Help protecting web server and one other



  • Hi,

    After re-reading this post a couple dozen times: https://forum.netgate.com/topic/155691/help-deciphering-snort-detection-of-stun

    I was able to over come my inherent paranoia/stubbornness (and sometimes just plain old idiocy) to do it MY way regardless of what the professionals say...

    That being said, I would like some help if anyone would to protect the WAN interface only for a web server and mine-craft server with all other rules disabled.

    I will enable and take care of rules on the LAN/OPT interfaces on my own.

    I have a list of suppressed rules I am adding to a disabled.conf file for auto-sid mngmnt that I've gathered up over the past year.

    My goal is to get the settings I need verified working by testing, then saving that config. and my disabled.conf file to be able to recover from disaster when it strikes so I don't have to spend another year doing this when the disaster eventually strikes - as it HAS already 3 times in 7 years.

    I run pfsense on old PC's and motherboards eventually fail. I also have had at least one pfsense upgrade that went horribly wrong - no fault to pfsense, I think I had some flaky internet at that time and probably the upgrade download got corrupted.

    I am running a LAMP server (Ubuntu/Apache/PHP) along with WordPress for my piddly little website that I need to protect on the WAN/OPT1 interfaces.

    My son runs a mine-craft server on the OPT1 interface which would also need whatever protection snort can provide for it on WAN/OPT1.

    Any comments, suggestions for reading or out-right "enable these rule-sets for web server and those for mine-craft" comments are welcome and encouraged.

    Thanks everyone.

    John



  • @1OF1000Quadrillion I would use a DMZ ... this reference will help you:
    Youtube Video


Log in to reply