Securing A Linux Webserver For Public Access
I'd like to set up a cheap Linux box as a web server to host a variety of web technologies (PHP & Java EE come to mind, but I'd like to experiment with Ruby or Python in the future as well).
I'm fairly versed in setting up Tomcat to run on Linux for serving up Java EE applications, but I'd like to be able to open this server up, even just so I can create some tools I can use while I am working in the office. All the experience I've had with configuring Java EE sites has all been for intranet applications where we were told not to focus on securing the pages for external users.
What is your advice on setting up a personal Linux web server in a secure enough way to open it up for external traffic?
This article has some of the best ways to lock things down:
- Make sure no one can browse the directories
- Make sure only root has write privileges to everything, and only root has read privileges to certain config files
- Run mod_security
The article also takes some pointers from this book:
Apache Securiy (O'Reilly Press)
As far as distros, I've run Debain and Ubuntu, but it just depends on how much you want to do. I ran Debian with no X and just ssh'd into it whenever i needed anything. That is a simple way to keep overhead down. Or Ubuntu has some nice GUI things that make it easy to control Apache/MySQL/PHP.
- → Database Record created_at Time Randomly Changes
- → npm is putting all dependencies and sub-dependecies int he same folder
- → Laravel 5.2 not working with vagrant homestead php 7
- → Can't add cron task in Laravel 5.0.5 on linux server
- → Node.js Split large file into parts and iterate over the parts
- → Laravel - Connection could not be established with host smtp.gmail.com
- → Redirect Each Page of Old Domain to Same Page URL on the New Domain
- → October CMS - Cannot edit pages in backend - http status 403
- → The Laravel View is Not Working On Linux Server
- → Beanstalkd to start when the system starts up or reboots , how to uncomment "START yes" on Centos
- → Vagrant with homestead and Linux boxes
- → Only one route not returning anything on live Laravel site, works on local sites