Im making my own website with a home server, but I know that people will be able to see my IP and get into my network. How do I keep them out/not able to get into my network?
Nine answers:
?
2016-02-07 17:56:20 UTC
It would be impractical unless your server was generating revenue. You would need to get a static ip, asa 5510 or srx firewall with a license with vpn configure acls, cluster the server with vmware add a couple of honeypots. set a detailed policy on server restricting access. get SSL certificates for the domain. Then go over coding of site and check for vulnerabilities like xxs. get some monitoring tools like spiceworks, preferably licensed because they put out updates on latest threats. A do a ton of research. Stuffs not cheap or practical. cheaper to use AWS or rent a server.
Tracy L
2016-02-07 05:02:41 UTC
When you setup a home server first check to see if your ISP even allows you to have one! Most residential services exclude a server! SO check first ! Then open only the ports NEEDED to operate your web services.. 80,443 for http/https requests set those in your router to be port forwarded to your NAT address for your web server. On the server itself be sure your FIREWALL only allows inbound traffic to the ports used for the services you need. KEEP it to a LOW number. Setup monitoring to catch some jerk port scanning! Then setup software to autoblock that IP address!
If using a CMS package like wordpress, set WP to autoblock repeated attempts to login!
Just use normal common security practices... and don't use easy passwords or open ports you do not need open. NEVER set your server as a DMZ it allows everything to go to the server and not everything should ever be allowed to get that far!
?
2016-02-08 17:17:45 UTC
Setup firewall, open just 80, 443 ports for incoming connections. Or use NAT forwarding for them from router to the server.
Paladin
2016-02-07 18:49:59 UTC
Assuming you have a NAT router (a standard DSL or Cable modem/router/etc.)
and assuming you are using the web server *only* for your on network and local devices (your intranet)
then you simply do not open ports in router -- no one will be connect from the Internet.
2016-02-08 10:00:59 UTC
If u can. See if ur router can do vlan and put ur server on the vlan. Then even if it does get broken it is still restricted
Pablo
2016-02-09 20:50:57 UTC
Use EnGarde Linux instead of Windows
2016-02-07 03:39:16 UTC
Don't host it at your house. Host it with a company that provides this service. Saves you money, time, and aggravation.
keerok
2016-02-07 03:27:30 UTC
Build it with Linux then set it in the DMZ of your router.
Bill
2016-02-07 00:20:53 UTC
Use a VPN.
ⓘ
This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.