We have just finished developing a new website for my company using the .NET MVC environment. The sql server that supports our application contains some important data, such as profiles of other web users, and we would like to make sure that this data never leaks due to reputation risk for the company.
We have a number of ideas on what needs to be done to protect our website, but I would like them to capture stackoverflow. We will use SSL for login screens, and we will prevent basic attachment methods such as SQL injection, cross-site scripting attacks.
However, we are concerned that the physical machine is being used with some kind of exploit. We will run the web server (Windows Server 2008 Service Pack 2 with IIS7) in the DMZ, only port 80 and 443 are open to the Internet. The sql server is currently located on the web server machine, but we are considering whether this is a security risk. Will placing the sql server in the machine in DMZ second aid be safe?
We also examined the use of a Ubuntu box with Apache with mod_proxy in one DMZ, which will "redirect" 80 or 443 requests to split the Windows machine into a second DMZ, which will serve the web server and sql server server.
Some other suggestions we get are using a product like WatchGuard, which apparently can filter http packets for standards compliance, which blocks quirky packets from the web server.
What other things should we protect?
thank
source
share