Security For A Web Server.

April 28, 2024, 02:47:24 PM
Welcome, Guest

News:

« previous next »

Pages: [1]

Print

Author Topic: Security For A Web Server. (Read 2537 times)

tickmike

Kitizen
Posts: 3641
Yes Another Penguin !. :)

Security For A Web Server.

« on: September 22, 2008, 01:06:35 PM »

What type of security do I need for a Public Web Server ?.

Logged

I have a set of 6 fixed IP's From Eclipse isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

kitz

Administrator
Senior Kitizen
Posts: 33888
Trinity: Most guys do.

Re: Security For A Web Server.

« Reply #1 on: September 23, 2008, 11:59:05 PM »

Is it running on another used machine via NAT or in a DMZ on its own IP.

Usual stuff - firewall, and root access only to admin.
If its running in DMZ as webserver only, then block all ports other than 80

[edit]
Just found these which explains much more than I could
http://www.ciac.org/ciac/bulletins/j-042.shtml
http://www.ibm.com/developerworks/linux/library/s-wssec.html

Logged

Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

tickmike

Kitizen
Posts: 3641
Yes Another Penguin !. :)

Re: Security For A Web Server.

« Reply #2 on: September 25, 2008, 10:18:03 PM »

Thanks Kitz

The info links look good, not had time to read them yet.

The web server will be in a DMZ off my dedicated firewall, it may be a ,virtual machine' running the web server (still working on that.

).

Logged

I have a set of 6 fixed IP's From Eclipse isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

Print

Pages: [1]

« previous next »