# Set up Apache22, MySQL, SSH in jail



## cosmin (Feb 20, 2012)

Hello everybody!

I want to put Apache in a jail. I've already created the jail. The Apache is supposed to run Gallery3, which make use of MySQL.

My question is how I set up the jail(s)? Should I make two jails: one for Apache + Gallery3 and one for MySQL? *O*r should I create only one jail for all of them?

I was thinking allowing SSH to run on the host (not in jail) to allow me to connect to my box from outside. Is it better to put SSH into a jail and from there to make another SSH connection to the host? 

Thanks a lot for any hint you can give me!
Cosmin


----------



## UNIXgod (Feb 21, 2012)

Separating your web server from the database server is a good security model. If your web server gets hacked your database server will be safe.

As for ssh. You can do it both ways you presented.


----------



## SirDice (Feb 21, 2012)

cosmin said:
			
		

> Is it better to put SSH into a jail and from there to make another SSH connection to the host?


If you're already on the host you can access the jails without using ssh(1) like so:
`# jexec <JID> /usr/bin/su -`

You can also use the jail's name if you configured one.


----------

