WebServer and Firewall Help

Joshua William Klubi joshua.klubi at gmail.com
Mon Feb 7 12:23:17 CST 2011


Hi,

I run a web-server based on ubuntu server and the LAMP stack.
I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports.
Namely port 80 and port 22 only.

Unfortunately once a while some guys get to inject some content onto our web
pages.

Now managements are looking at getting a well proven infrastructure to
counter that.
But I also think i can fall on this community to help me get the right stuff
done. Where
i can protect the server from such attack.


I want to know what measure i can do on the server to get it protected which
mysql protection
I should implement. since i can see that it might be a php or mysql
injection that is been used.

Currently I run these security measures on it.
Ubuntu UFW
Fail2ban
PHP model security
Apache security

Joshua



More information about the NANOG mailing list