Menu
▾
▴
Re: [Slashcode-general] Securing a box running Slash
|
From: Ryan W. <li...@bs...> - 2001-03-23 23:22:21
|
Patrick Galbraith wrote: > Dave Aiello wrote: > > > > The April issue of LinuxJournal has an article called "Battening down the > > Hatches with Bastille". Has any discussion taken place on what would be > > required to get Slash running on a Bastille-hardened server? > > > > Not to my knowledge. The only real issue would be that all the ports > that you run your db and webserver are open. > I have a mandrake box that I have locked down Big Time (TM) with > ipchains, trimmed down scant inetd.conf, and other security tweaks, and > it runs fine. Another security issue is to run mysql or whatever db you > run as a non-privileged user. > If you really want to be secure do not open up ports to the db unless it is being run off of a seperate server than the website. As long as you provide the ability for the loopback device to connect all you should need would be the webserver port open and mayby a mail port open. > > > I have looked around Slashcode.com and done some Google searches to try to find > > this information without bothering the whole list. Sorry if this is an old > > issue.... > > > > Dave Aiello > > CTDATA > > > > _______________________________________________ > > Slashcode-general mailing list > > Sla...@li... > > http://lists.sourceforge.net/lists/listinfo/slashcode-general > > _______________________________________________ > Slashcode-general mailing list > Sla...@li... > http://lists.sourceforge.net/lists/listinfo/slashcode-general |
