I have created a service (WCF) that acts as a backend for a DB. For now it does basic operations such as INSERT, SELECT etc. I have run it locally and now it is time to expose her to the internet and enter 'production'. Is there a best practice to doing so? Bear in mind this service will be hosted on a PC as a Windows Service (not IIS). This is the first time I am putting a Windows Service into production so I am hazy on the details but I think this is the main idea:
On the service: Check for 'rookie' errors such as SQL Injection. Set maximum message sizes to ones marginally higher than the largest message that should be transmitted by my service. Also upgrade self signed X.509 certificate to one issued by a CA. (Where does one store this certificate? Locally on the PC?)
On the PC: Fully patched software (OS etc) and windows firewall with a specific set of rules that allows traffic only on the ports being used (I suppose the safest way to do this is to use the windows tool Allow a program or feature through Windows Firewall ?). Furthermore an updated antivirus running.
On the Network: For the network router, port forward the respective ports being used (the base address is declared as
http://localhost:8080
so I guess port 80 for HTTP and 443 for HTTPS? I am using message level Security.)General precautions: Full message logging on the service to analyze traffic and potential attackers. Also run a Network intrusion detection system such as Snort so that I can sleep a bit better at night.
Am I missing anything obvious?
EDIT
I am new to WCF and creating these types of services in general so I am not sure if I am using the correct terminology.
I have throttled the service by setting an upper bound on the number of maximum concurrent calls, sessions & instances (I realise this does not explicitly protect from HTTP attacks but at least my system will not run out of memory and crash).
As far as I understand the methods in my service can only be called via a SOAP client with the service contracts pre-configured. I am not sure if an attacker can engineer these contracts. Furthermore it seems like anyone who knows the base address of my service can download the service reference and will therefore have the service contracts ready. (Solved: by disabling metadata exchange)
The binding which specifies the communication between endpoints is 'wsHttpBinding' with 'message' level security.
My question is is slightly different though, can the setup of 1,2,3 & 4 as specified above jeopardize the network in which the machine with this service is running?