Services that should be ON/OFF on a Web Server [Need Help]
I've searched for such topic, but I couldn't really find some good answer.
Thus, I aimed to start this topic to help my self and those who are wondering about the same thing.
Alright.. Here we go..
On a Dedicated Linux server, that is running as a Web Server, what are the services that should be kept OFF, and what are those that should be kept ON.
I tried my best to configure the best, but there are services that I don't really know about them.. are they important to be on, or should be OFF.
Here is the list:
Finally, I'd like to thank in advance any one who shares his info and experience on this topic :)
-- Regards.. :)
Here is some food for thought.
However, doing that could disable features that you want to incorporate into your web site.
Thanks for you addition.
Any more thoughts ?!
Thanks .. :)
You are running a WEB Server which is having MySQL as its DB. Only the below service is required rest of them you can switch off. And few services like crond and gpm are OS specific which is not associated with the webserver, so its dependent on your choice. I have explained the used. you can decide whether you want it or not.
crond --> If you run any routine scripts to do some job, you need to switch on this service
gpm --> If you are going to use mouse in the text mode from the server, then you need gpm service
httpd --> Mandatory
mysqld --> Mandatory
network --> Mandatory
sshd --> If you want to connect the server from remote with secure connection. Then you need to run this service.
iptables --> If your machine is in public network, definitely you should switch on and configure this services.
exim --> Not required
ip6tables --> Not required
mdmpd --> Not required
multipathd --> Not required
netconsole --> Not required
netplugd --> Not required
ntpd --> Partially required if you WEB Server/DB depends on the time.
rdisc --> Not required
snmpd --> Not required
snmptrapd --> Not required
tcsd --> Not required
Rest of the services are not required. Running unwanted service/opened port would cause you system under attack/hacking.
After finishing the runlevel service customization, ensure all the switch off'ed service is not running. Issue the command " service --status-all" to verify.
While it's a good idea to disable any unnecessary services on a server of any type, it's also pretty much mandatory that the system should be sitting behind a firewall. I see that iptables is running on your system but it's still much better to operate the server behind a dedicated separate firewall, which I assume you're doing in this instance. If all your server will be doing is serving web pages, then port 80 tcp is all you'll need to have open on the Internet side. You might need to check to make sure if you're running MySQL that your system isn't also running PHPMyAdmin in the background - this is a commonly exploited 'back-door' which some hackers use to infiltrate systems. Also make sure directory browsing is disabled in your Apache config and it also might be an idea to set 'ServerSignature' to 'Off' and 'ServerTokens' to 'Prod' to prevent banner grabbing (a method hackers have of identifying the version of web server software you're running). As in most cases, it not just the extra services which can prove a security risk but the configuration of the web server itself that can open you up to attack.
|All times are GMT -5. The time now is 11:45 PM.|