System Adminstration – The Rules
For me, these pre-date a popular US TV show (NCIS – ‘the rules’ referred to – connected to the character, ‘Gibbs’.) The first three get the most mileage. BTW – SA=SE (from my chair, sys-admin = systems engineer ~ anyone working on your IT infrastructure.)
- You will do no harm - nothing you do will negatively impact any processes, users, services, hardware or other components for the systems that you manage
- Just because you can does not mean that you should
- Keep it simple (whenever possible)
- Qualify what you say – Only say that X is possible when you know it is (you tested and verified and under condition set X the output of data set Y will always be result Z, always.)
- If you don’t know the answer respond to questions with, “It depends – tell me more…”
- Always ~= most of the time… Murphy is your ever present companion so have a ‘plan B’ (and C, D…)
Your rules, of course, may/should vary. 
Sample rule applications
- beta, non-QA code does not belong on the production server (rule #1)
- we can just create a process on our web server that listens on Port MMM; the network is ’secure’ so we don’t have to worry with the security stuff… (rule #2)
- do you really need module S for language R (which requires 5 other modules) on your production system to add one new, trivial (non-revenue impacting) feature? (rule #3)
Related posts:
- Apache, mod_security & GEO-IP I previously posted about using the mod_geoip Apache module to...
- Bot Battles – defense on ‘the edge’ If you have been asleep then you missed the news...
- Linux firewall – iptables 101c GEO Blocking network access – blocking specific IP blocks (GEO-blocking...
- Apache & mod_security – resolving false positives I recently found that some users could not access this...
- Apache – mod_security – web application firewall ModSecurity is a web application firewall (WAF) for the Apache...