Splitting web server for web application and mobile app
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi Yes,
Can I just run the top command and get this monnitoring done? I mean what commands to use to monitor like benchmarking or comparing it ? The load is it he 3 values ? So I am using centos 7 I do regular updates and using minimal installation. What else you recommend for the security? For nginx is it worth for me to install mod_security does it help ?
nginx is fine. The weak part will be the PHP or more specifically whatever is written in PHP. If you can do without it your server maintenance, and thus security, will be better.
What kind of 'web app' do you have? Some of the most important things to look for are:
Always validate input before even considering it for use in the program. If your language supports a taint mode, use that too.
If you have a database backend, use parameterized queries (placeholders).
Write your programs according to the principle of least privilege.
Be sure your program does not leak debugging info to the public during errors.
Familiarize yourself with the web server logs.
There are other more specific recommendations depending on your program.
Hi Yes,
Do you suggest for me to install nagios on my current system or have separate system to monitor this ? Sorry I am asking some details though cause would like to harden on the nginx and get prepared earlier for circumstance e.g. ddos attacks etc.
Hi Turbocapalist,
Ok about nginx I shall leave it then but I dont know when I google I find a lot of things on hardening and security. I will go with you suggestion on PHP. Yes my back is using PHP fully for both web and app. My web is basically linking to backend mysql db. The web server is facing the internet and db is always kept locally.
Regarding you suggestions.
Always validate input before even considering it for use in the program. If your language supports a taint mode, use that too. (Yes I am doing both using javascript and also at the PHP level)
If you have a database backend, use parameterized queries (placeholders).(Yes I have implemented on this too)
Write your programs according to the principle of least privilege. (Can you help me more on this)
Be sure your program does not leak debugging info to the public during errors. (I just show the normal errors but I dont know is that leaking or not)
Familiarize yourself with the web server logs.(I need more help on this I am trying to learn this)
"Is this what they teach kids in school today?" To simply throw up your hands and ask vague questions, hoping that someone will give you the answers when you don't even know (yet) what to ask for?
Actually, I'm being serious.
Right now, you seem to have glommed-onto a handful of buzzwords, but you have no earthly idea how the pieces fit. You seriously need to s-t-o-p, and start doing some reading / video-watching in order to get an idea of what is the so-called "big picture" here. You need to acquire some rudimentary understanding of what a web-server and a mobile-app actually are, how they talk to one another (and for what purposes), and how existing apps already do this.
Simply hand-waving that you don't understand, won't get you any understanding. And, this self-education process won't be accomplished in a day. You must have a cleargoal in mind ... and your first goal must be to determine what those goals ought to be.
Hi Sundia,
Ok let me be clear what currently I am doing.
1. My os is Centos 7
2. Php is Php 7
3. Mysql is Mysql 5.7
Currently there is two version one is the web app and the other is mobile app. I try to split the codes for both web and mobile app but both rely on php to connect to the backend db and send the results accordingly. Well I have done a number hardening on the centos box. I can share what are my steps done too.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.