1

I am going to host a web site in Amazon EC2 instance which would be a Linux instance. My web application will be developed using PHP, Apache and MySql. As I am new to Linux and Amazon EC2 environment, what are key areas in security should I consider to protect my server? This may be very very generic question as the security itself a vast area. But I need to kick start with most imporant points. That way I would be able to track down all those areas one by one.

Amzath
  • 165
  • 1
  • 1
  • 5
  • Possible duplicate of [Tips for Securing a LAMP Server.](http://serverfault.com/questions/212269/tips-for-securing-a-lamp-server) – Scott Pack Jan 11 '11 at 02:02

2 Answers2

6

For me that would be:

  • keep up to date with patches on your distribution
  • run only the services needed on the interfaces needed (netstat -l -n -p will show what process is listening on what port on which interface) eg run mysql only on localhost
  • Secure remote login
    • no root access
    • ssh keys for login only
    • sudo to escalate privileges
    • intrusion detection (rkhunter or tripwire)
  • maybe suphp but I have no experiance with that
  • reliable, offsite backup with history (dirvish for me)
  • configure EC2 Portforwarding only for the services needed
lepole
  • 1,733
  • 1
  • 10
  • 17
1

Ensure that your protect your private keys and you should use the Security Group feature in AWS to ensure that your ports are secure (eg, allow SSH and FTP from your home or office only while allowing HTTP/S from all IPs).

BenGC
  • 1,775
  • 15
  • 26