If I am allowed to answer (as you just asked for till and falko
), here are my suggestions:
1) CentOS is pretty much the same as Redhat Enterprise Linux (EL). Mainly only licensing issues differ, the structure is pretty much the same -- that is why most (if not all) of Redhat's packages work fine under CentOS. There are plenty of online guides on the net for both of them however if you want to study in thorough.
2) Modern linux distros nowadays (like Redhat, Debian and its clones -CentOS, Ubuntu, etc) use powerful updating systems so as to keep your box updated and worry less about security (pretty much like Windows Update). Redhat and CentOS use 'yum', Debian and Ubuntu use 'apt-get'. Find info online about these and you 'll see how easy it is to keep your server updated. The bottom line is that the more popular your distro is, the most you will get (as far as updates, help, documentation, security, etc are concerned). Redhat, CentOS, Debian and Ubuntu are very popular and good distros, personally I prefer CentOS.
3) In my days (back to 1998) compiling binaries from the source code was pretty much the only way to go. Although it was considered (and maybe for some still is) the best way so as to have ultimate control upon compiling, selecting exactly the options you need and knowing in detail what was going on on your system, the main problem was the (security) updates. If you use custom compiles and not use each distro's way to install software (like yum and apt-get I described above), you have to manually download, compile and install software from time to time to keep your system updated -- which can be a real pain for software with frequent releases. That is why everything is easier these days.
4) For every project you want to install, you have to learn it independently from the distro you use. I.e. Joomla, Drupal, ISPConfig and many other popular projects, provide good documentation and support communities where you can always seek for help. So you don't have to worry much about this. Just learn one at a time, until you believe you know much so as to go to the next one.
5) Security is a big chapter and everybody has different approaches on this. Some general notes:
- Run only services you really need. This requires some experience, however 'netstat -tap' is a good friend to check exactly what you are running and which ports are open.
- Bind your services to localhost only if you don't really need to have them exposed to the internet (MySQL is a good example if you don't need remote connections).
- Firewalls actually do their job for users that do not know what to close and how to properly configure their services (so actually the firewall denies access to services, instead of you). They do not do miracles, unless you use a very very very advanced setup. For basic usage, you can achieve pretty much the same result without them.
- suPHP is a good idea, I am thinking of enabling too on my server. Also php's safe mode (that ISPConfig supports) is good too.
- Keep your system always updated (i.e. in CentOS using 'yum upgrade').
Last but not least: Google is really
your friend. When you have questions, when you get a weird error message, when you see something that you don't have ANY clue of what it is, use Google. You 'll be really surprised of how many others had the same problem as you.