Tue, Apr 25 2006 23:25
Websites on SBS
Susan, I haven't been able to find much on this. Have you written anything on whether it is safe to host a public anonymous website on a SBS server? If it's safe to do so, where can I find something on best practices?
Well it depends.....would "I" host a public website on my SBS box? Heck no. Why? Because of the data on my box is why.
What's the important thing to remember about doing this?
It's about the data ..... what is on that box? Know that you need to patch soon after patch Tuesday...know that you need to ensure you have a good firewall.. and no folks.. having servers with merely Windows Firewall is not good enough.. you need to have auditing enabled.... mind you that a SBS box with all it's defaults and ISA and daily email and the addition of Dana's Firewall Dashboard (which isn't just a tool for ISA by the way...) could make for a well monitored website... but it honestly comes down to that data. There is more risk with port 80 open. There is more risk hosting a public website, putting out the welcome mat for any and all... so the "best practice" in doing it on a SBS box?
Ask yourself if the data on that box requires extra paranoia and proper protection. If it does... then maybe hosting a web site on a domain controller isn't the wise thing to do....
Filed under: Security, News