Results 1 to 3 of 3

Thread: web Security

  1. #1

    web Security

    Hi Guys,


    Can soome one pls. tell me what are the best ways to secure a webserver and mail server running, Apache2 and QmailToaster respectively..


    Security like...

    1. to block ping and tracert requests to my boxes..
    2. when user telnets to my box on telnet ip_address on 25 he should not be abale to see what apache or qmail am runing..
    3. how good is APF and BFD using for mail and web servers..


    Any of the suggestions using opensource firewalls or security tools to secure the servers running without any hosting conterol panels..


    SKOlagotla

  2. #2
    Join Date
    Sep 2004
    Location
    Dallas, TX
    Posts
    367
    At the very minimum, setup an iptables firewall and only allow access to the ports needed. This usually includes 22 (ssh), 25 (smtp), 110 (pop), 143 (imap), 80 (http) for a web/mail server. There are other ports you might need such as 443 for http over SSL and others for mail over SSL. If you're running a Red Hat distribution, there is a utility called "lokkit" that will create the iptables rules for you.

    There is a great guide about inital security hardening here: http://www.dynamicnet.net/customer/h...rity/index.htm The guide is geared towards a server running h-sphere, but many of the same ideas apply.
    I N T H R I V E
    when you can't afford downtime
    sales@inthrive.com
    High Availability Web Hosting

  3. #3
    The steps made towards securing an asset of yours will greatly depend on the setup you have any further info towards what you're running will always help. For example, iptables/etc are only Linux solutions, if you're on any other solution such concepts are null and void. First and formost always remember, security through obscurity is never a true solution!
    Real. Professional. Hosting.
    Expect Nothing Less.
    http://www.realprohosting.com/
    sales@realprohosting.com :: 1(877)898-HOST

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •