Harden F30 system for web-hosting

jetstream · May 7, 2019, 1:43pm

Would like to host websites on one of my systems. Thinking of isolating it from the LAN by putting it in a DMZ.

What should I do to harden the system (Fedora 30 / firewall-cmd)? I would probably want to copy one of the existing zones and customise the copy. Haven’t worked out yet how to clone a zone yet.
Which log files can I check for intrusion attempts?
How to block all access other than http/https?
Any other tips are welcome.

Thanks in advance for your help.

This is just for hobbyist hosting.

** Updates **

nevermore · May 7, 2019, 3:16pm

I think you should not use fedora 28 for web hosting. You will only get updates for a month (https://discussion.fedoraproject.org/t/fedora-28-will-be-eol-on-tuesday-may-28th-2019/60476). Maybe consider to use cent OS or fedora 30.

jetstream · May 7, 2019, 3:38pm

Cheers for the input. I’ll opt for Fedora 30 then.

Topic		Replies	Views
Out of curiousity Project Discussion server-wg	1	317	May 8, 2019
List Available Modules of Fedora 30 Server Ask Fedora	4	437	August 26, 2019
Launch FAQ: Does Fedora CoreOS replace Fedora Atomic Host? What happens to Fedora Atomic Host and CentOS Atomic Host? Project Discussion coreos-wg	6	1856	September 27, 2018
Fedora 30 network issues from a newb Ask Fedora	5	801	June 5, 2019
Su or sudo don't work on fedora 28 Ask Fedora	18	6667	October 29, 2019