Chama9876

Q: securing and shutting down my mavericks server

Hi all.

 

I have taken the pluge and purchased a copy from the mac app store of OS X Server The latest version for my mac mini. As I travel a lot I need access to my files from home. Seeing that my hard disk in my macbook is small I thought a server software would be handy as well as the other items which it offers.

 

I have a couple of questions which I am hoping someone will answer for me.

 

The server runs along side Mavericks and I was wondering if I quit the server app will this stop my server from running? like cache items, file sharing and VPN which I use.

 

Also how to I shut down my server when I dont need it? Or popping the mini into sleep? For example when I am at home and the laptop is put away for example. Is it simply file and quit?

 

I know this may all seem lame but I am new to this.

 

Many thanks.

 

 

MacBook, OS X Mountain Lion (10.8.5)

Posted on Feb 15, 2014 10:03 AM

Close

Q: securing and shutting down my mavericks server

  • All replies
  • Helpful answers

  • by Linc Davis,

    Linc Davis Linc Davis Feb 15, 2014 10:55 AM in response to Chama9876
    Level 10 (208,000 points)
    Applications
    Feb 15, 2014 10:55 AM in response to Chama9876

    if I quit the server app will this stop my server from running?

     

    No.

     

    Also how to I shut down my server when I dont need it?

     

    You can turn services on and off in the Server application, if that's what you're asking.

     

    This wasn't the question, but I think you would be better off using "Back to My Mac" than OS X Server, if all you want to do is access your data remotely.

     

    OS X: Using and troubleshooting Back to My Mac with your iCloud account

  • by Chama9876,

    Chama9876 Chama9876 Feb 15, 2014 11:30 AM in response to Linc Davis
    Level 1 (15 points)
    Feb 15, 2014 11:30 AM in response to Linc Davis

    What about if I pop my mac to sleep will that cause issues with the mac staying awake?

  • by Chama9876,

    Chama9876 Chama9876 Feb 15, 2014 11:30 AM in response to Chama9876
    Level 1 (15 points)
    Feb 15, 2014 11:30 AM in response to Chama9876

    Sorry staying asleep!

  • by Linc Davis,

    Linc Davis Linc Davis Feb 15, 2014 11:41 AM in response to Chama9876
    Level 10 (208,000 points)
    Applications
    Feb 15, 2014 11:41 AM in response to Chama9876

    It won't sleep automatically while Server is installed. Don't put it to sleep manually.

  • by MrHoffman,Helpful

    MrHoffman MrHoffman Feb 16, 2014 5:59 AM in response to Chama9876
    Level 6 (15,627 points)
    Mac OS X
    Feb 16, 2014 5:59 AM in response to Chama9876

    Random running-a-server comments, and in no particular order,....

     

    Systems that are servers are always available, and generally don't and won't be shut down or rebooted save for maintenance or upgrades or similar.   While it's possible to shut them down, it's not typical.

     

    If you do want to shut OS X Server down and then restart it as required later, you'll either need to get the so-called Magic Packet — wake on LAN — working from some other box on your own LAN (the packet doesn't work across a VPN or remote link — or you'll need something like a network-connected power switch.   Some way to wake the server remotely.

     

    Once you start using your own server with (for instance) your own DNS server, you'll want your server operating continuously, as DNS translations would otherwise fail.

     

    OS X Server needs local DNS services running for at least itself or various services will get weird and unstable, and you cannot (successfully) reference ISP DNS servers or other off-LAN DNS servers.  As you start using authentication and network encryption services on your local network, those are dependent on proper local DNS — it's the local IP address to host name DNS translation that the ISP and off-LAN DNS servers can't answer, and that question is used with various security-related network operations.  This is the so-called reverse DNS translation; address to name.

     

    You'll want a static IP from your ISP or you'll need dynamic DNS for the remote connection. 

     

    If you decide you want to host your own mail server, you'll need static IP from your ISP or you'll have to relay all your mail via some other mail server — other mail servers on the network increasingly depend on DNS to spot spam engines, and a server on a dynamic IP address is indistinguishable from a spam engine.  Hence static IP or an (authorized) relay mail server.

     

    Connecting into your system via VPN will be preferred path for remote access, as the gremlins will find and poke at any ports open and port-forwarded through your firewall.

     

    Servers are attack targets, so — if you're going to start running something like a web content management system, or if you might have a weak password around — you might want to investigate placing your server in a DMZ.  This if you have other and potentially less secure systems on your LAN.  A web server breach can be a hassle to clean up, and there are presently at least three DDoSs underway (NTP, DNS and SNMP) that can suck down your network bandwidth, if your server happens to be configured to be vulnerable to these or some other DDoS that somebody finds and starts exploiting.  Put another way, don't forward all ports to your server through your network firewall; restrict that inbound remote access to either VPN-only, or to specific ports absolutely required.

     

    To extend and elaborate on what Linc Davis has written, Server.app is just the front end GUI interface for managing it, and Server.app can be run locally or can connect and manage a server remotely.  Server.app can come or go as needed, and the underlying services on the target server will continue in the same state — started or stopped — as they were last set to by Server.app or by the command line.

     

    Cloud services including Dropbox and SpiderOak are available and deal with remote storage as an alternative to learning about servers and IP networking and the rest, though it's possible to go well past something like AFP or SMB/CIFS file services on your server and load and run additional "cloud" software such as OwnCloud — that's more advanced to set up and configure and manage, but more features.  Managing a server is more effort — and if that's not part of your goals and expectations here — using hosted services — now called "cloud services" can be a good trade-off for various situations.

  • by Chama9876,

    Chama9876 Chama9876 Feb 16, 2014 6:09 AM in response to MrHoffman
    Level 1 (15 points)
    Feb 16, 2014 6:09 AM in response to MrHoffman

    Thanks MrHoffman for this.

     

    this helped very much. However I am mainly running the server as a VPN with DNS already configured automatically by the software. I mainly want to access my work from home when out.

     

    I got so fed up with it last night that I uninstalled it and popped a clean copy of Mavericks back on this morning. I think I don't understand how or what servers are so will need to go away and look all this up.

     

    I think Back to Mac although is easier to understand and set it and 'forget it' scenario. I would ideally like something a bit more advanced and have more control over.

     

     

    Does that make sense?