SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
So, as the subject says, I'd like to play with some web server stuff on Slackware 13.37 ... but I'd like to do so in a secure fashion, so that no one mucks with it while I am learning.
Short of just disconnecting the network cable, how do I go about this?
Just make the web server listen on only localhost or block TCP/80 in the firewall or use configuration file / .htaccess $DOCROOT / container allow / deny clauses.
So, as the subject says, I'd like to play with some web server stuff on Slackware 13.37 ... but I'd like to do so in a secure fashion, so that no one mucks with it while I am learning.
Short of just disconnecting the network cable, how do I go about this?
Thanks,
Glenn
If you just play.. do it in virtual environment. So you can hack your configuration here and there without worry. In the real world, a lot of things interfere each other in securiy term.
In my list :
-Disable module you don't need it.
-Disable directory browsing.
-Disable unnecessary options.
-Considering modsecurity for additional security layer.
After that, use nikto to test your webserver.
But I assume you play webserver at home, so just open your necessary port at your modem (like 80,22) if you want your site can be accessed from outside world.
OK ... I apologize if this is a stupid question, but how do I set up such a virtual environment?
IMHO... The easy way : using virtualbox. Install fresh Slackware in virtualbox and do everything you want without worry that will broke your entire system.
It doesn't matter if he has it in virtualbox if the network interface is shared (i.e. outside people still open the apache site).
Just set it to: Listen 127.0.0.1 in httpd.conf file.
The positive point of using Virtualbox is someone can test and play in an isolated environment. Virtualbox set as NAT as default so the outside world can acces the Apache. But the purpose of Web server is inverted, so 'Host Only' type of networking required in Virtualbox. Open necessary port, hack the configuration file,give a dummy data,test the security and performance.
In my experiences, many adjustment required when developing web server to public service. Remove unecessary packets (like x,xap,d),adjust firewall,...hacking here and there . Virtualbox is nice tool to experiment before run in real tournament.
It's hard to play hard in daily basis computer system. (without virtual environment, I need the other computer/server).
All in all, security is an art For me, it's great to see the log catch many effort to compromise the system... I can learn from this. Ofcourse it doesn't happen if I disconnect my network cable from wall.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.