bunner bob
Registered
I'm relatively knowledgeable about many things technical, but my security knowledge is weak. I set up mysql & php (to run an application I developed) on a client's OSX 10.4 (tiger) server. Now they're thinking about opening a port to the outside world (using port forwarding on their dsl modem/router - already tested this and it works), so they can access the app remotely. There's nothing particularly sensitive in the web server directory on their server, but I want to make sure the rest of their server is well protected.
Can someone direct me to some good information regarding security, and how vulnerable files outside the webserver directory are to any attacks that might be perpetrated if we open up this (forwarded) port?
Broader information would be great too - I know they have a few other ports open - mainly remote login, that sort of thing. Pretty sure they have those configured properly, and my focus is on the webserver, but the more I learn, the more useful I can be to them.
I also wonder if the same issues (if there are any) would apply to me serving up websites from my personal (non-server) 10.3 machine? Not doing it yet, but I like how easy it is to direct those incoming http requests through a gateway to the local webserver - make a useful demo/review platform for client projects.
Any thoughts or referrals?
- Bob
Can someone direct me to some good information regarding security, and how vulnerable files outside the webserver directory are to any attacks that might be perpetrated if we open up this (forwarded) port?
Broader information would be great too - I know they have a few other ports open - mainly remote login, that sort of thing. Pretty sure they have those configured properly, and my focus is on the webserver, but the more I learn, the more useful I can be to them.
I also wonder if the same issues (if there are any) would apply to me serving up websites from my personal (non-server) 10.3 machine? Not doing it yet, but I like how easy it is to direct those incoming http requests through a gateway to the local webserver - make a useful demo/review platform for client projects.
Any thoughts or referrals?
- Bob