On Feb 7, 2011, at 1:18 PM, Joshua William Klubi wrote:
Hi,
I run a web-server based on ubuntu server and the LAMP stack. I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports. Namely port 80 and port 22 only.
Unfortunately once a while some guys get to inject some content onto our web pages.
Now managements are looking at getting a well proven infrastructure to counter that. But I also think i can fall on this community to help me get the right stuff done. Where i can protect the server from such attack.
I want to know what measure i can do on the server to get it protected which mysql protection I should implement. since i can see that it might be a php or mysql injection that is been used.
Currently I run these security measures on it. Ubuntu UFW Fail2ban PHP model security Apache security
Josh Patch your lamps , collab env, builtin boards and everything, make sure mySQL has a password on it since it doesn't out of the box, also update all passwords to hard ones and change all updates in the future to not use ftp first. Close firewall ports you are not useing and then check your logs to see what vulnerabilities you still have if any. Tom