What do I need to protect a dedicated web server?
- Thread starter borogovio
- Start date
A start would be to run Apache instead of IIS. Apache runs wonderfully on Windows. Use proper permissions on Web Directories and cgi/perl scripts (you don't want visitors to have write access to your directories and scripts). You are right on track with the Firewall and Antivirus stuff. If you want the box to be a web server and only a webserver, then block all ports on the system with the firewall except for port 80 (and port 443 if you plan on implementing SSL). These are only a couple of things off the top of my head.
Well, I've downloaded & installed Apache, and I've found it's not easy to configure.
Can any of you give me a hint on how to do a very basic secure configuration until I learn?
I just want to give access to one root directory and its subdirectories, without any forms, scripts or whatever. Just plain old basic html to start with. And, of course, no access to any other part of the disk.
This is my personal PC, and I use it to surf, email, ftp,... so I can't block all the ports as gorguts suggested.
Can any of you give me a hint on how to do a very basic secure configuration until I learn?
I just want to give access to one root directory and its subdirectories, without any forms, scripts or whatever. Just plain old basic html to start with. And, of course, no access to any other part of the disk.
This is my personal PC, and I use it to surf, email, ftp,... so I can't block all the ports as gorguts suggested.
hxxp://httpd.apache.org/docs/windows.html
Definitely read the information at the link above.
You are correct. Apache looks quite complicated, but it will be rather easy to setup securely especially since it seems you are planning something basic with your site.
By the way, I meant block incoming ports on your machine except for port 80 not outgoing ports. You should only open incoming ports for services that you run on your machine that you want people to access. You will still be able to access services you want to use elsewhere.
Definitely read the information at the link above.
You are correct. Apache looks quite complicated, but it will be rather easy to setup securely especially since it seems you are planning something basic with your site.
By the way, I meant block incoming ports on your machine except for port 80 not outgoing ports. You should only open incoming ports for services that you run on your machine that you want people to access. You will still be able to access services you want to use elsewhere.
Last edited:
