Originally posted here by J_K9
But it is a potential risk. How would I be attacked other than from the internet in this case? (Physical access to the box is not possible, and neither is an attack from within the network).
If this system is only going to be serving HTTP and will be firewalled/DMZ'd, then your only attack points are that HTTP port(on whichever network layer...), or within the network.

I wouldn't be too quick to say that an attack within the network won't happen, unless it has its own zone... even then there is always the network devices/firewalls...

The network is only as secure as the weakest link... if someone elses webserver is not locked down and yours is too, and their web app is compromised... your box might go down with the ship.

aL