UoL LAMP Server Security Statement

Tags: Security UoL LAMP Server

Adapted from a response by the University of Leicester Research Computing Support team

• All LAMP servers are virtual. The physical servers are located at the University of Leicester main site.
• Servers are backed up nightly, and the backups are sent to a University of Leicester remote site.
• Physical access to the servers access is restricted to IT Services and Estate Staff.
• Access to the Operating System is restricted to the LCBRU IT and University of Leicester Research Computing Support teams.
• Servers may be accessed from the internet and are protected by the University of Leicester firewall.
• Each application is separated onto its own virtually server and thus protected from breaches in other applications.
• Authentication for access to the operating system is provided by University of Leicester Windows network authentication, which enforces a strong password policy.
• Servers are monitored and regularly patched for security vulnerabilities.
• The servers are regularly penetration tested using Nessus.
• Connections to the server pass through a reverse proxy, that strips out requests and request content which may compromise security.
• Encryption using SSL (HTTPS), when used, is managed centrally, with the ciphers regularly reviewed and updated.

Error: Macro BackLinks(None) failed

'Environment' object has no attribute 'get_db_cnx'