Scenario: Set Up a Default Configuration Webserver and Limit Access

Pre-Flight Check
  • These instructions are intended to address specifically the following scenario: Set Up a Default Configuration Webserver and Limit Access
  • I’ll be working from a Liquid Web Self Managed CentOS 6.5 server, and I’ll be logged in as root.

Step 1: Install Apache (httpd)

yum -y install httpd
service httpd start
chkconfig httpd on

Step 2a: Add a Basic Test HTML File, Method 1

For a refresher on editing files with vim see: New User Tutorial: Overview of the Vim Text Editor

vim /var/www/html/index.html

Add the following to the text file, and then save and close the text file:

This is a test HTML file!

Step 2b: Add a Basic Test HTML File, Method 2

echo 'This is a test HTML file!' > /var/www/html/index.html

Step 3: Limit Access for Testing

Allow SSH from a specific network, in this case 10.100.100.0/24:

iptables -A INPUT -i eth0 -p tcp -s 10.100.100.0/24 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

Allow HTTP from a specific network, in this case 10.100.100.0/24:

iptables -A INPUT -i eth0 -p tcp -s 10.100.100.0/24 --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT

Allow ping via ICMP:

iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT

Set default chain policies:

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

Save the configuration:

service iptables save

Start iptables:

service iptables start

Be Sociable, Share!
Here's $75, Launch a New VPS Today. Find out why 30,000 customers have chosen our Best-in-Class Performance & 24x7 Heroic Support.