Web Server and Firewall Hellp

Ingo Flaschberger if at xip.at
Mon Feb 7 20:00:46 UTC 2011


>>> I run a web-server based on ubuntu server and the LAMP stack.
>>> I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports.
>>> Namely port 80 and port 22 only.
>>>
>>> Unfortunately once a while some guys get to inject some content onto our web
>>> pages.
>>>
>>> Now managements are looking at getting a well proven infrastructure to
>>> counter that.
>>> But I also think i can fall on this community to help me get the right stuff
>>> done. Where
>>> i can protect the server from such attack.
>>>
>>>
>>> I want to know what measure i can do on the server to get it protected which
>>> mysql protection
>>> I should implement. since i can see that it might be a php or mysql
>>> injection that is been used.
>>>
>>> Currently I run these security measures on it.
>>> Ubuntu UFW
>>> Fail2ban
>>> PHP model security
>>> Apache security

have a look at mod_security, helps very successfull against outdated, 
exploitable user webpages.
mod_security ist a layer 7 firewall wich runs as a apache module.

Kind regards,
 	Ingo Flaschberger




More information about the NANOG mailing list