New to PHP wrote:
I have 3 computers with Ethernet connection to a local router
box(SMC7008ABR) and on the wan side to Verizion DSL.
I was able to install Apache and PHP on one of the PC with
XP Home edition. How much risk from being attacked?
I set up SMC7008ABR to allow only public port 80. The reason
I am sking becuase Verizon is no longer give me a fix IP
address anymore since I saw the LED lights of the DSL box
and SMC keep flashing non-stop.
Thanks.
Hi,
WHole books, sorry, whole libraries, have been filled with setupd/advises
about security.
You cannot expect we can answer your question within any reasonable time.
I have a few general remarks:
Since you only opened port 80 on your router/firewall, you should be
reasonably safe from other kinds of attacks.
I take it you route the requests to your XPHome/PHP/Apache machine, right?
So that is your primary point of concern for attacks. (Since everybody who
wants to pay you a visit will surely try port 80)
XPHome edition = M$ = often unsafe.
I have zero experience with Apache on M$ boxes, but I can tell you Apache is
a very solid piece of software (on GNU/Nix at least), so that is probably
ok.
Maybe somebody else can help you more on that matter.
And maybe you better visit a security oriented newsgroup.
PHP, however, is involved (probably) in a lot more on your system, like
opening database connections, opening/writing local filesystem, etc. etc.
So you have to be sure your PHP-code is solid enough to withstand standard
fun like SQL-injection, naughty characters, etc.
This is nothing special, all your PHP code should be robust enough to
survive such attacks.
As far as I can see, this is the route for a naughty visitor into your
machine:
Your external IP-num (Port 80)
--> Apache on your local machine (XP) will handle the request
--> some PHP script gets executed.
I expect the weakest point is the PHP script, if you write it yourself and
are new to PHP.
The fact that only open port80, and keep all others closed sounds good.
By the way, how can you host a game of Starcraft, with all those ports
closed? :P
So far. Sorry I cannot be more to the point, but your question is VERY broad
and spans too much to cover for me (if I could anyway)..
Regards,
Erwin Moller