No announcement yet.

protect a web site

  • Filter
  • Time
  • Show
Clear All
new posts

  • protect a web site

    hello all
    i want to protect a web site from attacks
    can anyone recommend an appliance that can do the job
    Good Luck


    MCSE 2003+Security;MCSE 2003+Messaging

    So, from me to all of you out there, wherever you are, remember:
    the light at the end of the tunnel may be you. Good Day!

  • #2
    Re: protect a web site

    Not too sure what exactly you mean by "appliance"...

    You need a good robust and reliable firewall. While you will see people on here debating the merits of installing antivirus software, if you ever see someone on here advocating running without a firewall, check to see what their reputation is. I've got a fiver on it being into negative numbers

    If you're using IIS, or installing Apache etc on a Windows server, don't install it on your DC. Ideally, put the web server on its own VLAN, or even better on a different physical network.

    Where possible, run your web server as a dedicated web server. This builds on my last point - essentially you are looking to decrease the effect of a break in. This is going to be one of the most vulnerable systems on your network and the more you have running on it, the more you stand to lose.

    I would strongly recommend running antivirus. If you're running Windows on the server, then while you may get away without it, best play it safe. You're not going to look very professional if people visiting your site get landed with a trojan. If you're running on Linux, then the risk to your server is greatly reduced. But still consider running something (NOD32 offers a very good package for Linux) to protect those who will visit your website.

    As you probably know, the number one cause of attacks is lack of common sense. Use strong passwords, change them regularly. Don't open ports you don't need to. Etc etc.

    As for the web server software, that really depends on what you're running. Whatever it is, keep your OS, server software and security software fully up to date.

    As for the actual web site, what is it being developed in? If it's static HTML content then the risk is minimal. If on the other hand you're running dynamic database driven content served through PHP, JSP, ASP etc then the risk is increased, especially if the database is writable by visitors to the website.

    I'm bound to have overlooked some aspect, I'm sure someone else will have their own suggestions to make too. Hope this helps, and good luck.

    If you post your web server's public IP, maybe we'll even test the security measures for you
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.


    • #3
      Re: protect a web site

      Come on Shai,
      You an do better than that

      Tell us a bit more about your environment and what you're looking for.
      Technical Consultant

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"