Good morning everyone,
I’m launching a new business this summer that will focus on public/private partnerships to address cybersecurity policy and infrastructure certification in the hopes of preventing attacks in the first place–or at least mitigating risk through something more comprehensive than just defensive posture. Cyber vendors are still almost entirely response-oriented. Someone has to work the other end. Most especially vital within critical infrastructure, industrial SCADA, and co-lo or other network providers.
At any rate, I’m brand new to Plone and am leaning towards Plone 5 for the CMS for the underlying site for which I’m just now starting to put the architecture together. WordPress, Drupal, Joomla, etc. are non-starters for their extensive history of security vulnerabilities.
I’m using a Pair Networks VPS for the hosting, and will move to their dedicated servers as soon as needed after we launch. I’ve been with them for 22 years. I know them. I trust them. They are world-class and top-notch with security. However, Pair (IMHO understandably) does not provide root access except for co-location and a few other services I’m not ready for.
I know that Plone requires root to install some of the required libraries, and presumably to setup the ZEO daemon. I can work with this – Pair’s support team can do the install for me for a very minor fee. What I can’t tell from the Plone documentation and install instructions I’ve seen so far is whether or not it requires root after it is installed and up-and-running. If that’s the case, I’ll need to switch to one of Pair’s other service lines sooner rather than later.
Can anyone here tell me if I’m going to need that kind of access on a day-to-day or regular basis after everything is up and running?
The server will be running Ubuntu. My local testing/pre-production server will be either Ubuntu or Kali.
(Caveat: understood and accepted that I may need it again to install updates or patches every now and then. I’m talking day-to-day operation as the CMS powering both a public-facing website and a secure extranet for clients.)