nanog mailing list archives
Re: WebServer and Firewall Help
From: John Mason Jr <john.mason.jr () cox net>
Date: Tue, 08 Feb 2011 11:39:39 -0500
On 2/8/2011 7:21 AM, William Warren wrote:
On 2/7/2011 1:23 PM, Joshua William Klubi wrote:the problem may not be your operating system but the web application running. what web application/s are on that box?Hi, I run a web-server based on ubuntu server and the LAMP stack.I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports.Namely port 80 and port 22 only.Unfortunately once a while some guys get to inject some content onto our webpages. Now managements are looking at getting a well proven infrastructure to counter that.But I also think i can fall on this community to help me get the right stuffdone. Where i can protect the server from such attack.I want to know what measure i can do on the server to get it protected whichmysql protection I should implement. since i can see that it might be a php or mysql injection that is been used. Currently I run these security measures on it. Ubuntu UFW Fail2ban PHP model security Apache security Joshua
Might also take a look at http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project John
Current thread:
- WebServer and Firewall Help Joshua William Klubi (Feb 07)
- Re: WebServer and Firewall Help William Warren (Feb 08)
- Re: WebServer and Firewall Help John Mason Jr (Feb 08)
- Re: WebServer and Firewall Help Joshua Klubi (Feb 08)
- Re: WebServer and Firewall Help Curtis Maurand (Feb 08)
- Re: WebServer and Firewall Help William Warren (Feb 08)