Security for webserver behind router?
list-freebsd-2004 at morbius.sent.com
Wed Jan 19 16:09:19 PST 2005
On Wednesday 19 January 2005 07:21, Jay O'Brien wrote:
> I've brought up a 5.3 Release machine as a learning tool,
> with apache 1.3. It is on a LAN with Windows machines, and
> port 80 (and only port 80) is open and directed by the
> Linksys router to the FreeBSD machine. It is working fine so
> far, but my learning curve is slower than I would like.
> I know that there's lots to learn and do later about
> security, when I bypass the Router and use the FreeBSD box
> as the NAT device, but for now I would like to confine my
> learning to Apache, with only port 80 open. I do have ftp
> and ssh enabled on the LAN for access by the Windows boxes.
> As I haven't done anything for security on the FreeBSD
> machine, am I exposed to anything by having port 80 open? Is
> there anything I should do now?
It's in the nature of any webserver software that it provides rich picking for
If it's a learning tool, don't expose apache to the internet, you can test it
perfectly well from your local network. If you want to access it from a
remote location, then setup your FreeBSD firewall to allow access from a
limited range of ip addresses.
More information about the freebsd-questions