1 Reply Latest reply on Nov 16, 2012 4:39 AM by wimdecorte

    Opening Port 80 for CWP



      I have a client who runs several FM databases on FM Server 11, Windows. They have asked for one of their databases to begin collecting certain data from the web using CWP. I sent them a list of what needed to happen to set up their FM Server to serve web pages, but their IT person is refusing to open port 80 because he says it will open up the FM Server to attacks from the web.


      I don't feel qualified to either defend the opening of Port 80, nor to explain to him why it isn't a problem. So my questions:


      * Is opening Port 80 a big security risk?


      * If so, what can we do instead?


      * If it isn't a big risk, why not, and how can I explain it to the IT guy so that he will feel better?


      Any guidance would be appreciated.



        • 1. Re: Opening Port 80 for CWP

          Any open port can be an attach vector, port 80 is an obvious one so it will certainly get attacked.  But here are many ways to reduce the risk, they should know that and at least help suggest some solutions.


          You can use a different port on IIS, or you can set up the web server on a separate matchine in a DMZ, it does not have to be ont he FMS machine.  If they are worried about attacks they should have a good firewall with active monitoring and reporting and so on.  All these things increase the complexity (and cost) of the deployment but that is there choice to make.  If they are worried about security they'll have to spend money on security.