homepage Welcome to WebmasterWorld Guest from 54.205.144.54
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
Server Security Overview behind a Port Forwarded Router
blaketar




msg:3460696
 8:16 pm on Sep 25, 2007 (gmt 0)

I recently setup a server (SUSE 10) with apache,php,postgresql. The machine is on my internal network (192.168..). I created a port-forwarding rule in my D-LINK router; port 80 to access the web server and everything works great when accessing the http server from outside the network.

My question: What other security concerns should I be aware of? It seems to me all the other ports/programs would be blocked or inaccessible from the outside net? Any other concerns I should be aware of or blocks I should have in place?

Thanks for suggestions and input!

 

danny




msg:3461303
 11:51 am on Sep 26, 2007 (gmt 0)

Configure the router to block everything except port 80 to the web server.

Configure the firewall (iptables) on the web server to block everything except port 80.

Turn off all the services on the server that you don't need. For example, if you're not using MySQL then make sure it's not running.

Make sure you check for system security updates regularly and install them (to catch bugs in either apache or php or other components). This can be automated.

If you are running any additional web software packages, make sure you sign up for security alerts for them and update them as necessary.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved