Opening Ports 80 and 443 safe or dangerous?

DMC,

Ports 80 and 443 are very popular and they can be discovered by attackers easily.

Make sure you understand what is flowing inside those ports. Make sure to use 443 because traffic is encrypted.

Opening them from a restricted IP reduces the attack surface.

The best way to stay protected is always a VPN and they should that instead of other protocols.

Regards

Thank you

I setup the outsourced group with a VPN, and they use RDP to access the server. They now want a new way to access the server. They haven't explained why and I didn't agree to their request. However for the sake of peace, I said I would ask other people in the field if they agree to open port 80 and port 443.

What did you mean by "Opening them from a restricted IP reduces the attack surface"?

Thank you

I setup the outsourced group with a VPN, and they use RDP to access the server. They now want a new way to access the server. They haven't explained why and I didn't agree to their request. However for the sake of peace, I said I would ask other people in the field if they agree to open port 80 and port 443.

What did you mean by "Opening them from a restricted IP reduces the attack surface"?

You could only allow a set of public IPs through the firewall to your web site from the Internet.

For opening a website from the outside, you need to make sure the site is secure from XSS or SQL Injection and make sure that only secure SSL cyphers are allowed.  If you don't know how to do that, I would leave them VPN.

Thank you.