Set Up a Default Webserver and Limit Access

Posted on August 15, 2014 by J. Mays | Updated: April 27, 2023

Category: Technical Support | Tags: Apache, Chkconfig, HTTPD, IPTables

Reading Time: < 1 minute

Pre-Flight Check

These instructions are intended to address specifically the following scenario: Set Up a Default Configuration Webserver and Limit Access
I’ll be working from a Liquid Web Self Managed CentOS 6.5 server, and I’ll be logged in as root.

Step 1: Install Apache (httpd)

yum -y install httpd
service httpd start
chkconfig httpd on

Step 2a: Add a Basic Test HTML File, Method 1

For a refresher on editing files with vim see: New User Tutorial: Overview of the Vim Text Editor

vim /var/www/html/index.html

Add the following to the text file, and then save and close the text file:

This is a test HTML file!

Step 2b: Add a Basic Test HTML File, Method 2

echo 'This is a test HTML file!' > /var/www/html/index.html

Step 3: Limit Access for Testing

Allow SSH from a specific network, in this case 10.100.100.0/24:

iptables -A INPUT -i eth0 -p tcp -s 10.100.100.0/24 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

Allow HTTP from a specific network, in this case 10.100.100.0/24:

iptables -A INPUT -i eth0 -p tcp -s 10.100.100.0/24 --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT

Allow ping via ICMP:

iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT

Set default chain policies:

iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP

Save the configuration:

service iptables save

Start iptables:

service iptables start

About the Author: J. Mays

As a previous contributor, JMays shares his insight with our Knowledge Base center. In our Knowledge Base, you'll be able to find how-to articles on Ubuntu, CentOS, Fedora and much more!