I run a web-server based on ubuntu server and the LAMP stack. I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports. Namely port 80 and port 22 only.
Unfortunately once a while some guys get to inject some content onto our web pages.
Now managements are looking at getting a well proven infrastructure to counter that. But I also think i can fall on this community to help me get the right stuff done. Where i can protect the server from such attack.
I want to know what measure i can do on the server to get it protected which mysql protection I should implement. since i can see that it might be a php or mysql injection that is been used.
Currently I run these security measures on it. Ubuntu UFW Fail2ban PHP model security Apache security
have a look at mod_security, helps very successfull against outdated, exploitable user webpages. mod_security ist a layer 7 firewall wich runs as a apache module. Kind regards, Ingo Flaschberger