I've been using a rather old computer as a Gateway/Firewall for my LAN. Currently it's running RH7.2 (formatting and installing 7.3 soon) The box is only used for Masqurading, Firewall rules (ipchains), and as a Webserver.

I have three ports open on the box.
1. -- Apache (not on 80)
2. --SSH (not on 22)
3. --MySQL (default port)

My question is simply
Is it ok to use my firewall box as my webserver?

It's recently been comprimised. (Last time i ssh'ed to it it said the last login was from 1969, and tripwire indicated a few critical files had been modified)

There is no noticable damage, and the only data on the entire box that i care about is the web site, and the config files for some of the larger apps (all are backed up)

I have another box doing nothing, would it be safer to run a webserver off a box behind the firewall? I thought that would be pointless seeing how id have to open ports on that machine to the public anyway....