Date: Thu, 20 Jan 2005 00:09:00 +0000 From: RW <list-freebsd-2004@morbius.sent.com> To: freebsd-questions@freebsd.org Subject: Re: Security for webserver behind router? Message-ID: <200501200009.01258.list-freebsd-2004@morbius.sent.com> In-Reply-To: <41EE0A7B.0@att.net> References: <41EE0A7B.0@att.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 19 January 2005 07:21, Jay O'Brien wrote: > I've brought up a 5.3 Release machine as a learning tool, > with apache 1.3. It is on a LAN with Windows machines, and > port 80 (and only port 80) is open and directed by the > Linksys router to the FreeBSD machine. It is working fine so > far, but my learning curve is slower than I would like. > > I know that there's lots to learn and do later about > security, when I bypass the Router and use the FreeBSD box > as the NAT device, but for now I would like to confine my > learning to Apache, with only port 80 open. I do have ftp > and ssh enabled on the LAN for access by the Windows boxes. > > As I haven't done anything for security on the FreeBSD > machine, am I exposed to anything by having port 80 open? Is > there anything I should do now? It's in the nature of any webserver software that it provides rich picking for hackers. If it's a learning tool, don't expose apache to the internet, you can test it perfectly well from your local network. If you want to access it from a remote location, then setup your FreeBSD firewall to allow access from a limited range of ip addresses.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501200009.01258.list-freebsd-2004>