httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From oli...@veryhip.com
Subject Re: [users@httpd] Locking down my system for the first time
Date Wed, 30 Jun 2004 21:33:21 GMT
Well, it's probably a bit off topic to talk about
security, but I'd get a port scanner and run it both
locally and remotely until you have closed every port to
the world that you can, so that they are only accessible
locally if you don't need them globally.  Then, I'd setup
some triggers in a program to monitor your logs that will
email you in the event of an intrusion.  I'd look at
getting a good hardware firewall or maybe even a whole
computer with a Linux firewall and log all requests and
setup triggers for that as well to email you in case
something happens.  I just look at my logs and have
learned what to parse from them to find the "bad people",
but I don't take credit card numbers or anything like
that... so it's tough if your taking CC#'s.  I'd defin.
encrypt the #'s in a very weird and backwards way ;].

Best luck,
Oliver

Grant said:

> --- Grant <emailgrant123b@yahoo.com> wrote:
>> --- Grant <emailgrant123b@yahoo.com> wrote:
>> > I'm setting up my first web server (been on shared
>> > hosting until now) and all of the data on it is
>> > currently test or system data.  I'm about to move
>> > the
>> > code for my online store over to it, but first I
>> > want
>> > to lock down the security aspects of the system.
>> > Basically: What should I do?  I really don't have
>> > any
>> > idea where to start (short of a Google search) and
>> I
>> > wanted to see what you guys have to say to a
>> > first-timer like me.
>> >
>> > - Grant
>>
>> I realized as soon as I sent this that I should have
>> mentioned what I'm running.  It's:
>>
>> Gentoo Linux
>> apache2
>> perl
>> mod_perl
>> sendmail
>> postgresql
>> gnupg
>>
>> I think that's it.  Thanks!
>>
>> - Grant
>
> openssl
>
> I'm going to have to add these suckers as I remember
> them.  I'm keeping a list now.
>
> - Grant
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail - You care about security. So do we.
> http://promotions.yahoo.com/new_mail
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more
> info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
>
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message