 
            On 2/8/2011 7:21 AM, William Warren wrote:
Hi,
I run a web-server based on ubuntu server and the LAMP stack. I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports. Namely port 80 and port 22 only.
Unfortunately once a while some guys get to inject some content onto our web pages.
Now managements are looking at getting a well proven infrastructure to counter that. But I also think i can fall on this community to help me get the right stuff done. Where i can protect the server from such attack.
I want to know what measure i can do on the server to get it protected which mysql protection I should implement. since i can see that it might be a php or mysql injection that is been used.
Currently I run these security measures on it. Ubuntu UFW Fail2ban PHP model security Apache security
Joshua
On 2/7/2011 1:23 PM, Joshua William Klubi wrote: the problem may not be your operating system but the web application running. what web application/s are on that box?
Might also take a look at http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project John