Web Server Security
Saturday, 10 January 2009 22:53 | 
Written by NetworkNerd007 | 
WEB SERVER SECURITY
This section will cover different aspects of securing your web server and making it less vulnerable to attacks. Since there's so many different aspects to this topic and several things one can do to make it more secure, this section will recieve several updates as I myself learn more and discover different ways.
USE A FIREWALL
One aspect of this security is having a good firewall in place. Since you've decided to run a server, you've also made yourself even more vulnerable to attackers. You have to have certain ports left open for people to view your webpage content and this poses a serious security concern. And if you're relying on Windows Firewall, then you're carrying water in a bucket with holes in it. Ok, it might not be quite that bad, but you should strongly look into upgrading to a better one.
To begin minimizing that risk, a good firewall will close and block any uncessary ports from being left open and help monitor and control traffic on those left open. Some of them are designed to recognize and stop malicious attacks. Since I myself don't know very much about firewall configurations, it's up to you to do your homework and read up on how to set it to best protect you.
So far I've only looked into two firewalls and both are for Windows. Please let me know if you know of any good ones and would like to share.
C.O.M.O.D.O. - Free firewall software. This one is supposedly a really good one. And best of all, it's free. The only downfall I found with this one is it's only made for XP and Vista and doesn't work with Server 2003 and probably not Server 2008 either.
Outpost Firewall PRO - Unfortunately, this one isn't free. But in my opinion, it's very inexpensive (about $50) and works great with Server 2003 as well as other versions of Windows.
As stated before, if you know of a really good firewall software, please let me know!
HARDEN YOUR SERVER
I wish I had enough knowledge on the subject to write a good tutorial or guide on how to do this, but for now I can just give you a link and let you do some reading on it. At least I gave you the term that's used to describe it and how to find more info on it, right?
http://www.google.com/search?&q=harden+a+web+server
ADDITIONAL NOTES
Security is an on going struggle due to new exploits being discovered and then the coutermeasures to protect against those being discovered. There's no 100% guarantee or way to be safe. If a tallented hacker want's in, he's probably going to get in. But taking every step you can to protect yourself greatly decreases your risks of encountering problems.
Also, turn PHP safe mode on. I read an article about how easily exploitable leaving it off can be. Just a simple tip.
Last Updated (Wednesday, 21 January 2009 03:53)
 |  |  |  |
| This site does not run ads nor does anyone fund it. The owner and author is unemployed and pays for it himself, so if you're feeling generous, please make a donation of any amount to help out. Thank you very much. |
Countries
| 30.2% |  | United States |
| 8.5% |  | United Kingdom |
| 7.7% |  | India |
| 4.7% |  | Australia |
| 4.5% |  | Canada |
Visitors
| Today: | 25 |
| Yesterday: | 192 |
| This Week: | 25 |
| Last Week: | 1223 |
| This Month: | 894 |
| Last Month: | 4933 |
| Total: | 52612 |