Welcome to WebmasterWorld Guest from 23.22.220.37

Forum Moderators: bakedjake

Message Too Old, No Replies

Server Security Overview behind a Port Forwarded Router

     
8:16 pm on Sep 25, 2007 (gmt 0)

Full Member

10+ Year Member

joined:June 24, 2004
posts: 202
votes: 0


I recently setup a server (SUSE 10) with apache,php,postgresql. The machine is on my internal network (192.168..). I created a port-forwarding rule in my D-LINK router; port 80 to access the web server and everything works great when accessing the http server from outside the network.

My question: What other security concerns should I be aware of? It seems to me all the other ports/programs would be blocked or inaccessible from the outside net? Any other concerns I should be aware of or blocks I should have in place?

Thanks for suggestions and input!

11:51 am on Sept 26, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 27, 2001
posts:784
votes: 0


Configure the router to block everything except port 80 to the web server.

Configure the firewall (iptables) on the web server to block everything except port 80.

Turn off all the services on the server that you don't need. For example, if you're not using MySQL then make sure it's not running.

Make sure you check for system security updates regularly and install them (to catch bugs in either apache or php or other components). This can be automated.

If you are running any additional web software packages, make sure you sign up for security alerts for them and update them as necessary.