Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 413
  • Last Modified:

putting a http website behind the firewall.

What potential issue do I have if I have a web site behind the firewall to be accessed via http only but no https?

Please advise.

Thanks.
0
nav2567
Asked:
nav2567
1 Solution
 
Chris MillardCommented:
There are lots of factors to consider - is your website to be available to the world? What type of Firewall are you going to be behind? What will your website do and what platform will it run on (ASP, PHP, SQL, MySQL etc)...

Basically as soon as you start opening ports to your network, you are giving potential intruders a way in. If they find holes in your web applications, they could quite easily inject malicious code into your network.

You need to ensure that your server is fully patched, and make sure you thoroughly test any web site / application before opening it up to the outside world.

Ideally if you had the funds, you'd pay a consultant to perform a penetration test so that they could report back with any loopholes they find.

Of course you could make things a bit safer by having your web server on a DMZ behind your Firewall so that it is separate from your main network too.
0
 
gheistCommented:
With http poor overworked telecoms admins will be able to see all what your users do.
i tink you can get ssl certificate for single site for free (comodo?)
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now