WebServer and Firewall Help
Hi, I run a web-server based on ubuntu server and the LAMP stack. I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports. Namely port 80 and port 22 only. Unfortunately once a while some guys get to inject some content onto our web pages. Now managements are looking at getting a well proven infrastructure to counter that. But I also think i can fall on this community to help me get the right stuff done. Where i can protect the server from such attack. I want to know what measure i can do on the server to get it protected which mysql protection I should implement. since i can see that it might be a php or mysql injection that is been used. Currently I run these security measures on it. Ubuntu UFW Fail2ban PHP model security Apache security Joshua
Hi,
I run a web-server based on ubuntu server and the LAMP stack. I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports. Namely port 80 and port 22 only.
Unfortunately once a while some guys get to inject some content onto our web pages.
Now managements are looking at getting a well proven infrastructure to counter that. But I also think i can fall on this community to help me get the right stuff done. Where i can protect the server from such attack.
I want to know what measure i can do on the server to get it protected which mysql protection I should implement. since i can see that it might be a php or mysql injection that is been used.
Currently I run these security measures on it. Ubuntu UFW Fail2ban PHP model security Apache security
Joshua
On 2/7/2011 1:23 PM, Joshua William Klubi wrote: the problem may not be your operating system but the web application running. what web application/s are on that box?
On 2/8/2011 7:21 AM, William Warren wrote:
Hi,
I run a web-server based on ubuntu server and the LAMP stack. I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports. Namely port 80 and port 22 only.
Unfortunately once a while some guys get to inject some content onto our web pages.
Now managements are looking at getting a well proven infrastructure to counter that. But I also think i can fall on this community to help me get the right stuff done. Where i can protect the server from such attack.
I want to know what measure i can do on the server to get it protected which mysql protection I should implement. since i can see that it might be a php or mysql injection that is been used.
Currently I run these security measures on it. Ubuntu UFW Fail2ban PHP model security Apache security
Joshua
On 2/7/2011 1:23 PM, Joshua William Klubi wrote: the problem may not be your operating system but the web application running. what web application/s are on that box?
Might also take a look at http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project John
It is a LAMP. Stack Joshua Sent from my iPhone On Feb 8, 2011, at 12:21, William Warren <hescominsoon@emmanuelcomputerconsulting.com> wrote:
Hi,
I run a web-server based on ubuntu server and the LAMP stack. I used Ubuntu's UFW firewall model and have enabled only Web and SSH ports. Namely port 80 and port 22 only.
Unfortunately once a while some guys get to inject some content onto our web pages.
Now managements are looking at getting a well proven infrastructure to counter that. But I also think i can fall on this community to help me get the right stuff done. Where i can protect the server from such attack.
I want to know what measure i can do on the server to get it protected which mysql protection I should implement. since i can see that it might be a php or mysql injection that is been used.
Currently I run these security measures on it. Ubuntu UFW Fail2ban PHP model security Apache security
Joshua
On 2/7/2011 1:23 PM, Joshua William Klubi wrote: the problem may not be your operating system but the web application running. what web application/s are on that box?
On 2/8/2011 3:00 PM, Joshua Klubi wrote:
I want to know what measure i can do on the server to get it protected which mysql protection I should implement. since i can see that it might be a php or mysql injection that is been used.
Currently I run these security measures on it. Ubuntu UFW Fail2ban PHP model security Apache security
Joshua the problem may not be your operating system but the web application running. what web application/s are on that box?
I agree, you've got other problems. I would look at defending against sql injection attacks and I would look to making sure that all the passwords get changed.
participants (5)
-
Curtis Maurand -
John Mason Jr -
Joshua Klubi -
Joshua William Klubi
-
William Warren