|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Tue, 08 Feb 2011 07:21:29 -0500 From: William Warren <hescominsoon@emmanuelcomputerconsulting.com> To: nanog@nanog.org In-Reply-To: <AANLkTi=OSRDEa_X2Rdhp6bGW2-dFZbOCDzAWAr6ZiUTY@mail.gmail.com> Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org On 2/7/2011 1:23 PM, Joshua William Klubi wrote: > Hi, > > I run a web-server based on ubuntu server and the LAMP stack. > I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports. > Namely port 80 and port 22 only. > > Unfortunately once a while some guys get to inject some content onto our web > pages. > > Now managements are looking at getting a well proven infrastructure to > counter that. > But I also think i can fall on this community to help me get the right stuff > done. Where > i can protect the server from such attack. > > > I want to know what measure i can do on the server to get it protected which > mysql protection > I should implement. since i can see that it might be a php or mysql > injection that is been used. > > Currently I run these security measures on it. > Ubuntu UFW > Fail2ban > PHP model security > Apache security > > Joshua the problem may not be your operating system but the web application running. what web application/s are on that box?
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |