Partitioning for Web Servers

centos rhel partition virtual-machine webserver

8,289

Solution 1

I generally follow the CIS RHEL benchmark for web servers.

/home, /var, /var/log, /var/log/audit all get their own partitions. Other mount options are specified for /tmp and /var/tmp, etc.

Solution 2

My 2 cents as well (I don't really know whether this is good or not... is my way)

1) I'd strongly recommend that you use LVM2 (if you can in CentOS, which I'm not too sure, though). If you can, it will be very helpful when you reach that point where partition /var is 99% usage and /home is 1%. You may never use its resizing features, but it really gives (at least to me) peace of mind. One little warning: If you use LVM2 you won't be able to have the /boot folder inside the LVM2 "Volume". It has to be in a separate partition outside the LVM system as a regular partition (at least, that's my belief as of today, Thursday March 22, 2012)

2) I always create, at least, 4 partitions to mount

/
/boot
/var
/home

Sometimes /tmp as well (and swap, but I'm not really counting that one)

/var and /tmp can grow in a kind of uncontrolled way (log files, media going up and down the server, bad stuff). They shouldn't, but they can.

/home because you may want to store some tricks, documents, ideas... stuff that you found when your server was running and if your system blows up, you may want to have a chance of recovering those.

That's my...thing

8,289

Joshua Hornby

Updated on September 18, 2022

Comments

Joshua Hornby almost 2 years

I was curious what some general best practices are in relation to partitioning for a new Linux VM that will be used as a web server? Are there certain guides that should be consulted or followed? What partitions should be created? What are the common sizes for the various partitions that should be created? Should I worry about LVMs, and if so, what do I need to know about them? I am working on building a template for many new web server builds and I wanted to make sure that I have something that will be able to be used now and for a little while into the future to turn up new servers with. Also, this will likely be used on CentOS 6.x or RHEL 6.x.
- Ulrich Schwarz over 12 years
  
  My 2 cents: consider putting server logfiles on a separate partition. Apache's logfiles are usually owned by root, so if something runs amok in your error log, the reserved quota for root won't save you. (I've seen a sudden burst of 200G logfile overnight due to a broken CGI. Had this happened over a weekend, it'd have been very nasty. On a separate FS, the FS is full, big deal, you can still log in and clean up.)
- Nils over 12 years
  
  Does your Webserver allow for uploads? Does it dynamically generate content? It depends...
sa289 almost 9 years

For anyone coming across this, that benchmark is also available for other RHEL versions and there's a newer version out now for RHEL 5 at benchmarks.cisecurity.org/downloads/browse/…