openstack team mailing list archive

Thread
Date

Customer Portal Security from Hackers

To: <openstack@xxxxxxxxxxxxxxxxxxx>
From: "Chris Bartels" <chris@xxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 20 May 2013 15:54:33 -0400
Reply-to: chris@xxxxxxxxxxxxxxxxxxxxxx
Thread-index: Ac5Vk9inG+cBweeRRGm5VBXXsEjvZQ==

Hi,

 

I'm interested in learning more about how to implement a customer portal for
an OpenStack installation, and would like to know specifically about how the
customer portal is safe from would-be hackers when exposed in the wild. I
don't know if there are any additional measures I would have to add like
perhaps my own login page with its own security to protect the management
page, or if it comes with its own login system for example. 

 

How can I make the security of my VPS service a selling point when I'm using
OpenStack for the backend?

 

Mind you I don't know anything about OpenStack yet, aside from what I see in
videos on the OpenStack Foundation YouTube channel, and I haven't seen
anything addressing this issue as of yet. I don't even know if OpenStack
comes with a customer portal I can deploy or if I have to design one using
the API.

 

I hope to have servers arrive this week which I can use to build prototypes
of my production setup, where I can test hardening configurations. But I
don't know where to begin. All I can think of is fail2ban, and I don't think
that would apply in this case.

 

What can people tell me that would help me get a handle on this issue?

 

 

Thanks in advance.

 

-Chris

Follow ups

Re: Customer Portal Security from Hackers
From: Matt Joyce, 2013-05-20
Re: Customer Portal Security from Hackers
From: Brian Schott, 2013-05-20