Newb wondering about security using built-in webserver

B

bunner bob

Registered
I'm relatively knowledgeable about many things technical, but my security knowledge is weak. I set up mysql & php (to run an application I developed) on a client's OSX 10.4 (tiger) server. Now they're thinking about opening a port to the outside world (using port forwarding on their dsl modem/router - already tested this and it works), so they can access the app remotely. There's nothing particularly sensitive in the web server directory on their server, but I want to make sure the rest of their server is well protected.

Can someone direct me to some good information regarding security, and how vulnerable files outside the webserver directory are to any attacks that might be perpetrated if we open up this (forwarded) port?

Broader information would be great too - I know they have a few other ports open - mainly remote login, that sort of thing. Pretty sure they have those configured properly, and my focus is on the webserver, but the more I learn, the more useful I can be to them.

I also wonder if the same issues (if there are any) would apply to me serving up websites from my personal (non-server) 10.3 machine? Not doing it yet, but I like how easy it is to direct those incoming http requests through a gateway to the local webserver - make a useful demo/review platform for client projects.

Any thoughts or referrals?

- Bob
 
If Tiger Server supports FileVault, then activate that. This will create a Sparse Image of your files, de- and encrypted on the fly. This should pretty much secure all your files.

Besides, I think the files inside the web server directory (htdocs) are more open to threats as all other files outside of that directory. Of course, nothing is entirely safe, but with a Unix-based system, you can be pretty sure that an attack is going to be unsucessful. In the unlikely case that the attacker makes it through, I'd recommend FileVault.
 
You must log in or register to reply here.
Back
Top