2020-10-15T18:30:00Z

Monitoring Web Hosted Servers for unwanted guests


If you host your website on your own server, it will be open to the public. Is there a way to monitor/ protect the rest of your network from hackers who have open access to your site? We have a single LAN and public site on the domain server of that LAN. Windows IIS is running our site on our Windows 2019 Server and most business data has been pulled off the server to a client machine. 

We don't have a huge (okay, hardly any) budget to work with.

Industry: IT Tech Support; application development; application interface development; retail sales of hardware and software, monthly PAAS support services including monitoring, patching, anti-malware, network maintenance and 24x7 support.

Requirements: monitor only those nodes and forests that need to be protected.  If monitoring tells you who is visiting your website, great, but we already have that. We want to know who is trying to hack our site or network using procedure calls or other means that are not predefined and approved by security team. 

Guest
11 Answer

author avatar
Top 5LeaderboardReal User

Hi, your question tangles on various subjects.


Firstly, IIS is a great choice for hosting internal sites. But the windows under this IIS has many issues to keep up with so most public sites are just hosted on linux.


I don't want to push you to an OS you are not comfortable with, so I suggest you keep prying eyes/code/hackers from your public site by singling out the ports open to public by using a firewall on your perimeter and only let through your port 443 for https traffic.


To further harden your approach you could put a reverse proxy between firewall and webserver (or the firewall appliance does that feature too) to let only urls pass that aligns with your website structure. 


This way you have no exposure to hackers besides what should been put out there. On linux you have something like fail2ban which monitors accessed pages and blocks stubborn users if they subsequently try to gather vulnerable site paths. Something similar to this would be convenient on windows too, so you have a vector to look out for. I don't know if there is anything like this.


hope this helps, let me know 


Steve

2020-12-31T10:54:09Z
Find out what your peers are saying about Securonix Solutions, Splunk, One Identity and others in User Behavior Analytics - UEBA. Updated: January 2021.
457,209 professionals have used our research since 2012.