Yes, I'm an idiot. No, I am not a completely inexperienced idiot.
I'm new to Pi, but want to set one up as a webserver, open to "the world". It won't be my first Apache server, but a long shot. But will be my first Linux Apache server.
I want to be "secure". I was wondering if it would be a good idea to create a "for this" USER within my Raspbian install on my Pi, to use for when the Pi is running as the webserver? The theory being that if Bad People got "into" my Pi, they'd start off inside the user I created for the webserving, and, with luck, not be able to get beyond that?
My webserver doesn't have to be able to be the fanciest server on the planet. If it can serve up a few static pages, that will be enough of a "play pen" for me for now. I realize that before I'll be able to set up the next Facebook (joke), I may need to learn some extra stuff, and perhaps lock the server down a bit less restrictively.
If dedicated user a good idea, any pointers on choices I should make during setup thereof welcome!
Whether you like or don't like my dedicated user idea, any other pointers on things to remember in order to make my server Bad Guy/Gal resistant welcome. (1: Have a strong password for the user. Got that. I've also changed the Pi's hostname away from the default hostname.)