Question : WEBSERVER SECURITY

We have a pending Windows 2008 Web Server currently configured as a WORKGROUP.  Wondering if I should leave as WORKGROUP for security sake rather than joining it to our local DOMAIN?

Answer : WEBSERVER SECURITY

in that scenario,
you put the webserver on the DMZ. make sure the OS hardened well.  

setup access via the webserver and backend, with only what is needed via the OS.  i.e there is PHP program on the front end that access a dbase on the backend, make sure that only the ports/programs/services needed to make the connections are the only things running/allowed to run on that front-end..

lock the firewall down so communications are allowed only between webserver and backend server, and nothing else.

if accessing the backend server doesnt need the webserver to be on the domain, dont put it on the domain.

Random Solutions  
 
programming4us programming4us