New installation security concerns

Discussion in 'Install/Configuration' started by Guermo, Mar 12, 2009.

  1. Guermo

    Guermo New Member

    I have recently installed a trial of Litespeed web server. I understand that server security is not a simple process; however, all I want to accomplish is to secure Litespeed "enough" so that it does not create a risk to my current Apache server until I have a chance to go through the documentation and secure Litespeed fully. Currently, Litespeed is on offset ports and there are no services set to use it, and I do not intend for it to serve any content besides the web admin console until I am fully satisfied with the configuration. Having said that, is it enough to simply change the login name to something other than 'admin', have a really strong password, and only access the admin console from a separate SSL listener?
  2. anewday

    anewday Moderator

    Yes and you can restrict web conosle to certain IPs too.
  3. Guermo

    Guermo New Member

    Can the restricted ips be controlled from the command line? I would be accessing from a dynamic ip (home) which could change periodically, and I wouldn't be able to access the web console then to update it.
  4. mistwang

    mistwang LiteSpeed Staff

    You can update the configuration file lsws/admin/conf/admin_config.xml

Share This Page