Help protecting web server and one other
-
Hi,
After re-reading this post a couple dozen times: https://forum.netgate.com/topic/155691/help-deciphering-snort-detection-of-stun
I was able to over come my inherent paranoia/stubbornness (and sometimes just plain old idiocy) to do it MY way regardless of what the professionals say...
That being said, I would like some help if anyone would to protect the WAN interface only for a web server and mine-craft server with all other rules disabled.
I will enable and take care of rules on the LAN/OPT interfaces on my own.
I have a list of suppressed rules I am adding to a disabled.conf file for auto-sid mngmnt that I've gathered up over the past year.
My goal is to get the settings I need verified working by testing, then saving that config. and my disabled.conf file to be able to recover from disaster when it strikes so I don't have to spend another year doing this when the disaster eventually strikes - as it HAS already 3 times in 7 years.
I run pfsense on old PC's and motherboards eventually fail. I also have had at least one pfsense upgrade that went horribly wrong - no fault to pfsense, I think I had some flaky internet at that time and probably the upgrade download got corrupted.
I am running a LAMP server (Ubuntu/Apache/PHP) along with WordPress for my piddly little website that I need to protect on the WAN/OPT1 interfaces.
My son runs a mine-craft server on the OPT1 interface which would also need whatever protection snort can provide for it on WAN/OPT1.
Any comments, suggestions for reading or out-right "enable these rule-sets for web server and those for mine-craft" comments are welcome and encouraged.
Thanks everyone.
John
-
@1OF1000Quadrillion I would use a DMZ ... this reference will help you:
https://www.youtube.com/watch?v=QFk5jX-oeSo