There is a web-server running website (index html php mysql), which network operator only opens port 80, and the rest ports (including port 21/22 etc) are all closed. The maintenance is only available inside the machine room.
Is the hacker still able to gain control of the machine ? What kind of damage can hacker do to the Centos operation system ?
Deep down, is it possible to SSH/FTP through port 80 ?
please elaborate, thanks in advance.
This has less to do with the port that is open and more about how secure whatever services along with the OS being exposed are. Also, being exposed to the internet means far more risk versus only accessible on the local network but that doesn't mean you should be ok with something being insecure on the local network. Now with that being said, without an experienced resource performing configuration audits or penetration testing it's hard to say what the current impact is. If you want worst case scenario, then yes the entire host can be compromised through vulnerabilities in the web server even without SSH or FTP being exposed.