best practice secure web application on server

I am setting up a server for a web application. The server will sit inside our private network but will need to be accessible from outside our firewall with out using a vpn client. What can I do to make sure the server is secure. I will open up port 80 only to the server on the firewall. Anything other advice.

Who is Participating?
bepsoccer1Connect With a Mentor Commented:
You are correct, just ensure only port 80 is open on the firewall for the web server.  Though, for stronger security you might add SSL/force SSL then you would also, need to open port 443.
asavenerConnect With a Mentor Commented:
Best practice is to put the web server in a separate (DMZ) subnet from your internal network.

Make absolutely sure that your web server (always!) has all of the latest security patches.  Make absolutely sure that you follow best practices for securing the particular web platform you're using.  (Such as removing sample scripts, only enabling needed services, etc.)
ajmehtaConnect With a Mentor Commented:
If you know the inbound IP addresses (not dynamic), I would highly suggest limiting connections to those IPs
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.