Safe to unblock Port 97 on Virtual Server?

Scriptcase 7 Installation
#1

Hey there,

I’ve just installed Scriptcase on a Virtual Server so that I can get access from any of my computers. In doing so I had to unblock port 97 in order to allow that inbound connection in Windows firewall on that server. My questions is, am I opening a can of worms with the security of that server by doing this? It’s a Windows Server 2008 install. I have the connection up and running. I just want to make sure it’s safe.

Thanks for any info you can give to me on this. I’m a newbie when it comes to opening ports.

Mike

#2

No problem. You only need to set a new admin password of course. And if needed add extra users with their passwords.
If you insist in making it more secure you could make a rule in your firewall that only allows a certain range or set of ip umbers.
Alternatively, it is just the apache service that runs so you can also change the port number in httpd.conf (change the line: Listen 97 ) and simply restart the service.

#3

Has anyone tried using SC like that but over SSL? I want to access SC dev environment over the internet - proper external access. Is implementing SSL do-able?

#4

yes it is, since it is just apache with scriptcase php code you should be able to do anything you want with this apache with a few limitations. You wouldnt want to destroy your dev environment.
So my advice is to backup everything in the scriptcase dir completely first before experimenting.

#5

Thanks rr

SSL implementation is new to me - will do as you say - backup and experiment. Any good free SSL offerings you know of?

#6

It depends on what server you are on. So on apache you have to stick with openssl, with iis you have to use the IIS build in ssl security. You have to enable modssl for it in your apache if it isnt already enabled.
Yet if you want to for for it commercially you need to buy a certificate from an ssl provider.
Of course you can use a cheap certificate first see here: http://webdesign.about.com/od/ssl/tp/cheapest-ssl-certificates.htm
alternatively you can make your own certificate using the openssl tools. The disadvantage is that some browsers or browser settings do not allow accessing websites with selfmade certificates, only with legitimate certificates.
A comodo certificate may be a usefull one to test with for 90 days.

#7

Thanks rr!

It’s just so I can get to SC wherever I am reasonably securely - I don’t care about the “this may not be trusted” type message, as long as I know the credentials on the login page cannot be sniffed.

#8

Sorry for the late reply but thanks for the responses to my original questions. I went on holidays right after asking the question. Would I need to worry about someone trying to get into my Scriptcase install? Would anyone even be able to find it not knowing the IP/url? Still a newbie and still learning. Thanks for the help.

Mike

#9

It depends. First of all you need to change the admin password as it is default admin/admin. That’s easy if you are found. Then you cannot be sure that nobody finds your ip. They can even by accident. But as long a sniffer or crawler doesn’t find it, you’re safe. Same goes for the url. But as soon as you deploy an application on the same server and publish it, it’s over. So always make backups of your projects and change userid/passwords on a regular basis.

#10

Thanks for the info Albert.

Mike