Hi all,

I'm in the process of setting up my home PC as a web server. It's one of those "I'll learn it as I go along" projects. I'm running XP Pro with IIS. You may also want to note that I will be running MySQL as a back-end database for the website (I don't know if that will change any of your answers or not...).

The site seems to be fully functional (I breifly disabled my firewall and verified that my ISP is not blocking me from running my own server), but my main concern now is security - the web server is on my one and only PC, which of course contains other files I don't really need to share with the world. Currently all I have is a software firewall (sygate). I plan on purchasing a router to get the hardware firewall protection, even though I won't be adding any additional computers.

What sort of protection can I get with IIS running? I mean, I have to leave port 80 wide open, right? What steps do I need to take to make sure no one can get to any files other than the web served pages? What can I block while keeping the website up and running?

Any recommendations, links, tips, slaps in the face would be much appreciated. Thanks very much for your help!

That was freaky. :eek: The minute I hit the Submit Reply button on the previous post my machine rebooted itself....I wonder if it will happen now....

Make sure file permissions and directory permissions are setup correctly.

Attribute protect files that cant be changed to read only.

Never use a firewal on the same machine as you are running IIS.

Apply all the latest patches.

Run microsofts base security analyser.

Disable all non essential services on the machine ie netbios helper , ftp server etc etc etc

There is plenty more but that will do for a start.

...so is it a really bad idea to host my website on my one and only PC, even with a router & software firewall? Why shouldn't I run IIS with the firewall (is this an actual impossibility, or just a crummy idea :) )?

Anyway, should I plan on two computers with a router, one to host the site and the other for my general non-server use? I'm so confused...:confused:

Thanks for dealing with me!

An application server in general should be just that whether its a SQL , Exchange , firewall or web server - It should run only one and one service only - When you consider the number of flaws in one microsoft product - addding another appliucation just adds that applications number of flaws again and opens up all manner of other possibilities - e.g. Say you were running SQL server and Exchange on your system - somehow SQL slammer hits your sql system - you lose both exchange and SQL???

Understand where Im coming from!!!

Better to have a hardware router if you cant afford another pc - although a boggo standard pentium100 would do for a firewall running something like smoothwall or linux router project (both free) would be my advice if you are skint - should cost no more than £50.

Plus its fun , you learn a lot more and its satisfying to run your own network.

All right, I think I'm cleared up now. A friend has agreed to ship me a PC he no longer uses, so I plan to set up my first network. Woo hoo! Thanks for your advice!