[137044] in North American Network Operators' Group
Re: WebServer and Firewall Help
daemon@ATHENA.MIT.EDU (John Mason Jr)
Tue Feb 8 11:40:24 2011
Date: Tue, 08 Feb 2011 11:39:39 -0500
From: John Mason Jr <john.mason.jr@cox.net>
To: nanog@nanog.org
In-Reply-To: <4D513549.8020307@emmanuelcomputerconsulting.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2/8/2011 7:21 AM, William Warren wrote:
> On 2/7/2011 1:23 PM, Joshua William Klubi wrote:
>> Hi,
>>
>> I run a web-server based on ubuntu server and the LAMP stack.
>> I used Ubuntu's UFW firewall model and have enabled only Web and SSH
>> ports.
>> Namely port 80 and port 22 only.
>>
>> Unfortunately once a while some guys get to inject some content onto
>> our web
>> pages.
>>
>> Now managements are looking at getting a well proven infrastructure to
>> counter that.
>> But I also think i can fall on this community to help me get the
>> right stuff
>> done. Where
>> i can protect the server from such attack.
>>
>>
>> I want to know what measure i can do on the server to get it
>> protected which
>> mysql protection
>> I should implement. since i can see that it might be a php or mysql
>> injection that is been used.
>>
>> Currently I run these security measures on it.
>> Ubuntu UFW
>> Fail2ban
>> PHP model security
>> Apache security
>>
>> Joshua
> the problem may not be your operating system but the web application
> running. what web application/s are on that box?
>
>
>
Might also take a look at
http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
John
