Categories
Computing HAProxy Linux Security Web Services

Securing an Internet accessible server – Part 3

This post is part of a series. Part 1, Part 2. In the last part I briefly mentioned load balancers and proxies. After thinking about it for a while, I realized I see no reason not to run one, since it simplifies things a bit when setting up secure web services. In this part, we […]

Categories
Computing HAProxy Linux Security Web Services

WordPress behind HAProxy with TLS termination

My current project has been to set up a publicly accessible web server with a decent level of security. It has been an interesting exercise in applying “old” knowledge and gathering some new. This weekend I finished this project for now. The current setup is as follows: Behind my firewall, where I NAT port 80 and […]

Categories
Computing Linux Security Web Services

Securing an Internet accessible server – Part 2

In part 1 we made it significantly harder to gain access to our server once it is opened up to the Internet – but we’re not quite ready for that yet. In this post we’re exploring a firewall in Ubuntu, ufw, which stands for “uncomplicated firewall”, and we’ll set up some additional hardening using Fail2Ban to protect ourselves […]

Categories
Computing Linux Security Web Services

Securing an Internet accessible server – Part 1

This article is part of a series. Part 2. Let’s look at a simple scenario, and see how common tools in the Linux and BSD world can help us: We want to be able to remote control a server from wherever in the world, but we really don’t want others to be able to log […]