Your iptables rules for Debian 8 Apache 2.4.17 general webserver

greenace92 · 11-06-2015, 06:42 PM

I'm pretty early into web developing, about a year now, I'm really concerned about security.

I have a firewall through my provider, and apparently this takes priority over the os-iptables.

I don't know if you run a webserver, if you look at some website or if there is a list of rules up to date on vulnerabilities.

I'd appreciate anything you can contribute.

berndbausch · 11-06-2015, 07:15 PM

The firewall around your machine takes precedence over the internal firewall, in the sense that ports that are closed on the outside firewall can't be reached even if you open them on the inside firewall. But somebody may be able to circumvent the outside firewall, so that it does make sense to set up an internal one as well.

You want iptables rules for a web server? Close all ports, then open 22, 80 and (if you use https) 443.

You want a list of vulnerabilities? I guess Apache has a mailing list for that, as has your OS provider, and bodies like SANS. Check with them.
And don't think that iptables alone makes your system secure. There are plenty of ways to infect your system via a legitimate port.

Sefyir · 11-06-2015, 07:20 PM

You might find this thread useful
http://www.linuxquestions.org/questi...61/#post222579