Firewall Wizards mailing list archives
Firewall to protect web server
From: Jim Ide <JIde () madentech com>
Date: Fri, 21 Apr 2000 10:20:39 -0400
Hello - I am in the process of setting up a web server (red hat linux, apache, mysql, php) in my main office. It will host a database which will be updated by users at several remote offices. This will not be a public web server - it will be only for the use of company employees (access will be denied to all except for a short list of ip addresses). I want to install a firewall to protect the web server. There will be no other computers behind the firewall (I may add more web servers later, if needed). The firewall will need to allow incoming http and https requests to ports 80 and 443 (and obviously the web pages that are sent back to the browser), plus outgoing email from the web server (the web server will generate daily and weekly reports and email them to managers). This is my first attempt at installing and configuring a firewall. 1. The apache web server (and other web servers) can be configured to allow/deny access based on the ip addresses and domain names of incoming requests. Firewalls can also be configured to do this. Should I use apache, firewall, or both, to block incoming http requests? Advantages / disadvantages / considerations to these approaches? 2. I have purchased the Netmax firewall ( www.netmax.com <http://www.netmax.com> ) and have installed it successfully. Has anyone had experience with this product? Good / bad? 3. Has anyone had experience with a using the linux ipchains script builder at linux-firewall-tools.com ? Good / bad? Thanks - Jim
Current thread:
- Firewall to protect web server Jim Ide (Apr 24)
- Re: Firewall to protect web server woody weaver (Apr 26)
- Re: Firewall to protect web server R. DuFresne (Apr 26)