart Phone Applications (push msg), sms, landline integration. Free for up to 10/users
• Google Authenticator: OTP generator app