Securing a linux webserver for public access,
I’d like to set up a cheap Linux box as a web server to host a variety of web technologies (PHP & Java EE come to mind, but I’d like to experiment with Ruby or Python in the future as well).
I’m fairly versed in setting up Tomcat to run on Linux for serving up Java EE applications, but I’d like to be able to open this server up, even just so I can create some tools I can use while I am working in the office. All the experience I’ve had with configuring Java EE sites has all been for intranet applications where we were told not to focus on securing the pages for external users.
What is your advice on setting up a personal Linux web server in a secure enough way to open it up for external traffic?
This article has some of the best ways to lock things down:
- Make sure no one can browse the directories
- Make sure only root has write privileges to everything, and only root has read privileges to certain config files
- Run mod_security
The article also takes some pointers from this book:
As far as distros, I’ve run Debain and Ubuntu, but it just depends on how much you want to do. I ran Debian with no X and just ssh’d into it whenever i needed anything. That is a simple way to keep overhead down. Or Ubuntu has some nice GUI things that make it easy to control Apache/MySQL/PHP.
That’s the answer Securing a linux webserver for public access, Hope this helps those looking for an answer. Then we suggest to do a search for the next question and find the answer only on our site.
The answers provided above are only to be used to guide the learning process. The questions above are open-ended questions, meaning that many answers are not fixed as above. I hope this article can be useful, Thank you