Solved

putting a http website behind the firewall.

Posted on 2014-01-16
2
383 Views
Last Modified: 2014-01-30
What potential issue do I have if I have a web site behind the firewall to be accessed via http only but no https?

Please advise.

Thanks.
0
Comment
Question by:nav2567
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 17

Accepted Solution

by:
Chris Millard earned 500 total points
ID: 39786685
There are lots of factors to consider - is your website to be available to the world? What type of Firewall are you going to be behind? What will your website do and what platform will it run on (ASP, PHP, SQL, MySQL etc)...

Basically as soon as you start opening ports to your network, you are giving potential intruders a way in. If they find holes in your web applications, they could quite easily inject malicious code into your network.

You need to ensure that your server is fully patched, and make sure you thoroughly test any web site / application before opening it up to the outside world.

Ideally if you had the funds, you'd pay a consultant to perform a penetration test so that they could report back with any loopholes they find.

Of course you could make things a bit safer by having your web server on a DMZ behind your Firewall so that it is separate from your main network too.
0
 
LVL 62

Expert Comment

by:gheist
ID: 39789034
With http poor overworked telecoms admins will be able to see all what your users do.
i tink you can get ssl certificate for single site for free (comodo?)
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question