RE: Web Server and Firewall Hellp

[Ingo Flaschberger <if () xip at>]

> > > I run a web-server based on ubuntu server and the LAMP stack.
> > > I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports.
> > > Namely port 80 and port 22 only.
> > >
> > > Unfortunately once a while some guys get to inject some content onto our web
> > > pages.
> > >
> > > Now managements are looking at getting a well proven infrastructure to
> > > counter that.
> > > But I also think i can fall on this community to help me get the right stuff
> > > done. Where
> > > i can protect the server from such attack.
> > >
> > >
> > > I want to know what measure i can do on the server to get it protected which
> > > mysql protection
> > > I should implement. since i can see that it might be a php or mysql
> > > injection that is been used.
> > >
> > > Currently I run these security measures on it.
> > > Ubuntu UFW
> > > Fail2ban
> > > PHP model security
> > > Apache security

have a look at mod_security, helps very successfull against outdated, 
exploitable user webpages.
mod_security ist a layer 7 firewall wich runs as a apache module.

Kind regards,
        Ingo Flaschberger