Binding services to localhost and using SSH tunnels - can requests be forged?

Posted by Martin on Server Fault See other posts from Server Fault or by Martin
Published on 2012-06-17T13:15:35Z Indexed on 2012/06/17 15:17 UTC
Read the original article Hit count: 218

Given a typical webserver, with Apache2, common PHP scripts and a DNS server, would it be sufficient from a security perspective to bind administration interfaces like phpmyadmin to localhost and access it via SSH tunnels?

Or could somebody, who knew eg. that phpmyadmin (or any other commonly availible script) is listening at a certain port on localhost easily forge requests that would be executed if no other authentication was present?

  1. In other words: could somebody from somewhere in the internet easily forge a request, so that the webserver would accept it, thinking it originated from 127.0.0.1 if the server is listening on 127.0.0.1 only?
  2. If there were a risk, could it be somehow dealt with on a lower level than the application, eg. by using iptables? The idea being, that if someone found a weakness in a php script or apache, the network would still block this request because it did not arrive via a SSH-tunnel?

© Server Fault or respective owner

Related posts about iptables

Related posts about localhost